This thread is set up to show what each person uses and its purpose.

Please do NOT discuss programs and/or their use, this can be done here:
Security that you use and its purpose - DISCUSSIONS ( http://www.wilderssecurity.com/showthread.php?t=78481).


I have split what I use into 3 stages, what I call Minimum, Medium and Tight Security, this is a GUIDE ONLY, for those wanting to know in which direction they should start to head. It is no use having all this security if you do not know how to use and maintain it…

In addition to the below there are a couple of good discussions on security software here (http://www.wilderssecurity.com/showthread.php?t=45284&page=1&pp=25) and here. (http://www.wilderssecurity.com/showthread.php?t=43117)

Cheers

Blackspear ;D




MINIMUM Security
Basic Barebones – Don’t go 4 wheel driving across the internet with this, or you’ll be sorry ;) ;D


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. Nod32 Anti-virus (paid product) – Anti-Virus software.
http://www.nod32.com/home/home.htm

How to Set up and Install Nod32. (http://www.wilderssecurity.com/showthread.php?t=37509)


3. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


4. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


5. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com/firefox


6. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.org





MEDIUM Security
The next step up.


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. Nod32 Anti-virus (paid product) – Anti-Virus software.
http://www.nod32.com/home/home.htm

How to Set up and Install Nod32. (http://www.wilderssecurity.com/showthread.php?t=37509)


3. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


4. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


5. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com/firefox


6. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.org


7. KeePass (FREE) – Password Storage and Generator.
http://keepass.info/


8. Replicator (FREE) – Backup program.
http://www.karenware.com


9. Crap Cleaner (FREE) – Deletes all Temp files and MRU (Most Recently Used).
http://www.ccleaner.com





TIGHT Security
This is what is currently set up on my system with Windows XP Pro. They all play together nicely and are very simple to use, update and maintain:


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. ESET NOD32 Antivirus (paid product) – Anti-Virus software.
http://www.eset.com

How to Set up and Install Nod32. (http://www.wilderssecurity.com/showthread.php?t=197509)


3. Prevx 3.0 (paid product) – Intrusion Prevention.
http://www.prevx.com


4. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


5. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


6. FirstDefence ISR (paid product) – Immediate recovery from software failure or corruption. This is on a 2nd Multi-user system.
http://www.leapfrogsoftware.com/product_info


7. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com


8. KeePass (FREE) – Password Storage and Generator.
http://keepass.info/


9. Replicator (FREE) – Backup program.
http://www.karenware.com


10. Crap Cleaner (FREE) – Deletes all Temp files and MRU (Most Recently Used).
http://www.ccleaner.com


11. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.com


12. Netgear Modem/Router (paid product) – ADSL Hardware firewall and Router.
http://www.netgear.com.au


13. DVD Burner for BACKUP of Data.


14. 2nd Internal Hard Drive for BACKUP of Data.


15. Seagate 320GB Laptop USB Hard Drive for BACKUP of Data.


16. Backup to a 2nd computer across a network.


The above will give you a very tight system. Ultimately it comes down to safe practices, and it is always best to practice and think of safety, otherwise it will remind you and it won’t hold back in doing so... it's a bit like gravity, very unforgiving...

Hope this helps...

Let us know how you go…

Cheers

Blackspear ;D


PS. If you would like to UPDATE your post, please advise a Moderator by PM and we should be able to accommodate you.

Hi Blackspear, ;)

My Set-up is pretty similar to your listed tight set-up.

SSM - System Safety Monitor (Free) - offers similar protection Process Guard ... it works flawlessly beside PG, without issue ... combined they offer Total Control.
(Available from Max Computing Software - http://maxcomputing.narod.ru/ssme.html?lang=en )

Another App to add would be either WormGuard (payware) or Script Defender (free).
Analog X - Script Defender - http://www.analogx.com/contents/download/system/sdefend.htm
DiamondCS - WormGuard - http://wormguard.diamondcs.com.au/

And Lastly ... definitely an encryption program.

Steve

Opps ... I missed one other suggestion. A dedicated ADS Streams Remover ( I know many apps have this built in functionality ... but they aren't always successful in deleting the Streams ) and seeing as this is becoming a viable vehicle to hide malware.

Merijn's ADS Spy: (Now included with HiJack This, but it is also available as a stand alone app.)
Home Page - http://www.spywareinfoforum.com/~merijn/
Direct Download - http://www.spywareinfoforum.com/~merijn/files/adsspy.zip

RejZoR's (eXcessive Software) -NTFS Streams Eraser - http://www.excessive-software.tk/
(it doesn't seem to be listed ATM ... I'm not sure why? But I don't see it currently)

Another option is (I've never tried it) :

SysInternal's - Streams - http://www.sysinternals.com/ntw2k/source/misc.shtml#streams


:lurking: *puppy* :lurking:

Here's my security setup,

Sygate Firewall (http://smb.sygate.com/)
AVG Anti-Virus (http://www.grisoft.com/us/us_index.php)
Enough is Enough! (http://www.spywarewarrior.com/uiuc/main-nf.htm)
hpguru's HOSTS File (http://www.dozleng.com/hpguru/)
eDexter (http://accs-net.com/hosts/eDexter.html)
TIF-Clean (http://www.spywarewarrior.com/uiuc/main-nf.htm)
Eraser (http://www.heidi.ie/eraser/)

I've no complaints.

Regards,
Pasta

Resident.

ZoneAlarm Pro - Firewall to keep connection's to what I decide and not what the application decides. Also to block intruders.

BOClean - Mainly protection against trojans, but also covers some other malware like CWS, Keyloggers, Hijackers etc.

Regrun - Suite of utilites offering protection from spyware, scripts, trojans, viruses, worms. It also enables you to analyse startup, registry and many other features.

NOD32 - Protection from viruses and trojans

Ad-Awatch - Protection from Hijackers, spyware, adware, spy cookies etc.

SpywareBlaster - Pro-active protection from spyware.

Cookiewall - To decide what cookie's stay or go

CookiePatrol(PestPatrol) - Protection form spy cookies.

WormGuard - Worm/malicious script protection.

--------------------------------------------------------------------------

On-demand.

KAV 4.5 - Anti-virus/Anti-trojan
PortExplorer - Monitoring incoming/outgoing connection's.
F-Prot for Dos - Free anti-virus/anti-trojan
Spybot - Anti-spyware
Pestpatrol - Anti-malware
Security Task Manager - Great for spotting keyloggers.
Spycop - Keylogger protection
A2 - Free Anti-trojan/spyware scanner
X-Cleaner Free - Anti-spyware/adware/keylogger scanner
Ad-aware Plus - Anti-Spyware scanner
Trojanhunter - Anti-trojan scanner.

muf

My setup is as follows:

Hardware Two physical hard drives with XP Pro boot partition on each drive
Zyxel Zywall 10w router
Linksys WRT54GS wireless router (used as access point only), Sveasoft Talisman firmware
Browser: Firefox (http://www.mozilla.org/)

Real-time security applications (ordered in my recommended priority need to have)
Generalized antimalware application (AV/AT/AS) - NOD32 (http://www.nod32.com/home/home.htm) on primary boot partition (probably boot to here 80-90% of the time) while KIS 6.0 beta (http://www.kaspersky.com/businessoptimal?chapter=154321255) is on my secondary boot partition.
Realtime process scanner - BOClean (http://www.nsclean.com/boclean.html) or Ewido Security Suite (http://www.ewido.net/en/). Guard against packed variants not handled by the main antimalware application
Action based monitor - Safe'n'Sec (http://www.star-force.com/computer_security/) which also has some registry protection. Other options would include ProcessGuard (http://www.diamondcs.com.au/processguard/) or AppDefend (http://www.ghostsecurity.com/index.php?page=appdefend)/RegDefend (http://www.ghostsecurity.com/index.php?page=regdefend) process/registry protection. SnS and PG-AD/RD serve similar, but somewhat different, roles. This can be served by the Proactive Defense module on the KIS partition. Note - early versions of the KIS PD module conflicted with SnS. Online-Armor (http://www.online-armor.com/index.php?area=home) is another viable option in this class.
Firewall - Look'n'Stop (http://www.looknstop.com/En/index2.htm) running just the application filtering side. Alternate option is Outpost Pro (http://www.agnitum.com/), itself a very decent firewall (optional if router present). KIS 2006 beta partition uses the native Anti-Hacker component.
Mailwasher Pro (http://www.firetrust.com/products/pro/): screen mail (optional for most users)
System recovery - The above applications focus on dealing with the malware, but sometimes recovery of the original machine state is needed. Two stylistic options are available here, classical system backup provided by products such as Acronis True Image (http://www.acronis.com/homecomputing/products/trueimage/) or system restoration provided by applications such as ShadowUser (http://www.shadowstor.com/products/ShadowUser/) or the now free ShadowSurfer (http://www.shadowstor.com/products/ShadowSurfer/), or First Defense ISR (http://www.raxco.com/products/fdisr/). Very different approaches that provide similar end results. The list is not all inclusive, other options are available.
On-demand coverage/cleaning/diagnostics/analysis - some installed, some available to install if needed CounterSpy (http://www.sunbeltsoftware.com/CounterSpy.cfm): spyware removal
Lavasoft Adaware SE Pro (http://www.lavasoftusa.com/): spyware removal
Webroot WindowWasher (http://www.webroot.com/products/windowwasher/?WRSID=be9bb5a981eb5ee3df39bdd98419366a): clean out TIF, cookies, etc.
Webroot Spysweeper (http://www.webroot.com/products/spysweeper/): spyware removal
DCS PortExplorer (http://www.diamondcs.com.au/portexplorer/): diagnostics
Sysinternals Process Explorer (http://www.sysinternals.com/ntw2k/freeware/procexp.shtml): diagnostics, trace image path, etc.
Spybot S&D (http://www.safer-networking.org/en/download/index.html): spyware removal
Ewido Security Suite (http://www.ewido.net/en/): backup trojan/spyware/general malware removal
NSClean/IEClean ([url=http://www.nsclean.com/): clean out TIF, cookies, etc.
Useful utilities
WinsockXPFix (http://www.spychecker.com/program/winsockxpfix.html): fix Winsock automatically
CWShredder 2.1 (http://www.intermute.com/spysubtract/cwshredder_download.html): check for/remove CoolWebSearch
Registry First-Aid (http://www.rosecitysoftware.com/reg1aid/): Registry maintenance
jv16 Power Tools 2005 (http://www.macecraft.com/jv16powertools2005/): Simple editing start up services/programs
mks_vir online scanner (http://www.mks.com.pl/): Online AV scanning
MWSnap (http://www.mirekw.com/winfreeware/mwsnap.html), recently converted to SnagIt (http://www.techsmith.com/products/snagit/default.asp): screen shots
PRTG Traffic Grapher (http://www.paessler.com/): Monitor aggregate network traffic across router

Some items are used regularly, some infrequently. I ignore duplication of function at the install level, but minimize it and resource footprint at the real-time level. In my opinion, the first three items under Real-time security applications constitute the primary and secondary layers of a very tight set-up and these applications plus a router are what I would recommend for typical users desiring strong protection. Some of the recent suites are viable as a single application version of this type of approach. Antispyware applications are desireable to have, but the trojan downloaders responsible for planting this junk on a system should be handled by the existing realtime defences.

Blue

Edited March 3 2005: updated information
Edited April 30 2005: updated information
Edited June 18 2005: updated information
Edited July 4 2005: updated information
Edited July 11 2005: updated information
Edited Nov. 6, 2005: updated information
Edited Feb. 9, 2006: updated information and presentation

Netgear MR814v2 router (http://www.netgear.com/) -- All routers in this price range suck, but this one is "OK".
Image for Windows (http://www.terabyteunlimited.com/) -- There are none more reliable or affordable.
NOD32 (http://www.nod32.com/) -- Hey, my CPU usage is under 90%! Who uninstalled KAV?
Ad Muncher (http://www.admuncher.com/) -- Switch to it and get your life back.
BestCrypt (http://www.jetico.com/) -- I like it.
BOClean (http://www.nsclean.com/boclean.html) -- So far a complete waste of CPU time on my system.
Eraser (http://www.heidi.ie/eraser/) -- Why did Heidi take this project, and then did nothing with it? Oh, that's right--to get donations.
Password Agent (http://www.moonsoftware.com/) -- Doesn't store passwords in plaintext in memory, unlike KeepAss Password Safe.
Opera (http://www.opera.com/) -- You do the math (http://www.secunia.com/) and decide.
PGP (http://www.pgp.com/) -- I hate this application, and only use it for work.
PurgeIE Pro (http://www.aandrc.com/purgeie/) -- You go ahead and clean crap, and I'll do it the right way instead.
Undelete (http://www.undelete.com/) -- Securely delete everything.

Very similar to Blackspear's setup (same AV, same FW, same browser, same extensions, same anti-spyware, except CounterSpy and not using some of the imaging/app blocker apps), with some additions:

- Proxomitron Filters all http traffic. Very good in stopping known (but unfixed) browser exploits, if you want it. I don't use it for that purpose though (only ad/tracking/cookie/script/popup filtering).

- Ewido for anti-trojan protection (replaced TDS-3 as my 1st choice).

- security policies and services pruning

- Bitdefender and AntiVir PE (only on-demand) as backup solutions.

1. BitDefender 8 Professional Plus
2. Spybot Search and Destroy
3. Spy Hunter
4. Cryptomathic file2file encryption
5. Process Guard
6. TDS-3
7. Pest Patrol
8. Adaware
9. External hard drive
10. Firefox
11. Hijackthis
12. Hosts file
13. Unnecessary services disabled
14. Microsoft Antispyware
15. Other scans- jotti, BitDefender, Symantec, TrendMicro, AVG

My own methods

16. Internet connection physically disabled when computer is not in use, and while I am away from home.
17. Maximum characters allowed for passwords; numbers, letters, and if allowed...characters
18. Passwords and personal data on cd only and encrypted. Locked in safe until I need to use it. Data on computer deleted with Cybershredder.
19. I will call in an order if I am able, before I order anything via the internet
20. Dummy email addresses. Make an email address for a forum or download, sign up, verify the address with the entity, delete the email address. This has killed most of my spam by the way.
21. I change passwords for online banking every week; via the telephone. It's amazing how accomodating they can be after a hacker breaks into their online system, and you threaten to kill your accounts. :)
22. Credit card numbers are changed every 6 months. This is easy to do. Tell them you lost your card and that you aren't sure if anyone stole it. They'll can the number right then and there.

Hi all,

My favorite security products at this time are:

First line of defense

1) ZoneAlarm Pro: firewall protection sitting behind a NetGear router.

2) Kaspersky 4.5: The same scan/detection engine and database as 5.0, without ADS. Very stable. So far, has caught all malware trying to enter my system. Norton AV was porous when compared to KAV.

3) ProcessGuard (licensed): alerts me whenever a new program is trying to execute on my system. Helps prevents rootkits and keyloggers from installing. Excellent first line of defense along with KAV and RegDefend.

4) RegDefend: I've added the "RegRun registry entries" that Puff has made available to Ghost Suite's RegDefend forum members. Excellent pro-active registry guard.

5) Firefox and Thunderbird: I have found that these products have substantially helped take the pressure off my first-line of defense.


Second line of defense

1) Ewido (licensed): Real-time monitoring of trojans. Has never caught anything in real-time but does catch tracking cookies during on-demand scans.

2) UnHackMe: Rootkit installation prevention

3) WormGuard: traps potentially malicious scripts

4) SpywareGuard: this one may go.

Third-line (on-demand) protection

1) TDS-3: For detecting the most difficult trojans. So far has never detected anything after installing KAV with extended databases. Often found malware when I was using Norton AV.

2) Ad-aware and Spybot: I can still count on Ad-aware to find minor stuff here and there. Spybot doesn't seem to be catching much new nowadays.

2) HijackThis: Great tool for gathering info about my system. I have donated money to support this very helpful utility.

3) CounterSpy Anti-spyware(trial): so far has done a better job than Giant AS (MS AS) in finding bits of tracking cookies and other minor malware. A modest addition to my defense.

4) Trojan Hunter and BOClean: I keep these products up-to-date, but rarely have an occassion to use them nowadays. KAV + PG + RegDefend appear to be very strong - which is good news.

5) SpywareBlaster: it's free and works with Spybot's Immunize protection.

6) DCS Port Explorer: gathers port information

7) System Internals Filemon: gathers program file writing information

Clean-up

1) RegSeeker

2) CCleaner


Rich

Router
Outpost Firewall
BlackIce pretender
GhostSurf
Firefox
Process Guard
Winsonar
RegRun
Prevx
NOD32
Counterspy
Winpatrol
Unhackme

Security TaskManager
True Image
HardenIt
escan free
Ewido
RegWatcher drove me crazy so it's disabled at the moment (Hi!)
Various other rootkit detectors, ADS, etc -

1.NOD32
2.BoClean
3.Crap Cleaner
4.CryptoSuite
5.Password Corral
6.HostsMan
7.PortExplorer
8.Sygate
9.SpywareBlaster
10. Ad-Aware
11.Spybot
12.Script Sentry
13. MVPS HOSTS file
14.IE-Spyad

Hardware:

2 hard drives
DVD Burner
CDRW Burner
USB External Storage Device
2-Wire DSL Router
Linksys DSL Router w/ 4-port switch
Software:

Windows XP SP1
NOD32 (Beta) - Paid
F-Prot (Backup Scanner) - Paid
ZoneAlarm - Home Version
FireFox
Ewido - Home Version
Microsoft Anti-Spyware
Ad-Aware
Spybot S&D
SpywareBlaster
RegTuneUp - http://acelogix.com/
Diskeeper - http://www.executive.com/coverpage.asp
X-TEQ Setup - system config editor

Belkin Router
VmWare Workstation
Ewido
ProcessGuard
Nod32
Tiny
Regdefend
Boclean
AdMuncher
ISR
Giant
RegRun Gold
SpyBlocker
SpyBot
TDS-3
PortExplorer
WormGuard
TrojanHunter
PestPatrol
ProcX
Invisible Secrets
Opera for main Browsing ;D

Hardware
Belkin Cable/DSL Gateway Router F5D5231-4. (http://catalog.belkin.com/IWCatProductPage.process?Merchant_Id=&Section_Id=201487&pcount=&Product_Id=136521)
Belkin F6C800-UNV UPS. (http://www.google.com/search?hl=en&lr=&q=belkin+f6c800-unv)
External harddrive to store backups.

Resident
NIS 2005 (Daily Intelligent Update and Bloodhound on High)
Belkin Bulldog Plus Software (UPS monitoring software)
IE-Spyad (http://www.spywarewarrior.com/uiuc/resource.htm#IESPYAD)
AGNIS (http://www.spywarewarrior.com/uiuc/resource.htm#AGNIS)
SpywareBlaster
Spybot Search and Destroy: Immunized and "bad download blocker"

On Demand
Norton Ghost (external harddrive for backups)
Ad-aware
spybot s&d
microsoft AS
Panda ActiveScan (http://www.pandasoftware.com/activescan/)
TrendMicro HouseCall (http://housecall.trendmicro.com/)
Mcafee FreeScan (http://us.mcafee.com/root/mfs/default.asp?cid=9059)


Everything was/is free or "free after rebate." Except, $30 for the UPS and $45 for the 120GB external harddrive. For those with more time than money: fatwallet.com (http://www.fatwallet.com/c/18)

Basic security measures:
Linux gateway (http://www.contribs.org) equipped with clamav, spamassassin, and rootkit hunter, all there to secure my network from internet and windows related threats

Low cost measures, my primary system:
Linux desktop, only security measure needed: not running as root

Medium cost:
W2K, equipped with avast! and adaware (I have no clue why I need it, but it's free)
Further equipped with Non MS software only, The Bat! with K9 anti spam
Not running as Admin

Heavy cost
WinXP home computer system: Outpost Pro FW and NOD32 AV
Connected wireless, mac address authentication
Further equipped with Non MS software only.
Family accounts are non admin accounts.

That's about it, I think.
O yeah, I'm not running MS software on my main system either ;D

Hi,
Here's what I use:
ZA firewall
AVG anti-virus
Ad-Aware SE & Spybot
Microsoft Anti-Spyware
SpywareGuard
SpywareBlaster
Firefox for browsing

Other applications:
SnoopFree anti-keylogger
Attach Shield Worm Suppression
Proxomitron with Kye-U filters
I must add Proxo is impressive, it stopped the recently rediscovered firefox vulnerability even without the opne in tabs only solution!
WSH anti-polymorphing patch
WMP anti-vbs patch
BugOff
HTAStop
ADSSpy
SafeXP
WWDC
DropMyRights
Bazooka

Ewido and A2 on demand

Raw sockets locked
Disabled services: messenger, remote registry, unpnp, telnet etc.

Mrk

Small and easy to maintain yet providing good security with all _free_ software.

XP Limited account with SP2 and ALL critical patches
Kerio 2.15 and CHX-I (Firewall and Pakcet filter)
AVG (Antivirus)
PG and Prevx (IDS and Hosts IDS)
Ad-aware and Spyware Blaster (Anti-spyware cleaner and prevention)
Mozilla Firefox (latest stable) for browsing with NoScript to block out Javascript except for the sites that need it and 3 combined adblock filters.

Other:
AxCrypt - All personal files on this computer is encrypted
Eraser - For deleting files plenty of times
Regseeker and CCleaner - Clear junk
Combined 3 hosts files (MPVS, Remember.mine.nu and Mike's)
OS Drive (C:\) and Personal Drive (D:\) both imaged with Partition Image.

This Computer has been hardened with SafeXP, Harden-It, Secure-it and heaps more. Also turned off unrequired services in services.msc

I know what I am doing and only visit a limited amount of websites (from my bookmark) most of the time

Software

Kaspersky Anti-Virus 5.0
ClamWin Anti-Virus(backup)
Outpost Firewall Pro 2.7
Acronis Privacy Expert Suite
Diamond CS WormGuard
A-squared Personal 1.6
Ad-Aware SE Personal
Spybot S&D 1.4
SpywareBlaster 3.4
SpywareGuard 2.2
Bazooka
MRU-Blaster
Process Explorer
BlueTack's Host File
IE-Spyad
BugOff
RegSeeker
Registry Mechanic 5.0
Registry Compressor
Startup Inspector for Windows 2.2
CCleaner
World Industies

It's all in My Sig!! It works together and plays together well!!


Cheers,

WOW! :o That defense profile's so tight even a greased BB won't squeeze through. ;D

Don't Prevx and Winpatrol do the same thing? Aren't they both IDS (Intrusion Detection Systems)? If your A2 (A-squared) is the Personal version rather than the Free version, the Personal version also has IDS. Too many IDS programs concurrently active might not be a good idea.

-{ Quote: "Don't Prevx and Winpatrol do the same thing? Aren't they both IDS (Intrusion Detection Systems)? If your A2 (A-squared) is the Personal version rather than the Free version, the Personal version also has IDS. Too many IDS programs concurrently active might not be a good idea." }-


I don't know who you are asking! But I only use A-squared on demand!!

And I removed Prevx and my Box Seems faster now!!

This is what I'm running at the moment!!

-NOD32

-ZoneAlarm

-ProcessGuard

-WormGuard

-WinPatrol

-RegDefend


All others are on demand!!

Hope this clears it up alittle!!

Cheers,

seamaiden - no, prevx protects many more areas of ur computer/OS and it has buffer overrun protection. also prevx is considered an HIPS possibly since it can actually stop an attack/change instead of just prompt.

also heres my setup:

NOD32
avast pro (backup)
Outpost Firewall Pro
Webroot Spysweeper
Trend Micro AntiSpyware
Spybot Search & Destroy
Spyware Blaster
SpywareGuard
a-squared personal
ewido security suite
PeerGuardian 2
ProcessGuard
Safe 'n' Sec
Online Armor
Harden-It
Secure-It
Samurai
RegRun Security Suite
adblock plus (w/ filtersetg) (ff extension)
noscript (ff extension)
MVPS hosts
script defender

Is it just me or is it sad that this much trouble, diligence, work and money have to go into securing a rig. Maybe we should submit bills to Microsoft and have some criminal punishment imposed on hackers.

My setup can be seen below. I have ActiveX blocked in Outpost Active Content PlugIn.

I think this is a very tight setup - allthough lite compared to many others.

Best Regards

wow, this thread is old.

anyways, the setup i posted in this thread was severely exaggerated (i shouldve tried it first ;D )...my current setup can be viewed here (http://www.wilderssecurity.com/showpost.php?p=748273&postcount=403).

Apple Mac OSX :P

;D

IMHO this is probably the most bulletproof setup around, 4 sweet programs:

1) shadowsurfer (it's a deep freeze clone)
followed by
2) geswall personal (it's a sandbox/application firewall mix)
followed by
3) antivir classic (antivirus)
followed by
4) jetico or comodo (firewall)

the beauty of this setup is all 4 programs compliment each other beautifully. on my system there are no conflicts between them. the other excellent thing about this setup is all 4 programs are completely FREE (for personal use of course)!

Hey,

why not only KIS 6?

With Kaspersky Internet Security 2006, you get an AntiVirus, Personal Firewall and HIPS :D

I don't think that any other solution give you this type of protection plus with minimal resource usage/consumption..(max. 10 MB RAM..)

And all that in Germany for only 39 EUR ;-)

Ok, on some local stores for even 29 EUR..

best regards,

iNsuRRecTiON

This is what I would call a MINIMUM setup for my home PC's:

Hardware:

Broadband Router

Software:

1. 7tools Partition Imager/Ghost 2003 (paid)--HDD imaging program for backing up partitions and general data backup.

2. NOD32 Antivirus (paid)--Antivirus/Antithreat real-time protection. F-PROT Antivirus (paid)--Antivirus real-time and/or on-demand protection.

3. Mozilla Thunderbird (free)--better e-mail client.

4. SpywareBlaster (free)--passive defense against spyware infestation.

5. IE-Spyad (free)--passive protection against IE hijack/spyware infestation.

6. Mozilla Firefox (free)--safer web browser.

Miscellaneous Tools:

RegSeeker--free registry cleaner.
Diskeeper (paid)--automatic HDD defragger.
Contig.exe (free)--On-demand high-speed HDD defragger.
Look N Stop Lite--free inbound firewall for older laptop.
ZA Pro (paid)--application filtering firewall.
BOClean (paid)--antitrojan/antimalware.
AdAware (free)--adware/spyware remover.
CounterSpy (paid)--real-time spyware protection/removal.
ERD Commander bootable CD--computer 'pocketknife'.

Processguard free
AVG antivirus
Snoopfree
Powershadow
Sandboxie
Asquared on demand
AVG antispyware on demand
hardware firewall and LnS firewall for outgoing

Kaspersky Internet Suite 6-----Anti-Virus Protection/HIPS/Firewall etc,
System Safety Monitor ----HIPS
ProcessGuard Free----Process/App Firewall
Spyware Terminator--Resident Shield + HIPS
Powershadow------Virtual Drive (Complete) Protection from Bad Softs/Malware
SUPERAntiSpyware---Malware Scanning/Removal (On-Demand)
AVG 7.5 AS----Malware Scanning (On-Demand)
A2 Squared---Malware Scanning (On-Demand)
Snoopfree---Keyboard/ScreenCapture Shield
Kerio 2.15--Firewall (WORKS! In Combo with KIS6)(NO Issues)


..............................More to come :thumb:

Minimum

- External harddisk with software to backup restore images (Partition Magic paid) and data (Syncback free)
- Bart's CD with DriveImageXML in case XP fails to start (disaster recovery)
- Hardening XP (e.g. SafeXP, Seconfig)
- Windows XP build-in (DEP enabled for all programs, reduced permissions with regedit to add/delete services)
- passive protection: SpywareBlaster/AdvancedWindowCare, and a scriptcatcher like ScriptDefender)

First line (gateway to your PC):
- Inbound hardware firewall, with encrypted wireless traffic plus MAC address control
- Paid sandbox (PC1 = DefenseWall, PC2=GeSWall Pro)

Second line (PC wide/general)
- Processmodification protection (PC1 = SSM-free, PC2=CyberHawk-free)
- Antivirus (Antivir, because its free with one of the best detection rates and strong heuristics = on both PC's)

Other:
- PC1 has a resident third line of defense (outbound software firewall plus datawall = SensiveGuard free)
- PC2 has an AD HOC defense (PowerShadow = 2.6 free ) for trying out software and extra safe surfing.

That's it simple and strong and mostly freeware, no on-demand stuff, no anti-spyware (after six month of checking with AVG/Ewido Antispy + SuperAntiSpyware, I know I will not likely get spyware on these configs)

Netgear Web Safe Router - Hardware firewall, 1st line of defense
Spyware Blaster, Seconfig, MVPS Hosts File - Hardening
LooknStop - software firewall primarily for outbound protection.
NOD32 - AV and AT
BOCLEAN - AT and general malware
Ghost Security Suite - HIPS - Protection from unauthorized access/modification
LinkScanner Pro - Website code checking/protection
Firefox with Netcraft Toolbar, NoScript - Safer surfing
Keepass Portable on a flash drive - Password protection/generator
SuperAntispyware, a-squared, ewido-micro, Rootkit Unhooker, CWShredder, Rootkit Revealer, Hijack This - Malware scanners
Process Explorer, Process Monitor, Autoruns, TCPView, Active Ports, AccessEnum, SIW, Faber Toys - Diagnostics/PC info
Power Shadow - Virtual Drive - erase any changes to PC/Testing software
First Defense ISR - Recovery
Image for DOS w/Imageall - Disk/Partition Imaging
AcomData 250GB External HD - Data backup

Asyland and Easter,

For how many PC's do you use these aps?

;)

Hardened OS + snoopfree, SonicWall router, Reg Defend free, MJ Registry Watcher, and Tiny Watcher. I have a different approach to security for my box. Simply put I aint got the time for AV scanners, RK scanners, Trojan scanners, etc., etc. even the virtual and sandbox stuff can become questionable even though I currently use off and on POWERSHADOW. I have put the 3 above programs through alot of live malware, RK, Trojan, and Virus testing. I specifically use them for "Red Flagging" any malicious or possible harmful activity on my box and that is all. I'am very impressed with Tiny Watcher's, Reg Defend's , and MJ Registry Watcher's ability to detect system changes including hidden driver files and registry changes that live malware, trojans, rks, and viruses create when they are actively running. What one program misses the other usually catches. Anyways to make a long story short I have kernel level + polling monitoring, if and when I get a redflag, then a simple restore of my OS from my external is in order, takes less than 60 seconds. Of course there are faster ways of restoring using paid programs like FDISR or RollbackRX however my methods are free and I'm able to restore my OS with my original settings even if I have a HD failure. :)

YankinNCrankin,

Could you tell me what the functional difference is between the paid and the free regdefend. I always thought that regdefend free was a cripled application. But in a different post some one claimed that you still could add rules, still could use the block all respond after a pop-up (so the pop-up would never stop).

Regards K

-{ Quote: "Asyland and Easter,

For how many PC's do you use these aps?

;)" }-

On my main surfering unit right here. How about that.

Easter

That's a triple WOW on process level protection: SSM + PG + ST (HIPS), while also having advanced proactive defense of KIS and IDS of ST.

Regards K

-{ Quote: "YankinNCrankin,

Could you tell me what the functional difference is between the paid and the free regdefend. I always thought that regdefend free was a cripled application. But in a different post some one claimed that you still could add rules, still could use the block all respond after a pop-up (so the pop-up would never stop).

Regards K" }-
Can't tell you I don't have paid version but as I said earlier in my post I mainly use it to flag unwanted activity I don't bother trying to clean or stop stuff from happening, a clean restore would be in order. :)
I'm going a bit off topic but I have personally witnessed malware using deep freeze type and rollbackrx type technology where a simple format and and reinstall of the OS just won't work. The malware lays resting on the drive awaiting to detect an active OS. For now I do know that deleting the actual partition then recreating and formating is able to thwart this type of malware.
Hehehehe I had to say something cause about 4 days ago I got a BSOD with some funky "alien Characters" near the bottom right of my screen never ever experienced that in my years of testing malware

YankinNCrankin

That is why I use a datawall (like Sensiveguard)

It does not allow any program with internet connection to drop (create, modify or delete) with the suffixes: *.exe, *.com, *.dll, *.tlb, *.ocx, *.vxd, *.sys, *.ini,*.hta, *.drv. on my C-drive and D-drive

Besides the outbound protection no programs (except when initiated by user) is allowed to even read *.doc, *.ppt, *.jpg, etc. on my D-drive

I am wondering whether a good registry monitor and prevention of dropping of potential harmfull files would be sufficient protection (skip SSM, replace it with Regdefend in my setup: Avira free, SSM free, DefenseWall paid, SensiveGuard free).

Regards K

It probably would, now a days I don't spend too much time trying to prevent stuff, my main concern is being able to detect an undesirable event(s), then a clean restore is in order, its just alot faster then relying on Av scanners, Spyware,and Trojan & RK scanners to hopefully detect all and reliably clean all. So detecting changes, registry file creations and modifications, driver.sys files etc. etc. both seen and hidden is what I use scanners for. I have have both polling and kernel level scanning, plus on demand scanning if need be, that takes a mere 10-15 seconds. So far I have been 100% successful in detecting system changes (file creations, modifications, deletions, driver, and registry) both hidden and seen that are done by actual "live malware" of different kinds. Mind you I have this method of security set up on a totally clean system thats hardened barebones, so I know all about what should be and should'nt be on my box.
Memory usage a mere 18,000k for my Idea of security. ;)

YankinNcrankin,

How do you do such a quick reformat?

10-15 seconds and at only 18,000k memory usage only?

:thumb:

-{ Quote: "Easter

That's a triple WOW on process level protection: SSM + PG + ST (HIPS), while also having advanced proactive defense of KIS and IDS of ST.

Regards K" }-

Yes, i waited a long time for security vendors to coexist with each other and thats becoming more a reality now then ever before. I might add also add makes for a solid shield of defense too without burdening my puny little 512 MB ram.

Does the trick alright, thats for sure.

-{ Quote: "YankinNcrankin,

How do you do such a quick reformat?

10-15 seconds and at only 18,000k memory usage only?

:thumb:" }-
My scanners take that amount of time. I have both kernel level and polling and on demand type scanners that will alert me of file modifications, deletions, creations both seen and hidden, it even covers the registry both seen and hidden. Memory usage for installed running programs and scanners total 18,000k.
I don't reformat I usually overwrite my OS with a clean image that takes less than 45 seconds, depending on how bad the infection I may even delete the partition, killdisk it, DBAN it, then recreate partition then reformat, then install clean image. :)

To coin some displays courtesy asyland

NOD32 - AV and AT (not employed but on-hand)
Kaspersky Internet Suite 6
Ghost Security Suite plus System Safety Monitor-Lauch Monitor by Info Process HIPS - Protection from unauthorized access/modification (Excellent!)
EFT for flash drive (can set as Read-Only)
SuperAntispyware, a-squared, Rootkit Unhooker, Hijack This, Grisoft AVG 7.5 AS, AVZ 4.23, SEEM- Malware scanners
Snoopfree, Keyboard/screen peeping protection
Autoruns, TCPView, Active Ports, AccessEnum, SIW, Faber Toys - Diagnostics/PC info
Power Shadow - Virtual Drive - erase any changes to PC/Testing software
Paragon Enterprise- Disk/Partition Imaging
RKUnhooker, Modgreper, SVV, holy_father's PM, Phunter, deep forensics examiners for rootkits/hiders

Verdict still out on finding a perfect duplicate clone app that can sector for sector plus MBR recover a mirror image of my main unit. (Very-To-Do List) or external drive backup storage.