What is your security setup these days?

I would like to say that in my opinion , most of the users who have posted here are paranoid people .

You have installed tons of applications to protect (10+ , anti-this , anti-that) . A pure firewall and anti-malware scanner is more than enought , a simple security suit is enough . All of you who have installed these applications are safe surfers , I am sure , but you have installed so many protections like you keep information that is essential for your country's security . I am sure FBI computers have less protection than your computers .

 

Well I guess we could give them a few pointers

 

@WSFuser

I am sure you are safe surfer and know very well how to stay safe online . Why don't you try to live only with a firewall and antivirus/antispyware , I am sure your computer will start breathing (AgAiN)

 

I am not a safe surfer but I do consider my setup much leaner than others. Just KIS and Prevx2.

Maybe Ill leave Prevx2 when my subscription expires.

 

Router (NAT & SPI)
NOD32

Sandboxie (recently installed)

EDIT: Same boxes for the last ~3 years; AV prior to NOD32 = NAV; zero infections during this time frame.

 

100% FOSS:

• NAT & LAN Firewall: iptables on my Linux box
• Safe/Private Browsing (Windows and Linux): Firefox + NoScript + CookieSafe + RefControl + Tor
• Antivirus (Windows only, who cares on Linux?): Winpooch + ClamWin

 

elio,
What do you think of Unix/Linux based UTM routers like pfSense, IPCop, Endian?

 

I've never felt any need for something like that, because I don't like to delegate my security/filtering to someone else's blacklist or heuristic.
For instance, I do use an antivirus but "just in case", because on Windows there are so many system processes and system/application updates that you couldn't realistically roll down your own executable whitelist. On the other hand, I've never triggered a realtime protection alert or even found any virus scanning my HD (or my wife's, for the matter): a safe browser setup and ClamAV scanning directly on the mail server help a lot, I guess

At any rate, among the ones you named Endian seems the most balanced for end-user friendliness/support/openness.

 

Thanks for the feedback elio.
I'm a big fan of UTM routers, they block a good chunk of "Internet noise" (i.e. spam, exploits, network probes, web bugs, ads) from entering the LAN. In the hosts, I use personal firewall (rule-based), default-deny, whitelists and hardening at all levels (OS, apps, browser).
What do you think about this approach?

 

I'm using: Avira AV PersonalEdition Premium, Comodo Firewall Pro, PowerShadow and Sandboxie behind a hardware firewall.

I find that PowerShadow is much more stable when I sandbox my browser.

It's a minimal setup and works very well, it's fast and light and I haven't had a problem.

I'm really just trying PS out (for the third time), it didn't perform well before (though that might have been pilot error during installation) and I'm keeping a close eye on it in case I have checkdisc problems. So far so good. If it acts up again, I'll just drop it and go with Sandboxie on it's own.

I'm monitoring the performance of the HD using TuneUp utilities and everything seems fine so far.

Cheers Folks.

 

I couldn't cut the "Internet noise" out of the LAN (like I actually do with email spam) because I'm a web developer, so I often need some junk to reach my browser for professional reasons, but otherwise I would enjoy your setup

Your approach is very good, and default-deny is never praised enough.

 

eqsecure
antivir
sandboxie
shadowpower
xp firewall
d-link604
spywareblaster

 

Netgear DG834 Hardware Firewall
Firefox
FD-ISR Frozen snapshot

 

Comodo Firewall
Firefox with NoScript, RefControl and CookieSafe
SSM (system locked)
Avast! (fallback)

TrueCrypt, EULAlyzer, CCleaner.

SandboxIE is on hold, not sure if it has room.

Tons of programs installed- curiosity (like playing with WebCleaner, interesting, thanks Elio)
4 reliable scanners to keep (i got plenty of disk space): A-Squared, AVS AS, SAS and Spybot S&D. I use them when i feel like it, which is rare.

 

Antivir Personal Premium
Prevx2
A2 Antimalware
Comodo Firewall

 

RESIDENT:

My 1 Snapshot:
Router
KIS 7 TR
Online Armor 2 (program guard enabled, firewall uninstalled)
Defensewall v2 RC1

My 2 Snapshot:
Router
Online Armor v2 with Firewall
NOD32 2.7
Prevx2
Defensewall v2 RC1

These are on both snapshots:

ON DEMAND:
Superantispyware Pro
A-Squared (free)
RootkiUnhooker

BROWSER:
Firefox with no-scripts, adblock plus, cookiesafe, netcraft toolbar, AI Roboform toolbar.

OTHERS:
Spywareblaster
ProcessExplorer
Autoruns
MRU-blaster
CCleaner

BACK UP:
FDISR
Acronis True Image 10

 

for now I'm just using NOD32, Sandboxie, a fully patched OS, XP firewall, and a router.

 

added
changed
removed


Server 2003 setup #2


XP setup #2

Resident:

Kaspersky Anti-Virus
Look 'n' Stop
PeerGuardian

On-Demand:

SUPERAntiSpyware Free

Other Security / System Hardening:

nLite'd Windows XP SP2 (with service tweaking based on TweakHound's guide)
RyanVM's Post-SP2 Windows XP Update Pack
Harden-It
Samurai HIPS
Seconfig XP
SocketLock
xp-antispy
Process Explorer
Firefox extensIons: AdBlock Plus, Cookie Button (in the status bar), and NoScript

 

Partial List Updated From Post 1216

Changed
Added
Removed

WINDOWS XP ACTIVE PARTIAL SETUP

ACTIVE

Ksspersky Internet Security (7.0.0.120)
- File, Mail & Web Anti-Virus Enabled
- Proactive Defense Registry Protection Enabled
- Privacy Control Enabled
Comodo BOClean (4.24)
Look'n'Stop (2.06)
- Phantom Ruleset v7
LinkScanner Pro (2.6.3)
- Block Exploits Enabled
- Block Sites Enabled
Online Armor FW (Beta 183)
- Advanced Mode
- Mail & Web Shield Enabled
- Program Guard Enabled
- Firewall Enabled
PeerGuardian 2.0 (Beta 6b)
- Anti p2p list Enabled
Geswall (2.6)
- Isolate Know Applications
- All Browsers Automatically Isolated
Hostsman (3.0.0.25 Beta1)
- MVPS Host File \ Overwrite
- Auto Updates

WINDOWS VISTA ACTIVE PARTIAL SETUP

ACTIVE

Ksspersky Internet Security (7.0.0.120)
- File, Mail & Web Anti-Virus Enabled
- Proactive Defense Registry Protection Enabled
- Privacy Control Enabled
Comodo BOClean (4.24)
User Account Control (UAC)
- TweakUAC Silent Mode Enabled
Prevx2 (v 1.0.0 Built 73)
- ABC Mode
- Caution Programs Query
- Unknown Programs Query
Geswall (2.6)
- Isolate Know Applications
- All Browsers Automatically Isolated
Hostsman (3.0.0.25 Beta1)
- MVPS Host File \ Overwrite
- Auto Updates

THE REST OF BROWSERS, HARDENING, ON DEMAND
ARE FOUND HERE AND UPDATED (Browsers, Scanners, etc.)

 

I have removed Online Armor 2 for now from my setup and have moved it to the family computer. That computer is running OA AV+ FW plus some XP hardening but thats it.

Anyways, for personal reasons, I moved back to look'n'stop in my XP setup and I am looking into using either Cyberhawk or Prevx2 again, not too sure which one though.

dja2k

 

Hey dja2k, whered you get build 120 of Kaspersky?

I can only see v6 on the homepage.

 

i would reccomend using build 120 of kis7.0
it was discussed at the kaspersky forum and kaspersky took it off because of some bugs.
so keep 119
lodore

 

Clean install of Nlitened XPproS2 fully patched & hardened behind a hardware firewall, Firefox + Defense wall in shadow mode.

 

Built 120 was actually an internal built for K Labs not meant for the public but seems to have gotten leaked. I think someone posted a link in the kaspersky forum which is gone. Its working okay, I will wait til the final to change it.

Hey WSFuser, have you seen your internet break with the combination of Kaspersky and Look'n'Stop? I keep getting some problems with it causing my browsing to crash. I disable Kaspersky and it works again. Saw this problem since TR built 119.

dja2k

 

I thought you mightve been using a "newer" build 120 or final. But its just the leaked version so Ill wait.

I have had my dsl go down a few times (including just now) but is it caused by KAV and LnS? No browser crashes though.