What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    In the almost 1500 pages of this thread, this has been touched upon before. To each his own, I like reading about what others do and have done in the past. Any security setup can be challenged by a determined adversary. I don't post my own because it varies from computer to computer and is based more on technique and need than any particular piece of software. At the client level, the base is classical: Tightly locked down LUAs based on UNIX rather than default Windows LUAs and imaging for quick system restoration. To this base, I've added a lot of browser security as time has gone on with Javascript blocking and control a high priority these days. Compartmentalization and segregation are things that I'm implementing more and more. Layed redundancy as well. So, for example, should my browser stumble onto an exploit page, the exploit would first have to deal with a default deny javascript whitelisting which more than likely will prevent it from getting to step one of its exploit process. Should that happen, it will encounter a really strict LUA with a lot more barriers to privilege escalation than on most systems and will find nowhere to drop any payloads that could execute. Should I, in a moment of carelessness, allow that to happen, I could erase the event by restoring a system image from before it happened. I prefer using what the OS has to offer to harden a system rather than purchase time limited licenses for security products that are targeted for typical Windows users who run everything from an administrator account. So reading about the actual techniques used by others with a similar approach like Windows_Security is very interesting to me and I appreciate seeing it posted.
     
  2. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    If you know Wilder's members, you should know that the majority of us (not all) change our setups, like we change the sheets on our beds.

    So, listing our setups is really not that big of a deal.

    Plus, I agree with what Minimalist said below...

     
  3. Tarantula

    Tarantula Guest

  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    It's a question about how paranoid you are. The chances of us getting personally targeted is extremely small, so I don't mind posting my set-up.
     
  5. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Nothing fancy or ground-breaking. I use the same basic setup on each of my machines +/- a few parts.

    Compared with my setup in 2011:
    - replaced Sandboxie's anti-executable function with Software Policy;
    - replaced hosts/DNS/ABP protections entirely with uBlock;
    - no longer use AM/AV real-time protection on any of my machines;
    - added exploit protection and NoScript.

    Otherwise my approach is the same, minimal surface area and deny run access.

    Networking:
    Hardware firewall (DD-WRT).
    Minimal services and network protocols

    Browser:
    Palemoon (or FF on XP)
    Flash (ask to activate), no other plugins
    uBlock origin (malware, tracking)
    NoScript
    MBAE

    System:
    Software Policy
    EMET (all internet facing except browser)

    Otherwise I have VeraCrypt (for backups); Sandboxie (for testing); Bouncer (logging only); SecureFolders (only to hide or lock particular folders), and I still check Autoruns far too often.

    See you all in 2019.
     
  6. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    For normal WildersSecurity visitors: changes of being a target are pretty slim, but if you're working with sensitive research, then it's a completely different story.
    It is not uncommon that an intelligence agency is trying to seek contact with a researcher for improving their offensive capabilities.
     
  7. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
    Is there any need today for "anti-trojan" apps ?
    Is it adding any security layer (even small) to anti-viruses/malwares , sandboxes , anti-exploits , etc ?

    Because I found a license for Trojan Remover purchased from more than ten years , and I think its on-demand scanner, and still getting updates (not abandoned).
     
  8. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    KIS 2015
    HMPA 3
    MBAM Pro (real-time)

    Browser: FF with ABP, Ghostery and Disconnect,
    no Java, JavaScript and Flash disabled

    regular backups

    Is there anything else I should use? Thanks for your help.:thumb:
     
  9. ReverseGear

    ReverseGear Guest

    Replaced 360 with WSA and removed HMPA
     
  10. MetalOllie

    MetalOllie Registered Member

    Joined:
    Apr 5, 2015
    Posts:
    6
    Sorry, what are WSA and HMPA acronyms for?
     
  11. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    WSA-WebRoot HMPA-HitManProAlert
     
  12. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    On my Dell laptop.

    W8-W8FW-Trapmine-UAC Max-1806-uBlock-Adguard-OpenDNS
     
  13. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I uninstalled the beta of Norton Security with Backup, as it was slowing down my computer. I suspected this was the case, and removing Norton confirmed it. Currently I am not running any antivirus, and have Kersih Doctor providing limited real time protection against malware.

    I switched browsers from TheWorld, to 360 Extreme Explorer. TheWorld was using an outdated version of Chrome, and 360 is noticably faster and reguarly updated.

    My Current Setup:
    Windows 10, UAC at default levels

    Real Time Protection:
    Kerish Doctor

    On Demand Scanning:
    Zemana AntiMalware
    Baidu PC Faster

    Browser:
    360 Extreme Explorer
     
  14. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Real-time
    Emsisoft Internet Security
    Malwarebytes Anti-Malware Premium
    HitmanPro. Alert

    On-demand
    HitmanPro
    Zemana Anti-Malware
     
  15. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Sandboxie and HitmanPro.Alert

    edit: Had problems with even unsandboxed Chrome pages loading. For now back to Emsisoft AM and Sandboxie.
     
    Last edited: May 1, 2015
  16. Windows 7 Ultimate 32 bit, identical group policy setup on desktop and laptop:

    - Whitelist: WFW (filter in+outbound), SRP (allow admin), UAC (allow signed)
    - Blacklist: ACL deny execute for Everyone in internet+media+mail folders
    - Mitigate: Disabled risk-ware, locked autoruns, deny executable download
    - Sandbox: Chrome blocking advertisements (Adguard & Youtube)

    User has to enter admin password (on secure desktop) to update applications (using Symantec's Run MSI as admin tweak).
    Running on-demand VT-scans using Sysinternal's autoruns and process explorer, before monthly data backup to NAS.
     
    Last edited by a moderator: May 3, 2015
  17. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Browser Slimjet to replace Chrome Browser! Or do you see a problem with Slimjet?
    http://www.slimjet.com/en/dlpage.php
    That I am not aware of with the above?

    Or the combination of Hitman Pro Alert with CryptoMonitor? Or do you see a problem with CryptoMonitor?
    That, I am not a ware of with the above? Feedback with details, please?

    Also, using Windows_Security secure folders! Nice in my opinion!

    https://www.youtube.com/watch?v=JbvSeDHvhoo
     
    Last edited: May 2, 2015
  18. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    574
    Location:
    The Outer Limits
    Back to Privatefirewall, S.T. 2012 HIPS, AVG free and the ever present Sandboxie.

    Regards Eck:)
     
  19. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Isn't it abandoned?

    What is this?
     
  20. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    When removed MBAE and HMPro.Alert PC started to work without laaaags. Now:
    Comodo FW 8.2 (FW custom, AS on, HIPS off, VC on)
    Avast Premier (without FW and some other staff)
     
  21. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    574
    Location:
    The Outer Limits

    S.T. 2012=SpywareTerminator 2012.

    It wouldn`t be totally erroneous to state that development has slowed down somewhat for both programs.

    Regards Eck:)
     
  22. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    235
    I had the same problem with MBAE and HMPA: massive CPU usage over EMET (50x). Strangely though, it didn't seem to "lag". It seems they both randomly chirp cycles when the computer is idling, using resources when a protected app isn't even open etc.

    CPU creep on Comodo 8.X also. I'm seeing 20%~ increases over version 6 which included the sandboxing juju. It still uses nil over the competition, but I'm beginning to get worried. I wish they would just add Virus Total to the cloud look-up and just maintain it.
     
  23. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    I have the opposite effect of MBAE+HMPA on my PC: lags without high CPU usage. :)

    Again no CPU creeping with Comodo on my PC, only lags when I sandbox browsers or trying to combine Comodo with other security apps. Comodo is often intolerant to other security staff.

    Thanks, I even forgot about S.T. :)

    :(
     
  24. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! WSA Security Plus...MBAM Premium...and Zemana Anti-Malware. Zap...Zap...Zap! Sincerely...Securon
     
  25. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,254
    Location:
    Texas
    Exact same here (ditto Securon).
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.