Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - oldschool

Pages: [1] 2 3 ... 6
1
VoodooShield / Re: Custom rule set for VoodooShield?
« on: July 13, 2019, 09:29:41 pm »
Hi, I don't know much about this so I ask... I currently have the free version of the product, but it allows me to create rules. The question is which rules do you recommend me to create for more protection? If possible with some tutorial that explains for a beginner how to create them well. If anyone can help me very thankful in advance. Best regards.

I doubt that you need to create a custom ruleset. I advise using it in its default mode with your mode of choice. VS by default really locks down your machine. I lack both the skill level to give advice on rules and knowledge of your OS, installed programs, etc. Maybe others will more to add.

My rule is: Stay safe, not paranoid!  8)

2
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: July 07, 2019, 05:39:19 am »
@khanyash - are you using VS Pro or free? You need to add Vivaldi under Web Apps by clicking on "Auto detect additional running web apps". If the web apps are full (all boxes are highlighted with yellow apps names) you may delete any you wish to make room. Another alternative is to go to Advanced > Add vulnerable apps > Vivaldi > Open. I'm not sure what options are available to you if you're using VS Free.  8)
VS Pro here.

I have added Vivaldi. I meant why it is not in the default list. And Vivaldi was already in the "Add vulnerable apps" list.

Web Apps auto-detect feature also shows my password manager and SEARCHUI, should I add these?


Only Dan could answer why Vivaldi is not in default list.

Are the two apps you mention highlighted in yellow? If not, then add them. If so, there is nothing you need to do.

3
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: July 06, 2019, 10:33:05 pm »
... Also it was perhaps some indication of whether cruelcomodo ever bumps into VS and visa versa. ...

'Way back last century, when I was starting to learn coding, we were given a rule:
KISS
It's been a godsend all my life, and is the main reason I grokked VoodooShield, and added only Windows Firewall Control.


got it, thanks! except for "grokked"  ;)

He grokked it = he understood intuitively, internalized the concept and its meaning. It's a verb used in the cult sci-fi novel Stranger in a Strange Land.  8)

4
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: July 01, 2019, 06:27:22 pm »
@khanyash - are you using VS Pro or free? You need to add Vivaldi under Web Apps by clicking on "Auto detect additional running web apps". If the web apps are full (all boxes are highlighted with yellow apps names) you may delete any you wish to make room. Another alternative is to go to Advanced > Add vulnerable apps > Vivaldi > Open. I'm not sure what options are available to you if you're using VS Free.  8)

5
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 27, 2019, 02:01:28 am »
@gorblimey - I did not know anything about Crowdstrike but as you explain I wouldn't use the two together either. I prefer VS's set and forget model. It's a no-brainer! Thanks!

6
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 25, 2019, 08:35:22 pm »
I recall this topic being touched on before but not in depth (or I was "sleeping")
Is it recommended to wipe / clear / reset your VS whitelist and command lines periodically?  My whitelist reports 793.  Is a recommended procedure for this discussed in the VS manual or here?

PS I discovered with crowdstrike that
C:\Windows\System32\CompatTel\diagtrackrunner.exe /uploadfilesonly
ran the other night at 4:37am connecting to microsoft azure.
But curious (to me) I'm not finding this exe or the command line in VS whitelist or in command lines?
this exe has something to do with windows telemetry, but I have not researched it deeply yet.  Info welcome (unless off topic).

I reset my whitelist periodically, usually when it gets over 500 or so - that number for no particular reason other than I may have installed/uninstalled software. If you know your pc is clean you can take an advanced snapshot (Pro version only) which will auto include more. All of this is optional because your whitelist will never be really huge, relatively speaking.

As to the second issue - This sounds like MS telemetry and you may not see it in logs because of a parent-child relationship (?), or ... I lack the technical knowledge to understand or say any more.

Remember: Stay safe, not paranoid!  8)

7
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 25, 2019, 02:10:11 am »
Some users are reporting issues with USB showing/not showing as intended and/or Smart Mode not toggling as it should. Please post here if you are one them and send DeveloperLog.log in C:\ProgramData\VoodooShield folder to Dan. Help keep VS on the move.  8) 

8
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 21, 2019, 11:50:53 pm »
Switching between "smart" mode and "autopilot".  ;D

It's definitely the writing to temp that is the culprit.

I think you mean guilty pleasure ... !  ;)

9
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 21, 2019, 08:53:01 pm »
@Geri123 - Notifications followed from your update to Adguard  beta. IDK what mode you normally use, but if you're installing something you know, changing to Install/Disable is the way to go. Adguard is writing to your temp file as well, so you know VS is watching.  8)

10
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 10, 2019, 05:27:49 pm »
Thank you, I totally agree with all of your points.  I am thinking more along the lines of outbound firewall monitoring and maybe some more advanced behavior monitoring mechanisms.

This feature could be useful, especially if it maintains VS's light weight.  8)

11
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 09, 2019, 08:01:56 pm »
@VoodooShield @shmu26

Andy's opinion is this:

"Forced SS can be easily introduced to VS as on-demand feature (my italics) for making installations (like in Hard_Configurator). I think that this would be a very good idea.:giggle:"

12
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 09, 2019, 06:17:18 pm »
Yea...ironically  ;D
It is sad that SS don't have additional info when it block something  :-\

SmartScreen in Windows 10 system wide but I have it turned off.

Why? It is a reliable check when installing new applications.

13
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 09, 2019, 04:05:30 am »
I don't know what happened, but when I tried to add this screenshot in my first post, but it didn't take:

I got the same one as you with the same result.

14
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 08, 2019, 11:38:43 pm »
Yea...ironically  ;D
It is sad that SS don't have additional info when it block something  :-\
Yeah, exactly!!!  That is why combining all of the tech would be amazing.  Users need as much file insight as they can get to be able to make an informed decision.

I got the block as well. This is a perfect example of Smartscreen doing its job - blocking unsigned files, or newly signed in this case. BTW Dan, I use RunBySmartscreen alongside VS and do so for the reason you mention. I installed over the top of 5.0 and I got a couple of error messages, but it still installed.  ::)  8)

15
VoodooShield / Re: VoodooShield v5 STABLE Thread
« on: June 07, 2019, 08:08:37 pm »
Hi Dan,

Well... everybody disable SS because they use better alternatives ...

...I do not know how well SS performs in blocking bad sites and bad files,


Your first point is inaccurate because you have stated no facts supporting the proposition that "most people" disable Smartscreen, and using it doesn't affect one's ability to also use ┬ÁBO or Adguard. Your second point indicates you may not have an accurate picture of Smartscreen's effectiveness and performance. Actually, it is a big part of Windows Defender's protection strategy.

Having said this, I support Dan investigating to see if such a change might be worthwhile. I think we're a long way from implementation at this point.


Pages: [1] 2 3 ... 6