What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    trying out Shadow Defender.

    so far so good! :thumb:
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    SD is one of those trouble free programs;)
     
  3. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,974
    Location:
    Boston, MA
    CIS 5
    Prevx Safe Online
    MBAM (realtime)
    Anyone else running MBAM realtime? Mine is using 70-80k. Kinda high huh?
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    mine was using around 100megs in total :D way too much i want to see it close to 20 megs at least;)
     
  5. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i'm really loving this m8! :)

    with Shadow Defender and Geswall i feel very protected without any of the headaches.

    i think i found my perfect setup! :thumb:
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    cool;) i am still searching for mine perfect set up too man:thumb:
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    mine is 100 k it is even higher than hiso_O
     
  8. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    I'm getting 80k when i click on start scanner but before that I'm sitting at 37k.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    if i do a full or even quick scan it will go as high as 120 k:D and overheat the pc,too bad for me as i love this program.i tried to replace it with SAS Pro but it is not same thing
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
  11. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Yea I tried replacing MBAM with SAS Pro definitely not the same, I agree there. I tried Online Armor and I liked it but I'm trying privatefirewall to see which one I like better.
     
  12. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Just did a quick scan with MBAM, got all the way to 92k lol, my laptop survived no overheat but it spiked at 102k at one point and stayed around 92k. Maybe I'm lucky not. :D
     
  13. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    you have luck man:D
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    went back to DefenSeWall Hips;) :thumb:
     
  15. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Seems like I do :D
     
  16. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    I'm still waiting on support for 64-bit so I can try it :(
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    it's one of the best around man;)
     
  18. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    you can't go wrong with that one m8!

    it's solid all around!
     
  19. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Sounds good.
     
  20. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    accidentally turned on MBAM realtime..that thing is serious..@sucking every bit off..lol I love its smooth uninstallation..Thinking to put on defensewall
     
  21. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,292
    I've found MBAM extremely effective running it in real-time. I personally have never felt a slowdown caused by it. I would never turn it off, unless extremely necessary. As has been explained before by several trusted wilders members, RAM usage is not a parameter to measure the impact on system performance. I've seen several posts explaining about I/O reads and writes and it's real performance impact. So, i really doesn't bother me. But well... that's just me...
     
  22. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    Awsome combo! I ran Geswall w/ShadowDefender for 2-years,never a problem :thumb:
     
  23. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Realtime:
    SSM
    WinPatrol
    Fortego ASE set to run with SSM with special scripts
    WinSonar with custom settings and permission governances
    MPK with custom settings
    Kerio PFW 2.1.5 with custom settings
    AVZ with special scripts
    ClamSentinel tweaked for file protection
    Taking only 14 MB RAM all together with Opera 11 with a kernel modification of Win 2000!

    On demand:
    ClamWin or an upload to Virus Total

    Fun:
    ERUNT (I install too much crap!)
    XP security software compatible with the kernel modification, which is actually a modification of the 2000 OS categorical op semantics in the sense of Bénabou for those who (don't(?)) care!

    Dave

    PS: STOP TALKING ABOUT ALL THE NEW FUN TOYS! I DON'T WANT 80 TRAY ICONS RUNNING!
     
    Last edited: Oct 29, 2010
  24. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Setup
    Since Summer I am using the Safe-Admin setup with UAC on silent elevate, in short:

    a) UAC on silent elevate (no prompt)
    b) Disable installer detection for programs with no manifest
    c) Auto elevate only from safe places (Windows & Program Files)
    d) Allow only signed programs to elevate
    e) Deny installation of unsigned drivers


    SRP/ACE/DACL
    a) Set Windows Media Player & Outlook & Internet Explorer to run with medium righs (same as setting an explicit medium rights intergrity level for home versions) this prevents them from elevating
    b) Same for firefox and Flash and PDFPrinter
    c) Run Chrome with low rights (see irrelevance etc thread), plus virtualise Chrome using RunAsInvoker in this registry key HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
    e) Add a deny execute on Download directory, Mail directory and music, pictures and video dorectories using securities tab (ACL) and deny second option (traverse folder, execute) through advanced settings.

    EMET2
    a) Outlook
    b) Internet Explorer
    c) Chrome
    d) Windows Media Player

    1806
    Included this which denies IE8 to download executables, Chrome allows download, but you have to remove the block to execute.

    Testing
    Setup compared to Safe-Admin
    So compared to Safe-admin idea I am running IE8 in standard protected mode (no additional icacls setings, so it is weaker than Safe-Admin), but have locked IE8 through GPO (so it is stronger than Safe-Admin setting). I also disabled the right to add a printer (since this touches system with user right settings). Removed rights of users to change Internet Settings (Feature control was allready tackled by GPO). I did this to harden against TDSS and its variants.

    Results
    I have chased down URL's from several sites and no malware was able to penetrate the system. Sully will automate Safe-Admin settings through a GUI (don't worry you only have to select options, Safe-Admin will prevent you from locking your out of your system).

    When Safe-Admin is released I will discuss with Sully some hardening settings (simple running an registry comparision from before and after IE8 lock and extra rootkit prevention). I think we can just offer two options "lock IE8" and "prevent TDSS-rootkits" and Safe-Admin V2 will change the settings for you. So these Vista/Windows7 OS benefits will be available for everyone able to install and click.

    I am so convinced (yeah yeah hoogmoed komt voor de val), that I even put it on my wife's laptop (so only on-demand, no 3rd party real time security). I am also wondering, why not think someone to use this before, when it is all in the OS and free?

    The only disappointing thing is the windows message when it denies a non-signed program to elevate (no response from server). The guy who made that error message had a complete blackout. The first time it happened I made no connection to this UAC security setting. We have to include it in the usage instructions of Safe (what is a non-signed error message, a ACL error message and an ACE error message). My ISP-contract includes a mail scanner (multiple AV engines server).


    PS
    I use IE8 (smartscreen & phising filter) for banking and Chrome (WOT and SiteAdvisor) for daily browsing. Guaranteed IE8 compatibility was the reason to not touch IE8 in Safe-Admin setting. DNS is Sunbelt Clearcloud. I have run HitmanPro, A2 Emergency, HouseCall, MBAM, SAS every weak before applying Windows updates.
     
    Last edited: Oct 31, 2010
  25. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    @Kees1968

    Hey! That's really neat! I'm going to load 7 on a PC and try it.

    Dave
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.