What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. wat0114
    Offline

    wat0114 Guest

    Hey jmonge,

    you're back only part time now, too busy changing diapers instead :D :p
  2. SweX
    Offline

    SweX Registered Member

    Right now I mean, right now that is the answer.

    Well it's good to hear that you do relax from security once in a while :D

    I was about to ask that if you don't pay for software. (any software).
    How do you do with the games (I have asked that before and you said that you got no money over to buy any), No latest and greatest for you I guess?
    Since afaik there's no new released games that's available for free :)

    I need to say that the impression you make here on Wilders (to me) is that you don't got time for anything else but security. But clearly that's not the case thank god. ;)

    One can wonder if you have other "rules" in your life, don't pee in public toilets :D
  3. jmonge
    Offline

    jmonge Registered Member

    indeed my friend:) wat0114:thumb:
  4. Ranget
    Offline

    Ranget Registered Member

    jmonge

    How do you do all this changing in your security setup

    do you reinstall a freash copy of windows
    or a disk image o_O

    because as far as i know Security Programs have leftovers
  5. jmonge
    Offline

    jmonge Registered Member

    manualy removed Ranget;)
  6. 1chaoticadult
    Offline

    1chaoticadult Registered Member

    Your PC's probably want to strangle you :D
  7. jmonge
    Offline

    jmonge Registered Member

    it is very smooth;)
    very fast and trouble free:)
  8. m00nbl00d
    Offline

    m00nbl00d Registered Member

    I'm not understanding. What's asking you what?
  9. 1chaoticadult
    Offline

    1chaoticadult Registered Member

    OK my friend good hehe. :D
    Last edited: Sep 6, 2011
  10. jmonge
    Offline

    jmonge Registered Member

  11. Hungry Man
    Offline

    Hungry Man Registered Member

    I buy through deals, get them from friends, etc. I haven't purchased a game in a while and I usually stick to emulating games on my computer via PCSX2 (games that I own and have dumped onto the computer.)

    Haha I'm sure I give that impression. I assure you wilders is only ever half of the screen =p I do lots of other things with my computer (and without! haha)

    =p Everyone's got their rules. I just write them out nice and clear.


    When running at LowIL I get a prompt every time I open Chrome saying "Run or Cancel" and some other stuff as if it were the first time I'd ran it.
  12. Ranget
    Offline

    Ranget Registered Member

    :cool:
    :cool:

    how often do you use On Demand scanner ?
    an what are you planning to use j ?

    BTW i Read earlier that you have a new security expert in your family

    Congrats bro
  13. The Hammer
    Online

    The Hammer Registered Member

    That can happen when your Behaviour Blocker isn't very good.;) :D
  14. m00nbl00d
    Offline

    m00nbl00d Registered Member

    You need to apply a low integrity level to Chrome's profile. Have you done that?
  15. Hungry Man
    Offline

    Hungry Man Registered Member

    Yikes. Nope. The entire thing?

    The problem with that is that anything run at LowIL can now write to the entire profile. That's no good. I'm fine with setting a .exe so that it can call things to LowIL but I don't like setting folders like that to LowIL.
  16. Ranget
    Offline

    Ranget Registered Member

    hehehe :rolleyes:

    also it can be a bug in my out bound firewall
    Last edited: Sep 6, 2011
  17. 1chaoticadult
    Offline

    1chaoticadult Registered Member

    Well I suggest going to the store and getting a refund, hehe... :D
  18. m00nbl00d
    Offline

    m00nbl00d Registered Member

    You only need to apply a low integrity level to the folder that contains the folder Default and the safe browsing files, etc.

    I'm not really concerned about execution, as I got AppLocker, which automatically blocks execution.

    Anyway, you could create two batch files. One giving a low integrity level to the profile folder and another one restoring the IL to a medium. Use the Low IL before opening Chrome, so that the profile is loaded. See if after restoring back the Medium IL, you can still use Chrome without problems. You obviously won't be able to modify settings, unless you first re-apply the Low IL.

    See what works best for you. By the way, I also do the same thing for %AppData%\Local\Temp. Two batch files. One applies a low IL, so I can download files, and another one restoring back the IL to medium.
  19. Hungry Man
    Offline

    Hungry Man Registered Member

    Ah, I suppose I could block execution.

    I think I'll just pass. I'm very... very confident in Chrome sandboxing techniques and I'm also fairly confident in sandboxie.
  20. m00nbl00d
    Offline

    m00nbl00d Registered Member

    There you go!!! You don't need to apply a low integrity level then. If you run Chrome inside Sandboxie, then chrome.exe's low integrity level will propagate to Sandboxie's processes, which on their turn will apply a low integrity level to any object and folder inside the sandbox's folder.

    Did you experienced what you previously mentioned (about the Run or Cancel thing) inside or outside Sandboxie?

    I ran Chromium with a low integrity level inside Sandboxie for a very long time, and never had issues.

    Sandboxie would allow me to then recover the folders and files just fine.
  21. Sully
    Offline

    Sully Registered Member

    You can selectively apply Low IL to specific directories or files. You only need to know which ones need the Low IL, which is not that hard really.

    I run as admin, and have used Low IL for Chromium quite a bit and done much testing. I have don't recall seeing the thing you speak of happening.

    Maybe check the chrome.exe, see if it has an ADS on it. If it does not, then proceed to other offerings. I made a thread somewhere which told what directories were needed to put a Low IL on, and how that effected things. You might find some infos in there that could clear it up.

    I used Low IL for quite a long time, and never experienced what you describe. I don't fear what happens to my profile, as what is in the profile really that is going to hurt me? I don't keep data there, and I have my downloads directory set, and it is sandboxed (normally).

    But also, having been running Chromium as an Admin for a couple months now, without sandboxie, I have not had any issues. How much is needed vs how much is being well prepared is blurred to me.

    Sul.

    Oh yeah, if you run as admin without UAC, chrome broker will run at high. You can always set it to a Medium IL rather than low, which is not as restricted, but definately not as open ended as High. This still gives you access to profiles etc, but also allows other areas too.

    Sul.
  22. Hungry Man
    Offline

    Hungry Man Registered Member

    @m00n, I was running Chrome sandboxed. Should I have cleared out my sandbox first?

    @Sully: ADS? I tried to find that topic but I could not.

    I run UAC so no need for that.

    I'll try running Chrome at LowIL and clearing the sandbox.

    EDIT: No, I cleared the sandbox...

    Attached Files:

  23. Sully
    Offline

    Sully Registered Member

    This is an ADS prompt. That stands for Alternate Data Stream. Think of it as a psuedo file that is attached to a file. This is used on NTFS file systems. It indicates the file originated from the internet zone, and that prompt is there to warn you of this. The way to get rid of it is to look at the files properties, and at the bottom is a check box for unblocking this. There are other ways to get rid of it as well, but that works fine.

    Sul.

    EDIT: Often you will see a something on the prompt that says something like "always allow this". I do anyway. Maybe because you are using UAC you don't see it, or it is a setting. The 1806 setting Kees talks about controls things like this.
  24. Hungry Man
    Offline

    Hungry Man Registered Member

    I don't see any reference to that in my chrome.exe or my shortcut properties. Read only, hidden, advanced. I'm looking around but not finding it.
  25. m00nbl00d
    Offline

    m00nbl00d Registered Member

    OH!!! Now I understand what you were talking about. I tought you were getting some error message due to the profile being with a medium IL. lol

    Sully is right then. You need to unblock it.