Kees1958
December 29th, 2007, 07:52 AM
Hi all,
On the 'play with security PC' I have run for the last months a very light combo of freeware security
Samourai HIPS
Only select the following options:
a) enable rootkit protection,
b) disable anonymous sessions
c) disable guest account
Effect
==> Will warn you when a driver tries to install
ScriptDefender
Install scriptdefender
Effect
==> Will warn you when a script is run
Online Armor free
Run it out of the box with the following option
a) Go to the process guard and select the 'run safer' option for all your internet facing applications, like your e-mail client (eg. Outlook express), webbrowser (e.g. Internet Explorer), P2P program (eg LimeWire), messenger (e.g. Windows messenger)
b) Also run scriptdefender with limited rights (run safer)
Effect
==> Easy to use firewall and anti executable (the default setup)
==> All internet facing aps will run with limited rights (option A)
==> All scripts will run with limited righst (option B)
WinPooch
Download the attached filter in this post. Open with Notepad and save as ANSI file with the WFP extention instead off TXT. Install WinPooch without the freeware Clamwin antivirus. Open Winpooch configuration, see http://www.softpedia.com/screenshots/Winpooch_3.png and import this filter
WinPooch has one strange registry key syntax: for HKCU use HKU\*\ instead, all others are common syntax (e.g. HKLM). Always use Joker for registry entries (even when there is no joker in it like * for all, or run* for run plus or question marks for letter jokers e.g. controlset ? ? ?, wthout spaces for controlset001/002/etc), this will reduce capital/normal character typing errors.
Effect
==> Will warn you when a sensitive registry key is changed (should be very quiet, meaning no popups)
==> Will warn you when a sensitive OS file is changed (should ve very quiet also)
Dealing with pop-ups
Samourai driver install warning
When you are installing a legitemate application choose allow or otherwise block.
WinPooch
When you are installing a legitemate application choose "let process through". When you are updating (e.g. Antivirus) and WinPooch might pop-up, choose new filter (choose accept and quiet/silent in the next screen). All settings should be static, so in normal operation WinPooch will not pop-up.
OA Armor
See help file
On the 'play with security PC' I have run for the last months a very light combo of freeware security
Samourai HIPS
Only select the following options:
a) enable rootkit protection,
b) disable anonymous sessions
c) disable guest account
Effect
==> Will warn you when a driver tries to install
ScriptDefender
Install scriptdefender
Effect
==> Will warn you when a script is run
Online Armor free
Run it out of the box with the following option
a) Go to the process guard and select the 'run safer' option for all your internet facing applications, like your e-mail client (eg. Outlook express), webbrowser (e.g. Internet Explorer), P2P program (eg LimeWire), messenger (e.g. Windows messenger)
b) Also run scriptdefender with limited rights (run safer)
Effect
==> Easy to use firewall and anti executable (the default setup)
==> All internet facing aps will run with limited rights (option A)
==> All scripts will run with limited righst (option B)
WinPooch
Download the attached filter in this post. Open with Notepad and save as ANSI file with the WFP extention instead off TXT. Install WinPooch without the freeware Clamwin antivirus. Open Winpooch configuration, see http://www.softpedia.com/screenshots/Winpooch_3.png and import this filter
WinPooch has one strange registry key syntax: for HKCU use HKU\*\ instead, all others are common syntax (e.g. HKLM). Always use Joker for registry entries (even when there is no joker in it like * for all, or run* for run plus or question marks for letter jokers e.g. controlset ? ? ?, wthout spaces for controlset001/002/etc), this will reduce capital/normal character typing errors.
Effect
==> Will warn you when a sensitive registry key is changed (should be very quiet, meaning no popups)
==> Will warn you when a sensitive OS file is changed (should ve very quiet also)
Dealing with pop-ups
Samourai driver install warning
When you are installing a legitemate application choose allow or otherwise block.
WinPooch
When you are installing a legitemate application choose "let process through". When you are updating (e.g. Antivirus) and WinPooch might pop-up, choose new filter (choose accept and quiet/silent in the next screen). All settings should be static, so in normal operation WinPooch will not pop-up.
OA Armor
See help file