Some questions from a newcomer(novice).

Hi.

I'm a novice in this paticular area(security),
and I learned English as my second language,
so this question might be hard to understand for some of you.

Facts:

I use Vista.

I'm a registered user of ESET NOD32 (expires end of this year, and unable to renew it, because the ESET in my country no longer supports for home users)

I use a router (wireless for my laptop i'm using).

But the best discovery I made is a program called Sandboxie.
I like the idea that it "sandbox" stuffs and it is free.

Now here are my questions.

1. Is my security setup "secure" enough?

2. Is there any program that is free and that goes well with Sandboxie?(I think I heard it goes well with Returnil, but I don't have an idea what it is)

3. I use the Vista built-in firewall, is it okay?

4. Can you answer these questions in a very basic English so that I can understand?

 

Hi

Welcome to Wilders!

1. It depends on your surfing/computer habits. Security wise, Sandboxie is really enough, but the biggest security hole (the user) make the most mistakes so there is a chance something might slip through Sandboxie

2. Sandboxie and Returnil works but there is a lot of overlap - they do similar things. You could add some on-demand scanners or behavioural blockers. Are you willing to pay for security programs?

3. Yes. You can also get Vista Firewall Control to make it easier to use

4. Hopefully I have

 

1.- this depends on your habits. There are people running no security at all and stay clean for years.

2.- SBIE goes well with most security software. Returnil is a program that makes that when you turn off or reboot your computer, ALL changes on your system partition dissapear, and the computer goes back to how it was before. I use with Sandboxie (in fact they are my only active security). There can be some overlap, but Returnil helps if some changes are made from outside the sandbox. Also it prevents changes made by me to a seamlessly running computer, unless I really want to do those changes (then I turn protection off).
Also, SBIE covers some malware that can bypass Returnil.

3.- Vista firewall is OK. (but I don't know if its inbound only, like XP firewall)

4.- If any other question, just ask. Welcome to Wilders!

 

Thanks for your reply.

Unfortunately I don't really have any choice but to use a free software.

Security softwares that are available and for sale in my country are very limited.
The are only some AVs, such as Bitdefender, Kaspersky, Avast, Norton, McAfee, and thats about it.

I really wanted to buy some popular softwares like OA+, SAS Pro, Defensewall... but no chance at all

 

Hi

Wouldn't GesWall and Returnil be a better combo than Sandboxie and Returnil?

And the Vista firewall does have outbound, but I think it's not enabled on default, or fully enabled... or something like that.

Thanks

 

Thanks for reply HURST
I don't really go to dangerous webpage.
However I do sometimes use P2P program like uTorrent.
In this case, maybe SBIE is enough?

 

Hi

Don't worry! I only use free security software as well. I could get paid stuff, but personally I do not think it's essential.

 

Hi

Well you could consider switching to GesWall instead of Sandboxie and adding Returnil.

Or if you want to keep Sandboxie, you could add a behavioural blocker, such as ThreatFire (though I think Kees1958 mentioned that if you keep it at default protection which is 3 and it detects malware it could quarantine Sandboxie as well though this is not an issue with protection set to 4), DriveSentry, or Dynamic Security Agent. Or you could add some on-demand scanners, like AntiVir free with real-time turned off, and SUPERAntiSpyware free and Malwarebytes Anti-Malware free.

 

Judging by the screenies I've seen posted regarding Geswall it's far too noisy and a pain.

Sandboxie/Returnil combo is a much better choice.

 

Yes I've thought about it many times. Maybe DefenseWall.
But I started using SandboxIE because I understand it better that policy sandboxes, and have tweaked a lot. Now I'm totally used to SBIE. Old habits die hard I guess.

~~~~~

Back on topic:

Ohmy: Properly configured, SBIE can be all what you need, but just to be safe, consider adding a Behavior Blocker or even a free AV.

 

Interesting. I thought that South Korea has very developed e-commerce and credit cards infrastructure. I understand why Russia has inmature e-payment infrustructure, but South Korea...

 

Well it is developed, however it is also kind of overestimated.
South Korea's e-payment infrastructure is kind of old school.
It needs ActiveX.
If your Korean, ActiveX is inevitable.
Thats why when FireFox3 came out, it wasn't successful in Korean Web browser market.
The news that FireFox made an World Guiness Record on downloading was not much of a big deal for a lot of koreans. (However there are also a lot of Koreans who prefer using FF with IETab)
Because ActiveX is inevitable, IE is also inevitable for Koreans.
Thats why I can't use any other browser that is not IE-Based.
I kind of feel jealous for WSF members who uses Opera or Firefox

Am I out of topic?
If you were talking about paying with credit card.
I'm underage to use it in Korea, so I have no chance of buying
any products like Defensewall, OA+, Returnil.
Any product except V3, Norton, VirusChaser(Made in Korea with Dr.Wev engine), McAfee, Bitdefender, Avast, Kaspersky etc.
Now that ESET in Korea is not supporting for Home Users...
No more NOD32 for me after my current license expires...

The Security Software market in Korea is also not that good.
Have you heard of AhnLab?
Its a Korean Security Software company.
They make a AV called V3.
No good detection, no good cleaning ability, no heuristics, no HIPS , didn't pass VB100 test much...
However it is monopolizing the Korean Security Software Market.
Just like Norton is doing in US.

Well the internet speed here in Korea is soooooooooooooooooooooo fast.
Everything other than Security is reall good here.

 

Maybe I'm being a jerk to my country.
Oh well, just telling the truth

 

That all is very interesting and cognitive. Thanks you, Ohmy. The only thing I can't understand- how it is possible to monopolize a local market if anybody can buy any software product he wants with credit card and this AhnLabs will just die with its product. Don't like the product- don't buy it!

 

If you're looking for a good source of reliable freeware, Gizmo's Tech Support Alert contains a section called "Best-ever Freeware Utilities" that contains many, if not all of the security apps mentioned on Wilder, as well as many other non-security freeware apps. Click link for the security apps page:

http://www.techsupportalert.com/

cheers

 

Hi

I've tried GesWall and it's pretty quiet. There's also an option to not show what it's doing.

And I think there were a lot of pop ups because that was very dangerous activity, normally it's very unintrusive.

 

Hi

Yes, I concur! It's a great site.

Though I have to say the security pages do not have quite a few products which are good and mentioned in Wilders.

 

I don't really have the answer.
However, a lot of novices in Korea think that Ahnlab's product is the best.
I'm glad that I noticed that it's not

 

Thank you for your wonderful link

 

i use freebies till date.
no issue at the moment

1) returnil and sandboxie
2) threatfire
3) Avg free
4) sygate firewall



just uninstalled - SSM and boclean.

 

@Ohmy

Hi,

First make sure you run as a Limited User (Google for TweakUAC, install and look what it tells you: preferred option is LUA ON, second option is LUA in quiet mode, never choose LUA OFF).

Second Google for Vista FireWall Control (a free utility, download correct version 32 or 64 bits), download and install and you have a simple form of outbound control.

Third: use NOD32 and ThreatFire when on Vista32 (look at the options, make sure you create a restore point before accepting changes, see https://www.wilderssecurity.com/showpost.php?p=1273805&postcount=14)

Note: when running LUA (ON or in QUIET mode) the browser (Internet Explorer) runs in protected mode. This means that you have a strong browser protection. When you have downloaded an executable, right click the file and you will see that on the bottom (below properties) a remark with SECURITY is mentioned (with a button and possibly text after this). This means the downloaded file is also limited in its actions.

When you are in Vista64 you can not use ThreatFire (works only on Vista32), have a look at Primary Response Safe Connect.

 

Hi

Is there a special reason for recommending Nod32? Isn't AntiVir and some other AVs better/as good?

Thanks

 

Thanks Kees for your kind answer.
btw, I heard that free ver of the Vista firewall control lacks features, that it is same as not using it. Is it?
And what is LUA? Can you give me a explanation or a link to teach me?
Thanks

P.S Do I need to also tun on Vista Firewall when I'm using Vista Firewall Control? Beacuse security center classify Vista Firewall Control as a seperate software firewall.

 

Limited User Account.

 

Hi.
Maybe he recommended NOD32 because my license for NOD32 didn't expire yet