What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    my setup these days is tweaked with the minimum of overlap .. it's harder then I thought it would be hence the Tiny Firewall can do everything itself but I choose not too .. :
    Resident
    US Robotics Router
    Nvidia Firewall with Online Armour
    Tiny2005 Pro (IDS+Windows Security)
    AppDefend
    Regdefend
    Ewido/Boclean (Mainly Ewido)
    Nod32
    Admuncher/SpyBlocker (switching from time to time)

    On Demand
    SpySweeper
    VMWare (still the best tool but cost a bit)

    Trying SafeNSec again V2 under VmWare Session and it looks very interesting, I think/feel it is able to compete against all the rest I got regarding "Behaviour Blockers"
     
    Last edited: Dec 21, 2005
  2. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,028
    Location:
    South Texas, USA
    Well changed my setup from using too many HIPS programs to the traditional.

    Realtime - PLUGINS ACTIVE

    NOD32 2.50.41 (BLACKSPEAR SETTINGS)
    LOOK N STOP 2.05P2 (PHANTOM RULESET)
    SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
    ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
    REGDEFEND 2.001 (FREE)

    Additional Hardening

    SECURE-IT
    HARDEN-IT
    BUGOFF
    SAFEXP
    IE-SPYADS
    SPYBOT IMMUNIZED
    SPYWARE BLASTER + CUSTOM LIST
    ENOUGH IS ENOUGH
    SCRIPT SENTRY
    COMPUTER SECURITY TOOL
    CURRENT WINDOWS UPDATES
    EXTRA SERVICES OFF
    MVPS HOST FILE
    HOSTS SECURE UPDATE UTILITY

    Extra

    FIREFOX MAIN BROWSER
    EWIDO
    JV16 POWER TOOLS
    DRIVE SNAPSHOT
    TREND MICRO CWSHREDDER
    TREND MICRO ANTISPYWARE
    KASPERSKY 5.0 BACKUP SCAN
    AD-AWARE
    SPYBOT
    HIJACKTHIS
    A-SQUARED
    PROTOWALL + ANTI-P2P LIST

    If I left some uncovered areas, well don't know what to do then without making my system useful to others without installing too many HIPS programs like I did before, but if you notice I am missing something in any area, let me know.

    dja2k
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,035
    Location:
    USA
    Quite a setup, is secure-it and harden-it hard to use?
     
  4. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Currently changed to this...

    Kerio 4 with it's HIPS, NIPS and behaviour blocking.
    Online Armor
    KAV 5
    BOClean
    Regrun Platinum which now incorporates Unhackme for rootkit detection.

    muf
     
  5. Brandon

    Brandon Registered Member

    Joined:
    Sep 9, 2005
    Posts:
    222
    Resident:
    Norton AntiVirus 2006
    Kerio Personal Firewall(full)
    Ewido Anti-Malware Guard
    ProcessGuard(full)
    BOClean
    Online Armor
    Microsoft Anti-Spyware Beta
    SpywareBlaster
    Demand:
    Spybot S&D
    Other:
    FireFox
    All windows updates
    ERUNT
     
  6. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,028
    Location:
    South Texas, USA
    I view Harden-it as being used to secure what my firewall might miss incase it is bypassed. Pretty much set-and-forget with recommended settings.

    I view Secure-it as worthless if you don't use Internet Explorer as it hardens the zones. Pretty much set-and-forget as well with the recommended settings.

    dja2k
     
  7. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    The payed ones are red.

    Hope that previous update costs from now on can go into the more serious business of betting on trotting-horseracing. :)

    Best Regards
     
  8. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Revised & Updated Resident:

    BOClean
    DefenseWall HIPS
    Look'n'Stop
    Netgear RP614 v2 Router w/NAT & SPI
    NOD32
    Online Armor
    RegRun Platinum 4.5


    Peace & Love,

    CogitoErgoSum
     
    Last edited: Dec 31, 2005
  9. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    your points are valid and thats why HIPS is gaining ground in the security market. also for me personally, im not a low-risk surfer so i like being alerted if i get infected.

    Resident:

    nod32
    looknstop
    regrun gold
    unhackme
    processguard
    proxomitron
    HostsMan (with MVPS)
    firefox extensions: adblock plus, javascript options, noscript, permit cookies, and spoofstick

    On-Demand:

    arovax antispyware
    ewido online scanner
    spybot s&d

    Other Security / System Hardening:

    nLite'd Windows XP (with service tweaking based on TweakHound's guide)
    Harden-it
    BugOff
    Windows Worms Doors Cleaner
    Samurai HIPS
    spybot s&d immunization
    spywareblaster
    Computer Security Tool
    AutoPatcher XP
     
    Last edited: Dec 30, 2005
  10. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    Windows XP Home SP2 Limited Account (Hardened with Harden-it, Secure-it, SafeXP, WWDC)
    avast! | Windows Firewall | Mozilla Firefox
    All personal files encrypted with TrueCrypt (Blowfish/Whirlpool)
     
  11. Brinn

    Brinn Registered Member

    Joined:
    Aug 5, 2004
    Posts:
    181
    Location:
    Canada
    They both give you a lot of options, but if you don't know a lot about what they ask you (like me), just let them do their recommended changes.
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    I just love this program ! impressive means just being humble :D
     
  13. MojoWorkin

    MojoWorkin Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    60
    Location:
    Denver, CO
    FireFox 1.5
    Zone Alarm w/ AV (paid)
    WebRoot SpySweeper (paid)
    A Squared (paid)
    LavaSoft AdAware SE Plus (paid)
    JavaCool SpyWare Blaster (free)
    On Demand: HJT
    No prollems for last 13 months.
     
    Last edited: Jan 5, 2006
  14. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,035
    Location:
    USA
    Tried Secure-It but had a problem with INotes (couldn't use reply function correctly) and didn't know what setting in Secure-It to change so I removed it. Loaded Harden-It tonight and went with the recommneded settings. So far no problems.
     
  15. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,035
    Location:
    USA
    Have Harden-It (installed tonight). Tried Secure-It but had problems (see my previous post). Thanks for the response.
     
  16. richard_rd

    richard_rd Registered Member

    Joined:
    Jan 3, 2006
    Posts:
    6
    I use the following, all of them are freeware except for the HIPS which is a reasonable $29.99 one time charge:

    Browser: FireFox
    Email:Thunderbird
    Host File: http://www.mvps.org/winhelp2002/hosts.htm

    Anti Virus - Avast free (On-Access Real Time protection, scheduled quick scanning via Windows Sheduled Task Manager, and manual on demand thorough scanning).

    Anti Trojan - Ewido free (manual on demand scanning). If i did not have a HIPS that i trusted i would upgrade to the paid version for the Real Time Protection feature.

    Anti Spyware and IDS - MSAS (Automatic Scheduled Scanning, and i use the 59 real time checkpoints as my IDS)

    Application Firewall - ZA free. I also use this as my TCP/UDP port blocking/stealth FW because my Cable Modem does not have a built in Router/FW or NAT service. Since my PC is using a registerd IP Address (not a Private 192.168.xxx.yyy) and i have no external FW/NAT I am really putting alot of faith into the ZA Firewall software, from what i have seen and tested it does its job quite well, especially for free!!!

    HIPS - DefenseWall, this is the crown jeweal, If you guys have not tried it yet you really should. In my opinion way better and more secure then Sandboxie or Bufferzone. It allows you the comfort to serf the Internet like a newbie and not worry about getting infected. I don't have to worry about making a wrong decision on my IDS pop ups anymore. It is shareware with a 30 day trial and a 1 time cost of $29.99 and no recurring update fees (ie... signature database subscription).
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    5,549
    Location:
    The Netherlands
    My anti-malware tools on Windows XP Pro SP2:

    Realtime:

    AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

    On demand:

    AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

    System Hardening:

    BugOff | SafeXP | XP Antispy | Samurai

    System Monitoring:

    Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
    DriverView | ActiveX Compatibility Manager
    ---------------------------------------------------------------
    IE/Windows setup:

    - Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
    - Disabled dangerous ActiveX Controls
    - Disabled dangerous URL protocols
    - Disabled HTML Application Host
    - Disabled Windows Scripting Host
    - Disabled Command Prompt
    ---------------------------------------------------------------
    Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
    -----------------------------------------------------------
    Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
    ------------------------------------------------------------
    Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years. ;)
     
    Last edited: Jan 7, 2006
  18. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,713
    Location:
    NL
    Today:

    Ewido
    Prevx1
    Msas
    Bitdefender
    Sentinel
    Nat
    Hostman

    But this can change day by day.
    The above setup working nice together (realtime)
     
  19. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,028
    Location:
    South Texas, USA
    Sorry to here theat G1111. I had some problem with secure-it the first time not allowing MS Frontpage to open, but when I did a clean system installation of windows xp and everything else, secure-it got added on and this time it worked, so maybe some other security settings conflict or something, but I eventially got it to work fine in my system.

    dja2k
     
  20. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,028
    Location:
    South Texas, USA
    Updated List

    Realtime - PLUGINS ACTIVE

    NOD32 2.50.41 (BLACKSPEAR SETTINGS)
    LOOK N STOP 2.05P2 (PHANTOM RULESET)
    SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
    EWIDO 3.5 (ACTIVE GUARD)
    ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
    APPDEFEND\REGDEFEND (FREE\TRIAL)

    Additional Hardening

    SECURE-IT
    HARDEN-IT
    BUGOFF
    SAFEXP
    IE-SPYADS
    SPYBOT IMMUNIZED
    SPYWARE BLASTER + CUSTOM LIST
    ENOUGH IS ENOUGH
    SCRIPT SENTRY
    COMPUTER SECURITY TOOL
    CURRENT WINDOWS UPDATES
    EXTRA SERVICES OFF
    MVPS HOST FILE
    HOSTS SECURE UPDATE UTILITY
    AUTOPATCHER

    Extra

    FIREFOX MAIN BROWSER
    JV16 POWER TOOLS
    DRIVE SNAPSHOT
    TREND MICRO CWSHREDDER
    TREND MICRO ANTISPYWARE
    KASPERSKY 5.0 BACKUP SCAN
    AD-AWARE
    SPYBOT SEARCH & DESTORY
    HIJACKTHIS
    A-SQUARED
    PROTOWALL + ANTI-P2P LIST

    dja2k
     
  21. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,035
    Location:
    USA
    I am sure it is just the need to change one of the settings in Secure-It. It is too bad this program doesn't have a GUI with all the options listed so you could tweak one or multiple options to tune it for your system and easily just open the GUI to change them. I have Harden-It loaded and running with no problems.
     
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,351
    Hi,
    For the sake of fun, I've decided to try another experiment.
    My brother has an extra line that I'll use. Two old P3s with XP SP2 on them. The most basic configuration without anything extra. I'll connect them. Run three weeks with Firewall (one week Sygate, one week Kerio, one week ZoneAlarm) and one week without any firewall. No AV or anything.
    Other protection FF with noscript and all that stuff, DropMyRights for FF, and Proxomitron with Kerio and ZoneAlarm. After that, I'll rededicate my brother's second adsl back to his usual porn thingies.
    I'll do regular adult surfing and some p2p, see what happens...
    Mrk
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    5,549
    Location:
    The Netherlands
    My anti-malware tools on Windows XP Pro SP2:

    Realtime:

    AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

    On demand:

    AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

    System Hardening:

    BugOff | SafeXP | XP Antispy | Samurai

    System Monitoring:

    Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
    DriverView | ActiveX Compatibility Manager | MS Baseline Security Analyzer 2.0

    Online services:

    Jotti´s Malware Scan
    VirusTotal
    ---------------------------------------------------------------
    IE/Windows setup:

    - Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
    - Disabled dangerous ActiveX Controls
    - Disabled dangerous URL protocols
    - Disabled HTML Application Host
    - Disabled Windows Scripting Host
    - Disabled Command Prompt
    ---------------------------------------------------------------
    Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
    -----------------------------------------------------------
    Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
    ------------------------------------------------------------
    Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years. ;)
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    5,549
    Location:
    The Netherlands
    Btw, I forgot to mention that I´m relying quite heavily on services like Jotti´s Malware Scan and VirusTotal, I´m afraid I can´t trust only AntiVir Classic. :)

    And I also forgot about Microsoft Baseline Security Analyzer 2.0, I have updated my post.

    Wow, I can´t edit the post anymore, why is this, can my old outdated post be removed TIA.
     
  25. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,685
    Location:
    Stockholm Sweden
    I have a valid key for NOD32 (I renew the license every year) I pick it over KAV and others because it does what an AV is supposed to do when needed with minimum of hassle. KAV is incompable with my beloved Firsdefence so it is not an option.

    I dont mind Appdefend monitoring my outgoing connections (that was what you meant, right?) even tho LnS takes care of that too. It´s a bit overkill, I know, but being a security nerd it is nice to have a second opinion with connections. It gives me an warm and fuzzy feeling :) That is the only overlap I have left nowadays. For a while I used several HIPS and antispyware stuff simultaneously but time has teached me that the setup I posted earlier is more than enough to be safe.
    I did try Safe´n´sec many months ago, but I don´t remember why I uninstalled it and nowadays I dont need it.