Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Questions


  • Please log in to reply
15 replies to this topic

#1 Castle Robin

Castle Robin

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 26 February 2015 - 05:55 PM

Its not impossible for these connections to be compromised by someone who knows what he's doing, and set up a MiTM attack on these in order to gather any kind of data being passed through that network. It happens quite a lot to be honest and its surprising, but its a risk that still exists. Hence why web extensions like HTTPS Everywhere can help you prevent these sorts of attacks, but they aren't 100% perfect.

 

How straightforward is TinyWall to use without compromising security?

 

I gather that a Whitelist is required to ensure programs are unblocked, but that it’s an invaluable optional extra tool to the existing firewall.

 

What are the main benefits and downsides of the addition of HTTPS Everywhere? 

 

Have I read correctly somewhere that it works in conjunction with something called Tor?



BC AdBot (Login to Remove)

 


m

#2 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 26 February 2015 - 05:57 PM

Hello there,

Does Microsoft's built-in firewall have one-way or two-way protection?

The Windows Firewall in XP has only inbound protection. Outbound protection is available in Vista and above.
 

Emsisofts products sound really good from the comments you and others have given from each of your observations. Ive also come across for the first time information about an Emsisoft Emergency Kit.
This seems to relate to my previous computer which had a much lower capacity, as although there were some major bugs in the suite I had in it at the time, which had nothing to do with my computer, my machines limited resources made it struggle with the suite.

Emsisoft Emergency Kit is a portable non-protection version of Emsisoft Anti-Malware. It is very handy when used for cleaning machines, as you do not need to install it.
And yes, I do agree that low spec machines should not use suites, as they demand more resources due to additional functions.

Regards,
Alex

 

 

Hi Alex

 

The sources that said Vista and post-Vista firewalls are still one-way protection are clearly wrong.  Thanks for clarifying the correct information, which makes the current Microsoft firewalls (in my case Windows 7) more secure than I’d first thought. :)

 

The Customer Participation option per company’s product in helping each company become more quickly aware of malware, etc to help protect everyone is an invaluable idea, but my only concern is the Cloud aspect.

 

For instance, applying to any company’s product, is that all data on program files stored in an Anti-Malware Network is visible to everyone and searchable, open and transparent and accessible continuously through a website as an interface.

 

IsThisFileSafe.com lists further details.

 

As such, I’m mixed about being a participant, regardless of which company’s product I have installed, as I fully support the idea of monitoring enabling malware to be detected much more quickly, but am concerned about the lack of privacy aspects of Customer Participation schemes.

 

I like the sound of Emsisoft Emergency Kit.  Programs that don’t need to be installed are a good compliment to the installable programs.

 

My former low spec computer struggled with Bitdefender (which had major bugs in it, at least in the version I used) and when I formerly used Comodo’s anti-virus scan facility, it used a huge amount of resources, as my computer barely worked while it was running, but once the scan had finished, my navigation went back to normal.  I think it’s trial and error with programs, in line with the level of resources per program balanced with how low or high computer specs are.  My current computer is much more powerful than my previous one so has the capacity to cope well with heavy resource programs, although I always aim to keep resources as low as possible per program so as to avoid risking even a high spec computer from considerably slowing down.  Emsisoft’s lower resource programs and 30 day free trials are very encouraging and I look forward to making use of Emsisoft near the time my existing suite expires in a few months.   

 

As I still can’t access my security suite account, due to their careless blunder that they’ve still ignored after I asked them to sort it out, which Cleverbridge processed, do you know if Cleverbridge automatically renews subscriptions or waits for the customer to manually renew them?


Edited by Castle Robin, 26 February 2015 - 05:59 PM.


#3 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 26 February 2015 - 06:00 PM

Windows Firewall Tools which can be used to extend the default Windows firewall behavior and used for quick access to define rules and configure the most frequently used options.

 

 

Thanks for the Windows Firewall Tools links.


Edited by Castle Robin, 26 February 2015 - 06:01 PM.


#4 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 26 February 2015 - 06:01 PM

i have only recently heard about emsisoft , can Emsisoft internet security replace Norton internet security , reason i was thinking of replacing was since my laptop is old and norton takes lots of ram.

plus im running Mbam and Mbae pro .

 

I have used kaspersky long back didnt like it much then , maybe things have changed now ? 

 

thanks

 

About 2 days before Norton Internet Security expires, please ensure then or beforehand that your subscription isn’t automatically renewed.

If NIS has its own uninstaller, use this first then install the free Trial Pro or free version of Revo Uninstaller to remove any remaining remnants.

Once you’ve done this, depending on if your computer has low or high specs, there is a 30 day free trial option to download separately Emsisoft Internet Security or Emsisoft Anti-Malware (also incorporating an anti-virus in its program) in conjunction with a firewall (eg the Windows firewall has two-way protection from Vista onwards).

Although I’ve not yet used Emsisoft with my current computer, as I have a few months left with my Kaspersky suite, whose service has still not sent me the activation link I need to log into my forum account and access technical support other than premium Phone support, which is the only option they have left me with, even after I asked them to rectify the matter, I am going to give Emsisoft a go shortly before my current suite subscription expires.  Feedback on this forum has said that Emsisoft’s technical support is constant and reliable, which adds another positive string to the bow of Emsisoft.

I second Alex’s comments recommending you to use Emsisoft Anti-Malware etc if you have a low spec computer, as well as Quietman7’s links and information on Emsisoft.  Among its invaluable protection to users, it has Real-time protection, which can only be a good thing.  From past personal experiences, trying to use, I think it was around a 250 MB security suite on my previous computer heavily slowed down my computer.  Just as well it wasn’t a 500 MB suite, but low spec computers benefit greatly from light resource programs to avoid computers heavily slowing down.



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 26 February 2015 - 06:03 PM

I am splitting the last few comments into another topic discussion as this is moving away from the topic subject.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:27 AM

Posted 26 February 2015 - 06:53 PM

The sources that said Vista and post-Vista firewalls are still one-way protection are clearly wrong.  Thanks for clarifying the correct information, which makes the current Microsoft firewalls (in my case Windows 7) more secure than Id first thought. :)

You can see more information here: 5 Reasons Why the Windows Firewall is One of the Best Firewalls

For most users, using Emsisoft Anti-Malware with the Windows Firewall is enough.
 

As such, Im mixed about being a participant, regardless of which companys product I have installed, as I fully support the idea of monitoring enabling malware to be detected much more quickly, but am concerned about the lack of privacy aspects of Customer Participation schemes.

You can see AV Comparatives' report on data transmission in Internet security products here.

Emsisoft is second place behind AhnLab =)

Also, joining the Anti-Malware Network will enhance your protection experience, as EAM/EIS will consult the AMN to reduce the amount of false positives and alerts that you get.
 

As I still cant access my security suite account, due to their careless blunder that theyve still ignored after I asked them to sort it out, which Cleverbridge processed, do you know if Cleverbridge automatically renews subscriptions or waits for the customer to manually renew them?

I am not familiar with Cleverbridge, so I cannot help you with that. My apologies.
 

Once youve done this, depending on if your computer has low or high specs, there is a 30 day free trial option to download separately Emsisoft Internet Security or Emsisoft Anti-Malware (also incorporating an anti-virus in its program) in conjunction with a firewall (eg the Windows firewall has two-way protection from Vista onwards).

Just a little note: Emsisoft Internet Security is AV + AM + FW all in one on its own, and thus you do not need another firewall if you use EIS :)
 

Feedback on this forum has said that Emsisofts technical support is constant and reliable, which adds another positive string to the bow of Emsisoft.

As a matter of fact, maybe someone from Emsisoft is watching this thread at this very moment :lmao:

On a side note, Emsisoft offers free malware removal assistance to everyone (even if the victim is not an Emsisoft user).
 

Among its invaluable protection to users, it has Real-time protection, which can only be a good thing.

Be noted that the free version of Emsisoft Anti-Malware lacks real-time protection.

If you have any other questions, feel free to ask.

Regards,
Alex

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:27 PM

Posted 26 February 2015 - 07:07 PM

As I still cant access my security suite account, due to their careless blunder that theyve still ignored after I asked them to sort it out, which Cleverbridge processed, do you know if Cleverbridge automatically renews subscriptions or waits for the customer to manually renew them?


Various security vendors use Cleverbridge to manage ID's and Keys.

Cleverbridge: How Do You Handle Subscription Renewals?

There are two traditional models for customer renewals: automatic and manual. Subtle differences exist within each of these models, but the automatic vs. manual rebilling process is the fundamental difference to focus on...Consumers are familiar with subscriptions that have automatic billing, but are also more likely to complain publicly if they are upset with the way that companies go about implementing automatic subscription renewals...Automatic subscription renewal is the default choice of many companies looking to capture subscription revenue online. However, you should look at all the options out there and choose a renewal process based on your customers buying habits.


That article indicates it is up to the security vendor which procedure they choose to implement.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:27 PM

Posted 27 February 2015 - 12:53 PM

How straightforward is TinyWall to use without compromising security?


It's quite straightforward to use to be honest. You simply have to install it, make sure that all your programs are working and you're done.

I gather that a Whitelist is required to ensure programs are unblocked, but that it’s an invaluable optional extra tool to the existing firewall.


TinyWall have a "learning mode", in which it'll monitor the system to see what programs, processes, ports, etc. are usually used and it'll whitelist them so when you change the security mode of it, it'll know what to let thought and what to not let go throught.

What are the main benefits and downsides of the addition of HTTPS Everywhere?


Main benefit is that it forces HTTPS connection to pretty much every websites, webpages that supports HTTPS, which ensures you to have a "secured" connection to that website or webpage. As the downside, depending on your setup, HTTPS might not allow some content to go throught like videos or images. Or forces you to connect to HTTPS on a website that doesn't fully support it so the formatting of the page might be broken. Nothing that can't be avoided by setting it properly (exceptions) or disabling it.

Have I read correctly somewhere that it works in conjunction with something called Tor?


Tor Project and the EFF are the "creators" of HTTPS Everywhere, they are the developpers behind it.

https://blog.torproject.org/blog/https-everywhere-firefox-addon-helps-you-encrypt-web-traffic
https://www.eff.org/fr/https-everywhere

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 03 March 2015 - 01:26 PM

I am splitting the last few comments into another topic discussion as this is moving away from the topic subject.

 

OK.



#10 RolandJS

RolandJS

  • Members
  • 4,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:06:27 PM

Posted 03 March 2015 - 01:55 PM

"...The Windows Firewall in XP has only inbound protection. Outbound protection is available in Vista and above..."

Thanks for the info!  Does Windows 7 Firewall need to be "told" to do outbound protection, or, does W7F do that automatically?


Edited by RolandJS, 03 March 2015 - 01:56 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

"I heard Spock finally got colander!"  "I believe the word is Kolinahr."  "Oh."


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:27 PM

Posted 03 March 2015 - 01:58 PM

The Windows 7 firewall does that automatically by default. On a new Windows installation, install a program like Skype or an IRC client then open it and you'll see a Windows Firewall prompt asking you if you allow this program to do outbound connections.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 03 March 2015 - 02:16 PM

Thanks for the links.  I'll take a look at them shortly.

 

I tend to be cautious when I see the word "Cloud" in the context of computing, due to the negative reports about misuse of people's data, without their knowledge.

 

As you're sure the Anti-Malware network is of benefit, not a breach of customers' data, I'll strongly keep it mind.  I currently have the equivalent with Kaspersky.

 

Emsisoft will be aware :), as any links posted in forums, etc are tracked by the owners of the links. 

 

It's useful to read that Emsisoft even offers free malware removal assistance to everyone, regardless of Emsisoft users.  Probably few other companies would do that.


Edited by Castle Robin, 03 March 2015 - 02:21 PM.


#13 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 03 March 2015 - 02:25 PM

Thanks for the link.

I'm not surprised many people are most likely to complain publicly if they're upset with how companies implement automatic subscription renewals.  I can imagine security vendors deciding which procedure they implement, but at the end of the day, it should really be up to the Customer whose money is used to purchase software to decide for themselves.  As such I, personally prefer manual subscriptions, but would be willing to accept automatic subscriptions, only provided I am satisfied with and can continue to afford software vendor's products.


Edited by Castle Robin, 03 March 2015 - 02:25 PM.


#14 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 03 March 2015 - 02:27 PM

Thanks for the links.

Like Emsisoft, Tinywall also sounds invaluable and it’s good news that it’s quite straightforward to use and that it's not as complex as I'd first perceived.  Firewall alerts can be intrusive or rare, depending on the simplicity or complexity of the program in question.  I’ve found alerts of other types of security programs (depending on the vendor in question) to be unobtrusive.

I'll keep Tinywall n mind for potential consideration.

HTTPS Everywhere sounds good too.  It sounds like it might need a bit of tweaking, depending on how each user has their computer set up, but otherwise further potential protection.



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:27 PM

Posted 03 March 2015 - 02:38 PM

Castle, you know that you can use the "Multiquote" button to quote many messages and answer them one by one, or even click on the "Edit" button after posting to edit your post if you want to add/remove something? This will prevent you from posting multiple times, it helps :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users