What is your security setup these days?

[ErikAlbert]

I ditched Symantec's NoScript, it caused BSOD's on my online snapshot. Had to use my Rescue Snapshot to rollback to a previous online snapshot. After that no BSOD's anymore.
I'm too stupid to find out why SNS didn't like my online snapshot. Since I have ISR, I can afford to be stupid, brain or no brain, it doesn't matter anymore. ISR is my technical brain.

[Pedro]

I believe the only thing it does is delete the script extensions registry entries.
Perhaps some program you have needs to use scripts?

In any case, it's a matter of re-running NS and restoring the registry entries. IME, it's flawless, but as they say, ymmv.

[lodore]

see my signiture for most of my security setup.
i have made the following changes.
disabled the bultin administrator account.
added my own account with admin rights called Root.
lowered my user account i use everyday to standard user.
denied users all access to my folders containing backups of C:
now just trying to find out how to sort it so i can read my documents but need admin rights to delete any folders or files within that folder.

[chris2busy]

use an app like freecommander and give that full permiossions and accesses : >
gotta luv that when running lua

[deanmartin]

XP:
Avira Premium
PCtools Firewall - Free
SUPERAntispyware - Free
Blue Coat K9 - Free

Vista:
Avira Premium Security Suite
SUPERAntispyware Pro
Blue Coat K9 - Free
My Wife watching my every move - Free

[SystemJunkie]

Quote:

There is no best security software IMO

Agree again with Erik. All those Avs can easily bypassed.
Security set ups are useful no question but against targeted attacks you can throw most of them to dustbin..

[LoneWolf]

Along with an occasonal scan of DrWeb CureIt and Malwarebytes Anti-Malware.

[ThunderZ]

Went back to "old school" with a fresh install of XP 32 on my tower. ProcessGuard, Wormguard, Regproteact. Threw in ZA free, Avast free (Standard and Web Shield), SAS free on demand, Sandboxie for when I take a walk on the wild side, and Firefox 3 with various add-ons.

As yet undecided what will go on the new lap top to be purchased. Will be decided when the final specs. of the lap top are decided.

[EASTER]

Ditched LUA due to way too much restrictions. EQS (HIPS) with Alcon's Rules offer a much more flexible experience, very STRONG monitoring as well as tightly controlled environment in comparison without restraining the system to a static condition like DEEP FREEZE, although Returnil, Power Shadow can offer on-the-fly virtualization when needed as well as SandboxIE. CyberHawk (Early Version) compliments the rest as a reliable behavioral blocker without the issues of a TF and it's bloat. Also, since i have "ALL" Doug Knox's file association fixes, i also use ScriptDefender!! just in case i decide to uninstall and need to return associations back to normal defaults which SD lacks in some of those.

If i really want to seal down potential Ring0 penetration by drivers, Samurai rests comfortably in System32 and it can be engaged at will with a simple reboot, although thats only for extreme situations.

It's been mentioned HIPS interferes with SuRun, but thats simply not true, it's just that it requires wasting time to "start as admin" manually every reboot and that's a annoyance.

Running Admin is no big deal where EQS and some other hardening techniques are in place.

No AV, No AS. No problems.

[G1111]

Firewall
Linksys Router RT31P2
Outpost Firewall Pro 6.5.2355.316.0597
Harden-It 1.2
Windows Worms Doors Cleaner 1.4.1

Anti-Virus/Anti-Spyware
Kaspersky Anti-Virus Personal 8.0.0.357 (extended data bases enabled)
Malwarebytes (Anti-Malware 1.19 and RogueRemover Pro 1.20 (immunized enabled))

HIPS
Ghost Security Suite 1.420 (AppDefend 2.000 and RegDefend 3.000)
WinPatrol Plus 15.0.2008.0
DiamondCS WormGuard 3

Block Lists
MVPS hosts file 6/5/08 + hpHosts host file 7/2/08 (with HostsXpert 4.2)

Resident On Demand Scanners
SUPERAntispyware 4.15.1000
Kephyr Bazooka 1.13.03
Dr. Web CureIt Anti-Virus 4.44.5
Mischel TrojanHunter 5.0 (962)
A-squared scanner 3.5.0.15
Ewido (AVG) Micro 4.0
UnHackMe 4.7
AVG Anti-Rootkit 1.1.0.42
F-Secure BlackLight 2.2.1070
Gmer 1.0.14.14536 (Catchme 0.2)
Resplendence Rootkit Hook Analyzer 3.02
Trend Micro Rootkit Buster 2.2.0.1014
Trend Micro HijackThis 2.0.2

Online Scanners
HijackThis log file analysis & Networktechs HJT log analysis (HijackThis log analyzers)
VirusTotal
Jotti's malware scan
McAfee Freescan

[dja2k]

FULL LIST: 4th of July Edition

NETWORK
Two Linksys Wrt54g Routers (DD-WRT Flashed) in WDS Mode
SPI Firewall Enabled, MAC Filtering Enabled for Wi-Fi
Static IP and OpenDNS Setups for all Users

RESIDENT - XP MCE 2005 SP3
Online Armor AV+ v3 Beta (2.1.0.1xx)
- Custom Bluetach Blacklists Enabled (For Global and P2P Dependent)
- RunSafer Enabled for all Browsers, Email Clients, Messengers, Media Players, P2P Applications, Text & Photo Viewers
Sandboxie 3.28 (Paid)
- ForcedProcess Enabled for Email Client and all Browsers
- Automatic Delete Enabled for all Sandboxes
- Restricted Executable Settings for Firefox and Opera
ShadowDefender (1.1.0.265)
- Shadow Mode Enabled on C: (only when needed)
Script Sentry 2.7.1 (All Extensions Associated)
Process Explorer 11.13 (Task Manager Replacement Enabled)

HARDENING
Harden-It (All Default Recommended), Bugoff (All Enabled),
SeconfigXP (Configured for Home), Security & Privacy Complete (Custom), Spyware Blaster (Immunized), Sybot Search & Destroy (Immunized), Advanced System Optimizer (Custom), WinXP Manager (Custom)

OTHER
A-Squared Anti-Malware (Free), KeyScrambler (Firefox Plugin), AI RoboForm (FF Plugin), Malwarebytes Anti-Malware (Free), Avira Antivir Personal (Free), CCleaner, ATF-Cleaner, RunScanner,

BROWSERS
Firefox 3.0 (Adblock Plus, Adblock Updater, PhishTank & WOT), Opera 9.51, Internet Explorer 8 Beta 1 (IE Pro)

BACKUP & PARTITIONING
Acronis True Image 10 & Disk Director Suite 10

RESIDENT - VISTA ULTIMATE SP1 <--- REMOVED

dja2k

[SamSpade]

For laptop security on XP Pro SP3:

Online Armor AV+
Using D-link wired router at home
Firefox 3 as primary browser, w/ NoScript, KeyScrambler, AdBlock Plus & IE tab; Opera 9.51 as secondary
Thunderbird 2.x w/ javascript turned off as main email browser (I have Outlook 2003, along with all of Office 2003, but prefer T-bird)
SuperAntispyware on-demand
MVPS hosts file, plus supplementals
Default Services trimmed and adjusted, using various recommendations, plus trial and error

Backup images stored offline.

I could make it more complicated. But why??

SamSpade

|||

[Peter2150]

My approach here is someone based on what I am doing.

Note I am not including FDISR and Imaging which do come into play, but is really more for recovery.

1. Low threat everyday work. I use Online Armor, latest beta's and latest versions of Sandboxie. I have each browser has a separate sandbox and only it can run and access the internet in it's sandbox. This alone would stop stuff like a fly by download of say a keylogger. I have a separate Sandbox I can use to test a file I've downloaded and extracted from the browser sandbox. This one has no internet access at all.

Also I run browsers, and Outlook as Run Safer in Online Armor. This alone as also with stood nasty attacks. I also do have SSM on board but this is redundant, and I use it to give me a second chance if I should click allow to fast in OA.

2. If I feel something I am about to do is somewhat more risky, I will also fire up Shadowdefender, as an extra layer of protection.

3. If I am going extremely high risk, like playing with known malware then, I fire up ShadowDefender, and go into a VM machine that has the identical setup described in 1).

Pete

[Osaban]

Vista Ultimate SP1:

Windows Firewall
Windows U.A.C.
Hardware D.E.P.
DeepFreeze
Executable Lockdown (trial)
Firefox NoScript
First Defense ISR Rescue
ShadowProtect Desktop

Alas I couldn't even get the new AntiExecutable from Faronics to install on my computer! So I'm testing Executable Lockdown from Horizon DataSys, and so far so good. I like to think this is my final security set up for Vista.

[ErikAlbert]

Quote:

Originally Posted by Osaban

I like to think this is my final security set up for Vista.

With that kind of software, I think so too.

[Hefaistos22]

Eset Smart Security
Comodo BoClean
Firefox 3 + spywareblaster

[Kees1958]

Just now everybody starts (at least talking) using naked (no AV) setups, I could not resist and installed on our family XP box:

First layer: Rising FW (with image execution check, silent mode)

Second layer: DefenseWall (with extra HKCU registry protection and Mail directory uniquely allowed to OutlookExpress implemented with Resource Protection and block of nagscreen, see pic)

Third Layer: Avira free, with smart file check at write only

This setup follows the most ancient scheme of all: FW - AV and a LUA/SRP through DefenseWall (the easy XP home way )

[Long View]

to me naked means naked and not 3 layers. I have no problem with 3 layers. It is simply that it fails to meet my idea of naked.

COMODO Firewall Pro 3. With SUPERAntispyware & MBAM on-demand.

However, I like the layered Security Approach:
Prevention
Detection
Cure

I also browse with Firefox, I never download off any unknown resources. I am not a PC gamer or anything. Just simple computer needs (Firefox, MSN) Thats about it. Ohh and Microsoft Office.

Josh

[Alcyon]

I changed the excellent Look'n'Stop firewall for the SUPERB Outpost Firewall Pro 2009. OFP2009 and EQS together look like a PERFECT match. Agnitum did a Marvelous job this time.

If you haven't tried OFP2009 yet, do it

[hammerman]

Quote:

Originally Posted by Alcyon

I changed the excellent Look'n'Stop firewall for the SUPERB Outpost Firewall Pro 2009. OFP2009 and EQS together look like a PERFECT match. Agnitum did a Marvelous job this time.

If you haven't tried OFP2009 yet, do it

Now that is interesting. I had BSOD's when I tried to install OFP which I put down to conflict with EQS. Your setup is almost identical to mine so I'll have to have another look. From the brief time I had with OFP, browsing seemed to be a bit slower than OA.

[LoneWolf]

Quote:

Originally Posted by Alcyon

I changed the excellent Look'n'Stop firewall for the SUPERB Outpost Firewall Pro 2009. Agnitum did a Marvelous job this time.

That is what I have done also.
Only a few days on, but everything here is getting along just fine with one another.
I was happy with L'n'S but had to try the new Outpost and glad I did.

[Kees1958]

Quote:

Originally Posted by Long View

to me naked means naked and not 3 layers. I have no problem with 3 layers. It is simply that it fails to meet my idea of naked.

He longview, I was mentioning it ironical, not running naked, but using a very old fashioned setup (that is why I included triple ), kind of counter movement

[HURST]

Nice Setup Kees.
Later today I'll try to get that registry protection with SBIE.

[EASTER]

Nice setup Alcyon too and new choice.

You have the very best prevention against ever being permanantly detached from your work or the internet if you're like me. I have stockpiled over these past months "several" not new, but abandoned or discounted as disabled hard drives. All i done was first confirm the BIOS would allow them to post, only 1% didn't, then proceeded to wipe the devil out of them with either the makers Zero Tool or Dban or WhiteCanyon's Wipe Drive Pro, plus even wiped a second round with Paragon's Drive BackUp which also does those duties. Then done a quick check that no bad sectors were showing up, and then proceed to install XP Pro which since i own a volume license i create additional local units without issue. (They remain always in-house).

With this armada of hardware (HD's) and some boxes with good mobos, i can take on anything anyone or group devises in their efforts to compromise Windows and learn from these activities whether the security softwares are up to the challenge or not.

I got tired of taking chances or losing time resetting Windows from either research or drive-by sites and to top it off, along came the likes of Returnil, SandboxIE, Power Shadow, Deep Freeze, Anti-Executable, SAS, DefenseWall, so on and so forth, all seemingly bombarding us users in a short stretch of time and throwing malware makers into a literal panic of confusion.

Theres always strength in numbers