What is your security setup these days?

[jmonge]

that was my first proactive program i used from long time i was actually one of the fist users of cyberhak

[trjam]

Quote:

Originally Posted by jmonge

that was my first proactive program i used from long time i was actually one of the fist users of cyberhak

yep, Cyberhawk and BoClean.

[jmonge]

i had cyberhawk and mcaffy very good combo at that time

[Konata Izumi]

Windows XP SP3 Pro (MINIMALIST NO-AV Setup)

• LUA
• ACL
• DEP
• SRP

Realtime

• Sandboxie
  

Browsers (Forced to run sandboxed)

• Google Chrome (Incognito, Javascript not allowed to run, Plugins not allowed to run, block third party cookies)
• IE8 (All settings: HIGH, SmartScreen Filter: ON)

On-demand:

• Macrium Reflect Free
• Random AV scanners.

[ALookingInView]

Quote:

Originally Posted by AvinashR

Yeah i agree with you. Today's AV programs detection rate is very much low due to the overwhelming amount of malware that is released into ITW each day...So one cannot rely very much on AV suites now.

I agree when it comes to most suites, but KIS offers you anti-executable functionality.
By changing one simple setting in its HIPS (Application Control), all of the files unknown to the suite are denied the ability to execute.
Sounds pretty proactive to me.
Bit of a hassle to manually have to go in and trust what you want trusted, but the protection offered is solid.

[Konata Izumi]

Why go thru all that just use LUA + SRP!

[ALookingInView]

All what? It's not complicated.
Besides, does SRP even work on 7 x64?
LUA works, obviously, and I do take advantage of that.

[nikanthpromod]

WINDOWS XP PRO SP2
REAL TIME
OA PREMIUM
SANDBOXIE
ANVIR TM

ON DEMAND
HITMAN PRO(PAID)
SHADOW DEFENDER

UPDATE MONITOR
FILE HIPPO

BACKUP QUICK RECOVERY
DRIVE SNAPSHOT

BROWSERS
FIREFOX WITH ADBLOCK PLUS, FLASH BLOCK, DOWNLOAD HELPER
OPERA

[Konata Izumi]

Quote:

Originally Posted by ALookingInView

All what? It's not complicated.
Besides, does SRP even work on 7 x64?
LUA works, obviously, and I do take advantage of that.

I mean the HIPS. I dislike them

[ALookingInView]

Quote:

Originally Posted by Konata Izumi

I mean the HIPS. I dislike them

I dislike HIPS too anymore, especially classic HIPS, so I know what you mean.
I converted KIS' HIPS to serve as an Anti-Executable though, so the only HIPS alerts I get now are if something has changed.

[Konata Izumi]

Windows XP SP3 Pro (MINIMALIST NO-AV Setup)

• LUA
• ACL
• DEP
• SRP

Realtime

• PCTools Firewall Plus (Public Profile) added!!
• Peerblock added!!
• Sandboxie
• Deepfreeze (I need it somehow.) added!!
  

Browsers (Forced to run sandboxed)

• Google Chrome (Incognito, Javascript not allowed to run, Plugins not allowed to run, block all cookies, block 3rd-party cookies always)
• IE8 (All settings: HIGH, SmartScreen Filter: ON)

note: All download locations are sandboxed too.

On-demand:

• Macrium Reflect Free
• Random AV scanners.

Everything looks pretty strict but my setup is still open for some light software.
DAMN! I can't make Geswall to work in LUA environment.

[m00nbl00d]

Quote:

Originally Posted by Konata Izumi

(...)
[*]Google Chrome (Incognito, Javascript not allowed to run, Plugins not allowed to run, block all cookies, block 3rd-party cookies always)

(...)

I run a Chromium profile similar to that one, just more restrict, when I'm searching the web and I never know where I'll end up.

Then I use two more profiles:

- Incognito mode + cookies blocked. To use when I know which sites I'll visit; and that do not need any cookies to be allowed.

- Incognito mode. To access my e-mail account, and other sites, which I trust, and where I need to login.

[Konata Izumi]

Quote:

Originally Posted by m00nbl00d

- Incognito mode + cookies blocked. To use when I know which sites I'll visit; and that do not need any cookies to be allowed.

- Incognito mode. To access my e-mail account, and other sites, which I trust, and where I need to login.

You should always block 3rd party cookies.. most of the time those cookies were unneeded.

[m00nbl00d]

Quote:

Originally Posted by Konata Izumi

You should always block 3rd party cookies.. most of the time those cookies were unneeded.

Yes, I do block them. The profile where I allow cookies, do not include third-party ones.

[JoeBlack40]

Quote:

Originally Posted by ALookingInView

I dislike HIPS too anymore, especially classic HIPS, so I know what you mean.
I converted KIS' HIPS to serve as an Anti-Executable though, so the only HIPS alerts I get now are if something has changed.

How did you do that?Only in application control,assign the status Untrusted?Or another tweaks?

[Noob]

Tried using Applocker but after seeing i had to make rules for every single program MANUALLY i was like screw this man

[jmonge]

Noob lol

[ALookingInView]

Quote:

Originally Posted by JoeBlack40

How did you do that?Only in application control,assign the status Untrusted?Or another tweaks?

Yes.
Application Control > Assign the following status automatically = Untrusted.

[Noob]

Quote:

Originally Posted by jmonge

Noob lol

Really, i though it would be like most programs were a pop up shows and you set it while using your PC, but AppLocker requires you to set it manually to every .exe or process.
I'm not going to even try this mess

[jmonge]

Noob i know

[testsoso]

Quote:

Originally Posted by Konata Izumi

Windows XP SP3 Pro (MINIMALIST NO-AV Setup)

• LUA
• ACL
• DEP
• SRP

Realtime

• PCTools Firewall Plus (Public Profile) added!!
• Peerblock added!!
• Sandboxie
• Deepfreeze (I need it somehow.) added!!
  

Browsers (Forced to run sandboxed)

• Google Chrome (Incognito, Javascript not allowed to run, Plugins not allowed to run, block all cookies, block 3rd-party cookies always)
• IE8 (All settings: HIGH, SmartScreen Filter: ON)

note: All download locations are sandboxed too.

On-demand:

• Macrium Reflect Free
• Random AV scanners.

Everything looks pretty strict but my setup is still open for some light software.
DAMN! I can't make Geswall to work in LUA environment.

How did you make Peerbock run in limited user Account?
I have tried this, but it says Peerblock need adminright to run...

[Konata Izumi]

Quote:

Originally Posted by testsoso

How did you make Peerbock run in limited user Account?
I have tried this, but it says Peerblock need adminright to run...

I use SuRun to manage my Limited User Account

[JoeBlack40]

Quote:

Originally Posted by ALookingInView

Yes.
Application Control > Assign the following status automatically = Untrusted.

Ok thanks.

[dja2k]

Quote:

Originally Posted by AvinashR

DJ,

You have nice set of paid applications....

Your setup is really Heavily Armored against intruders...

Thanks and yeah my lineup has been the same even when I was on 32-Bit Windows .

dja2k

[Kees1958]

Comodo Time Machine

BufferZone free 2.10-37 version for Opera with adopted XML file settings
- sandboxes ("Bufferzone") Chrome instead of Opera (ClientdEFS.XML)
- automatically tags files & new programs as untrusted when downloaded by
trusted programs (amclient.xml)
- set policy to bufferzone USB sticks (amclient.xml)
- enabled firewall, both for trusted as bufferzone(d) programs (amclient.xml)

PrevXsafeOnline Facebook Free, heuristics disabled, age and poplarity disabled (MBR scan deselected to resolve conflict with CTM)

Running admin with IE8, Outlook, OE, 7zip, Foxit, Office running basic user (LUA) trusted, default deny SRP on data partitions (leaving open Temp partition).

Using IE8 for normal browsing (like wilders) (security = Basic User + PrevX)

Using chrome for dodgy browsing (e.g. malware domain list url's), with plug-ins new tab behavior, adsweep, WOT and siteadvisor for Chrome (security = Basic User + PrevX + BufferZone virtualisation and Chromium's internal policy sandbox )

On XP Pro SP3

On demand Hitman Pro, no other AV

Regards Kees