Free light XP security combo

[Kees1958]

Hi all,

On the 'play with security PC' I have run for the last months a very light combo of freeware security

Samourai HIPS
Only select the following options:
a) enable rootkit protection,
b) disable anonymous sessions
c) disable guest account

Effect
==> Will warn you when a driver tries to install

ScriptDefender
Install scriptdefender

Effect
==> Will warn you when a script is run

Online Armor free
Run it out of the box with the following option
a) Go to the process guard and select the 'run safer' option for all your internet facing applications, like your e-mail client (eg. Outlook express), webbrowser (e.g. Internet Explorer), P2P program (eg LimeWire), messenger (e.g. Windows messenger)
b) Also run scriptdefender with limited rights (run safer)

Effect
==> Easy to use firewall and anti executable (the default setup)
==> All internet facing aps will run with limited rights (option A)
==> All scripts will run with limited righst (option B)

WinPooch
Download the attached filter in this post, http://www.wilderssecurity.com/showthread.php?t=186829 Open with Notepad and save as ANSI file with the WFP extention instead off TXT. Install WinPooch without the freeware Clamwin antivirus. Open Winpooch configuration, see http://www.softpedia.com/screenshots/Winpooch_3.png and import this filter

Effect
==> Will warn you when a sensitive registry key is changed (should be very quiet, meaning no popups)
==> Will warn you when a sensitive OS file is changed (should ve very quiet also)

Dealing with pop-ups
Samourai warning
When you are installing a legitemate application choose allow or otherwise block.

WinPooch
When you are installing a legitemate application choose "let process through". When you are updating (e.g. Antivirus) and WinPooch might pop-up, choose new filter (choose accept and quiet/silent in the next screen)

OA Armor
See help file

[solcroft]

Not bad, but try Limited User Account + XP access permissions + Windows Firewall. For all the vulnerabilities of a 5-year-old unpatched XP system, I've been browsing malware-free for the past week despite my best attempts to get infected.

[RejZoR]

Forget all the crap. avast!+ThreatFire or AntiVir+ThreatFire.
You can add in some free firewall like PCTools Firewall or Comodo Firewall.
Thats all you'll ever need.

[Kees1958]

Quote:

Originally Posted by solcroft

Not bad, but try Limited User Account + XP access permissions + Windows Firewall. For all the vulnerabilities of a 5-year-old unpatched XP system, I've been browsing malware-free for the past week despite my best attempts to get infected.

LUA = 95% of the problems gone. This easy solution seems as hard to sell to people as getting them out of their cars. The feeling of being in control and freedom when your stuck in a traffic jam sitting in your car. :-)

[Kees1958]

Quote:

Originally Posted by RejZoR

Forget all the crap. avast!+ThreatFire or AntiVir+ThreatFire.
You can add in some free firewall like PCTools Firewall or Comodo Firewall.
Thats all you'll ever need.

OA crap?

[Pedro]

Why Script Defender when you have OA?
http://www.online-armor.com/worm_protection.html

[Kees1958]

Pedro,

You are right but: see Mike's reply http://www.wilderssecurity.com/showp...&postcount=184 In the PM he send me he also mentioned Webbrowsers. So I was unsure whether the reduced rights option of webbrowser was still on as mentioned on this page http://www.online-armor.com/worm_protection.html

Only reason is to force scripts running with limited rights.

Regards

[Kees1958]

All,

When you feel naked running without a AV, downloasd Avast and disable the standard shield, enable all others. This way you will have incoming data streams checked before they can write to disk.

HTTP AV's tend to slow down browsers a little. With Opera (use vista_skin-2_12) and the setting shown in the picture you will gain back this speed reduction (brwosing will be faster due to Opera and writing temporary internet data to memory in stead disk).

Select Extra (in Opera), select Preferences (Voorkeuren), CLick History (Geschiedenis) and choose these settings (Uit = OFF)

[lucas1985]

Quote:

Originally Posted by solcroft

all the vulnerabilities of a 5-year-old unpatched XP system

SP1 (?)

[subset]

Seems like many found the Holy XP Security Grail

But it was found before.
http://www.sonypictures.com/cthe/montypython/

Handle with care...

[Franklin]

Amd your PC still works with all those crappy security apps?

[solcroft]

Quote:

Originally Posted by Franklin

Amd your PC still works with all those crappy security apps?

If your PC will work with YOUR security apps, I don't see any reason why Kees' shouldn't.

[Mrkvonic]

Hello,

A firewall, a light one (Kerio 2.1.5, Sygate, Jetico, GhostWall)
An anti-virus, a light one (AVG, Antivir)
Firefox / Opera

Maybe a few security policies.

You're set.

Mrk

[Kees1958]

Quote:

Originally Posted by Mrkvonic

Hello,

A firewall, a light one (Kerio 2.1.5, Sygate, Jetico, GhostWall)
An anti-virus, a light one (AVG, Antivir)
Firefox / Opera

Maybe a few security policies.

You're set.

Mrk

In stead of making security policies I would choose running as Limited User

[Kees1958]

Quote:

Originally Posted by Franklin

Amd your PC still works with all those crappy security apps?

Why not, no Antivirus.

Opera startup (initial, uncached, connecting to google) is <2 sec on an AMD Athlon 3400 with 1 GB, cached startups <1 sec

Not bad I think

Quote:

Originally Posted by RejZoR

Forget all the crap. avast!+ThreatFire or AntiVir+ThreatFire.
You can add in some free firewall like PCTools Firewall or Comodo Firewall.
Thats all you'll ever need.

I would go with that except that Threat Fire is OK for high mem latest machines. Not recommended for P-III PCs running 512MB ram.

[SpikeyB]

Quote:

Originally Posted by Kees1958

In stead of making security policies I would choose running as Limited User

Limited user and software restrictions work together very well. An example is shown here: http://www.mechbgon.com/srp/

[Kees1958]

Quote:

Originally Posted by SpikeyB

Limited user and software restrictions work together very well. An example is shown here: http://www.mechbgon.com/srp/

Yep,

But not on XP home