# Os Armor - a must have security software



## Gorstak (Nov 10, 2018)

Download: https://www.novirusthanks.org/

Basically, this and perhaps syshardener from the same developer is what every computer owner, IMHO, should use.
Not as the only piece of protection, but as an additional layer of protection.
P.S. I recommend you refrain from clicking anything at it's advanced tab if you often try out new softwares, as it will block you from running it. 
Always check it's log to see which rule blocked what. 
The only thing in advanced section that should be clicked is perphaps the lowest, last one, to prevent anyone mounting and executing stuff from invisible drives.


----------



## ArbitraryAffection (Nov 10, 2018)

How does this compare to Kaspersky Internet Security 2019 (which I currently use)?


----------



## Gorstak (Nov 10, 2018)

it doesn't. It works alongside any protection you might have


----------



## Bill_Bright (Nov 10, 2018)

Not needed. Today's modern operating systems are not XP. And today's popular anti-malware solutions are not the same as of those from the XP era. We don't need layer after layer of resource hogging specialized security programs like we did back then.

What users need to do is keep Windows updated, use a decent anti-malware solution, don't participate in risky activities like illegal filesharing via torrents and P2P sites or visiting illegal pornography and gambling sites. And don't be "click-happy" on unsolicited downloads, links, attachments, and popups.

A basic anti-malware running in real time is all most users need, plus an on-demand secondary scanner just to verify all is clean (I generally recommend Malwarebytes for that).

A basic solution is probably not for you, and a many layered approach is needed if any of the following apply:

If you don't keep Windows updated,
If you don't keep your security solution updated,
If you are "click-happy" on every unsolicited download, link, popup, and attachment you see,
If you visit illegal pornography or gambling sites,
If you participate in illegal filesharing via Torrents and P2P sites,
If you connect to public "hotspots" with admin level accounts,
If you let undisciplined users use your computer with admin level accounts.
But if those scenarios don't apply to you, then a basic solution is just fine. I like to say we don't need an Abrams Tank to be safe while driving around. We just need a recent model car that is properly maintained to current standards, and most importantly, we need to drive defensively - the same things required regardless our solution of choice.

Edit comment: Fixed a couple typos.


----------



## Joss (Nov 10, 2018)

What Bill said.


----------



## Gorstak (Nov 10, 2018)

Well there are people that throw themselves in the sea, swim a bit, go out and get some sun. What they don't realise, is that sea is a battlezone. A fish eats a fish every second in it, and it would eat you too if you were smaller. Internet is full of people trying to use your home pc. Either they want your personal data, if you are famous, or they simply make your pc their zombie in a huge botnet designed to do ddos attacks or cryptocurrency mining. And all it takes is for you to join a domain or workgroup. If you join a domain, a domain controller can control your pc the way he pleases, and if you join a workgroup, anyone in it can connect to your device without your firewall even logging it, let alone preventing it. You can also say a few bad words to wrong people or do something bad in real life for them to specifically target you. If they know what they are doing, you're in for a world of trouble. Even more so if your country doesn't have laws that would put them behind bars, and most countries still find internet something new, or do fingers slap punsihment to offenders, which unfortunately encourages them. 

Even if all of the above is not true, can you afford to do a clean install, install and setup all your apps again if something bad happens? Even if you have backup of your data, cleaning a mess and reinstalling takes a prescious ammount of time, and in some cases requires a professional to do it, costing you money. In some cases, you may end up trashing your entire hardware setup. Better safe then sorry? Up to you, in the end.


----------



## Frick (Nov 10, 2018)

Powerful, but IMO not really necessary for casuals. Fun developer though, they have some interesting pieces of software...


Gorstak said:


> The only thing in advanced section that should be clicked is perphaps the lowest, last one, to prevent anyone mounting and executing stuff from invisible drives.



The one at the bottom is blocking all processes outside the system partition. Which might makes sense on some systems but is probably too stringent for most users.


----------



## Solaris17 (Nov 10, 2018)

Meh software like this isnt bad, Cylance, Huntress, Sophos etc do similar. Definition based anti malware options are for SMBs and home users. Layers is what security is all about but relying on just anti virus in this day and age and calling it enough is a fallacy. Unfortunately even everyday users are susceptible to browser injection or hijack from even legitimate sites because of illegitimate ads. 

Of course this software may not help you with that and most people use an adblocker but using an adblocker is part of layered security and just proves the point.

As for this program specifically, their legit. I dont use this software personally but its not scamware. Though it is a bit limited, reminds me alot of application whitelisting in domain environments. 

You guys should check out other things and I encourage you too, if you are into security or protecting yourself. An easy change to get your feet wet is DNS. You should check out the guide in this forum at the top. Its about Pi-Hole but covers some normal DNS scenarios, without the need to roll your own DNS appliance.


----------



## Frick (Nov 10, 2018)

Gorstak said:


> Well there are people that throw themselves in the sea, swim a bit, go out and get some sun. What they don't realise, is that sea is a battlezone. A fish eats a fish every second in it, and it would eat you too if you were smaller. Internet is full of people trying to use your home pc. Either they want your personal data, if you are famous, or they simply make your pc their zombie in a huge botnet designed to do ddos attacks or cryptocurrency mining. And all it takes is for you to join a domain or workgroup. If you join a domain, a domain controller can control your pc the way he pleases, and if you join a workgroup, anyone in it can connect to your device without your firewall even logging it, let alone preventing it. You can also say a few bad words to wrong people or do something bad in real life for them to specifically target you. If they know what they are doing, you're in for a world of trouble. Even more so if your country doesn't have laws that would put them behind bars, and most countries still find internet something new, or do fingers slap punsihment to offenders, which unfortunately encourages them.
> 
> Even if all of the above is not true, can you afford to do a clean install, install and setup all your apps again if something bad happens? Even if you have backup of your data, cleaning a mess and reinstalling takes a prescious ammount of time, and in some cases requires a professional to do it, costing you money. In some cases, you may end up trashing your entire hardware setup. Better safe then sorry? Up to you, in the end.



What he's saying is that even Windows is plenty secure these days. I mean you're not wrong, but being careful and not clicking them links with boobs on them is like 99% of security. Even cryptoviruses has gone down afaik, now it seems the proverbial they do porn extortion.



Solaris17 said:


> Meh software like this isnt bad, Cylance, Huntress, Sophos etc do similar. Definition based anti malware options are for SMBs and home users. Layers is what security is all about but relying on just anti virus in this day and age and calling it enough is a fallacy. Unfortunately even everyday users are susceptible to browser injection or hijack from even legitimate sites because of illegitimate ads.
> 
> Of course this software may not help you with that and most people use an adblocker but using an adblocker is part of layered security and just proves the point.
> 
> ...



Windows had some of those layers afaik, apart from AV (which is like the lessermost of those layers in any case). Would be interesting to read up on exactly what Windows security does and does not do..


----------



## Bill_Bright (Nov 10, 2018)

Gorstak said:


> or they simply make your pc their zombie in a huge botnet


LOL


Gorstak said:


> If you join a domain, a domain controller can


LOL


Gorstak said:


> if you join a workgroup


LOL


Gorstak said:


> If they know what they are doing, you're in for a world of trouble.


LOL

*IF* I walk across the street I might get hit by a drunk driver, run over by a bus, zapped by lightning after a meteor falls on my head knocking the winning lottery ticket out of my hand too.

If you keep your computer/OS and security updated (which is easy if you don't dink with the defaults), bad guys cannot "simply make your PC their zombie".

Who is going to join a domain and what domain admin is going to let you? 

What workgroup? The one on your own network?  Are your other computers infected? Mine aren't.

If a bad guy knows what they are doing, knows you personally, and is targeting you specifically, no amount of security can stop them. 



Solaris17 said:


> Meh software like this isnt bad


Nobody said it was "bad". I said it is not needed. Big difference.


----------



## Solaris17 (Nov 10, 2018)

Frick said:


> What he's saying is that even Windows is plenty secure these days. I mean you're not wrong, but being careful and not clicking them links with boobs on them is like 99% of security. Even cryptoviruses has gone down afaik, now it seems the proverbial they do porn extortion.
> 
> 
> 
> Windows had some of those layers afaik, apart from AV (which is like the lessermost of those layers in any case). Would be interesting to read up on exactly what Windows security does and does not do..



Thats an idea! It would be super fun to do a writeup like that again! What kind of things would you be looking for?



Bill_Bright said:


> Nobody said it was "bad". I said it is not needed. Big difference.



Bill no one was quoting you calm down.


----------



## Gorstak (Nov 10, 2018)

Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.


----------



## Solaris17 (Nov 10, 2018)

Gorstak said:


> Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.



Thats not true at all. workgroup only affects LAN and workgroup is only used where protocols need it. A workgroup or domain in itself are just DNS pointers to help other machines utilize those protocols to do things they in themselves do nothing. Further more other then the occasional accident with your ISP, you are on a completely different subnet and multicasting does not transverse WAN you cannot talk to your neighbors.

Now this is different if say you are in an apartment complex and you get free internet either wifi or ethernet in your unit and for some reason the IT admin of the complex hasnt segregated the uplink switch correctly then sure it can happen, in isolated per building incidence, but generally much much much more rare on an ISP level.


----------



## Gorstak (Nov 10, 2018)

Hmm, how would one scan his workgroup?


----------



## Solaris17 (Nov 10, 2018)

Gorstak said:


> Hmm, how would one scan his workgroup?



you dont "scan a workgroup"

You can scan your IP address range with something like Advanced IP scanner or Angry IP scanner to see if their are un-authorized devices on your network. I personally use advanced IP and their are others then the ones I listed of course.

https://www.advanced-ip-scanner.com/


----------



## Gorstak (Nov 10, 2018)

I thought so.


----------



## Bill_Bright (Nov 10, 2018)

Gorstak said:


> Actually, if your neighbours have same ISP as you do, you will all be in the same workgroup Bill.





Solaris17 said:


> Thats not true at all.


Agreed.


Gorstak said:


> Hmm, how would one scan his workgroup?


I think there is some confusion here. Do you know what a workgroup is? 

What is a workgroup?

And Solaris right again. You don't scan a workgroup. You scan "your" computers on "your" workgroup.


----------



## Gorstak (Nov 10, 2018)

I think you are confusing homegroup with workgroup


----------



## Frick (Nov 10, 2018)

Bill_Bright said:


> If you keep your computer/OS and security updated (which is easy if you don't dink with the defaults), bad guys cannot "simply make your PC their zombie".



The thing is most people aren't like you (or me, Thank the Maker). We laugh at tech support scammers managing to get people to let them in, but the old lady without knowledge doesn't laugh because she just lost her savings. Or porn extortioners managing making lots of money because people really believe they've been "found out" because one of their passwords was in a breach file. People are ... people, which means they think computers are magic and they like their reality shows and following Hugh Jackman on Instagram makes them feel safe (have you _seen_ his smile???). Those are the kind of people we should design our security around, because they are the weakest link. My brothers firm got hit by a cryptovirus, he has no idea how it happened. My current employer (whose IT guy is a true geek who actually knows his stuff) got a cryptovirus, also totally unknown how it even got on the network. Defaults are - as you say - massively better than a decade ago, but programs like this has their place. I can totally see myself installing it on some relatives systems.

But yeah, specifically PC botnets is a bit of a thing of yesteryear afaik (I've used that term a lot in this thread haven't I man I'm just bursting with assumed knowledge).



Solaris17 said:


> Now this is different if say you are in an apartment complex and you get free internet either wifi or ethernet in your unit and for some reason the IT admin of the complex hasnt segregated the uplink switch correctly then sure it can happen, in isolated per building incidence, but generally much much much more rare on an ISP level.



This is what happened at my previous-previous apartment, and most tenants didn't use routers so I could see every danged thing connected in the entire neighborhood, not just my own building. I called tech support about it and he was like "that ain't right".


----------



## Gorstak (Nov 10, 2018)

interesting fact: when you do a clean install of windows 10 and press ctrl + shift + F3 on country screen, it boots you to administrator account. The account does not join a workgroup and service called computer browser does not exist.


----------



## Frick (Nov 10, 2018)

Solaris17 said:


> Thats an idea! It would be super fun to do a writeup like that again! What kind of things would you be looking for?



As I said, what Windows standard security does and what it doesn't. I know of Defender, Firewall and Smartscreen, and I seem to recall reading something about sandboxing, but that might have been Edge. Admin/user accounts and driver signing is also part of this. If you want to be really specific it would soon become a big undertaking.


----------



## Solaris17 (Nov 10, 2018)

Frick said:


> As I said, what Windows standard security does and what it doesn't. I know of Defender, Firewall and Smartscreen, and I seem to recall reading something about sandboxing, but that might have been Edge. Admin/user accounts and driver signing is also part of this. If you want to be really specific it would soon become a big undertaking.



Thats not a big issue, I have to write technical documentation for my masters. Time though is a whole other matter.  Right now I'm doing FW and network based intrusions. But I should visit AV again. I can try and focus it around windows.

We're getting a bit too off topic for the sake of this thread and App specifically though.


----------



## MrGenius (Nov 10, 2018)

Gorstak said:


> I think you are confusing homegroup with workgroup


Same diff. Didn't check that link did ya?


----------



## Gorstak (Nov 10, 2018)

MrGenius said:


> Same diff. Didn't check that link did ya?



You guessed it. I rarely trust links after going to microsoft page that showed one content, then another after a refresh of page.


----------



## Bill_Bright (Nov 10, 2018)

Solaris17 said:


> Bill no one was quoting you calm down.


Not riled up!


Gorstak said:


> I think you are confusing homegroup with workgroup


Not me. You said workgroup and I commented on workgroups.


Gorstak said:


> I rarely trust links


And I'm not going to trust you just because you say something anymore than I expect you to trust me because I said it. But it is still necessary to verify our facts before spreading falsehoods - for ourselves and for those reading. And there is no other way to do that on forums but through links. Certainly don't put full faith in one article. And it is important to make sure multiple sources are not just quoting one original source, parroting each other. But you still need to verify your facts and that is done via links - typically found through our friend Bing Google.

That said to not trust links because one Microsoft link said something different than another Microsoft link is silly. There are millions of sites there - they are not all wrong. And Microsoft likely has millions of pages on their sites. It is hardly fair to expect no conflicting information. But nobody posted a link to a Microsoft site anyway. 

As far as workgroup or homegroup, most users with multiple computers in their house don't connect to a homegroup or a workgroup anyways. They may share a folder, but you don't have to join a group to do that. 

And while similar, homegroup and workgroup are not the same thing though they both allow sharing of resources. Either way, both are for "local" networking and as such, if you control your own computers, should not be accessed by careless, click-happy users who don't keep their computer updated and who partake in activities on the seedy side of the Internet. 

But here's a Microsoft link you can trust: HomeGroup removed from Windows 10.


----------



## Gorstak (Nov 10, 2018)

actually, once you enter oobe you can join a domain or workgroup...try googling leaving workgroup and it will appear there is no way to do it. And once you're in the workgroup, you're "sharing resources" with other devices in it. I remember deleting files that later reappeared, and my browser tabs changing by themsleves and my headphone and speaker jacks uplugging and plugging in by themselves, all sort of crap. First I thought it was a glitch, then I suspected malware, and in the end it turned out my neighbours were the culprit with me being in same workgroup with them.


----------



## John Naylor (Nov 10, 2018)

I'd echo Bill's list except for a change on 1st item. 

a)  Turn off Windows ability to Install Hardware drivers
b)  Delay all security and other fixes for 3 days to a week in the meantime searching for problems

Windows Update installing "not ready for prime time" fixes has eaten more IT time than all other OS issues combined .... if there's a problem, can usually find it on Woody Leoard's site within 24 hours,

https://www.askwoody.com/category/microsoft-windows-patches-security/
https://www.extremetech.com/computing/255686-windows-10-power-users-shut-off-windows-update

When I see the pop up that the server has KBs for me to DL, I will follow the links , see what they fix, see if I care, see if I want to hide it (telemetry), see if it's breaking things... and If nothing comes up within  a few days I will install it.


----------



## Solaris17 (Nov 10, 2018)

I see we are still incapable of staying on topic. I suggest making a thread about the intricacies of workgroups or even just basic networking judging by some of the responses. If you want to continue talking about OSArmor itself (or by extension software like it) by all means PM me.


----------

