Is hips necessary? which is the best combination?

(:NRD)
Dear Forum users,

Is enough one hips only or should I use another one together or many together? May I use OnlineArmor (without firewall), comodo firewall, ProcessGuard, defenseWall, system safety monitor,Sandboxie, greenborder, bufferzone, neova guard and winpatrol plus? Which are the best security stuffs together? Should they conflict themselves? Do I have to choose only one Hips, one antispyware scanner, one AV scanner and one AT scanner. All opinions are welcome. Could you clarify me because I’m confused with hips. Is it a must or not? Do you have some hints? Best Regards.

(B)

One is too many >:(.

Seriously, running 2 real-time security software of the same nature is always a bad idea because they will conflict. Since HIPS runs at a low system level, it can only be worse when another program with overlapping functions fight each other on who gets to do the job. How many people can actually run 2 software firewalls and make it out alive? (Let’s ignore the XP firewall as an example because it’s almost equivalent to having none :P).

Once CFP 3 finalizes, you can kiss the other HIPS and probably other security software (:WAV). That’s my plan. My system has been clean for so long because of my own confidence on how I handle it. I also prefer performance over security by larger scale. Unless one is a true expert, the minimium setup requires a firewall.

The best “security stuffs” is one that’s comfortable to you. The main dependent factors are your level of knowledge and online habits. We can all provide different advices, but ultimately, nothing beats your own experiences and trials.

A properly configured HIPS,such as Online Armor or Antihook etc offer a high level of additional security on a system,but are probably only recommended for more advanced users.Something like Prevx1,which relies on a community whitelist to make most of the decisions for you,is a good option for the average user.Prevx works alongside other low level security apps without any problems in my experience.

Of course CPF 3 will also use a similar whitelist along with other technologies such as virtualisation,so in theory should make other utilities unnecessary.I’ve never liked to rely on only one utility for protection,since if it’s affected by malware specifically designed to target that utility there is no second line of defence.

An often overlooked part of securing a pc is system hardening.Applications such as Secure-it and Samurai work to block the inherant flaws in WindowsXP through which malware attacks.These offer protection against known and unknown malware,closing the attack vectors rather than relying on detection after the event.

Are there any free system hardening software out there? Any good? sorry if it’s a bit off subject.

Spywareblaster if you use IE

Hiya,

You can also use it with Firefox.
A very recommendable programme!
Cheerio,
grampa.

A good firewall, maybe an on demand scanner, and common sense :slight_smile:

System Hardening ----> Update your programs!
Every time when they find a bug they keep their mouths shut as if nothings wrong. And once they release a patch they start blabbering about the loophole. Firefox even has a list of those security threats which were there in the previous releases. So even if a " bad guy" dint know about the vulnerability they find out once a patch is released. So if you are not updated. Well good luck to you!!!

And multilayer security is the best though it somewhat affects the performance. But then again it’s better to be a bit slow when you think about all the things that could happen.

regards,
Dam

Yes - I use Comodo PF with SSM (System Safety Monitor)… and I did not got any conflicts from’em…

I can confirm that : No conflicts with SSM either :slight_smile:

Greetz, Red.

A properly configured Sys and then some (some of them by great Comodo)

:slight_smile:

Question I keep reading about a properly configured system will do alot to keep out intruders. I have made several mistakes resulting in sheer frustration. I love Comodo Firewall and use CAV but where would I find info on proper config of the os to be more secure ? I’ve learned a little the hard way but it has me wanting to learn more i hate to be left in an ignorant state and besides i love learning.

eaglehorse, 1st thing abt configuring a safer system is to disable unneccessary and xploitable services. Theres a thread in Comodo forum abt dat (im just lazy to find da link, should be under ‘general qn abt computer security’), or u can google it.

next, by reading thru this topic, u’ll see dat u need hardening app like secure it, harden it…

The first step in securing Windows is not using an administrator account unless necessary. Create a limited user account and all the programs you run from it will be denied access to modify the registry and even the hard drive outside that user’s Documents and Settings, unless you manually grant it. You could still run safe programs that need those permissions (most installers for example) without need to log in by just right clicking on the program/shortcut and selecting “Run as…” (second option below “Open”), selecting your admin account and entering the password (password-protecting the admin account is not necessary but it’s recommendable).

http://www.microsoft.com/protect/computer/advanced/useraccount.mspx

There are a few free utils out there that automate the process of hardening your system.I mentioned Samurai and Secure-it previously, also there is Security & Privacy Complete,which offers an in depth interface to modify insecure settings.

Well, eaglehorse.hour,

I think I somehow understand what you mean.

Maybe the term “properly configured sys” is rather vague. Yes, it’s true.

You already got some ok answers from others here, though, such as to better not be running your machine with admin rights. Which may be a fine thing if not exactly knowing what your sys is enabled to do.

Some people may prefer running their OS as an admin, though. Confessed: My poor self included.

Some (maybe and hopefully helpful) hints, advices and (of course, as always here… some joking around as well) you may find in those two threads:

https://forums.comodo.com/general_discussion_off_topic_anything_and_everything/bestrecommended_nlite_configurations-t12467.0.html

https://forums.comodo.com/general_security_questions_and_comments_not_product_related/disabling_unnecessary_and_potentially_dangerous_services-t12373.0.html

I really hope they are of some use to you.

Of course, there ain’t no complete definite checklist anywhere on how to make your sys totally safe. Total IT security aka safe computing is, and probably will ever be, a mere illusion. All you can do is make your sys MORE safe than it is NOW. That’s about all you can and should really take care of.

Cheers friend, hope this helped, if only just a little bit.

It’s true of course that complete security is an illusion.As I read once ‘it’s very easy to have a 100% secure pc,just unplug it from the internet and don’t install anything’.

The fact is a combination of good AV,firewall (Comodo of course) and a couple of antispyware apps,alongside switching browser to Opera or Firefox will offer enough protection for normal usage.

It’s only really necessary to go to greater lengths if you undertake ‘risky’ actions,such as using P2P,downloading warez or torrents,or enjoy surfing adult sites :wink:

Thank you for the advice. It was taken and much appreciated.
:■■■■

One part of the solution is to use MS’s “Drop My Rights” to surf as a reduced rights account. See Browsing the Web and Reading E-mail Safely as an Administrator | Microsoft Learn
for more info. The virtue of this is that your reduced rights prevent program installation and a number of other system changes that malware will attempt. This is not a perfect solution, but it will prevent some problems. Another approach involves turning off Javascript and ActiveX controls while surfing. This prevents web sites from running hostile scripts while you are at their web site. There is a plug-in for Firefox that allows you to turn on Java for selected sites (called NoScript) which normally has Java turned off, but a couple of clicks will turn it on again - for that web site. With these and a good (CPF) firewall (CPF takes a bit of work to configure, but there are tutorials about this topic under this site’s FAQ’s), you have most of the external threats covered. Then you only have to worry about files that you download and email that you accept. That’s where you need to have a good antivirus program and an anti- spyware program. There is also the “Social Engineering” attack which can infect your computer. My wife was browsing a recipe site when she got a pop-up that declared that somehow Microsoft had detected an infection with malware and offered to download a “malware removal tool”. Fortunately she asked me what to do and so she did not download what was almost certainly a virus or worse. Sites like that are often not as well secured because the owner of the site is not a security expert. As a result, hackers can infect the site with such viruses. If you have any open ports that the virus can find (no properly configured CPF), you can get what is called a “Drive-by” download or infection.
Finally, there is the “zero-day” virus/malware which is so new that the AV etc programs do not have a way to identify it. These often spread by email or over networks, and it is possible that you might activate one on your system by opening an email attachment. In such a case, you would have to rely on HIPS or a similar heuristics-based software that identifies hostile behavior by the malware and shuts it down. Not surprisingly, the virus authors attempt to disable AV software, so even HIPS is no guarantee. A fairly fool-proof method of avoiding this problem is to run your email software in a “Sandbox” which is a program that intercepts all disk writes and calls. The changes and writes are stored and you have the option to delete or accept any changes whne you exit the program. A free one is something called “Sandboxie” - sorry no web page, but it is easily found in Google. There are a number of simple changes that also improve safety. Use Comodo’s Verification Engine. If, by accident, you go to a spoof Banking/Paypal/Credit card site, you can know that it is phoney if the green border does not appear when you mouse over the logo (the effect usually appears as soon as you open the page). Also, please change the default “Hide know file extensions” under the “Folder Options” section of Explorer or on the Control Panel. This allows hackers to send you an email attachment like Something.txt.exe so that you will only see Something.txt. Txt files are harmless, but .exe files can be viruses.

I agree with the above post,very well put. (:CLP)

SanboxIE is available from: http://www.sandboxie.com/

It’s a great piece of software,the free version is limited to one ‘sandboxed’ application at a time,but running the web browser within it will prevent most of the threats from malware,however it should be a part of a layered security approach,since there may be security holes in the sandbox from time to time causing leakage.