What is your security setup these days?

[jmonge]

wolfe you are doing good man your security set up is very strong man

[syncmaster913n]

I decided to play around with my Comodo Firewall a bit; I just blocked ALL my ports and am adding exceptions to that rule - a little for security, but a little for fun and learning too. So far I'm allowing DESTINATION ports: 20/21, 53, 80, 443, 563, 1194 (openvpn), 8080 and 35592 (utorrent) Source ports for these allowed destination ports are all open for my OS's choice.

perhaps I should use 22 instead of 20/21.

[Noob]

Finally OA has settled up, last time i turned on my laptop only got . . . 2 pop ups.

[xnevermore]

Quote:

Originally Posted by LoneWolf

DefenseWall 3.18 = Two Way Firewall + Policy Based HIPS

AppGuard 3.2 (in locked down mode) = Anti-Executable (nothing new can run or install)

Shadow Defender 1.1.0.325 = Light Virtualization

Macrium Reflect ~ System Explorer ~ SeconfigXp ~ AdMuncher ~ OpenDNS ~ Opera

im copying your security but im under windows 7 x64 defensewall is not supported any alternatives?

[Amit]

Quote:

Originally Posted by xnevermore

im copying your security but im under windows 7 x64 defensewall is not supported any alternatives?

spyshelter firewall

[xnevermore]

Quote:

Originally Posted by ams963

spyshelter firewall

thanks i will try that

[Kees1958]

Quote:

Originally Posted by LoneWolf

DefenseWall 3.18 = Two Way Firewall + Policy Based HIPS

AppGuard 3.2 (in locked down mode) = Anti-Executable (nothing new can run or install)

Shadow Defender 1.1.0.325 = Light Virtualization

Macrium Reflect ~ System Explorer ~ SeconfigXp ~ AdMuncher ~ OpenDNS ~ Opera

DefenseWall and AppGuard provide simular protection (with DW having a much wider protection scope).

You can achieve deny execute with default windows capacilities (and remove AppGuard for better performance and any incompatibility risk between those 2 hips).

Selective Drive by landing directory protection
For any browser take away the execute rights through ACL of your default Download directory, see http://www.wilderssecurity.com/showthread.php?t=278011 You can do the same for the directory where you have your e-mail stored.

Optional drive by protection in user space
Behaviour: IE does not allow to download exectables, FF downloads a null file, Chrome/Iron does allow to download but Explorer blocks execution. With the REG file (Block ON and Block OFF), you simply switch modes with IE/FF. Chrome and Iron have the most user friendly implementation (plus advantage of Chrome's excellent sandbox), simply right click and remove block. See http://www.wilderssecurity.com/showp...37&postcount=1

When on XP you need to install Fajo XP FSE http://www.fajo.de/main/ to see the security tab. On Vista/Win7 it is also available on Home versions

[Amit]

Quote:

Originally Posted by xnevermore

thanks i will try that

also my absolute favorite Privatefirewall

[The_ChamP]

Just bought an antivirus for the first time - my favourite KIS - will try to stick to it for a year

[1chaoticadult]

Quote:

Originally Posted by The_ChamP

Just bought an antivirus for the first time - my favourite KIS - will try to stick to it for a year

I will remember you said that

[1chaoticadult]

Added, Removed

Microsoft Security Essentials 4.0.1512 Beta
Comodo Firewall & Defense 5.10
Kingsoft PC Doctor 3.3.0.67
HitmanPro 3.6 Build 148
Active@ Disk Image 5.25

[The_ChamP]

Quote:

Originally Posted by 1chaoticadult

I will remember you said that

Hehe..even il try to remember i said that

[LoneWolf]

Quote:

Originally Posted by jmonge

wolfe you are doing good man your security set up is very strong man

Thanks, I like to have a layered defense w/o the hassle of daily updating.

Quote:

Originally Posted by xnevermore

im copying your security but im under windows 7 x64 defensewall is not supported any alternatives?

As far as a Policy Based HIPS goes there currently is only DefenseWall and GeSwall, neither which is 64-bit at the moment.
Perhaps a 64-bit Classical HIPS would work for you.

Quote:

Originally Posted by ams963

spyshelter firewall

Quote:

Originally Posted by xnevermore

thanks i will try that

Not a bad choice, SpyShelter Firewall is pretty strong but falls short on some personal testing done by myself, (Xp Home SP3 32-bit) your mileage may vary.

Quote:

Originally Posted by Kees1958

DefenseWall and AppGuard provide simular protection (with DW having a much wider protection scope).

You can achieve deny execute with default windows capacilities (and remove AppGuard for better performance and any incompatibility risk between those 2 hips).

Selective Drive by landing directory protection
For any browser take away the execute rights through ACL of your default Download directory, see http://www.wilderssecurity.com/showthread.php?t=278011 You can do the same for the directory where you have your e-mail stored.

Optional drive by protection in user space
Behaviour: IE does not allow to download exectables, FF downloads a null file, Chrome/Iron does allow to download but Explorer blocks execution. With the REG file (Block ON and Block OFF), you simply switch modes with IE/FF. Chrome and Iron have the most user friendly implementation (plus advantage of Chrome's excellent sandbox), simply right click and remove block. See http://www.wilderssecurity.com/showp...37&postcount=1

When on XP you need to install Fajo XP FSE http://www.fajo.de/main/ to see the security tab. On Vista/Win7 it is also available on Home versions

Thanks for the tips Kees, but I'm having no performance issues or any incompatibility issues running DW and AG together.
Perhaps your suggestion will be of use to other members here.

[jmonge]

i am very happy with Online Armor Premium
and i bet if i add AppGuard for sure it will be more security added to my system like double layer

[x942]

Added:

Virtual Machine running Debian LXDE for web browsing and mail. Everything is isolated and behind a virtual NAT. The only thing shared is the clipboard (one-way to the guest). Nothing leaves the VM.

[1chaoticadult]

Quote:

Originally Posted by The_ChamP

Hehe..even il try to remember i said that

I'll remind you.

[jmonge]

is oa premium competible with kaspersky antivirus 2012?

[The_ChamP]

Quote:

Originally Posted by 1chaoticadult

I'll remind you.

Must remain vigilant

[Dark Shadow]

Appguard,MSE and MBAM real time and still very fast.

DefenseWall Personal Firewall 3.18 beta
Malwarebytes Anti-Malware (on demand)
Blue Coat K9 Web Protection

[syncmaster913n]

Quote:

Originally Posted by LoneWolf

As far as a Policy Based HIPS goes there currently is only DefenseWall and GeSwall, neither which is 64-bit at the moment.
Perhaps a 64-bit Classical HIPS would work for you.

What about COMODO Defense+ ?

[LoneWolf]

Quote:

Originally Posted by syncmaster913n

What about COMODO Defense+ ?

What about it?
Comodo Defense+ is more of a classical HIPS, is it not?

[Kees1958]

Quote:

Originally Posted by LoneWolf

What about it?
Comodo Defense+ is more of a classical HIPS, is it not?

Bufferzone has the option to sandbox all new executables on your harddisk + other drives (contain all, contain signed, contain none).

I believe the sandbox of C+ (indeed a classical HIPS) can be configured to sandbox all new unsigned programs, so that is some sort of (policy) containment.

But I agree that GeSWall and DefenseWall resemble the definitions of policy based HIPS more closely. AppGuard also qualifies as a policy based HIPS with the HIPS being limited to file, registry, memory protection and execution protection (although quiet effective with this first stage attack vector focus)

[blacknight]

Quote:

Originally Posted by LoneWolf

What about it?
Comodo Defense+ is more of a classical HIPS, is it not?

Defense+ is a classical HIPS if you disable the sandbox and set it in Paranoid Mode.

[Newby]

Quote:

Originally Posted by Newby

Windows 7 x64 bit home premium

a) Windows FW 2-way (Stem's setup)
b) Using 1806-trick (Kees1958 - SafeAdmin )
c) Using right click properties (security tab) to ADD a DENY "traverse folder/execute file" (Safe-Admin) for users for:
- data partitions
- download directory
d) UAC set to
- deny elevation of unsigned executables (SafeAdmin )
- running Limited User with option to elevate providing credentials on secure desktop (this way I can run HitManPro as Admin, also added the run-msi-as-admin registry hack )

This is my SAFE-LUA setup

Using Chromium as browser, I have put the zip file in C:\Program Files (x86) with link-extend and adblock plus extensions

HitManPro on demand

In blue the changes. Don't want to offend Kees1958, but SAFE-LUA was my signature