What is your security setup these days?

[Infinity]

my setup these days is tweaked with the minimum of overlap .. it's harder then I thought it would be hence the Tiny Firewall can do everything itself but I choose not too .. :
Resident
US Robotics Router
Nvidia Firewall with Online Armour
Tiny2005 Pro (IDS+Windows Security)
AppDefend
Regdefend
Ewido/Boclean (Mainly Ewido)
Nod32
Admuncher/SpyBlocker (switching from time to time)

On Demand
SpySweeper
VMWare (still the best tool but cost a bit)

Trying SafeNSec again V2 under VmWare Session and it looks very interesting, I think/feel it is able to compete against all the rest I got regarding "Behaviour Blockers"

[dja2k]

Well changed my setup from using too many HIPS programs to the traditional.

Realtime - PLUGINS ACTIVE

NOD32 2.50.41 (BLACKSPEAR SETTINGS)
LOOK N STOP 2.05P2 (PHANTOM RULESET)
SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
REGDEFEND 2.001 (FREE)

Additional Hardening

SECURE-IT
HARDEN-IT
BUGOFF
SAFEXP
IE-SPYADS
SPYBOT IMMUNIZED
SPYWARE BLASTER + CUSTOM LIST
ENOUGH IS ENOUGH
SCRIPT SENTRY
COMPUTER SECURITY TOOL
CURRENT WINDOWS UPDATES
EXTRA SERVICES OFF
MVPS HOST FILE
HOSTS SECURE UPDATE UTILITY

Extra

FIREFOX MAIN BROWSER
EWIDO
JV16 POWER TOOLS
DRIVE SNAPSHOT
TREND MICRO CWSHREDDER
TREND MICRO ANTISPYWARE
KASPERSKY 5.0 BACKUP SCAN
AD-AWARE
SPYBOT
HIJACKTHIS
A-SQUARED
PROTOWALL + ANTI-P2P LIST

If I left some uncovered areas, well don't know what to do then without making my system useful to others without installing too many HIPS programs like I did before, but if you notice I am missing something in any area, let me know.

dja2k

[G1111]

Quote:

Originally Posted by dja2k

Well changed my setup from using too many HIPS programs to the traditional.

[dja2k

Quite a setup, is secure-it and harden-it hard to use?

[muf]

Quote:

Originally Posted by muf

Resident:
Sygate free.
Online Armor
Kav
BOClean
Regrun Gold

Currently changed to this...

Kerio 4 with it's HIPS, NIPS and behaviour blocking.
Online Armor
KAV 5
BOClean
Regrun Platinum which now incorporates Unhackme for rootkit detection.

muf

[Brandon]

Resident:
Norton AntiVirus 2006
Kerio Personal Firewall(full)
Ewido Anti-Malware Guard
ProcessGuard(full)
BOClean
Online Armor
Microsoft Anti-Spyware Beta
SpywareBlaster
Demand:
Spybot S&D
Other:
FireFox
All windows updates
ERUNT

[dja2k]

Quote:

Originally Posted by G1111

Quite a setup, is secure-it and harden-it hard to use?

I view Harden-it as being used to secure what my firewall might miss incase it is bypassed. Pretty much set-and-forget with recommended settings.

I view Secure-it as worthless if you don't use Internet Explorer as it hardens the zones. Pretty much set-and-forget as well with the recommended settings.

dja2k

[Rivalen]

The payed ones are red.

Hope that previous update costs from now on can go into the more serious business of betting on trotting-horseracing. :-)

Best Regards

[CogitoErgoSum]

Quote:

Originally Posted by CogitoErgoSum

Resident:

BOClean
Look'n'Stop
Netgear RP614 v2 Router w/NAT & SPI
NOD32
Online Armor
RegRun Gold

Revised & Updated Resident:

BOClean
DefenseWall HIPS
Look'n'Stop
Netgear RP614 v2 Router w/NAT & SPI
NOD32
Online Armor
RegRun Platinum 4.5


Peace & Love,

CogitoErgoSum

[WSFuser]

Quote:

Originally Posted by ErikAlbert

I just don't understand why so many users are a fan of all these AV/AS/AT/AK scanners.
These scanners have alot of disadvantages you know :

[...]

Maybe I'm too stupid, not being a security expert

your points are valid and thats why HIPS is gaining ground in the security market. also for me personally, im not a low-risk surfer so i like being alerted if i get infected.

Resident:

nod32
looknstop
regrun gold
unhackme
processguard
proxomitron
HostsMan (with MVPS)
firefox extensions: adblock plus, javascript options, noscript, permit cookies, and spoofstick

On-Demand:

arovax antispyware
ewido online scanner
spybot s&d

Other Security / System Hardening:

nLite'd Windows XP (with service tweaking based on TweakHound's guide)
Harden-it
BugOff
Windows Worms Doors Cleaner
Samurai HIPS
spybot s&d immunization
spywareblaster
Computer Security Tool
AutoPatcher XP

[squash]

Windows XP Home SP2 Limited Account (Hardened with Harden-it, Secure-it, SafeXP, WWDC)
avast! | Windows Firewall | Mozilla Firefox
All personal files encrypted with TrueCrypt (Blowfish/Whirlpool)

[Brinn]

Quote:

Originally Posted by G1111

Quite a setup, is secure-it and harden-it hard to use?

They both give you a lot of options, but if you don't know a lot about what they ask you (like me), just let them do their recommended changes.

[Infinity]

Quote:

Originally Posted by squash

All personal files encrypted with TrueCrypt (Blowfish/Whirlpool)

I just love this program ! impressive means just being humble

[MojoWorkin]

FireFox 1.5
Zone Alarm w/ AV (paid)
WebRoot SpySweeper (paid)
A Squared (paid)
LavaSoft AdAware SE Plus (paid)
JavaCool SpyWare Blaster (free)
On Demand: HJT
No prollems for last 13 months.

[G1111]

Quote:

Originally Posted by Brinn

They both give you a lot of options, but if you don't know a lot about what they ask you (like me), just let them do their recommended changes.

Tried Secure-It but had a problem with INotes (couldn't use reply function correctly) and didn't know what setting in Secure-It to change so I removed it. Loaded Harden-It tonight and went with the recommneded settings. So far no problems.

[G1111]

Quote:

Originally Posted by dja2k

I view Harden-it as being used to secure what my firewall might miss incase it is bypassed. Pretty much set-and-forget with recommended settings.

I view Secure-it as worthless if you don't use Internet Explorer as it hardens the zones. Pretty much set-and-forget as well with the recommended settings.

dja2k

Have Harden-It (installed tonight). Tried Secure-It but had problems (see my previous post). Thanks for the response.

[richard_rd]

I use the following, all of them are freeware except for the HIPS which is a reasonable $29.99 one time charge:

Browser: FireFox
Email:Thunderbird
Host File: http://www.mvps.org/winhelp2002/hosts.htm

Anti Virus - Avast free (On-Access Real Time protection, scheduled quick scanning via Windows Sheduled Task Manager, and manual on demand thorough scanning).

Anti Trojan - Ewido free (manual on demand scanning). If i did not have a HIPS that i trusted i would upgrade to the paid version for the Real Time Protection feature.

Anti Spyware and IDS - MSAS (Automatic Scheduled Scanning, and i use the 59 real time checkpoints as my IDS)

Application Firewall - ZA free. I also use this as my TCP/UDP port blocking/stealth FW because my Cable Modem does not have a built in Router/FW or NAT service. Since my PC is using a registerd IP Address (not a Private 192.168.xxx.yyy) and i have no external FW/NAT I am really putting alot of faith into the ZA Firewall software, from what i have seen and tested it does its job quite well, especially for free!!!

HIPS - DefenseWall, this is the crown jeweal, If you guys have not tried it yet you really should. In my opinion way better and more secure then Sandboxie or Bufferzone. It allows you the comfort to serf the Internet like a newbie and not worry about getting infected. I don't have to worry about making a wrong decision on my IDS pop ups anymore. It is shareware with a 30 day trial and a 1 time cost of $29.99 and no recurring update fees (ie... signature database subscription).

[Rasheed187]

My anti-malware tools on Windows XP Pro SP2:

Realtime:

AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

On demand:

AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

System Hardening:

BugOff | SafeXP | XP Antispy | Samurai

System Monitoring:

Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
DriverView | ActiveX Compatibility Manager
---------------------------------------------------------------
IE/Windows setup:

- Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
- Disabled dangerous ActiveX Controls
- Disabled dangerous URL protocols
- Disabled HTML Application Host
- Disabled Windows Scripting Host
- Disabled Command Prompt
---------------------------------------------------------------
Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
-----------------------------------------------------------
Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
------------------------------------------------------------
Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years.

[gerardwil]

Today:

Ewido
Prevx1
Msas
Bitdefender
Sentinel
Nat
Hostman

But this can change day by day.
The above setup working nice together (realtime)

[dja2k]

Quote:

Originally Posted by G1111

Have Harden-It (installed tonight). Tried Secure-It but had problems (see my previous post). Thanks for the response.

Sorry to here theat G1111. I had some problem with secure-it the first time not allowing MS Frontpage to open, but when I did a clean system installation of windows xp and everything else, secure-it got added on and this time it worked, so maybe some other security settings conflict or something, but I eventially got it to work fine in my system.

dja2k

[dja2k]

Updated List

Realtime - PLUGINS ACTIVE

NOD32 2.50.41 (BLACKSPEAR SETTINGS)
LOOK N STOP 2.05P2 (PHANTOM RULESET)
SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
EWIDO 3.5 (ACTIVE GUARD)
ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
APPDEFEND\REGDEFEND (FREE\TRIAL)

Additional Hardening

SECURE-IT
HARDEN-IT
BUGOFF
SAFEXP
IE-SPYADS
SPYBOT IMMUNIZED
SPYWARE BLASTER + CUSTOM LIST
ENOUGH IS ENOUGH
SCRIPT SENTRY
COMPUTER SECURITY TOOL
CURRENT WINDOWS UPDATES
EXTRA SERVICES OFF
MVPS HOST FILE
HOSTS SECURE UPDATE UTILITY
AUTOPATCHER

Extra

FIREFOX MAIN BROWSER
JV16 POWER TOOLS
DRIVE SNAPSHOT
TREND MICRO CWSHREDDER
TREND MICRO ANTISPYWARE
KASPERSKY 5.0 BACKUP SCAN
AD-AWARE
SPYBOT SEARCH & DESTORY
HIJACKTHIS
A-SQUARED
PROTOWALL + ANTI-P2P LIST

dja2k

[G1111]

Quote:

Originally Posted by dja2k

Sorry to here theat G1111. I had some problem with secure-it the first time not allowing MS Frontpage to open, but when I did a clean system installation of windows xp and everything else, secure-it got added on and this time it worked, so maybe some other security settings conflict or something, but I eventially got it to work fine in my system.

dja2k

I am sure it is just the need to change one of the settings in Secure-It. It is too bad this program doesn't have a GUI with all the options listed so you could tweak one or multiple options to tune it for your system and easily just open the GUI to change them. I have Harden-It loaded and running with no problems.

[Mrkvonic]

Hi,
For the sake of fun, I've decided to try another experiment.
My brother has an extra line that I'll use. Two old P3s with XP SP2 on them. The most basic configuration without anything extra. I'll connect them. Run three weeks with Firewall (one week Sygate, one week Kerio, one week ZoneAlarm) and one week without any firewall. No AV or anything.
Other protection FF with noscript and all that stuff, DropMyRights for FF, and Proxomitron with Kerio and ZoneAlarm. After that, I'll rededicate my brother's second adsl back to his usual porn thingies.
I'll do regular adult surfing and some p2p, see what happens...
Mrk

[Rasheed187]

My anti-malware tools on Windows XP Pro SP2:

Realtime:

AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

On demand:

AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

System Hardening:

BugOff | SafeXP | XP Antispy | Samurai

System Monitoring:

Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
DriverView | ActiveX Compatibility Manager | MS Baseline Security Analyzer 2.0

Online services:

Jotti´s Malware Scan
VirusTotal
---------------------------------------------------------------
IE/Windows setup:

- Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
- Disabled dangerous ActiveX Controls
- Disabled dangerous URL protocols
- Disabled HTML Application Host
- Disabled Windows Scripting Host
- Disabled Command Prompt
---------------------------------------------------------------
Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
-----------------------------------------------------------
Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
------------------------------------------------------------
Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years.

[Rasheed187]

Btw, I forgot to mention that I´m relying quite heavily on services like Jotti´s Malware Scan and VirusTotal, I´m afraid I can´t trust only AntiVir Classic.

And I also forgot about Microsoft Baseline Security Analyzer 2.0, I have updated my post.

Wow, I can´t edit the post anymore, why is this, can my old outdated post be removed TIA.

[sukarof]

Quote:

Originally Posted by dja2k

Just curious - Those of you using NOD32, is that because you still have an active key or you just pick it over KAV or others?

For those of you using appdefend or safe'n'sec, do you have the network module active in safe'n'sec and do you mind the network being active on appdefend being you can't shut it off yet?

dja2k

I have a valid key for NOD32 (I renew the license every year) I pick it over KAV and others because it does what an AV is supposed to do when needed with minimum of hassle. KAV is incompable with my beloved Firsdefence so it is not an option.

I dont mind Appdefend monitoring my outgoing connections (that was what you meant, right?) even tho LnS takes care of that too. It´s a bit overkill, I know, but being a security nerd it is nice to have a second opinion with connections. It gives me an warm and fuzzy feeling That is the only overlap I have left nowadays. For a while I used several HIPS and antispyware stuff simultaneously but time has teached me that the setup I posted earlier is more than enough to be safe.
I did try Safe´n´sec many months ago, but I don´t remember why I uninstalled it and nowadays I dont need it.