What is your security setup these days?

Laptop no. one: (The "everyday" laptop)...Windows 8x64, Emet 5.0, all configured, set at maximum security, UAC set max, task manager monitored for unknown programs, ethernet cable, no router to compromise, shut down, not hibernate, Open DNS, VPN4All, auto connect, auto launch, IPN change every 5 minutes, McAfee Live Safe Internet Security, Firewall maxed out, ports blocked, Sandboxie, w/drop rights and delete invocation, Mozilla, latest update, NoScript (And I know what to allow or deny), Referrer Control/remove. No Error reporting, file sharing, cloud, etc.

 

Currently Sandboxie with HMP.Alert CTP4.

 

Oct. 11, 2014 - Updated, Added, Removed

Network

• Three Netgear WNR3500L-100NAS (DD-WRT Firmware)
• Four Netgear PowerLine AV 500 Adapters
• Wired Cat5e Connection between all 3 Routers
• WPA2-PSK AES Encryption
• SPI Firewall Enabled
• OpenDNS Configuration

Computers

• Desktop - Windows 8.1 Pro with Media Center x64
• Laptop - Windows 8.1 x64

Built-In Security

• USER ACCOUNT CONTROL: HIGHEST SETTING
• EMET 5.0: RECOMMENDED SECURITY SETTINGS
• WINDOWS SMART SCREEN: ENABLED
• WINDOWS DEFENDER: DISABLED
• WINDOWS FIREWALL: DISABLED

Resident

• Emsisoft Internet Security 9.0.0.4546 Beta (Paid)
• Appguard 4.1.45.1 (Paid)** - Locked Down
• NVT ERP 3.1.0.0 Build1 v13 Beta (Paid)** - Lockdown Mode
• Sandboxie 4.13.6 Beta (Paid) - Sandboxie Container Folder on RAMDisk
• Adguard 5.10.1164.5985 (Paid)
• DNSCrypt 0.0.6 - HTTPS Enabled
• DNSCrypt Windows Service Manager 0.2 - DNSCrypt.eu

On-Demand

• PeerBlock 1.2 (P2P Blocking List)
• Shadow Defender 1.4.0.553** (Paid)
• AOMEI Backupper Professional 2.02 (Paid)
• Macrium Reflect 5.2 build 7170*
• VMWare Workstation 10.0.2 build-1744117** (Paid)

Browser, Immunization, Tweaks

• Firefox 33.0b9 (HTTPS-Everywhere, Gmelius, BetterPrivacy) - Firefox Profile Folder on RAMDisk and Sandboxed
• Homepage and Search Provider set to Startpage (Firefox & IE)
• Tweaks on How to eradicate Google from Firefox Applied
• LastPass 3.1.2 Premium (Firefox & IE)
• Spyware Blaster 5.0 (All Protection Enabled + Customblocking.txt)

*AOMEI Backupper (Weekly Full Backups & Daily Incremental Backups)
**VMware Workstation, Appguard and NVT ERP only installed on Desktop \ Shadow Defender only installed on Laptop

dja2k

 

Why 3 cheap routers with bad security instead of one good powerful one? A $300 UTM Appliance would allow you to throw away those routers, and uninstall all of those security products except Emsisoft.. LOL!

 

You said it, Cheap $$$! One good router wouldn't get the range all over the area I need and nah not guarding anything important, just have them setup like that.

dja2k

 

OK, have been thinking about adding Sling, and a couple of wireless speakers so I can listen and watch football games on my laptop out in my workshop. Now, there has been many conversations on here about hackers gaining access via routers. Since I have stuck with an ethernet cable connection for so long, I am not too sure about which routers are more secure. Have read some pros and cons, can anyone suggest a router that has some really good security? Something that is not easy to compromise? That should not be too hard. Thanks in advance for the advice.

 

Put through its paces for a couple weeks , maybe a couple hours

 

Good Morning! One reply Digmor! Ummmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm...Maybe! Lol! Sincerely...Securon

 

To be honest, it's kind of mind-boggling to see some ppl keep changing their security settings on a weekly, daily, or even hourly basis. What's more, there are no logic in using/changing these security settings, judging from the co-presence of multiple programs with heavily overlapping functions/features. These kinds of setup will do more potential damage rather than good.
~OT comment removed. Not necessary.~

 

@ oliverjia

Most people do it just for fun, but IMO, if you change your setup too often, I would not call it a real "security setup" anymore. I mean, eventually you have to stick with certain tools. On Win XP I haven't changed my setup in 6 years.

This is my setup:

Realtime:

System Safety Monitor (anti-exe + HIPS)
Neoava Guard (behavior blocker)
ZoneAlarm Pro (firewall)

On demand:

Sandboxie (sandbox)
VirusTotal Uploader (AV)

 

@Rasheed,

Do you use the NG feature to block a program when it exceeds a specified number of suspicious behaviour points?

@oliverjia

I am the stage of fine tuning my setup trying to use as many features of Win7 Ultimate. Fun is to make it as lean as possible, sometimes changing to an AV (because I edit Office files for customers). Temporary AV of choice was Avast, now is Panda.

This evenings find: extension blank new tab V2, which nibbles 0.2 secs launch time of chromium compared to other blank new tab/page extensions.

Testing internet throughput at the moment with layered thresholds for potential bad websites:
a) OpenDNS as primary, Norton DNS as secundary (phising protection)
b) AVG Linkscanner filtering scripts for triggering known exploit kits
c) Chromium only allowing JavaScript from Nl & COM (have no flash/no java/using Chrome PDF reader)
d) Adguard adblock extension with URL malware check at Google, Yandex and WOT

All this protection and chromium launches < 0.4 secs on a G3240 dual core Pentium

Wish list: Adguard adding safe browsing of Chinese search engine (e.g. Baidu)



Regards Kees

 

I am testing a new setup without real time antivirus:

Windows 8.1 x64 = Adguard Premium + Open DNS + Malwarebytes Anti Exploit Free + Windows Firewall behind router + UAC and Smartscreen


I check downloads with Hitman Pro and Virustotal Scanner, so far so good.

 

@ Kees, regarding the Adguard blockage...

ESET blocks that web page. Also WOT and TrafficLight both throw malware warnings.

 

Just my opinion, but EditThisCookie is the best cookie handling extension I've ever used, and it's being kept updated so far.

Why I like it so much? Because it allows the granular option of blocking specific values of a cookie under a given domain. I haven't been able to find anything else that does this.

 

Downgrading back to 7. Fed up with the way 8 behaves (no viruses but seems extremely sluggish)

 

Not to mention the fact that they cannot be entirely removed, and leave a lot of garbage on your hard drive, which can lead to problems later on. The best thing to do when it comes to antivirus apps is to pick one, and stick with it. Also, it is a good idea to reduce your attack surface. I removed Malware Bytes, Zemana Aintikeylogger, and a couple other things trying to slim down the exposure.

 

Adding more bloat doesn't increase security. As you said, pick a good AV, then perhaps a good UTM router, toss on an adblocker w/malware extensions, and you are generally all set. Stacking redundant, low grade products on top of each other seems questionable. Just think, all of that cash spent on software could have purchased a USG60, which uses Kaspersky+BlueCoat+CommTouch to scan traffic in realtime, never slowing down your PC's, then add any old AV to your machines (free or otherwise) and it's ready to go.

 

Mozilla does a decent job of blocking known attack pages.Everyone should have Java blocked, if it is not blocked by default. I have read that it is possible to use Malware Bytes Anti Exploit alongside of Sandboxie, I am not sure how to do that. I rely on EMET, which would fire off before Anti Exploit in most cases anyway. I used to use 2 different DNS servers, not any more. Open DNS is good enough, as a primary, and secondary, i guess.

 

Thanks, but no Gecko version?

 

It looks like it's only available for Chrome and Opera.

 

Well it was a backlisted URL (as shown by Adguard) and it directed to blackhole exploit kit (as shown by AVG Linkscanner), so that is good.

Thanks for noticing, I removed the name of the linked in the picture

 

No, I don't use it, it's not needed IMO. But NG is definitely one of the best HIPS ever, if SpyShelter was the same I would have bought it years ago. I will replace SSM with EXE Radar (on new machine), and I'm not sure yet if I will use a standalone firewall. And of course I'm sticking with Sandboxie Pro on Win 8.

Some NG screenshots:

 

Desktop setup (Windows 7 Ultimate 32 bits)
- Windows Image and SynbackFree data backup to NAS for disaster recovery
- Windows Firewall to block outbound, disabled remote/assistance/sharing services
- UAC block unsigned, GPO block user autoruns, SRP block user space/script execution
- Restrict rich content applications with Spyshelter Free, EMET 4.1-1 and GPO templates
- Open DNS phising filter, Chrome/IE safe browsing URL filter, AVG Linkscanner script filter

 

Sandboxie of course. Also have added MBAM Pro 2.0.3.1025 and have activated MSE via the windows updater. Curious to see how these two get along. Not much into A/V real time anyway but these two should be adequate especially since I'm running Sandboxie.