Advice on security setup.

I have recently become rather concerned about my computers security, and are therefore looking for a new security setup.

The one I'm currently considering is this one, all programs are newest version:
Router
NOD32
Outpost Firewall Pro
SUPERAntiSpyware
Firefox v. Noscript, Keyscrambler, Adblock Plus

I'm running Vista with SP1.

Should I change any of the programs or maybe add some ?

Also what would be the best solution for creating snapshots of my system at various times, and recover them if the need should arise?

 

you are very protected is the SUPERAntispyware free or paid version?

 

I'm testing the paid version and will buy it when I have finished testing it.

 

SUPERAntispyware and keyscramble are my 2 top recomendation here in your set up,they are two good apps that i testify they do their job

 

My advice, ditch nod32 and use either Avira Antivir Free or Premium version instead. Aside from that, it is an excellent setup.

Id also recommend Drive Snapshot as your snapshot software. Its extremely reliable in my experience.

 

It's great setup.U don't need to ditch or add anything.Outpost pro & router you really cut possible malware traffic.
Also you can use outpost ip blocklist
For snapshot you can do a search on the forum for rollback rx,eaz fix.Paragon drive back up also has excelent back-up restore capabilities.

 

I agree that it's a good, strong setup.

It's just personal preference but I prefer and have more confidence in Malware Bytes AntiMalware (MBAM) than SuperAntiSpyware.

 

IMO I wouldn't ditch anything but If you still feel as your not secure enough you can use sandboxie for internet facing apps and properly configured would be hard to find a more secure set up.

 

I have seen MBAM mentioned quite a bit here so I'm going to test that one as well.

As to imaging/snapshot programs, I am currently looking at Paragon Drive Backup and ShadowProtect. They seem to be getting equally good reviews, so I must test those as well.

 

Here is one you can have free by paragonhttp://www.paragon-software.com/home/db-express/download.html

 

Thanks I'll test it on one of my computers.

 

Actually even though MBAM is my fav of the 2, they complement each other really well - especially on heavily infected systems. I dont think they go after the same malware but instead can't really be compared.

 

I also would use Kaspersky, or Avira, or some other av than Nod. To have a multilayer defense I would install an HIPS and a sandboxing sw. And It would be better to have a snapshot or a disk imaging software.

 

I'm experimenting with Sandboxie at the moment, what HIPS would you recommend ?

 

1.Windows Defender Real time on vista under Tools, Join Advanced microsoft Spynet = Hips
2.MD Malware Defender HIPS,Vista support
3.RTD Real Time Defender HIP,Vista support Not sure

 

Outpost Pro already has a fantastic HIPS incorporated into it. SandboxIE would also be a fantastic addition.

 

I have been fooling around quite abit with Sandboxie and have tried to create a config file:

I have a Sandbox called Firefox where I want to allow Firefox and a pdf reader to execute and access the internet.
The Banking sandbox doesn't allow me to login to my bank it says invalid password, even though it's the correct password.
Defaultbox isn't being used.

Code:

[GlobalSettings]

ProcessGroup=<RunAccess_Banking>,iexplore.exe,sandboxiedcomlaunch.exe,sandboxierpcss.exe,start.exe,SandboxieCrypto.exe
ProcessGroup=<InternetAccess_Banking>,iexplore.exe
ProcessGroup=<InternetAccess_Firefox>,firefox.exe,foxit reader.exe
ProcessGroup=<ProcessAccess_Firefox>,firefox.exe,PDFXCview.exe,sandboxiedcomlaunch.exe,sandboxierpcss.exe,start.exe,foxit reader.exe

[DefaultBox]

ConfigLevel=4
AutoRecover=y
AutoRecoverIgnore=.jc!
AutoRecoverIgnore=.part
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
LingerProcess=trustedinstaller.exe
LingerProcess=wuauclt.exe
LingerProcess=devldr32.exe
LingerProcess=syncor.exe
LingerProcess=jusched.exe
LingerProcess=acrord32.exe
Enabled=y

[Firefox]

OpenPipePath=firefox.exe,\Device\NamedPipe\KSTIPipe*
ClosedIpcPath=!<ProcessAccess_Firefox>,*
Enabled=y
ConfigLevel=4
AutoRecover=y
AutoRecoverIgnore=.jc!
AutoRecoverIgnore=.part
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
LingerProcess=trustedinstaller.exe
LingerProcess=wuauclt.exe
LingerProcess=devldr32.exe
LingerProcess=syncor.exe
LingerProcess=jusched.exe
LingerProcess=acrord32.exe
ClosedFilePath=!<InternetAccess_Firefox>,\Device\RawIp6
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Udp6
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Tcp6
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Ip6
ClosedFilePath=!<InternetAccess_Firefox>,\Device\RawIp
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Udp
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Tcp
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Ip
ClosedFilePath=!<InternetAccess_Firefox>,\Device\Afd*
AutoDelete=y
NeverDelete=n
OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\places*
OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\bookmark*
OpenFilePath=firefox.exe,*\sessionstore.js
OpenFilePath=firefox.exe,*\prefs.js
OpenFilePath=firefox.exe,*\bookmark*
OpenFilePath=firefox.exe,*\patterns*
OpenFilePath=firefox.exe,*\persdict.dat
OpenFilePath=firefox.exe,*\pasteemailplus.dat

[UserSettings_12140299]

SbieCtrl_UserName=frozer
SbieCtrl_ShowWelcome=N
SbieCtrl_NextUpdateCheck=1223182866
SbieCtrl_UpdateCheckNotify=N
SbieCtrl_HideWindowNotify=N
SbieCtrl_WindowLeft=200
SbieCtrl_WindowTop=150
SbieCtrl_WindowWidth=660
SbieCtrl_WindowHeight=450
SbieCtrl_Hidden=Y
SbieCtrl_ActiveView=40021
SbieCtrl_BoxExpandedView_DefaultBox=Y
SbieCtrl_ColWidthProcName=250
SbieCtrl_ColWidthProcId=70
SbieCtrl_ColWidthProcTitle=310
SbieCtrl_AutoApplySettings=N
SbieCtrl_SettingChangeNotify=N
SbieCtrl_BoxExpandedView_Banking=Y
SbieCtrl_ReloadConfNotify=N

[Banking]

OpenPipePath=iexplore.exe,\Device\NamedPipe\KSTIPipe*
ClosedIpcPath=!<RunAccess_Banking>,*
ClosedFilePath=!<InternetAccess_Banking>,\Device\RawIp
ClosedFilePath=!<InternetAccess_Banking>,\Device\Ip*
ClosedFilePath=!<InternetAccess_Banking>,\Device\Tcp*
ClosedFilePath=!<InternetAccess_Banking>,\Device\Afd*
ClosedFilePath=!<InternetAccess_Banking>,\Device\RawIP6
ClosedFilePath=!<InternetAccess_Banking>,\Device\Udp
ClosedFilePath=!<InternetAccess_Banking>,\Device\Udp6
Enabled=y
ConfigLevel=4
AutoRecover=y
AutoRecoverIgnore=.jc!
AutoRecoverIgnore=.part
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
LingerProcess=trustedinstaller.exe
LingerProcess=wuauclt.exe
LingerProcess=devldr32.exe
LingerProcess=syncor.exe
LingerProcess=jusched.exe
LingerProcess=acrord32.exe
AutoDelete=y
NeverDelete=n

I have allowed Firefox to access quite a bit of files to allow my sessions to be saved, does this sacrifice too much security ?

Anyone have any idea why my banking sandbox prevents me from logging into my netbank?

 

Banks often use a https connection. While people may think that means safety, that's only partly true.

In principle https should offer a safe connection between you and what's on the other end, protecting you from third parties, but the 'other end' (your bank ?) can basically do on your computer whatever it wants. More info about that in the privacy section.

I have no idea if that's related.

 

You have a strong setup as is.

But I'm not sure if you have a HIPS tool as part of Outpost not being familar with it?

On backup I have paragon drive backup. I put programs and windows os in C drive and user data in partition F. It means I can back up F daily quickly but I only image C weekly unless I'm installing new software.

 

Okay now I have experimented a bit and I have settled with this setup:
Router
Outpost
NOD32
SUPERAntiSpyware
Threatfire
Windows Defender v. Advanced membership of Spynet
Sandboxie running Firefox v. Noscript, Keyscrambler, Adblock Plus

For backup Paragon Drive Backup Personal

The only thing I'm wondering now is if Threatfire is needed or if the other programs cover it.