I'm loving my extremely light security setup.

Just right now I did a clean install of Windows XP Pro
and I installed the following:

Updated:
I use avast and configured using Kees really awesome tut. (I just disabled avast's behaviour shield and replace it with threatfire.)
https://www.wilderssecurity.com/showthread.php?t=263940


PrevX SafeOnline Facebook Edition. (currently thinking of disabling or enabling heuristics.)
Peerblock + Privoxy


Again... my problem is what virtualization software to use.
and I can't handle Sandboxie.

I need something very easy to use like Bufferzone... but not paid. I want a FREE alternative. ^^

 

1- Why waste cpu cycles on more real-time apps? Simply prevent any possible malware from connecting out, & you have defanged keyloggers & pretty much every other badnik.

2- Thus, install an FW (firewall) or HIPS (see comments below) & carefully limit outgoing connections to absolutely the bare minimum of fully-trusted applications (basically, just your browser, email client, & updaters for security apps).

3- WinXP's FW covers incoming only.

4- For *the best* incoming protection, install an SPI/NAT-capable router. It will give you much better protection than a software firewall and adds absolute ZERO drag to your system resources..

5- For managing outbound connections, you can choose between a FW & a classical HIPS.

5a- Since you are using WinXP as your OS, Kerio 2.1.5 is a splendid freebie FW, & should do you just fine.

5b- Rather than a FW, I prefer to use MD (Malware Defender -- a classical HIPS) since it gives me the ability to control outgoing connections, and provides a LOT more protection besides. In your case, MD could displace the need for TF (Threatfire). Also MD would be much lighter on system resources than is TF.

6- In summary, here is a feather-light, *bullet-proof set-up*

6a- In real-time, run only TWO security applications: MD, and Prevx-free, PLUS an SPI/NAT-capable router.

6b- On-demand, use Avira Premium, MBAM, KeePass (for obfuscating your login entries), Shadow Defender, A-squared free, & Tiny Watcher (a daily key-file integrity checker)

6c- Primary browser of choice (any except IE) & always run it behind Drop-My-Rights.
~~~~~~~~~~~~~~~~~~~~~~~~~~

7- Post Scripts...
++Your level of security is only revealed when it fails. Not being infected doesn't necessarily mean that you're OKAY.

++For hard-wired maximum security without needing ANY software security apps: Simply delete your video card and format your modem, and install AOL on your motherboard.

++It said on the website to use IE7 or better... so I switched to K-Meleon.

++I am a proffessionul...professenal...prafessinal...prof.......oh NEVER mind.....would you like fries with that?

 

"++For hard-wired maximum security without needing ANY software security apps: Simply delete your video card and format your modem, and install AOL on your motherboard."


You want to run that by me again? I likely missed a joke (it happens a lot). I really hate to start up the browser discussion again, it does just invite arguments. But, imho, there's not a thing wrong with IE if you just spend 5 minutes tweaking Restriction/Internet zones. Anyway, I think Returnil would make a great addition (turn off Returnils' virus protection though. I still can't figure out why they added that).

As long as the poster is comfortable with HIPs prompts, a good HIPs can be a great bodyguard. If not, it can be a worst enemy. For sure if MD is used, toss out Threatfire. It's overlapping and could cause far more trouble than it would prevent. In regards to virtualization, maybe Sandboxie? Configured right, it can prevent a lot of malware from running and calling home (On 32bit, stay away from 64, imho).

 

Online Armor is an excellent firewall + HIPS with anti-keylogging feature.

You may take DefenseWall into consideration as well.

 

Not a joke, per se. It is an absurdity -- tongue-in-cheek. Nada mas.

 

Gotcha

 

I always dislike answering too many traditional HIPS prompts, thats why I took Threatfire.

I noticed threatfire could be set to alert me for outgoing connections.

 

Extremely light? You must be kidding.

Light is what I use for security in my Win7 Ultimate x86:

AV: Microsoft Security Essentials
FW: Windows Firewall + Router built-in Firewall
+
BitLocker
AdMuncher Pro
RoboForm Pro + GoodSync
Firefox with few selected extensions (the best ones)

I know I need some kind of ProActive Security software, but I'll only use one that happens to get a 100% score on the newest Matousec tests.

 

EXTREMELY LIGHT? U MUST BE KIDDING
Light is what I use for security in my Winxp HOME SP3:
windows firewall only
HITMANPRO On demand
13days no malwares

 

lol, does a program that gets Matousecs nod really mean it is a good program?

Sul.

 

Oh man, you must be kidding now.

5 minute reboot into imaged OS using Macrium Free.

Nothing else.... reload OS every day, every hour, every week, whatever you like.

Ahh. Simplicity.

lol

Sul.

 

Here we go Again! Listen! if you really want the lightest of the light, then use nothing except a Black Polished Rune Stone and place it on top of your PC or dashboard of your notebook. No gimicks no installs, try it and see, It Works!

 

hahaha. I'm doing that too XD
ah. I added Panda USB Vaccine and HostsMan. (too much IP blockers ahhh!!! XD)

 

Well, actually Matousec has the greatest testing suite and methodology to test ProActive security software.

http://www.matousec.com/projects/proactive-security-challenge/#methodology-rules

Why use an imperfect ProActive security software? If real malware can circumvent it, there is no point in installing it.

Your security setup appears to have no AV, no AdBlocker, no Encryption software, no Password Manager and no Backup software.

I can go without a ProActive security software, but not without these ones.

 

I would not call your setup light, per se.
A light setup is Windows XP + SuRun. Period. End of sentence.
Mrk

 

great....it seems every one else is loving theirs too

 

Erm, then you advocate not installing anything? lol, there is no such thing as 100% even if Matousec says there is, or anyone.

But I get what you mean, although I don't put the same kind of trust in Matousec that you might.

Sul.

 

Izumi that isn't a light security setup at all.

Right now I run sandboxie w/ Hitman Pro and that's all I need.
If I need more then there's MBAM on demand. Online Armor would be a good solo choice too.

 

Updated:
I use avast and configured using Kees really awesome tut.
https://www.wilderssecurity.com/showthread.php?t=263940

I just disabled avast's behaviour shield and replace it with threatfire.
PrevX SafeOnline Facebook Edition. (currently thinking of disabling or enabling heuristics.)
Peerblock + Privoxy


Again... my problem is what virtualization software to use.
and I can't handle Sandboxie.

I need something very easy to use like Bufferzone... but not paid. I want a FREE alternative. ^^

 

Now, when everyone is bragging, I'm loving my extremely heavy security setup.

Sorry, couldn't resist...

 

Brother,if you find all of that stuff "light" ,you can add pretty much what you want!!

 

Yes,but which rune? Algiz? Eihwaz? Uruz?

Download sites?

 

Very helpful replies. Thanks.
Please close the thread.