What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    445
    Location:
    Mercia
    Just curious to know why you removed MBAE. Possibly you feel you are covered for anti-exploit with VoodooShield and ESET and that it would be overkill to use MBAE with this set up?
     
  2. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    Exactly :thumb:
    ESET's anti exploit but covered also by VS Pro.
     
  3. THX for the answer
     
  4. Norton Security v22.7.0.76
    Appguard v4.4.6.1

    Exploration Tools:
    Process Explorer v16.12
    Autoruns v13.51
    TCPview v3.05
     
  5. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
  6. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Here's a lock-down setup for a PC I have to share with other people.

    Windows 7 x64 Ultimate,

    Routine use of Standard User Account with a password. Admin account covered with a password as well.
    UAC - max​
    • Comodo FW:
      • Covered with a password
      • User Interface - Show notification messages is ON.
      • FW in "Custom Ruleset"
        • Do NOT show popup alerts - Block Requests
        • Stealth Ports
      • AutoSandbox: Block Unrecognized
        • Disabled "Detect programs which require elevated privileges e.g. installers or updaters."
      • HIPS in "Safe Mode"
        • Do NOT show popup alerts - Block Requests
        • Set popup alerts to verbose mode
        • Enable enhanced protection mode
      • File Raiting Settings:
        • Disabled Cloud Lookup
        • TVL off
    Sandboxie free with browsers auto-start through links.

    MalwareBytes AntiExploit with additional shields and some workout to work alongside with Sandboxie.

    Zemana Antimalware - resident, Pandora on.


    This setup feels lite on my PC.
    What I like here I could make the Guest account for other people where this setup won't ask anything. It will silently block possibly unwanted activity. If something don't work I just check logs.
     
  7. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,157
    Location:
    Canada
    Goodbye Appguard, hello Voodoo Shield here.
     
  8. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    You are not alone Digmor.;)
     
  9. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,584
    Location:
    Romania
    As my signature...for almost 3 months now...a true record :D (just changed Wondershare Time Freeze with SD 3 weeks ago)
     
  10. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
    Wise decision. :thumb:
     
  11. Aser Transformer (Home 32 bits Windows 8.1):

    1. Windows Firewall 2-way, disabled risk-ware, using Norton DNS
    2. UAC set to block elevation of unsigned (still allows unsigned to run)
    3. Standard user with parental control and admin consent for Smartscreen
    4. ACL deny execute for Everyone on 64GB SD-card,Public and Download folders
    5. Disabled IE and WMP, hardened Microsoft Office with Trust Center, EMET and ACL
    6. Hardened Chrome by using existing settings, about flags and command switches:
    • Disable javascript except from [*.]nl, com, eu, net, org and HTTPS:/*:443
    • Clik to play plugins, always allow HTTPS:/* and Chrome PDF
    • Enabled 3p-scripts block via document write
    • Enabled Win32 Lockdown for all plug-ins
    • Enabled AppContainer Sandbox
    • Enabled extension verification
    • Enabled reduce referer info
    • Disable hyperlink auditing
    • Disable canvas reading
    • Enabled do not track
    • Block 3-p cookies
    7. Chrome extensions: Blank New Tab and uBlockOrigin with Adguard filters only (no strict blocking)
     
  12. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    ASUS X58L-
    Windows 10 Pro-
    Processor : Genuine Intel(R) CPU 575 @ 2.00GHz 2.00GHz
    Installed Memory (RAM): 2.00GB
    System Type: 64-bit OS, X64 -Based Processor
    .
    • ZoneAlarm Free Firewall:
      (Maximum Settings/Block all fragments/ARP Protection Enabled/ Hosts File Locked/ IPv6 Disabled/ Custom Blocking of others on Network)
    • Avast Free Antivirus;
      (Maximum Settings/ Aggressive Hardened Mode/ HTTPS Scanning Disabled/ CyberCapture Enabled)
    • VoodooShield Pro BETA (Always On)
    • Sandboxie Free (Always used when browsing)
    • Crystal Security
    • SpyShelter Free Anti-Keylogger;
      (Early Start Launch/ Auto-Block Suspicious Behaviour)
    • Malwarebytes Anti-Exploit Free
    • Glasswire Free (Used as standalone HIDS)
     
  13. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    All that with only 2gigs of ram seems like it would be slow
     
  14. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    What's wrong with IPv6?
     
  15. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Makes blacklisting moot? MAC address traceability?

    Can't think of other ones at the moment, but personally I don't disable it.
     
  16. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    One reason is for the MAC Address Disclosure that @J_L mentioned...:thumb:
    Also,having experimented with the blocking of MS telemetry/data collection I found that my Anti-Spy software and firewall rules were being outwitted by the MS telemetry using IPv6,whereas when IPv6 was disabled the Anti-Spy software worked as I expected it to.o_O
    This made me question whether other Privacy/Security software could be thwarted by the allowance of both IPv4 & IPv6 communication...and what the consequences would be if it could.:doubt:
    ...and to me having both IPv4 & IPv6 enabled feels like having 2 phone numbers going into one land-line...
    I cannot disable IPv4 as I would pretty much lose all internet connection,so I chose to disable IPv6 as it is still in its infancy.
    I concluded that If I had nothing to lose by it being disabled then I may as well disable it.;)
     
  17. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    When I first installed W10 it was extremely slow..and hot..and loud...& that was without much software:doubt:
    So I decided to strip away all the useless (IMO) MS bloatware, & disable Cortana & IE,Block Bing and much of the other MS telemetry....and it completely transformed the laptop by doing so.:thumb:
    It is very speedy and responsive now..
    I was quite surprised myself to be honest.:)
     
  18. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
  19. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Actually, that's what I meant by blacklisting. Those rules are basically designed to block Microsoft IP addresses. But with IPv6, the limit of IP addresses available has gone from ~4.3 billion to practically limitless (Google if you want the exact numbers). Therefore, it's near impossible to block anyone with determination by blacklisting IPv6.
     
  20. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Thank you.

    You gave good information to think of.
     
  21. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    Sorry @J_L ,I didn't make the connection that that's what you meant by blacklisting....:oops:my bad.
    Thank you @Solarlynx :thumb:
     
  22. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    No problem, you explained and provided a good example of it for the general audience. I didn't have time or energy myself to do that, so don't think of it as unnecessary and no need to feel bad.

    As for my current security setup, I'll provide the details later. But I don't think it fundamentally changed, though I'm using better software now that price isn't the obstacle it was before my current job.
     
  23. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    574
    Location:
    The Outer Limits
    Sound advice Logethica and will do so myself.:thumb:

    Regards Eck:)
     
  24. Logethica

    Logethica Registered Member

    Joined:
    Jun 23, 2016
    Posts:
    53
    Location:
    UK
    Thanks @J_L ...Always interested to see other configs.
    Thanks @Behold Eck ...Happy that I was able to help
     
  25. Aser Transformer (Home 32 bits Windows 8.1):

    1. Windows Firewall 2-way, disabled risk-ware, using Norton DNS
    2. UAC set to block elevation of unsigned (still allows unsigned to run)
    3. Standard user with parental control and administrator consent for Smartscreen
    4. ACL Deny execute in Public+Download folders and microSD+USB (USB disk Manager)
    5. Disabled IE+WMP and macro's+plug-ins+active X in Microsoft Office (Trust Center)
    6. Hardened Chrome by using existing settings, about flags and command switches:
    • Disable javascript except from [*.]nl, com, eu, net, org and HTTPS:/*:443
    • Clik to play plugins, same allow exceptions as javascript
    • Enabled 3p-scripts block via document write
    • Enabled Win32 Lockdown for all plug-ins
    • Enabled AppContainer Sandbox
    • Enabled extension verification
    • Disable-reading-from-canvas switch
    • Enabled reduce referrer granularity
    • Disable hyperlink auditing
    • Enabled do not track
    • Block 3-p cookies
    7. Chrome extensions: Blank New Tab, Web RTC block, Script Blocker for Chrome (block 3rd party).

    upload_2016-7-15_22-24-40.png
     
    Last edited by a moderator: Jul 20, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.