Security that you use and its purpose

[Blackspear]

This thread is set up to show what each person uses and its purpose.

Please do NOT discuss programs and/or their use, this can be done here:
Security that you use and its purpose - DISCUSSIONS.


I have split what I use into 3 stages, what I call Minimum, Medium and Tight Security, this is a GUIDE ONLY, for those wanting to know in which direction they should start to head. It is no use having all this security if you do not know how to use and maintain it…

In addition to the below there are a couple of good discussions on security software here and here.

Cheers

Blackspear




MINIMUM Security
Basic Barebones – Don’t go 4 wheel driving across the internet with this, or you’ll be sorry


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. Nod32 Anti-virus (paid product) – Anti-Virus software.
http://www.nod32.com/home/home.htm

How to Set up and Install Nod32.


3. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


4. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


5. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com/firefox


6. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.org





MEDIUM Security
The next step up.


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. Nod32 Anti-virus (paid product) – Anti-Virus software.
http://www.nod32.com/home/home.htm

How to Set up and Install Nod32.


3. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


4. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


5. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com/firefox


6. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.org


7. KeePass (FREE) – Password Storage and Generator.
http://keepass.info/


8. Replicator (FREE) – Backup program.
http://www.karenware.com


9. Crap Cleaner (FREE) – Deletes all Temp files and MRU (Most Recently Used).
http://www.ccleaner.com





TIGHT Security
This is what is currently set up on my system with Windows XP Pro. They all play together nicely and are very simple to use, update and maintain:


1. Acronis True Image (paid product) – Total system backup, and incremental backup to various media, including CD/DVD, additional Hard Drive etc. Use this when you have first installed a FRESH copy of windows and again when you have installed all your KNOWN stable programs, do this BEFORE you have transferred your data onto the system. Even better than this, have your data on a separate partition, as well as a BACKUP Drive.
http://www.acronis.com


2. ESET NOD32 Antivirus (paid product) – Anti-Virus software.
http://www.eset.com

How to Set up and Install Nod32.


3. Prevx 3.0 (paid product) – Intrusion Prevention.
http://www.prevx.com


4. SuperAntiSpyware (FREE) – Infection removal.
http://www.superantispyware.com


5. Malwarebytes (FREE) - Infection removal.
http://www.malwarebytes.org


6. FirstDefence ISR (paid product) – Immediate recovery from software failure or corruption. This is on a 2nd Multi-user system.
http://www.leapfrogsoftware.com/product_info


7. Mozilla Firefox (FREE) – Safer Web Browser.
http://www.mozilla.com


8. KeePass (FREE) – Password Storage and Generator.
http://keepass.info/


9. Replicator (FREE) – Backup program.
http://www.karenware.com


10. Crap Cleaner (FREE) – Deletes all Temp files and MRU (Most Recently Used).
http://www.ccleaner.com


11. Mozilla Thunderbird (FREE) – For email - very good junk mail filter.
http://www.mozilla.com


12. Netgear Modem/Router (paid product) – ADSL Hardware firewall and Router.
http://www.netgear.com.au


13. DVD Burner for BACKUP of Data.


14. 2nd Internal Hard Drive for BACKUP of Data.


15. Seagate 320GB Laptop USB Hard Drive for BACKUP of Data.


16. Backup to a 2nd computer across a network.


The above will give you a very tight system. Ultimately it comes down to safe practices, and it is always best to practice and think of safety, otherwise it will remind you and it won’t hold back in doing so... it's a bit like gravity, very unforgiving...

Hope this helps...

Let us know how you go…

Cheers

Blackspear


PS. If you would like to UPDATE your post, please advise a Moderator by PM and we should be able to accommodate you.

Hi Blackspear,

My Set-up is pretty similar to your listed tight set-up.

SSM - System Safety Monitor (Free) - offers similar protection Process Guard ... it works flawlessly beside PG, without issue ... combined they offer Total Control.
(Available from Max Computing Software - http://maxcomputing.narod.ru/ssme.html?lang=en )

Another App to add would be either WormGuard (payware) or Script Defender (free).
Analog X - Script Defender - http://www.analogx.com/contents/down...em/sdefend.htm
DiamondCS - WormGuard - http://wormguard.diamondcs.com.au/

And Lastly ... definitely an encryption program.

Steve

Opps ... I missed one other suggestion. A dedicated ADS Streams Remover ( I know many apps have this built in functionality ... but they aren't always successful in deleting the Streams ) and seeing as this is becoming a viable vehicle to hide malware.

Merijn's ADS Spy: (Now included with HiJack This, but it is also available as a stand alone app.)
Home Page - http://www.spywareinfoforum.com/~merijn/
Direct Download - http://www.spywareinfoforum.com/~mer...les/adsspy.zip

RejZoR's (eXcessive Software) -NTFS Streams Eraser - http://www.excessive-software.tk/
(it doesn't seem to be listed ATM ... I'm not sure why? But I don't see it currently)

Another option is (I've never tried it) :

SysInternal's - Streams - http://www.sysinternals.com/ntw2k/so....shtml#streams

Here's my security setup,

Sygate Firewall
AVG Anti-Virus
Enough is Enough!
hpguru's HOSTS File
eDexter
TIF-Clean
Eraser

I've no complaints.

Regards,
Pasta

[muf]

Resident.

ZoneAlarm Pro - Firewall to keep connection's to what I decide and not what the application decides. Also to block intruders.

BOClean - Mainly protection against trojans, but also covers some other malware like CWS, Keyloggers, Hijackers etc.

Regrun - Suite of utilites offering protection from spyware, scripts, trojans, viruses, worms. It also enables you to analyse startup, registry and many other features.

NOD32 - Protection from viruses and trojans

Ad-Awatch - Protection from Hijackers, spyware, adware, spy cookies etc.

SpywareBlaster - Pro-active protection from spyware.

Cookiewall - To decide what cookie's stay or go

CookiePatrol(PestPatrol) - Protection form spy cookies.

WormGuard - Worm/malicious script protection.

--------------------------------------------------------------------------

On-demand.

KAV 4.5 - Anti-virus/Anti-trojan
PortExplorer - Monitoring incoming/outgoing connection's.
F-Prot for Dos - Free anti-virus/anti-trojan
Spybot - Anti-spyware
Pestpatrol - Anti-malware
Security Task Manager - Great for spotting keyloggers.
Spycop - Keylogger protection
A2 - Free Anti-trojan/spyware scanner
X-Cleaner Free - Anti-spyware/adware/keylogger scanner
Ad-aware Plus - Anti-Spyware scanner
Trojanhunter - Anti-trojan scanner.

muf

[BlueZannetti]

My setup is as follows:

Hardware

• Two physical hard drives with XP Pro boot partition on each drive
• Zyxel Zywall 10w router
• Linksys WRT54GS wireless router (used as access point only), Sveasoft Talisman firmware

Browser: Firefox

Real-time security applications (ordered in my recommended priority need to have)

• Generalized antimalware application (AV/AT/AS) - NOD32 on primary boot partition (probably boot to here 80-90% of the time) while KIS 6.0 beta is on my secondary boot partition.
• Realtime process scanner - BOClean or Ewido Security Suite. Guard against packed variants not handled by the main antimalware application
• Action based monitor - Safe'n'Sec which also has some registry protection. Other options would include ProcessGuard or AppDefend/RegDefend process/registry protection. SnS and PG-AD/RD serve similar, but somewhat different, roles. This can be served by the Proactive Defense module on the KIS partition. Note - early versions of the KIS PD module conflicted with SnS. Online-Armor is another viable option in this class.
• Firewall - Look'n'Stop running just the application filtering side. Alternate option is Outpost Pro, itself a very decent firewall (optional if router present). KIS 2006 beta partition uses the native Anti-Hacker component.
• Mailwasher Pro: screen mail (optional for most users)
• System recovery - The above applications focus on dealing with the malware, but sometimes recovery of the original machine state is needed. Two stylistic options are available here, classical system backup provided by products such as Acronis True Image or system restoration provided by applications such as ShadowUser or the now free ShadowSurfer, or First Defense ISR. Very different approaches that provide similar end results. The list is not all inclusive, other options are available.

On-demand coverage/cleaning/diagnostics/analysis - some installed, some available to install if needed

• CounterSpy: spyware removal
• Lavasoft Adaware SE Pro: spyware removal
• Webroot WindowWasher: clean out TIF, cookies, etc.
• Webroot Spysweeper: spyware removal
• DCS PortExplorer: diagnostics
• Sysinternals Process Explorer: diagnostics, trace image path, etc.
• Spybot S&D: spyware removal
• Ewido Security Suite: backup trojan/spyware/general malware removal
• NSClean/IEClean: clean out TIF, cookies, etc.

Useful utilities

• WinsockXPFix: fix Winsock automatically
• CWShredder 2.1: check for/remove CoolWebSearch
• Registry First-Aid: Registry maintenance
• jv16 Power Tools 2005: Simple editing start up services/programs
• mks_vir online scanner: Online AV scanning
• MWSnap, recently converted to SnagIt: screen shots
• PRTG Traffic Grapher: Monitor aggregate network traffic across router

Some items are used regularly, some infrequently. I ignore duplication of function at the install level, but minimize it and resource footprint at the real-time level. In my opinion, the first three items under Real-time security applications constitute the primary and secondary layers of a very tight set-up and these applications plus a router are what I would recommend for typical users desiring strong protection. Some of the recent suites are viable as a single application version of this type of approach. Antispyware applications are desireable to have, but the trojan downloaders responsible for planting this junk on a system should be handled by the existing realtime defences.

Blue

Edited March 3 2005: updated information
Edited April 30 2005: updated information
Edited June 18 2005: updated information
Edited July 4 2005: updated information
Edited July 11 2005: updated information
Edited Nov. 6, 2005: updated information
Edited Feb. 9, 2006: updated information and presentation

[nameless]

Netgear MR814v2 router -- All routers in this price range suck, but this one is "OK".
Image for Windows -- There are none more reliable or affordable.
NOD32 -- Hey, my CPU usage is under 90%! Who uninstalled KAV?
Ad Muncher -- Switch to it and get your life back.
BestCrypt -- I like it.
BOClean -- So far a complete waste of CPU time on my system.
Eraser -- Why did Heidi take this project, and then did nothing with it? Oh, that's right--to get donations.
Password Agent -- Doesn't store passwords in plaintext in memory, unlike KeepAss Password Safe.
Opera -- You do the math and decide.
PGP -- I hate this application, and only use it for work.
PurgeIE Pro -- You go ahead and clean crap, and I'll do it the right way instead.
Undelete -- Securely delete everything.

[halcyon]

Very similar to Blackspear's setup (same AV, same FW, same browser, same extensions, same anti-spyware, except CounterSpy and not using some of the imaging/app blocker apps), with some additions:

- Proxomitron Filters all http traffic. Very good in stopping known (but unfixed) browser exploits, if you want it. I don't use it for that purpose though (only ad/tracking/cookie/script/popup filtering).

- Ewido for anti-trojan protection (replaced TDS-3 as my 1st choice).

- security policies and services pruning

- Bitdefender and AntiVir PE (only on-demand) as backup solutions.

[AirJer]

1. BitDefender 8 Professional Plus
2. Spybot Search and Destroy
3. Spy Hunter
4. Cryptomathic file2file encryption
5. Process Guard
6. TDS-3
7. Pest Patrol
8. Adaware
9. External hard drive
10. Firefox
11. Hijackthis
12. Hosts file
13. Unnecessary services disabled
14. Microsoft Antispyware
15. Other scans- jotti, BitDefender, Symantec, TrendMicro, AVG

My own methods

16. Internet connection physically disabled when computer is not in use, and while I am away from home.
17. Maximum characters allowed for passwords; numbers, letters, and if allowed...characters
18. Passwords and personal data on cd only and encrypted. Locked in safe until I need to use it. Data on computer deleted with Cybershredder.
19. I will call in an order if I am able, before I order anything via the internet
20. Dummy email addresses. Make an email address for a forum or download, sign up, verify the address with the entity, delete the email address. This has killed most of my spam by the way.
21. I change passwords for online banking every week; via the telephone. It's amazing how accomodating they can be after a hacker breaks into their online system, and you threaten to kill your accounts.
22. Credit card numbers are changed every 6 months. This is easy to do. Tell them you lost your card and that you aren't sure if anyone stole it. They'll can the number right then and there.

[richrf]

Hi all,

My favorite security products at this time are:

First line of defense

1) ZoneAlarm Pro: firewall protection sitting behind a NetGear router.

2) Kaspersky 4.5: The same scan/detection engine and database as 5.0, without ADS. Very stable. So far, has caught all malware trying to enter my system. Norton AV was porous when compared to KAV.

3) ProcessGuard (licensed): alerts me whenever a new program is trying to execute on my system. Helps prevents rootkits and keyloggers from installing. Excellent first line of defense along with KAV and RegDefend.

4) RegDefend: I've added the "RegRun registry entries" that Puff has made available to Ghost Suite's RegDefend forum members. Excellent pro-active registry guard.

5) Firefox and Thunderbird: I have found that these products have substantially helped take the pressure off my first-line of defense.


Second line of defense

1) Ewido (licensed): Real-time monitoring of trojans. Has never caught anything in real-time but does catch tracking cookies during on-demand scans.

2) UnHackMe: Rootkit installation prevention

3) WormGuard: traps potentially malicious scripts

4) SpywareGuard: this one may go.

Third-line (on-demand) protection

1) TDS-3: For detecting the most difficult trojans. So far has never detected anything after installing KAV with extended databases. Often found malware when I was using Norton AV.

2) Ad-aware and Spybot: I can still count on Ad-aware to find minor stuff here and there. Spybot doesn't seem to be catching much new nowadays.

2) HijackThis: Great tool for gathering info about my system. I have donated money to support this very helpful utility.

3) CounterSpy Anti-spyware(trial): so far has done a better job than Giant AS (MS AS) in finding bits of tracking cookies and other minor malware. A modest addition to my defense.

4) Trojan Hunter and BOClean: I keep these products up-to-date, but rarely have an occassion to use them nowadays. KAV + PG + RegDefend appear to be very strong - which is good news.

5) SpywareBlaster: it's free and works with Spybot's Immunize protection.

6) DCS Port Explorer: gathers port information

7) System Internals Filemon: gathers program file writing information

Clean-up

1) RegSeeker

2) CCleaner


Rich

[lynchknot]

Router
Outpost Firewall
BlackIce pretender
GhostSurf
Firefox
Process Guard
Winsonar
RegRun
Prevx
NOD32
Counterspy
Winpatrol
Unhackme

Security TaskManager
True Image
HardenIt
escan free
Ewido
RegWatcher drove me crazy so it's disabled at the moment (Hi!)
Various other rootkit detectors, ADS, etc -

[NAMOR]

1.NOD32
2.BoClean
3.Crap Cleaner
4.CryptoSuite
5.Password Corral
6.HostsMan
7.PortExplorer
8.Sygate
9.SpywareBlaster
10. Ad-Aware
11.Spybot
12.Script Sentry
13. MVPS HOSTS file
14.IE-Spyad

[Capp]

Hardware:

• 2 hard drives
• DVD Burner
• CDRW Burner
• USB External Storage Device
• 2-Wire DSL Router
• Linksys DSL Router w/ 4-port switch

Software:

• Windows XP SP1
• NOD32 (Beta) - Paid
• F-Prot (Backup Scanner) - Paid
• ZoneAlarm - Home Version
• FireFox
• Ewido - Home Version
• Microsoft Anti-Spyware
• Ad-Aware
• Spybot S&D
• SpywareBlaster
• RegTuneUp - http://acelogix.com/
• Diskeeper - http://www.executive.com/coverpage.asp
• X-TEQ Setup - system config editor

[Infinity]

Belkin Router
VmWare Workstation
Ewido
ProcessGuard
Nod32
Tiny
Regdefend
Boclean
AdMuncher
ISR
Giant
RegRun Gold
SpyBlocker
SpyBot
TDS-3
PortExplorer
WormGuard
TrojanHunter
PestPatrol
ProcX
Invisible Secrets
Opera for main Browsing

[bpm3k]

Hardware
Belkin Cable/DSL Gateway Router F5D5231-4.
Belkin F6C800-UNV UPS.
External harddrive to store backups.

Resident
NIS 2005 (Daily Intelligent Update and Bloodhound on High)
Belkin Bulldog Plus Software (UPS monitoring software)
IE-Spyad
AGNIS
SpywareBlaster
Spybot Search and Destroy: Immunized and "bad download blocker"

On Demand
Norton Ghost (external harddrive for backups)
Ad-aware
spybot s&d
microsoft AS
Panda ActiveScan
TrendMicro HouseCall
Mcafee FreeScan


Everything was/is free or "free after rebate." Except, $30 for the UPS and $45 for the 120GB external harddrive. For those with more time than money: fatwallet.com

[meneer]

Basic security measures:
Linux gateway equipped with clamav, spamassassin, and rootkit hunter, all there to secure my network from internet and windows related threats

Low cost measures, my primary system:
Linux desktop, only security measure needed: not running as root

Medium cost:
W2K, equipped with avast! and adaware (I have no clue why I need it, but it's free)
Further equipped with Non MS software only, The Bat! with K9 anti spam
Not running as Admin

Heavy cost
WinXP home computer system: Outpost Pro FW and NOD32 AV
Connected wireless, mac address authentication
Further equipped with Non MS software only.
Family accounts are non admin accounts.

That's about it, I think.
O yeah, I'm not running MS software on my main system either

[Mrkvonic]

Hi,
Here's what I use:
ZA firewall
AVG anti-virus
Ad-Aware SE & Spybot
Microsoft Anti-Spyware
SpywareGuard
SpywareBlaster
Firefox for browsing

Other applications:
SnoopFree anti-keylogger
Attach Shield Worm Suppression
Proxomitron with Kye-U filters
I must add Proxo is impressive, it stopped the recently rediscovered firefox vulnerability even without the opne in tabs only solution!
WSH anti-polymorphing patch
WMP anti-vbs patch
BugOff
HTAStop
ADSSpy
SafeXP
WWDC
DropMyRights
Bazooka

Ewido and A2 on demand

Raw sockets locked
Disabled services: messenger, remote registry, unpnp, telnet etc.

Mrk

[squash]

Small and easy to maintain yet providing good security with all _free_ software.

XP Limited account with SP2 and ALL critical patches
Kerio 2.15 and CHX-I (Firewall and Pakcet filter)
AVG (Antivirus)
PG and Prevx (IDS and Hosts IDS)
Ad-aware and Spyware Blaster (Anti-spyware cleaner and prevention)
Mozilla Firefox (latest stable) for browsing with NoScript to block out Javascript except for the sites that need it and 3 combined adblock filters.

Other:
AxCrypt - All personal files on this computer is encrypted
Eraser - For deleting files plenty of times
Regseeker and CCleaner - Clear junk
Combined 3 hosts files (MPVS, Remember.mine.nu and Mike's)
OS Drive (C:\) and Personal Drive (D:\) both imaged with Partition Image.

This Computer has been hardened with SafeXP, Harden-It, Secure-it and heaps more. Also turned off unrequired services in services.msc

I know what I am doing and only visit a limited amount of websites (from my bookmark) most of the time

[World Industries]

Software

• Kaspersky Anti-Virus 5.0

• ClamWin Anti-Virus(backup)

• Outpost Firewall Pro 2.7

• Acronis Privacy Expert Suite

• Diamond CS WormGuard

• A-squared Personal 1.6

• Ad-Aware SE Personal

• Spybot S&D 1.4

• SpywareBlaster 3.4

• SpywareGuard 2.2

• Bazooka

• MRU-Blaster

• Process Explorer

• BlueTack's Host File

• IE-Spyad

• BugOff

• RegSeeker

• Registry Mechanic 5.0

• Registry Compressor

• Startup Inspector for Windows 2.2

• CCleaner

World Industies

[Triple Helix]

It's all in My Sig!! It works together and plays together well!!


Cheers,

[AvianFlux]

WOW! That defense profile's so tight even a greased BB won't squeeze through.

[seamaiden]

Don't Prevx and Winpatrol do the same thing? Aren't they both IDS (Intrusion Detection Systems)? If your A2 (A-squared) is the Personal version rather than the Free version, the Personal version also has IDS. Too many IDS programs concurrently active might not be a good idea.

[Triple Helix]

Quote:

Originally Posted by seamaiden

Don't Prevx and Winpatrol do the same thing? Aren't they both IDS (Intrusion Detection Systems)? If your A2 (A-squared) is the Personal version rather than the Free version, the Personal version also has IDS. Too many IDS programs concurrently active might not be a good idea.

I don't know who you are asking! But I only use A-squared on demand!!

And I removed Prevx and my Box Seems faster now!!

This is what I'm running at the moment!!

-NOD32

-ZoneAlarm

-ProcessGuard

-WormGuard

-WinPatrol

-RegDefend


All others are on demand!!

Hope this clears it up alittle!!

Cheers,

[WSFuser]

seamaiden - no, prevx protects many more areas of ur computer/OS and it has buffer overrun protection. also prevx is considered an HIPS possibly since it can actually stop an attack/change instead of just prompt.

also heres my setup:

NOD32
avast pro (backup)
Outpost Firewall Pro
Webroot Spysweeper
Trend Micro AntiSpyware
Spybot Search & Destroy
Spyware Blaster
SpywareGuard
a-squared personal
ewido security suite
PeerGuardian 2
ProcessGuard
Safe 'n' Sec
Online Armor
Harden-It
Secure-It
Samurai
RegRun Security Suite
adblock plus (w/ filtersetg) (ff extension)
noscript (ff extension)
MVPS hosts
script defender

[ZiGz]

Is it just me or is it sad that this much trouble, diligence, work and money have to go into securing a rig. Maybe we should submit bills to Microsoft and have some criminal punishment imposed on hackers.