What is your security setup these days?

Why

 

rofl I feel you..hahahha

 

No time to install Service Pack-1 at the moment... Busy with other stuffs.

 

Back to what I've been with for awhile... OA, Prevx and SBIE.
I just can't get behind Windows FW and WinPatrol in place of Online Armor.
There's good news on the Prevx4.0 front, and I'll definitely be rearranging the "furniture" when that one comes out of beta.

 

Ubuntu 10.10
gUFW

 

Win 7 64
UAC is on
LUA
MSE I only have it to keep my computer quiet
CIS 5 D+ I just love this app to much not to have it.
Sandboxie Most likely this is all one would really need

 

Win 7 x64 SP1
UAC , System restore , WF , WD - Off

avast free , oa , winpatrol - rt
mbam , sas , hmp , eek ,npe - od
macrium - backup
comodo time machine - just in case

 

Avira free
LUA
DEP
SEHOP
ClearCloud DNS

 

Ubuntu 10.10 (UFW Enabled)

Firefox

• Adblock Plus with Fanboy and Easy Privacy+Easylist filters subscription
• HTTPS-Everywhere

 

Added WinPatrol Plus and Prevx SOL to go with Sandboxie. Think I will stay with this for a while.

 

Linux Mint 10 32-bit (probably move to 64-bit with Linux Mint 11).

SRWare Iron (Click to play plug-ins).

Edit: Looking into other distributions.

 

New laptop for wife on Windows7 x64. It's a Lenovo laptop with heaps of unsigned software from the manufacturer. I replaced the pre-installed harddisk for a three months old hybrid harddisk (with 4 GB read cache). I managed to get it working, only windows and program files directories were accessible for everone. Could not reset with security tab option, because some processes are locked.

So Windows7 OS x64

OS provided
- UAC set to quiet
- UAC Installe detection off
- EMET2
- Window FW setup 2-way

Spyshelter premium (auto allow of microsoft signed executables) = vertical system wide HIPS protection compensating for UAC in an intelligent way.

AppGuard V3 (added x32 IE9 and WMP, IE9 32 bits works well with flash) = horizontal threatgate protection keeping WMP, IE9, Outlook in LUA-sandbox, plus deny execute user space and memory protection, closes any auto allow after higly theoretical intrusion of IE9, WMP or Outlook).

HitmanPro on demand


Old laptop (x32 Vista business) went to my mother (with just HitmanPro and good old DefenseWall), she is nearly eighty, uses PC with below instruction (without problems and support questions to me), replacing her old desktop XP machine.

a) run everything "as is" (UAC off, just running admin like it was with XP, new icons are disturbing enough for her)

b) when program reports unsuccesfull instal AND my mother wants this program installed, check with HitmanPro and restart after using right click option "set to trusted"

 

I am now giving Sandboxie, Mamutu and Look n Stop a trial

It seems to be a good setup, any suggestions or recommendations?

Thanks,

A

 

• TP-Link TL-WR941ND (SPI Firewall)
  • Windows 7 SP1 Home Premium 64 Bits:
    • Windows Firewall: Enabled
    • Windows Defender: Disabled
    • Administrator Account
    • Data Execution Prevention
    • User Account Control:
      • Default Level
    • Structured Exception Handling Overwrite Protection
    • Enhanced Mitigation Experience Toolkit 2.0.3:
      • All Internet Softwares
      • Maximum Settings
    • USB and DVD Drives Autorun: Disabled
    • Norton DNS (Block Malicious Websites)
    • Windows Internet Explorer 8 (Waiting for the Firefox 4):
      • Drive-by Protection via 1806 Trick
      • Protect Mode

• Backup & Restore:
  • Marium Reflect 4.2:
    • Only System Image
    • Image Saved in External HD
  • Microsoft SyncToy 2.1:
    • Daily Synchronization
    • Data Saved in External HD
  • Keriver 1-Click Restore Free 2.1
    • Snapshots Weekly (Just Replacing Old)
    • Snapshots Saved in Internal HD

• On-Demand:
  • Hitman Pro 3.5.8.119
    • Automatic Daily Scans

• Definitely my best security configuration, does not weigh anything in my system, is fast and strong, if the Hitman Pro detects something just restore the image or snapshot (With Macrium Reflect or Keriver 1-Click Restore) and poof, everything new again.

 

Restored PC to a clean image.
Running nothing atm

 

Nothing like a good system image.

 

Heres mine.

System:
Admin account
UAC-disabled
Sumo and File Hippo updater to keep programs up to date.

On Demand:

• Avira AntiVir Premium-heuristics set on high
• Comodo Firewall- Defense + and firewall set on safe mode

Browser:
Firefox- Noscript,Adblock Https-Everywhere,betterprivacy,keefox (firefox extension for keepass)

Sandbox:

• Sandboxie- Drop My Rights enabled. Delete contents of sandbox automatically enabled.

On-demand:

• HMP
• Malwarebytes
• Emisoft Emergency Kit Scanner

DNS:
OpenDNS

Extra:

• Spywareblaster
• Virustotal Uploader- To test suspicous files
• Comodo Instant Malware Analysis: http://camas.comodo.com/- To test files that are found clean by Virus Total but that I still find suspicious.
• Returnil- To test new software before I decide I want it.

I have used this setup for about 2 years. Have yet to have an infection.

 

I have noticed this a long time ago but I forgot about it on installing Avira. Avira slows down my Internet. I don't know why but I guess the WebGuard component is the culprit. I uninstalled Avira and problem solved. Here's my new setup.

• Microsoft Windows 7 Ultimate Service Pack 1 32-bit
• TP-Link TL-WR340G (SPI Firewall Enabled)
• Safe Admin Tweaks [MANUAL] (UAC Hardened, Autorun/autoplay disabled)
• Windows Firewall: Disabled
• Windows Defender: Disabled
• Administrator Account
• User Account Control: Enabled with maximum settings and password prompt
• Microsoft Enhanced Mitigation Experience Toolkit 2.0: Maximum security settings with application configuration; Data Execution Prevention (AlwaysOn); Structured Exception Handling Overwrite Protection (OptOut); Address Space Layout Randomization (OptIn);
• Creer's WinPatrol Registry Protection List
• GFI ClearCloud DNS

• On-access/real-time: Avast! Internet Security 6.0.1000, Sandboxie 3.52 (forced ALL browsers EXCEPT Google Chrome; forced ALL removable drives; dropped rights) WinPatrol PLUS 2011
• On-demand: Malwarebytes' Anti-Malware 1.50.1, SUPERAntiSpyware 4.49, Hitman Pro, Emsisoft Emergency Kit, Panda USB Vaccine (all USB drives vaccinated), Shadow Defender (Shadow Mode on when somebody uses the PC while I'm away), USB Disk Security 6.xx (disabled startup entry through WinPatrol; now using it as on-demand scanner for USB disks)

• Mozilla Firefox 3.6.15: G DATA CloudSecurity, Adblock Plus (EasyList+EasyPrivacy+Malware Domains), Ghostery, NoScript, Search Engine Security, BrowserProtect, Web of Trust
• Google Chrome 11.0.686.3 Dev: Safe Plugins enabled, Adblock Plus (EasyList+EasyPrivacy+Malware Domains), AdBlock, Web of Trust, FlashBlock, Ghostery, SaferChrome

• Backup/Snapshot: Acronis True Image Home 2011, HorizonDataSys Rollback Rx (Scheduled snapshots everyday on boot, automatic deletion of old snapshots)

 

Added EMET 2(All Internet facing apps & MS Office). So far no problems with my signature apps.

 

ATM,my Vista 64 bit:
Lua with SuRun,AdMuncher,SandBoxie,Outpost Security Suite free,AppGuard, Sticky Password 4.1,Wondershare TimeFreeze and Eaz-Fix..........probably overkill...


Need some reworking on my windows 7 partition.......have to update my sig when I'm ready....

 

Added USB Disk Security 6.0 to my setup and disabled USB Disk Security startup entry via WinPatrol to make it an on-demand scanner for USBs.

 

Arent norton security Scan a Good Demand Scanner?

 

Nice combination, AdamL. You might want to have the box checked for automatically delete contents of sandbox under Delete Invocation. I go back and forth between Mamutu and WinPatrol. Mamutu is probably better protection, but I think you'll find that Sandboxie is pretty strong stuff on its own. It depends on your computer habits how much more than Sandboxie you'll need. And definitely have a system image stored somewhere safe.

 

It doesn't remove detected threats, and it works a lot like a fake AV. There is also no button to go back to the main GUI.

By the way, it doesn't provide the location of detected threats so that you can try to manually disable the threats. It scans for an AV product, but you could have avast! or any other competitive AV and it won't detect it (probably is designed to only detect Norton products). So that is another reason why nobody uses it.

P.S. There is a bug in the uninstaller.

 

Kaspersky Virus Removal tool is free and great, IMO.