What is your security setup these days?

IDS/AV is not going to stop a VUPEN grade zero-day. Their pwn2own 2014 Chrome exploit has a detection rate of 0/57 on VirusTotal.
Furthermore, are you also decrypting your SSL traffic so it can be scanned by your IDS/IPS?

With regard to Windows 8.1 running Chrome:
Vulnerability in Chrome combined with kernel exploit should be enough. If your able to get SYSTEM rights --> Game Over.

 

Nope, two are enough.
1 initial vulnerability (v8 engine, Flash, etc) and 1 EoP (Can be sandbox escape, can be kernel exploit)

 

Yes I have SSL inspection on.

Pictures of what?

 

It depends on the system and how it is set up. Exploits tend to fail in tightly locked down systems. Sandboxes are also good. Nothing is invincible but most common exploits depend on finding poorly secured systems run from an administrator account. That covers most default Windows installations. When confronted with more locked down institutional networks, social engineering is the more common route.

 

Although I am still pretty sure that no rule based IDS is going to pick-up a zero-day exploit...
You'll have to rely on Endpoint Protection / a sandbox to find such things when dealing with large traffic flows.

 

You can get quite far with having SYSTEM rights...

 

This is one for a few months back. Gear has been added, some changed. But the layout is similar. Servers are down on the 3rd shelf next to the Cyberpower UPS's.

 

That is theory. In real world conditions you need more. Just read the recent Pwn2Own reports of the successful chrome bypasses.

In practice no in the wild discovery for nearly five years by security specialists and white-hat researchers for updated chrome.

 

I've actually posted about this elsewhere. In a properly set up system, elevation from user to system is not trivial, even in XP. More so in Win 7. Most exploits depend on lax default security.

 

Changed from umatrix to ublock yet again for script blocking I was using just umatrix before Ublock was developed (Gorhill) then ublock for ads with umatrix for scripts then just ublock with dynamic filtering then umatrix for scripts and ublock for ads and now just uBlock Origin with dynamic filtering I keep switching both are good and I don't know which one I want or both So Security: Security:HP Chromebook 14 g3 tegra k1 2gb of ram,uBlock Origin block all globally and white-list only what is needed for the main sites I visit,https everywhere

 

I have to agree. Sometimes when i use dynamic filtering i think to myself, why not just use uMatrix or both given the extent i use dynamic filtering anyway. However at the moment im just using ublock without dynamic filtering. Too much of a hassle right now when im doing my post graduate research as this requires a lot of browsing the unknown web.

regards.

 

Yes, I am in high school and have to do a few essays and things like that so I agree also.

 

Switched to what's in my sig,i think i'm in love with this setup ,hope it will last.

 

Sandboxie and Emsisoft Anti-Malware.

 

XP Home SP3
Windows Firewall
Only NET 4 installed
No Flash installed for I.E.8.
Trick POSReady 2009 + KB3037578 (security update for NET. 4 - April 2015) installed
System Restore Off
Black Viper's List
PSExec
Norton Connect Safe
SBIE
EMET 4.1U1
No Java/Silverlight installed

Firefox - uBlock Origin + Noscript + Toggle Referer + HTTPS-Everywhere

 

(Pc my daughter)

7 Home 64-bit
Windows Firewall
System Restore Off
Black Viper's List
UAC Max
SUA
Deny Elevation
Autoplay on/off
No Java/Silverlight installed
Windows Defender off
Norton Connect Safe

EMET 5.2
MBAE 1.06 Premium

Chrome (64-bit) Command Line Switch --no-referrers
uBlock Origin + HTTPS Everywhere + Click & Clean

 

Good Evening! Killer One... Two Punch...Eset S.S.8...8.0.312...and Hitman Pro and HMP Alert... Go Habs...Go! Sincerely...Securon

 

@TS4H I added Umatrix again lol so here is my setup: Security: HP Chromebook 14 g3 tegra k1 2gb of ram, Umatrix allow image globally and block the rest globally, Ublock Origin default filters+ all privacy+ all malware domains+ all social+ dan pollocks host file+MVPS host+adblock warning removal list+anti-adblock killer, https everywhere

 

Privacy and security at its best. Coupled with Chrome OS and you are rock solid . However if i were you, i would assign the task of host based filtering over to uMatrix as its much efficiently coded for these types of filters. So filters like Dan Pollocks, MVPS and malware domains should be enabled in uMatrix, and text based filters such as Social, easylist easyprivacy should be in uBlock.

regards.

 

That must be your lightest setup with the least overlap in months: well chosen

 

I can see what you mean by security but not sure what you mean by privacy? As wouldn't you still be exposed to all Google tracking and logging with that setup? Or does it protect against that too. And does that setup largely protect privacy for most others besides Google if it does not? Thanks.

 

Apr. 20, 2015 - Updated, Added, Removed

Network

• Two Netgear Nighthawk R7000-100PAS Routers (Stock Firmware)
• Four Netgear PowerLine AV 500 Adapters
• Wired Cat5e Connection between both Routers
• WPA2-PSK AES Encryption
• SPI & NAT Firewalls Enabled
• OpenDNS Configuration

Computers

• Desktop - Windows 8.1 Pro with Media Center x64
• Laptop - Windows 8.1 x64

Built-In Security

• USER ACCOUNT CONTROL: HIGHEST SETTING
• EMET 5.2: MAXIMUM SECURITY SETTINGS
• WINDOWS SMART SCREEN: ENABLED
• WINDOWS DEFENDER: DISABLED
• WINDOWS FIREWALL: DISABLED

Resident

• Emsisoft Internet Security 10.0.0.5167 Beta (Paid)
• Appguard 4.2.6.1 Beta (Paid) - Medium
• NVT ERP 3.1.0.0 Build1-22022015 Beta (Paid)** - Alert Mode
• Sandboxie 4.17.2 Beta (Paid) - Sandboxie Container Folder on RAMDisk
• Adguard Premium 5.10.2020.6301 Beta (Paid)
• DNSCrypt Windows Service Manager 0.2 - DNSCrypt.eu Denmark

On-Demand

• PeerBlock 1.2 (P2P Blocking List)
• Shadow Defender 1.4.0.578** (Paid)
• Macrium Reflect Home Edition 6.0 Built 567* (Paid)
• VMWare Workstation 11.0.0 Build 2305329** (Paid)

Browser, Immunization, Tweaks

• Chrome 41.0.2272.118 x64 (HTTPS-Everywhere, Gmelius) - Chrome Profile Folder on RAMDisk and Sandboxed
• Homepage and Search Providers set to Startpage (Chrome and IE)
• LastPass 3.1.92 Premium (Chrome and IE)
• Spyware Blaster 5.0 (All Protection Enabled + Customblocking.txt)
• CryptoPrevent 7.4.11

*Macrium Reflect Home Edition installed in both Desktop & Laptop - Backup Template: Grandfather, Father, Son
**VMware Workstation only installed on Desktop \ Shadow Defender only installed on Laptop

dja2k

 

Okay will do and thanks!! Should I keep spam 404 for ublock since it is not in Umatrix?

 

windows 7 ultimate 64 bits
eset smart security 8
google chrome 64 bits
Malwarebytes Anti-Malware Premium
voodoo shield

 

Up to you, but I never have spam filters enabled.

regards.