Os Armor - a must have security software

[Gorstak]

Download: https://www.novirusthanks.org/

Basically, this and perhaps syshardener from the same developer is what every computer owner, IMHO, should use.
Not as the only piece of protection, but as an additional layer of protection.
P.S. I recommend you refrain from clicking anything at it's advanced tab if you often try out new softwares, as it will block you from running it.
Always check it's log to see which rule blocked what.
The only thing in advanced section that should be clicked is perphaps the lowest, last one, to prevent anyone mounting and executing stuff from invisible drives.

 

[ArbitraryAffection]

How does this compare to Kaspersky Internet Security 2019 (which I currently use)?

 

[Gorstak]

it doesn't. It works alongside any protection you might have

 

[Bill_Bright]

Not needed. Today's modern operating systems are not XP. And today's popular anti-malware solutions are not the same as of those from the XP era. We don't need layer after layer of resource hogging specialized security programs like we did back then.

What users need to do is keep Windows updated, use a decent anti-malware solution, don't participate in risky activities like illegal filesharing via torrents and P2P sites or visiting illegal pornography and gambling sites. And don't be "click-happy" on unsolicited downloads, links, attachments, and popups.

A basic anti-malware running in real time is all most users need, plus an on-demand secondary scanner just to verify all is clean (I generally recommend Malwarebytes for that).

A basic solution is probably not for you, and a many layered approach is needed if any of the following apply:

• If you don't keep Windows updated,
• If you don't keep your security solution updated,
• If you are "click-happy" on every unsolicited download, link, popup, and attachment you see,
• If you visit illegal pornography or gambling sites,
• If you participate in illegal filesharing via Torrents and P2P sites,
• If you connect to public "hotspots" with admin level accounts,
• If you let undisciplined users use your computer with admin level accounts.

But if those scenarios don't apply to you, then a basic solution is just fine. I like to say we don't need an Abrams Tank to be safe while driving around. We just need a recent model car that is properly maintained to current standards, and most importantly, we need to drive defensively - the same things required regardless our solution of choice.

Edit comment: Fixed a couple typos.

 

[Joss]

What Bill said.

 

[Gorstak]

Well there are people that throw themselves in the sea, swim a bit, go out and get some sun. What they don't realise, is that sea is a battlezone. A fish eats a fish every second in it, and it would eat you too if you were smaller. Internet is full of people trying to use your home pc. Either they want your personal data, if you are famous, or they simply make your pc their zombie in a huge botnet designed to do ddos attacks or cryptocurrency mining. And all it takes is for you to join a domain or workgroup. If you join a domain, a domain controller can control your pc the way he pleases, and if you join a workgroup, anyone in it can connect to your device without your firewall even logging it, let alone preventing it. You can also say a few bad words to wrong people or do something bad in real life for them to specifically target you. If they know what they are doing, you're in for a world of trouble. Even more so if your country doesn't have laws that would put them behind bars, and most countries still find internet something new, or do fingers slap punsihment to offenders, which unfortunately encourages them.

Even if all of the above is not true, can you afford to do a clean install, install and setup all your apps again if something bad happens? Even if you have backup of your data, cleaning a mess and reinstalling takes a prescious ammount of time, and in some cases requires a professional to do it, costing you money. In some cases, you may end up trashing your entire hardware setup. Better safe then sorry? Up to you, in the end.

 

[Frick]

Powerful, but IMO not really necessary for casuals. Fun developer though, they have some interesting pieces of software...

The only thing in advanced section that should be clicked is perphaps the lowest, last one, to prevent anyone mounting and executing stuff from invisible drives.

The one at the bottom is blocking all processes outside the system partition. Which might makes sense on some systems but is probably too stringent for most users.

 

[Solaris17]

Meh software like this isnt bad, Cylance, Huntress, Sophos etc do similar. Definition based anti malware options are for SMBs and home users. Layers is what security is all about but relying on just anti virus in this day and age and calling it enough is a fallacy. Unfortunately even everyday users are susceptible to browser injection or hijack from even legitimate sites because of illegitimate ads.

Of course this software may not help you with that and most people use an adblocker but using an adblocker is part of layered security and just proves the point.

As for this program specifically, their legit. I dont use this software personally but its not scamware. Though it is a bit limited, reminds me alot of application whitelisting in domain environments.

You guys should check out other things and I encourage you too, if you are into security or protecting yourself. An easy change to get your feet wet is DNS. You should check out the guide in this forum at the top. Its about Pi-Hole but covers some normal DNS scenarios, without the need to roll your own DNS appliance.

 

[Frick]

Well there are people that throw themselves in the sea, swim a bit, go out and get some sun. What they don't realise, is that sea is a battlezone. A fish eats a fish every second in it, and it would eat you too if you were smaller. Internet is full of people trying to use your home pc. Either they want your personal data, if you are famous, or they simply make your pc their zombie in a huge botnet designed to do ddos attacks or cryptocurrency mining. And all it takes is for you to join a domain or workgroup. If you join a domain, a domain controller can control your pc the way he pleases, and if you join a workgroup, anyone in it can connect to your device without your firewall even logging it, let alone preventing it. You can also say a few bad words to wrong people or do something bad in real life for them to specifically target you. If they know what they are doing, you're in for a world of trouble. Even more so if your country doesn't have laws that would put them behind bars, and most countries still find internet something new, or do fingers slap punsihment to offenders, which unfortunately encourages them.

Even if all of the above is not true, can you afford to do a clean install, install and setup all your apps again if something bad happens? Even if you have backup of your data, cleaning a mess and reinstalling takes a prescious ammount of time, and in some cases requires a professional to do it, costing you money. In some cases, you may end up trashing your entire hardware setup. Better safe then sorry? Up to you, in the end.

What he's saying is that even Windows is plenty secure these days. I mean you're not wrong, but being careful and not clicking them links with boobs on them is like 99% of security. Even cryptoviruses has gone down afaik, now it seems the proverbial they do porn extortion.

Meh software like this isnt bad, Cylance, Huntress, Sophos etc do similar. Definition based anti malware options are for SMBs and home users. Layers is what security is all about but relying on just anti virus in this day and age and calling it enough is a fallacy. Unfortunately even everyday users are susceptible to browser injection or hijack from even legitimate sites because of illegitimate ads.

Of course this software may not help you with that and most people use an adblocker but using an adblocker is part of layered security and just proves the point.

As for this program specifically, their legit. I dont use this software personally but its not scamware. Though it is a bit limited, reminds me alot of application whitelisting in domain environments.

You guys should check out other things and I encourage you too, if you are into security or protecting yourself. An easy change to get your feet wet is DNS. You should check out the guide in this forum at the top. Its about Pi-Hole but covers some normal DNS scenarios, without the need to roll your own DNS appliance.

Windows had some of those layers afaik, apart from AV (which is like the lessermost of those layers in any case). Would be interesting to read up on exactly what Windows security does and does not do..

 

[Bill_Bright]

or they simply make your pc their zombie in a huge botnet

LOL

If you join a domain, a domain controller can

LOL

if you join a workgroup

LOL

If they know what they are doing, you're in for a world of trouble.

LOL

IF I walk across the street I might get hit by a drunk driver, run over by a bus, zapped by lightning after a meteor falls on my head knocking the winning lottery ticket out of my hand too.

If you keep your computer/OS and security updated (which is easy if you don't dink with the defaults), bad guys cannot "simply make your PC their zombie".

Who is going to join a domain and what domain admin is going to let you?

What workgroup? The one on your own network? Are your other computers infected? Mine aren't.

If a bad guy knows what they are doing, knows you personally, and is targeting you specifically, no amount of security can stop them.

Meh software like this isnt bad

Nobody said it was "bad". I said it is not needed. Big difference.

 

[Solaris17]

What he's saying is that even Windows is plenty secure these days. I mean you're not wrong, but being careful and not clicking them links with boobs on them is like 99% of security. Even cryptoviruses has gone down afaik, now it seems the proverbial they do porn extortion.



Windows had some of those layers afaik, apart from AV (which is like the lessermost of those layers in any case). Would be interesting to read up on exactly what Windows security does and does not do..

Thats an idea! It would be super fun to do a writeup like that again! What kind of things would you be looking for?

Nobody said it was "bad". I said it is not needed. Big difference.

Bill no one was quoting you calm down.

 

[Gorstak]

Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.

 

[Solaris17]

Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.

Thats not true at all. workgroup only affects LAN and workgroup is only used where protocols need it. A workgroup or domain in itself are just DNS pointers to help other machines utilize those protocols to do things they in themselves do nothing. Further more other then the occasional accident with your ISP, you are on a completely different subnet and multicasting does not transverse WAN you cannot talk to your neighbors.

Now this is different if say you are in an apartment complex and you get free internet either wifi or ethernet in your unit and for some reason the IT admin of the complex hasnt segregated the uplink switch correctly then sure it can happen, in isolated per building incidence, but generally much much much more rare on an ISP level.

 

[Gorstak]

Hmm, how would one scan his workgroup?

 

[Solaris17]

Hmm, how would one scan his workgroup?

you dont "scan a workgroup"

You can scan your IP address range with something like Advanced IP scanner or Angry IP scanner to see if their are un-authorized devices on your network. I personally use advanced IP and their are others then the ones I listed of course.

https://www.advanced-ip-scanner.com/

 

[Gorstak]

I thought so.

 

[Bill_Bright]

Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.

Thats not true at all.

Agreed.

Hmm, how would one scan his workgroup?

I think there is some confusion here. Do you know what a workgroup is?

What is a workgroup?

And Solaris right again. You don't scan a workgroup. You scan "your" computers on "your" workgroup.

 

[Gorstak]

I think you are confusing homegroup with workgroup

 

[Frick]

If you keep your computer/OS and security updated (which is easy if you don't dink with the defaults), bad guys cannot "simply make your PC their zombie".

The thing is most people aren't like you (or me, Thank the Maker). We laugh at tech support scammers managing to get people to let them in, but the old lady without knowledge doesn't laugh because she just lost her savings. Or porn extortioners managing making lots of money because people really believe they've been "found out" because one of their passwords was in a breach file. People are ... people, which means they think computers are magic and they like their reality shows and following Hugh Jackman on Instagram makes them feel safe (have you seen his smile???). Those are the kind of people we should design our security around, because they are the weakest link. My brothers firm got hit by a cryptovirus, he has no idea how it happened. My current employer (whose IT guy is a true geek who actually knows his stuff) got a cryptovirus, also totally unknown how it even got on the network. Defaults are - as you say - massively better than a decade ago, but programs like this has their place. I can totally see myself installing it on some relatives systems.

But yeah, specifically PC botnets is a bit of a thing of yesteryear afaik (I've used that term a lot in this thread haven't I man I'm just bursting with assumed knowledge).

Now this is different if say you are in an apartment complex and you get free internet either wifi or ethernet in your unit and for some reason the IT admin of the complex hasnt segregated the uplink switch correctly then sure it can happen, in isolated per building incidence, but generally much much much more rare on an ISP level.

This is what happened at my previous-previous apartment, and most tenants didn't use routers so I could see every danged thing connected in the entire neighborhood, not just my own building. I called tech support about it and he was like "that ain't right".

 

[Gorstak]

interesting fact: when you do a clean install of windows 10 and press ctrl + shift + F3 on country screen, it boots you to administrator account. The account does not join a workgroup and service called computer browser does not exist.

 

[Frick]

Thats an idea! It would be super fun to do a writeup like that again! What kind of things would you be looking for?

As I said, what Windows standard security does and what it doesn't. I know of Defender, Firewall and Smartscreen, and I seem to recall reading something about sandboxing, but that might have been Edge. Admin/user accounts and driver signing is also part of this. If you want to be really specific it would soon become a big undertaking.

 

[Solaris17]

As I said, what Windows standard security does and what it doesn't. I know of Defender, Firewall and Smartscreen, and I seem to recall reading something about sandboxing, but that might have been Edge. Admin/user accounts and driver signing is also part of this. If you want to be really specific it would soon become a big undertaking.

Thats not a big issue, I have to write technical documentation for my masters. Time though is a whole other matter. Right now I'm doing FW and network based intrusions. But I should visit AV again. I can try and focus it around windows.

We're getting a bit too off topic for the sake of this thread and App specifically though.

 

[MrGenius]

I think you are confusing homegroup with workgroup

Same diff. Didn't check that link did ya?

 

[Gorstak]

Same diff. Didn't check that link did ya?

You guessed it. I rarely trust links after going to microsoft page that showed one content, then another after a refresh of page.

 

[Bill_Bright]

Bill no one was quoting you calm down.

Not riled up!

I think you are confusing homegroup with workgroup

Not me. You said workgroup and I commented on workgroups.

I rarely trust links

And I'm not going to trust you just because you say something anymore than I expect you to trust me because I said it. But it is still necessary to verify our facts before spreading falsehoods - for ourselves and for those reading. And there is no other way to do that on forums but through links. Certainly don't put full faith in one article. And it is important to make sure multiple sources are not just quoting one original source, parroting each other. But you still need to verify your facts and that is done via links - typically found through our friend Bing Google.

That said to not trust links because one Microsoft link said something different than another Microsoft link is silly. There are millions of sites there - they are not all wrong. And Microsoft likely has millions of pages on their sites. It is hardly fair to expect no conflicting information. But nobody posted a link to a Microsoft site anyway.

As far as workgroup or homegroup, most users with multiple computers in their house don't connect to a homegroup or a workgroup anyways. They may share a folder, but you don't have to join a group to do that.

And while similar, homegroup and workgroup are not the same thing though they both allow sharing of resources. Either way, both are for "local" networking and as such, if you control your own computers, should not be accessed by careless, click-happy users who don't keep their computer updated and who partake in activities on the seedy side of the Internet.

But here's a Microsoft link you can trust: HomeGroup removed from Windows 10.