What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Infinity
    Offline

    Infinity Registered Member

    my setup these days is tweaked with the minimum of overlap .. it's harder then I thought it would be hence the Tiny Firewall can do everything itself but I choose not too .. :
    Resident
    US Robotics Router
    Nvidia Firewall with Online Armour
    Tiny2005 Pro (IDS+Windows Security)
    AppDefend
    Regdefend
    Ewido/Boclean (Mainly Ewido)
    Nod32
    Admuncher/SpyBlocker (switching from time to time)

    On Demand
    SpySweeper
    VMWare (still the best tool but cost a bit)

    Trying SafeNSec again V2 under VmWare Session and it looks very interesting, I think/feel it is able to compete against all the rest I got regarding "Behaviour Blockers"
    Last edited: Dec 21, 2005
  2. dja2k
    Offline

    dja2k Registered Member

    Well changed my setup from using too many HIPS programs to the traditional.

    Realtime - PLUGINS ACTIVE

    NOD32 2.50.41 (BLACKSPEAR SETTINGS)
    LOOK N STOP 2.05P2 (PHANTOM RULESET)
    SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
    ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
    REGDEFEND 2.001 (FREE)

    Additional Hardening

    SECURE-IT
    HARDEN-IT
    BUGOFF
    SAFEXP
    IE-SPYADS
    SPYBOT IMMUNIZED
    SPYWARE BLASTER + CUSTOM LIST
    ENOUGH IS ENOUGH
    SCRIPT SENTRY
    COMPUTER SECURITY TOOL
    CURRENT WINDOWS UPDATES
    EXTRA SERVICES OFF
    MVPS HOST FILE
    HOSTS SECURE UPDATE UTILITY

    Extra

    FIREFOX MAIN BROWSER
    EWIDO
    JV16 POWER TOOLS
    DRIVE SNAPSHOT
    TREND MICRO CWSHREDDER
    TREND MICRO ANTISPYWARE
    KASPERSKY 5.0 BACKUP SCAN
    AD-AWARE
    SPYBOT
    HIJACKTHIS
    A-SQUARED
    PROTOWALL + ANTI-P2P LIST

    If I left some uncovered areas, well don't know what to do then without making my system useful to others without installing too many HIPS programs like I did before, but if you notice I am missing something in any area, let me know.

    dja2k
  3. G1111
    Offline

    G1111 Registered Member

    Quite a setup, is secure-it and harden-it hard to use?
  4. muf
    Offline

    muf Registered Member

    Currently changed to this...

    Kerio 4 with it's HIPS, NIPS and behaviour blocking.
    Online Armor
    KAV 5
    BOClean
    Regrun Platinum which now incorporates Unhackme for rootkit detection.

    muf
  5. Brandon
    Offline

    Brandon Registered Member

    Resident:
    Norton AntiVirus 2006
    Kerio Personal Firewall(full)
    Ewido Anti-Malware Guard
    ProcessGuard(full)
    BOClean
    Online Armor
    Microsoft Anti-Spyware Beta
    SpywareBlaster
    Demand:
    Spybot S&D
    Other:
    FireFox
    All windows updates
    ERUNT
  6. dja2k
    Offline

    dja2k Registered Member

    I view Harden-it as being used to secure what my firewall might miss incase it is bypassed. Pretty much set-and-forget with recommended settings.

    I view Secure-it as worthless if you don't use Internet Explorer as it hardens the zones. Pretty much set-and-forget as well with the recommended settings.

    dja2k
  7. Rivalen
    Offline

    Rivalen Registered Member

    The payed ones are red.

    Hope that previous update costs from now on can go into the more serious business of betting on trotting-horseracing. :)

    Best Regards
  8. CogitoErgoSum
    Offline

    CogitoErgoSum Registered Member

    Revised & Updated Resident:

    BOClean
    DefenseWall HIPS
    Look'n'Stop
    Netgear RP614 v2 Router w/NAT & SPI
    NOD32
    Online Armor
    RegRun Platinum 4.5


    Peace & Love,

    CogitoErgoSum
    Last edited: Dec 31, 2005
  9. WSFuser
    Offline

    WSFuser Registered Member

    your points are valid and thats why HIPS is gaining ground in the security market. also for me personally, im not a low-risk surfer so i like being alerted if i get infected.

    Resident:

    nod32
    looknstop
    regrun gold
    unhackme
    processguard
    proxomitron
    HostsMan (with MVPS)
    firefox extensions: adblock plus, javascript options, noscript, permit cookies, and spoofstick

    On-Demand:

    arovax antispyware
    ewido online scanner
    spybot s&d

    Other Security / System Hardening:

    nLite'd Windows XP (with service tweaking based on TweakHound's guide)
    Harden-it
    BugOff
    Windows Worms Doors Cleaner
    Samurai HIPS
    spybot s&d immunization
    spywareblaster
    Computer Security Tool
    AutoPatcher XP
    Last edited: Dec 30, 2005
  10. squash
    Offline

    squash Registered Member

    Windows XP Home SP2 Limited Account (Hardened with Harden-it, Secure-it, SafeXP, WWDC)
    avast! | Windows Firewall | Mozilla Firefox
    All personal files encrypted with TrueCrypt (Blowfish/Whirlpool)
  11. Brinn
    Offline

    Brinn Registered Member

    They both give you a lot of options, but if you don't know a lot about what they ask you (like me), just let them do their recommended changes.
  12. Infinity
    Offline

    Infinity Registered Member

    I just love this program ! impressive means just being humble :D
  13. MojoWorkin
    Offline

    MojoWorkin Registered Member

    FireFox 1.5
    Zone Alarm w/ AV (paid)
    WebRoot SpySweeper (paid)
    A Squared (paid)
    LavaSoft AdAware SE Plus (paid)
    JavaCool SpyWare Blaster (free)
    On Demand: HJT
    No prollems for last 13 months.
    Last edited: Jan 5, 2006
  14. G1111
    Offline

    G1111 Registered Member

    Tried Secure-It but had a problem with INotes (couldn't use reply function correctly) and didn't know what setting in Secure-It to change so I removed it. Loaded Harden-It tonight and went with the recommneded settings. So far no problems.
  15. G1111
    Offline

    G1111 Registered Member

    Have Harden-It (installed tonight). Tried Secure-It but had problems (see my previous post). Thanks for the response.
  16. richard_rd
    Offline

    richard_rd Registered Member

    I use the following, all of them are freeware except for the HIPS which is a reasonable $29.99 one time charge:

    Browser: FireFox
    Email:Thunderbird
    Host File: http://www.mvps.org/winhelp2002/hosts.htm

    Anti Virus - Avast free (On-Access Real Time protection, scheduled quick scanning via Windows Sheduled Task Manager, and manual on demand thorough scanning).

    Anti Trojan - Ewido free (manual on demand scanning). If i did not have a HIPS that i trusted i would upgrade to the paid version for the Real Time Protection feature.

    Anti Spyware and IDS - MSAS (Automatic Scheduled Scanning, and i use the 59 real time checkpoints as my IDS)

    Application Firewall - ZA free. I also use this as my TCP/UDP port blocking/stealth FW because my Cable Modem does not have a built in Router/FW or NAT service. Since my PC is using a registerd IP Address (not a Private 192.168.xxx.yyy) and i have no external FW/NAT I am really putting alot of faith into the ZA Firewall software, from what i have seen and tested it does its job quite well, especially for free!!!

    HIPS - DefenseWall, this is the crown jeweal, If you guys have not tried it yet you really should. In my opinion way better and more secure then Sandboxie or Bufferzone. It allows you the comfort to serf the Internet like a newbie and not worry about getting infected. I don't have to worry about making a wrong decision on my IDS pop ups anymore. It is shareware with a 30 day trial and a 1 time cost of $29.99 and no recurring update fees (ie... signature database subscription).
  17. Rasheed187
    Offline

    Rasheed187 Registered Member

    My anti-malware tools on Windows XP Pro SP2:

    Realtime:

    AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

    On demand:

    AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

    System Hardening:

    BugOff | SafeXP | XP Antispy | Samurai

    System Monitoring:

    Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
    DriverView | ActiveX Compatibility Manager
    ---------------------------------------------------------------
    IE/Windows setup:

    - Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
    - Disabled dangerous ActiveX Controls
    - Disabled dangerous URL protocols
    - Disabled HTML Application Host
    - Disabled Windows Scripting Host
    - Disabled Command Prompt
    ---------------------------------------------------------------
    Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
    -----------------------------------------------------------
    Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
    ------------------------------------------------------------
    Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years. ;)
    Last edited: Jan 7, 2006
  18. gerardwil
    Offline

    gerardwil Registered Member

    Today:

    Ewido
    Prevx1
    Msas
    Bitdefender
    Sentinel
    Nat
    Hostman

    But this can change day by day.
    The above setup working nice together (realtime)
  19. dja2k
    Offline

    dja2k Registered Member

    Sorry to here theat G1111. I had some problem with secure-it the first time not allowing MS Frontpage to open, but when I did a clean system installation of windows xp and everything else, secure-it got added on and this time it worked, so maybe some other security settings conflict or something, but I eventially got it to work fine in my system.

    dja2k
  20. dja2k
    Offline

    dja2k Registered Member

    Updated List

    Realtime - PLUGINS ACTIVE

    NOD32 2.50.41 (BLACKSPEAR SETTINGS)
    LOOK N STOP 2.05P2 (PHANTOM RULESET)
    SPYWARE DOCTOR 3.2.2.453 (WITH COOKIE GUARD)
    EWIDO 3.5 (ACTIVE GUARD)
    ONLINE ARMOR 1.1.0.595 (ALL ACTIVE)
    APPDEFEND\REGDEFEND (FREE\TRIAL)

    Additional Hardening

    SECURE-IT
    HARDEN-IT
    BUGOFF
    SAFEXP
    IE-SPYADS
    SPYBOT IMMUNIZED
    SPYWARE BLASTER + CUSTOM LIST
    ENOUGH IS ENOUGH
    SCRIPT SENTRY
    COMPUTER SECURITY TOOL
    CURRENT WINDOWS UPDATES
    EXTRA SERVICES OFF
    MVPS HOST FILE
    HOSTS SECURE UPDATE UTILITY
    AUTOPATCHER

    Extra

    FIREFOX MAIN BROWSER
    JV16 POWER TOOLS
    DRIVE SNAPSHOT
    TREND MICRO CWSHREDDER
    TREND MICRO ANTISPYWARE
    KASPERSKY 5.0 BACKUP SCAN
    AD-AWARE
    SPYBOT SEARCH & DESTORY
    HIJACKTHIS
    A-SQUARED
    PROTOWALL + ANTI-P2P LIST

    dja2k
  21. G1111
    Offline

    G1111 Registered Member

    I am sure it is just the need to change one of the settings in Secure-It. It is too bad this program doesn't have a GUI with all the options listed so you could tweak one or multiple options to tune it for your system and easily just open the GUI to change them. I have Harden-It loaded and running with no problems.
  22. Mrkvonic
    Online

    Mrkvonic Linux Systems Expert

    Hi,
    For the sake of fun, I've decided to try another experiment.
    My brother has an extra line that I'll use. Two old P3s with XP SP2 on them. The most basic configuration without anything extra. I'll connect them. Run three weeks with Firewall (one week Sygate, one week Kerio, one week ZoneAlarm) and one week without any firewall. No AV or anything.
    Other protection FF with noscript and all that stuff, DropMyRights for FF, and Proxomitron with Kerio and ZoneAlarm. After that, I'll rededicate my brother's second adsl back to his usual porn thingies.
    I'll do regular adult surfing and some p2p, see what happens...
    Mrk
  23. Rasheed187
    Offline

    Rasheed187 Registered Member

    My anti-malware tools on Windows XP Pro SP2:

    Realtime:

    AntiVir Classic | Process Guard (free) | ZoneAlarm Pro 6 | Script Sentry | Script Defender | Regprot

    On demand:

    AD-Aware SE | Spybot-S&D | RootkitRevealer | RootKit Hook Analyzer

    System Hardening:

    BugOff | SafeXP | XP Antispy | Samurai

    System Monitoring:

    Process Explorer | Pserv.cpl | AutoRuns | CurrPorts | A2 HijackFree | Startup Control Panel (AK software)
    DriverView | ActiveX Compatibility Manager | MS Baseline Security Analyzer 2.0

    Online services:

    Jotti´s Malware Scan
    VirusTotal
    ---------------------------------------------------------------
    IE/Windows setup:

    - Internet Zone/Local Machine Zone locked down (Disabled/Set to high almost every setting)
    - Disabled dangerous ActiveX Controls
    - Disabled dangerous URL protocols
    - Disabled HTML Application Host
    - Disabled Windows Scripting Host
    - Disabled Command Prompt
    ---------------------------------------------------------------
    Plus I run about 24 applications in "Basic User mode" (Software restriction policy + DropMyRights) and I have an AMD 64 processor with hardware enforced DEP.
    -----------------------------------------------------------
    Btw, I´m keeping my eye one RegDefend, Process Guard Full, Kaspersky AV 6 and System Safety Monitor.
    ------------------------------------------------------------
    Of course I´m practicing Safe HEX and have not had any security problems in the last 2,5 years. ;)
  24. Rasheed187
    Offline

    Rasheed187 Registered Member

    Btw, I forgot to mention that I´m relying quite heavily on services like Jotti´s Malware Scan and VirusTotal, I´m afraid I can´t trust only AntiVir Classic. :)

    And I also forgot about Microsoft Baseline Security Analyzer 2.0, I have updated my post.

    Wow, I can´t edit the post anymore, why is this, can my old outdated post be removed TIA.
  25. sukarof
    Offline

    sukarof Registered Member

    I have a valid key for NOD32 (I renew the license every year) I pick it over KAV and others because it does what an AV is supposed to do when needed with minimum of hassle. KAV is incompable with my beloved Firsdefence so it is not an option.

    I dont mind Appdefend monitoring my outgoing connections (that was what you meant, right?) even tho LnS takes care of that too. It´s a bit overkill, I know, but being a security nerd it is nice to have a second opinion with connections. It gives me an warm and fuzzy feeling :) That is the only overlap I have left nowadays. For a while I used several HIPS and antispyware stuff simultaneously but time has teached me that the setup I posted earlier is more than enough to be safe.
    I did try Safe´n´sec many months ago, but I don´t remember why I uninstalled it and nowadays I dont need it.