What is your security setup these days?

I had the other way around my system got corrupted while using CTM. So for now I am using VM

 

Running Power User
- GPO lots of IE8/TCPIP hardening, restricting remote access, enabling CD burning for interactive user, disabled autorun
- Basic user for office, internet facing aps, service aps (7=zip, flash, foxit, java. etc)
- Deny Execute C:\Documents & Settings, Temp & Recycle dirs and Data partitions (also through ACL for basic user)
- ACL deny execute on executables downloaded by browsers and mail programs (applicable on explorer)

WinXp firewall (behind router)

Wehntrust Buffer Overflow protection (windows directory excluded plus other security aps)

Avast 5 Free with
a) file shield check on
- write executable to disk
- open (office) documents
- execute scripts
- attach USB stick (check all)
b) behavioral shield

Trusteer Rapport protecting browsers
- protect browser process itself = allways
- block unauthorised modules (DLL's) = allways

Browsers
a) Using IE8 for banking:
- settings can't be changed by user or malware (added, clickjacking/zone elevation/cache protection/etc)
- disabled download executables internet explorer
- NextGenAntiKeylogger
b) Using Chrome for daily browsing
- running incognito
- extentions: adsweep, SiteAdvisor for Chrome
- content: disabled third party cookies, all cookies from Google (also 'unchromed' Chrome ID), disablled gears and default plugin
- sandbox: tabs and plug ins (--safe-plugins switch)

On demand
- Hitman Pro
- MBAM

 

I'll try that one

 

Active
Look'n'Stop 2.07
PE Guard 1.2
Sandboxie 3.45.18
Shadow Defender 1.1.0.325

On-Demand
Gmer
DrWeb CureIt
Malwarebytes Anti-Malware

 

Comodo Internet Security Complete.

 

Gonna try the new G-DATA 2011 on VM of course

 

Windows XP Professional Service Pack 3 (Freeware secured, NO AV setup)
Limited User Account / Access Control List / Data Execution Prevention / Software Restriction Policy / NAT Router Firewall /

REALTIME:

• Windows XP Firewall (decent inbound firewall)
• WehnTrust (Free) (ASLR / Buffer Overflow Protection)
• Peerblock (IP Blocker for all ports except HTTP/HTTPS)
• K9 Web Protection (block web advertisements, phishing sites, malware urls)
• Prevx SafeOnline (antikeylogging/antiphishing/cookie stealing protection/block browser process modification, MITM detection)
• Looking for a free System Virtualization software
  
  

Browser:

• Internet Explorer 8 (Local Intranet: High / Privacy Setting: Med-High / SmartScreen Filter: ON / Popup Blocker: ON)
• Google Chrome (--safe-plugins, block 3rd party cookies, disabled GEARS and Google Updater plugin, DO NOT ALLOW SITES TO TRACK LOCATION.)

Macrium Reflect Free for disk image backup

 

konata check ur messages pleaseee

 

i am currently testing OA free FireWall it looks fast/light

 

What? You test that at least twice and say same thing. Stop spam.

 

Lol, OK

 

Using Kaspersky internet security 2011 running fast and is light on resources

 

timestand go to kitchen and make some tea to relax buddy we are here to learn each day i am trying to get the best set up as posible again i am not spamming nothing well i guez because this is another version of OA last time i tried the ++ version which i didnt like it at all got it know

 

PE Guard v2 rules i just tested againts a rootkit(new) and it alert me on it and just apply denny and took care of bussines where OA and Mamutu just gave me an alert after i run the rootkit(trojan) it tries to install more stuff and mamutu was silent about it after like 2 to 5 seconds PEG2 gave me the alerts of the dll and unknown files that tries to install invisible then hit denny and all was just fine PEG2 rocks

 

Have you tested it against rogues and against latest TDSS rootkits?

 

Hello Kees,can you explain that please?

 

And also this if you don't mind.
Sorry, new here, i couldn't add it to the same post

 

If you install Chrome using Google Pack... Google Chrome's directory would be placed in C:\Program Files, so it will by default be protect by Software Restriction Policy (SRP) if enabled.

Then create a shortcut on your start menu to launch chrome with safe plugin switch

Shortcut target:

Code:

"C:\Program Files\Google\Chrome\Application\chrome.exe" --safe-plugins

--safe-plugin is like a sandbox... I guess

 

NAT/SPI Router
(+)
Sandbxie (Paid)
(+)
Rollback Rx
(+)
FF with ABP & WOT
(+)
KeyScrampler Professional
(+)
Trusteer Rapport

 

MrPink Konata was so friendly to answer your questions

--safe-plugins switch also sandboxes the plugins

I also disable Google Gears (since I do not synchronise between off-line webpages) and the default plugin (this one is needed for installing third party plug-ins).

Regards Kees

 

against rogues that also introduce rootkits invisibly

 

Desktop PC Setup:
Outpost Firewall Pro
WehnTrust
Peerblock
K9 Web Protection

What does everyone think ? Am i secure enough ??

 

tell us something more about how you setup your OS.
Are you running under Limited User Account?
Software Restriction Policy enabled?

 

Added PE Guard. it's really great! found the first bug will contact the author...

My current setup: PE Guard + OA + Hitman pro

 

How does LUA work and Software Restriction Policy?