Hangetsu
January 26th, 2008, 11:10 AM
Hi all, I'm looking for some advice on setting up security on a new Vista Ultimate 64 bit box. I'm trying to keep my security and main vectors for infection (mail and browser) 64 bit as well, while keeping the number of services running to a minimum. This is a tiny bit more than just AV, so it this post needs to be moved my apologies admins.
Here's what I'm thinking of running, I'm open and appeciative of any suggestions you might have:
OS: Vista Ultimate 64bit, using UAC and running under a Limited Account
Browser: I planned to stay with IE7 (Protected Mode and modified Internet Zone settings), but in the past day I've built this rig my customized Internet Zone settings have changed for the worse without my OK (for example, the .NET Framework options such as Loose XAML have moved from Disabled to Enabled without my consent). My guess is OneCare did this, or a windows update, but this doesn't give me a warm and fuzzy. Neither Mozilla nor Opera appear to have 64 bit browsers, and I think I'd miss Protected Mode if I switched - And if the issue is OneCare, that will be resolved below I think ;D. Any ideas here would be greatly appreciated!
Anti-Spyware: I'm going to keep Windows Defender running alongside whatever AV/AS package I buy, simply because it does keep track of some OS settings as well, is relatively lightweight, and wont interfere with my AV/AS package.
Anti-Virus: Right now I have OneCare installed on this box, but given I have Ultimate I don't think I require the additional "fluff" that comes with it - However, it is a 64 bit AV, and there aren't many others out there. The only other one I can think of that is native 64 bit is NOD32 (which I do have a license for) - Have the issues in 3.0 been fixed? Perhaps Norton (AV only) might be another option; I've had bad experiences with the Internet Security and 360 products though, and since I want to keep the machine as "lightweight" as possible...
Firewall: I'm behind a NAT firewall, so between that, the Windows Firewall in Vista, and the fact that I will using a Limited Account (to protect myself from installs), I don't think an outbound monitor will save me all that much - Hopefully my AV/AS will pick up anything out of the norm should disaster strike.
Sorry this post was so long-winded, but I wanted to get my questions out there and I respect the opinions of the folks here (I have a similar post on DSLReports too, the other site I visit for security stuff). Looking forward to getting some help!
Here's what I'm thinking of running, I'm open and appeciative of any suggestions you might have:
OS: Vista Ultimate 64bit, using UAC and running under a Limited Account
Browser: I planned to stay with IE7 (Protected Mode and modified Internet Zone settings), but in the past day I've built this rig my customized Internet Zone settings have changed for the worse without my OK (for example, the .NET Framework options such as Loose XAML have moved from Disabled to Enabled without my consent). My guess is OneCare did this, or a windows update, but this doesn't give me a warm and fuzzy. Neither Mozilla nor Opera appear to have 64 bit browsers, and I think I'd miss Protected Mode if I switched - And if the issue is OneCare, that will be resolved below I think ;D. Any ideas here would be greatly appreciated!
Anti-Spyware: I'm going to keep Windows Defender running alongside whatever AV/AS package I buy, simply because it does keep track of some OS settings as well, is relatively lightweight, and wont interfere with my AV/AS package.
Anti-Virus: Right now I have OneCare installed on this box, but given I have Ultimate I don't think I require the additional "fluff" that comes with it - However, it is a 64 bit AV, and there aren't many others out there. The only other one I can think of that is native 64 bit is NOD32 (which I do have a license for) - Have the issues in 3.0 been fixed? Perhaps Norton (AV only) might be another option; I've had bad experiences with the Internet Security and 360 products though, and since I want to keep the machine as "lightweight" as possible...
Firewall: I'm behind a NAT firewall, so between that, the Windows Firewall in Vista, and the fact that I will using a Limited Account (to protect myself from installs), I don't think an outbound monitor will save me all that much - Hopefully my AV/AS will pick up anything out of the norm should disaster strike.
Sorry this post was so long-winded, but I wanted to get my questions out there and I respect the opinions of the folks here (I have a similar post on DSLReports too, the other site I visit for security stuff). Looking forward to getting some help!