What is your security setup these days?

[gsarang]

Quote:

Originally Posted by ams963

I used that setup for more than 2 years......solid setup

Thanks ams963

[justenough]

Sandboxie, PandaCloud, and Mamutu.

[Amit]

Quote:

Originally Posted by gsarang

Thanks ams963

yeah that's great for avast .......

[Kees1958]

After two years of safe-admin, now safe-lua on Win7 32 bits ultimate

----------- from network stack to process stack ------------------
Use Windows FW both for inbound and outbound. Set a deny execute on receiving folders of browser, e-mail and media player using Access Control Lists deny execute/traverse folder for Everyone (change ACL with right click folder, tab security).


--- from Low Rights (Protected mode) to Medium Rights (LUA) ---
Using Chrome (Comodo Dragon version incognito all the time) with its internal (low rights) sandbox and AVG Threatlabs plug-in (plus build in safe browsing of Google)

-------- from Medium (LUA) rights to High (Admin) Rights ---------
Running LUA with basic user as default level (run as admin for both EXE and MSI to install) which acts as deny execute in user folders. Group Policy hardening (e.g. deny elevation of unsigned, deny install from USB, System & Logon options to block autostarts for users) on top of that used ICACLS to add a mandatory Medium Level Intergrity to Outlook, media player and pdf-reader and browser.


---------------------------- Real Time -----------------------------
EMET 2.1 (Browsers, eMail, Media Player and PDF reader).


--------------------------- On demand -----------------------------
- Windows7 Image backup (saved a clean install to revert to)
- Sync Toy data backup (quick save to old 2nd HD, NAS for pictures and USB disk for business data).
- Hitman Pro free quick scan before monthly data backup

Is problably the end of my security quest

[JohnMult]

Comodo Internet Security Premium (Antivirus, Defence+, Firewall)
DropMyRights (All my browsers) or LUA
EMET Microsoft (All my browsers, java, Office Programs, Media Player, Foxit Reader)
Norton DNS (Security Policy)
Spyware Blaster
Google Chrome (Adblock Plus with Easy List) casual browsing
Firefox (Adblock Plus with Malware Domains list only, NoScript and Referer disabled) searching unknown Internet
Disabled autorun
All latest updates
Common Sense 2012

So far so good no conflictions, rare questions from CIS and easy rides...

[m00nbl00d]

Quote:

Originally Posted by Kees1958

After two years of safe-admin, now safe-lua on Win7 32 bits ultimate

----------- from network stack to process stack ------------------
Use Norton DNS through Router and Windows FW both for inbound and outbound
Set a deny execute on receiving folders of browser (Chromium), e-mail (Outlook) and media player (WMP) using Access Control Lists deny execute/traverse folder for Everyone.


--- from Low Rights (Protected mode) to Medium Rights (LUA) ---
Using Chromium with its internal (low rights) sandbox with plug-ins ABP, LinkExtend (Google Safe, Norton, Browser Defender disables since they are included with browser and Norton DNS) and Bitdefender Traffic Light. Using IE9 'GPO-locked' for banking (e.g. forced into protected mode).


-------- from Medium (LUA) rights to High (Admin) Rights ---------
Running LUA with basic user as default level (run as admin for both EXE and MSI to install) which acts as deny execute in user folders. Group Policy hardening (e.g. deny elevation of unsigned, deny install from USB, System & Logon options to block autostarts for users) on top of that used ICACLS to add a manadatory Medium Level Intergrity to Outlook, media player and pdf-reader (Chromium is unsigned so it can't elevate to high integrity level).


---------------------------- Real Time -----------------------------
EMET 2.1 (Browsers, Mail, Media Player and PDF reader=Foxit).


--------------------------- On demand -----------------------------
- Windows7 Image backup (saved a clean install to revert to)
- Sync Toy data backup (quick save to old 2nd HD, NAS for pictures and USB disk for business data).
- Hitman Pro free quick scan before monthly data backup

Is problably the end of my security quest

So, you finally surrended to lua...

[Kees1958]

Quote:

Originally Posted by m00nbl00d

So, you finally surrended to lua...

Yep it has taken some time. On Win95 I started to use an antivirus. With XP I engaged in third party security (programs like Antihook/SSM and a good old Tiny FireWall/Kerio with Blitzen Zeus rules), evolving via many HIPS setups to geswall and defensewall security focused on threatgates.

Since Vista I am buying Business/Pro versions of the OS. I really think Vista was a landmark in terms of security (user rights, integrity levels and access control lists). Under Vista the good old run as basic user still worked. So combining SRP (with sully's PGS) with right click (ACL) and ICACLS (assigning mandatory tokens) was the idea behind safe-admin.

Windows 7 has a different implementation with basic user. So I finally surrended to LUA.

[Dark Shadow]

Quote:

Originally Posted by darts

For the inbound you can use the windows firewall or am i wrong??

Greats,

darts

you can change windows firewall to block all inbound for Home and public networks.

[Dark Shadow]

change notification settings.

[lubieplacki]

Now I'm using:

TrueCrypt 7.1a - TweakUAC

MSE - Comodo FW with D+ - Mbam Pro - Hitman Pro (on demand)

Kerier 1-click restore free

Gonna add something like Panda USB Vaccine or similar. And maybe SpyShelter free.

I think it's nice setup, what do you think?

[1chaoticadult]

Quote:

Originally Posted by lubieplacki

Now I'm using:

TrueCrypt 7.1a - TweakUAC

MSE - Comodo FW with D+ - Mbam Pro - Hitman Pro (on demand)

Kerier 1-click restore free

Gonna add something like Panda USB Vaccine or similar. And maybe SpyShelter free.

I think it's nice setup, what do you think?

Looks good to me

[LoneWolf]

Quote:

Originally Posted by jmonge

OA IS DOING GOOD HERE

Good to hear, most versions after v1 were kind of buggy for me,shame as I always liked OA.

[jmonge]

DOING GOOD HERE alone with run-safer my browser
i want to add Mbam Pro

[JoeBlack40]

Quote:

Originally Posted by gsarang

avast! Free Antivirus 7.0
Comodo Firewall 5.10

Don't you have any issues with this combo?I mean high CPU usage by CIS even when nothing is open...If i deactivate D+ everything is normal...

[KelvinW4]

Quote:

Originally Posted by JoeBlack40

Don't you have any issues with this combo?I mean high CPU usage by CIS even when nothing is open...If i deactivate D+ everything is normal...

Yeah thats why I don't use CIS

[Dark Shadow]

Online Armor is running fantastic along side AppGuard.

[buckslayr]

Jumped on board with light virtualization. Took advantage of Filestream discount at bitsdojour. Put AVG free on as a backup to catch anything in virtual mode.

[Amit]

Quote:

Originally Posted by lubieplacki

Now I'm using:

TrueCrypt 7.1a - TweakUAC

MSE - Comodo FW with D+ - Mbam Pro - Hitman Pro (on demand)

Kerier 1-click restore free

Gonna add something like Panda USB Vaccine or similar. And maybe SpyShelter free.

I think it's nice setup, what do you think?

if you add spyshelter free to that setup your pc is just gonna go nuts....

[Dark Shadow]

Quote:

Originally Posted by ams963

if you add spyshelter free to that setup your pc is just gonna go nuts....

It might get chunky.

[Amit]

Quote:

Originally Posted by djohn

It might get chunky.

sure thing

[jmonge]

djohn OA Premium is a top notch firewall that can stop all kind of malware

[Dark Shadow]

Quote:

Originally Posted by jmonge

djohn OA Premium is a top notch firewall that can stop all kind of malware

Agree. I purchsed OA a while back when that deal for $ 8.00 and been using it on and off,more off then on. I guess I might as well get my moneys worth and use it.

[jmonge]

same here but i got it for 3 computers and it is here to stay and i trust it alot it is strong

[Amit]

only using oa J?.....or still pairing it with wsa?......explosive duo I tell you......

[Amit]

Quote:

Originally Posted by djohn

Agree. I purchsed OA a while back when that deal for $ 8.00 and been using it on and off,more off then on. I guess I might as well get my moneys worth and use it.

how tight is your setup djohn?....appguard seems pretty solid..... along with oa the setup just don't let malware near your pc.....it ain't fair at all.....what will happen to all the poor malware writers?....they depend on your pc you know ....