What is your security setup these days?

Prohibits downloads with I.E.8.
Images downloading is allowed:



Default is 0.

Good for Drive-By-Download (Test AMTSO):



Sorry my bad English.

 

Thanks @Sampei Nihira for explanation. How effective is this trick against all types of drive-by? Does it prevent from downloading and launching of all executable files?

 

Exe,msi,pdf.......

(Contraindication)

Can not print.

 

Try 1806 will do the same without printing problems (1= warn, 3=block)

Internet Zone: 1806 drive by protection HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1806 set to 3. Added 1806 trick to registry. This option prevents downloads of executables under IE and Chrome. See http://blogs.msdn.com/b/askie/archi...ng-applications-and-unsafe-files-setting.aspx

 

I prefer 1803 as it only affects IE. I want to be able to download in Chrome and prevent downloading in IE.

 

Your English is just fine : ) Thank you.

I was wondering though if these tweaks are applicable for XP (Pro in my case), or just for newer versions of Windows?

Also, will that 1806 trick WS mentions block downloads in Firefox as well, or just IE & Chrome? Because if it doesn't affect FF I think I'll use that one instead. Because I don't use Chrome anyway, and it won't present printing problems.

 

Yes are good for XP.
Trick 1806 does not block downloads in Firefox.
The trick 1806 with XP makes it unusable Chrome.

 

1)Droped Emsisoft Anti malware from real time to o/d
2)Enabled encrypt option in SpyShelter

meaby i will complet unistall av and use only peroid scan from live cd like avira product
since 2 years i didnt found any infection on my pc

AV + AM o/d: Emisoft Anti-Malware, Malwarebytes.
Firewall + HIPS: SpyShelterFW.
Restrictions: AppGuard, EMET, NoAutorun.
S&V: VMware Workstation, Shadow Defender, Sandboxie.
Encrypt:TrueCrypt, KeePass, SpyShelterFW.

 

Time to shake things up! Okay, that's over-dramatic, I've used these programs before. My WSA license is ending tomorrow, and before I fire up another one that's stashed on the shelf, I'm going to run NOD32 for the few months left on it. Thinking that might go good with AppGuard or NVT ERP, and of course Sandboxie.

 

That'll be my agenda when my VIPRE subscription expires in the Fall... go with NOD32.
Ordinarily, I will not keep a software around just because of an expiration date, but in the case of VIPRE, it isn't problematic and Sandboxie does the heavy lifting, so I feel no sense of urgency to change right now.
I'll be watching for words from you about NOD32.

 

i have nod32 antivirus too

 

I want to use the hips engine og nod32 antivirus

 

I'm thinking NOD32 as well.

However with Appguard, almost anything works fine. Right now Immunet3+Mbam is so flawless, powerful, and hassle free I am finding myself unable to even bother trying anything else anymore. It's like the perfect combination.

 

good choice my friend

 

Steady as she goes! WSA Complete....

 

I don't use any AV now. Oh wait, didn't realize WSA is still here. It's so quiet I don't know if it's even there.

 

I may go with 1803 once I change to Win7 Pro x86... which I do still plan on doing eventually. Only when software I depend on no longer updates itself for XP. Since I will need IE to DL Windows Updates. And will also give Chrome a look too as it runs better than FF on Win7/8 to my experience. And you can also take advantage of native hardening on those OS's that benefit IE & Chrome.

But for now 1806 seems a better fit. So thanks WS : )

 

Oh, and to stay on topic here:

Got rid of VirtualBox now that I'm no longer using VPN's on this box, and put Shadow Defender back on. I have a laptop now I use for anonymity, utilizing member Mirimir's setup with a few wrinkles of my own (no pfsense/Debian), only on public WiFi. So this box is just for basic use now. I still care about privacy but not so much anonymity.

Added "Trick 1806" I just learned about in here. That's why I come here... I always learn something new to add to the (ever growing) list of tweaks.

 

So you're gonna stay with XP for at least awhile then? (Of course you'd still "need" OpenEMET on Win 7 to use latest EMET without installing more/newer .NET FW. )

And you don't need IE for Windows Updates after XP; since Vista, Windows Update is just its own Control Panel thing, etc.

 

ESS 7, Sandboxie and WSA (Just in case).

 

Yes... planning on keeping it as long as is practical. Like until a program I consider vital to me decides to stop supporting it. And I don't expect vendor support for XP to end for quite some time with so many people still on it. And even then, I'd probably just keep using an old version until/if a major vulnerability that directly affected me came around.

So I should still be here on XP when you're done with OpenEMET here. I'm really, really looking forward to giving it a look without taking on the attack surface (and major bloat) of .NET FW. And I don't like the idea of .NET FW being shoved down your throat on newer M$ OS's. But as you say, at least you don't have to install newer versions with even more vulnerabilities. So it has value to users of any of the OS's.

Even if I can only take advantage of the app specific mitigations... I'm fine with that, along with hardware DEP and the memory protection built into D+. But with the limitations EMET has on XP I wouldn't consider the trade off of having to take on the attack surface/bloat of .NET FW worth it. Your tool takes away those cons and gives you the pros.

 

Good Morning! Just Enough...I'm currently using Vipre in tandem with AppGuard and WSA...I'm impressed with Threat Track...Vipre's Parent Company installing and updating a new Driver component for the Firewall. It needless to say was much needed...and In my initial use with Vipre is as stated rock solid. Vipre is currently running a Beta testing for the 2015 Product Line...expect further refinements to the product...and a new Gui which as we all know is of a Minor relevance...will also be introduced. My main concern is it's improvements of the Firewall and in improving scanning times and detection rates. But in your case using any A/V with AppGuard is a step in the right direction. Sincerely...Securon

 

I use Trick 1806 in our pc W.7 64bit.
Trick 1803 with XP is best if you have to use Chrome.

 

Which security would i need for my linux system.?
I have firewall and thats all.

 

Eset Smart Security 7 (HIPS and Firewall both set to policy based profiles)
MBAM Pro
Windows 8 SmartScreen Filter
UAC cranked up to max