What is your security setup these days?

Good Evening! Homeland Security...Mk 21..WSA Security Plus...Appguard...Voodoo Shield...The Ol' Light But Lethal! Sincerely...Securon

 

It is time for a little update:

Windows 8.1 Prof. x64:
UAC at max level (while using a standard account)
Applocker
DNSCrypt
TrueCrypt

Real-Time protection:
ESET Smart Security (Interactive Mode as Rule Set for HIPS & FW)
Malwarebyte's Anti-Malware Pro (Web & Realtime protection)
HitmanPro Alert

On demand:
Hitman Pro
AVZ
Dr.Web CureIT
Comodo Cleaning Essentials

Chrome x64:
uBlock (Easylist + EasyGerman, EasyPrivacy, Fanboy's List + P2P + Tracking/Stats Blocking + International Tracking/Stats Blocking, Facebook, Malware Domains)
uMatrix
HTTPS-Everywhere
KeePass Addon
Redirect Cleaner
StartupMaster
DNT+
Foxyproxy (using a SSH-Tunnel to my dedicated server.. except a few sites which I manually added to Foxproxy)

Thunderbird:
Always connects to the internet via a SSH-Tunnel to my dedicated server
Passwords saved & encrypted with a Master-Password

KeePass:
Syncing all my passwords on all devices via my dedicated server
Fully replaces the password manager of:
- Firefox (With KeeFox as Firefox addon)
- FTP-Client (FileZilla & WinSCP)
- Putty
- soon MSN/Skype/mIRC/ICQ/...

SSH-Tunnel:
I generally use the SSH-Tunnel to my dedicated server on most app's that send/receive important or personal information to prevent sniffing. Thought about using OpenVPN but I only wanted to encrypt my network traffic for certain applications instead of everything.

Router:
Fritzbox -> Untangle (Virus Blocker = ClamAV, Spyware Blocker, Phish Blocker, Firewall, Intrusion Prevention, Ad Blocker, Attack Blocker) -> PC

The Fritzbox is a normal first router. It also builds a little network which is meant for visitors/guests/friends. After that I built an Untangle-router with my old home-server (Dual Core 2 Duo 2,66Ghz, 2GB RAM). This is my main router which does all the DHCP,QoS,filtering,blocking,security... stuff.



I really recommend KeePass to everyone. You can sync it on every device via the web (dropbox,ftp,sftp,ssh,what-ever) and fully replace any password manager. To log into my ftp-server via Filezilla I just run KeePass, select the login entry in KeePass and click "open". Filezilla will start and log in with the credentials given from KeePass. Works with nearly every program.
I still wonder if it's safe to run Thunderbird the whole day with my passwords saved in the password manager (but encrypted by using the master password).

Don't know of anything else that I could add. Maybe I could add another AV to scan all downloaded files (done by my router) but I think 3 AV's are already enough (ClamAV = Router, CIS & MBAM = System). Especially when there is OpenDNS, Phish Blocker (Router) and Spyware Blocker (Router) blocking everything before I can even load/browse it. And if malware still manages to bypass those 6 layers of protection I still have a HIPS,FW and auto-sandbox. In case all those 9 layers of protection don't help I would still have all my sensible data encrypted with TrueCrypt as well as my passwords are saved within KeePass with a strong encryption, keyfile and master password.

 

I feel like Chrome x64 is more secure than Firefox and a little faster. Firefox has better addons but I can live with that Chrome offers.

I replaced Win 7 with Win 8.1 as my laptop has a touch-screen. And I never want to live without touch-screen on my laptop anymore ;P Win 7 doesn't support touch-screen.

I replaced CIS with ESET due to ethical reasons and because I kinda prefer ESET's interface over CIS. My security reviews/tests have shown that ESET in interactive mode is just as secure as CIS.

HitmanProAlert replaces EMET as HMPA is way more userfriendly and offers more protection and features.

 

Yes it does. My dell laptop is touch screen and i replaced W8 with W7 64b and my touchscreen works. A lot of "all in one" computers are touch screen running W7.

 

Really ? Well maybe it is a problem with my Dell's laptop driver then?

I have the Dell XPS 15 9530 and so far no one has managed to get the touch-screen to work with win 7 ?

 

When I installed W7 on my Dell, it automatically installed a TS driver. I'm not sure why it didn't work for you. I have a new Dell like yourself.

 

Sandboxie and ...............rest is in signature....no problems to report.

 

I'm using my SSS (simple security setup):

OS: Windows 8.1 x64
Built-in security: Windows FW (inbound), User Account Control on max, Software Restriction Policies
Backup: daily incremental system backup with Macrium Reflect
Browser: Chrome x64 with µBlock and µMatrix

I like to keep it simple

 

Current setup on Windows 8 64 bit:

Sandboxie | TinyWall | VirusTotal Uploader

I will add HitmanPro.Alert and EXE Radar, but I'm waiting for the final/newer version. I'm also looking for a more advanced outbound firewall (with alerts) and it bugs me that all HIPS (like Online Armor, SpyShelter and Comodo) kinda suck.

 

I'm thinking to add Panda's USB Vaccine or Bitdefender's USB Immunizer, though not sure how useful could that be. Any inputs, please?

 

OS: Windows 7 Home Premium 64bit
Protection: KIS 2015 & MBAE Free
Browser: Google Chrome w/ABP,Lastpass
Imaging: Windows 7 Built in & EaseUS Todo Home
Backup: Google Drive and Dropbox
On Demand: MBAM

Do you need to pay for security? No. Why am I using KIS? Cyber Monday................$8.99. If not I would be using AVG Free or Panda Free!

 

You do exactly need to add it. Panda's is still beta. Bitdefenders just download it and immunize your sticks. They are both on demand and neither needs to run in real time. Once your sticks are immunized your all set. All USB sticks should be immunized and all pc's should have autoruns disabled.

 

No idea whether you tried this one, it is not advanced but has outbound alerts: http://wfn.codeplex.com/

 

I have tried this one months ago and it didn't work well, the GUI was very slow plus it made use of the Task Scheduler, so I didn't like it at all. Normally I would use a simple firewall like ZoneAlarm, but they screwed up the GUI.

 

Does anyone have proper firewall rules for the following windows files ?

Windows update rule for svchost.exe (I guess port 80 & 443 and maybe restrict it to microsoft update servers only)
Host Process for Setting Synchronization (SettingSyncHost.exe)
User Account Control Panel Host (UserAccountBroker.exe)
Windows Explorer (explorer.exe)
Windows Host Process (rundll32.exe)
Store Broker (WSHost.exe)
Windows Driver Foundation - User-mode Driver Framework Host Process (WUDFHost.exe)
Device Association Framework Provider Host (dasHost.exe)
Host Process for Windows Tasks (taskhost.exe)

I am talking about something that restricts useless home calling without breaking the main purpose and also tightens the "power" of the service to "safe location communication" only

 

Question: how many of you run Chrome with
- privacy hardened vs privacy blacklisted
- security hardened vs script filtering

Privacy hardened
a) only allow third party, session cookies only
b) enable Chrome's send do not track and use --no-referrers switch
c) enable in about flags #disable-hyperlink-auditing

Privacy blacklisted
a) one of the anti-tracking extensions

Security hardened
a) use --enable-strict-site-isolation switch
b) enable in about flags #enable-javasript-harmony

Script hardened
a) one of the anti-script extensions


Thanks
(I use hardened + uBlock with minifilter on for 3rd party scripts and iframes for maximum protection at maximum lazyness/minimum micro-management)

 

To be honest I think that making rules for the services that you mentioned might cause problems, so I stayed away from it, but if there is an easy way to control them, I'm all for it. I do wonder if they call home in the first place, on my system they are all "listening" to ports, but that doesn't mean that they connect out, I suppose?

 

@Windows_Security
I use uBlock (ads, privacy and social + experimental features) and uMatrix (with all hostnames, 1st party allowed and 3rd party blocked). It's a good balance between security and convenience. Both extensions are IMO state of the art extensions. Kudos to developer.

 

My firewall alerts me about them trying to connect different IP's (microsoft) :/

 

Me - privacy hardened, scripts - µMatrix (disabled ), Adblock Plus (I guess it's not for scripts though) and always cover Chrome with MBAE or EMET.

 

AV: Avast 2015
Firewall: Outpost Security Suite (only use the firewall portion of it)
Secondary: Spybot, Spywareblaster, MBAM, SuperAntiSpyware
Browser: Firefox with NoScript and Adblock Plus

 

Xp Home SP3
Windows Firewall
Trick Myrrh-Sebijk-Harkaz
PsExec
System Restore Off
Black Viper's
Norton Connect Safe
EMET 4.1 U1
SBIE

Firefox - µBlock,Noscript,HTTPS Everywhere,Toggle Referer.


On Demand

Hitman Pro
HijackThis Portable

 

Where did you get ublock for Firefox?

 

https://www.wilderssecurity.com/threads/ublock-ublock-for-firefox.371397/

 

Dec. 19, 2014 - Updated, Added, Removed

Network

• Three Netgear WNR3500L-100NAS (DD-WRT Firmware)
• Two Netgear Nighthawk R7000-100PAS Routers (Stock Firmware)
• Four Netgear PowerLine AV 500 Adapters
• Wired Cat5e Connection between both Routers
• WPA2-PSK AES Encryption
• SPI & NAT Firewalls Enabled
• OpenDNS Configuration

Computers

• Desktop - Windows 8.1 Pro with Media Center x64
• Laptop - Windows 8.1 x64

Built-In Security

• USER ACCOUNT CONTROL: HIGHEST SETTING
• EMET 5.1: RECOMMENDED SECURITY SETTINGS
• WINDOWS SMART SCREEN: ENABLED
• WINDOWS DEFENDER: DISABLED
• WINDOWS FIREWALL: DISABLED

Resident

• Emsisoft Internet Security 9.0.0.4668 (Paid)
• Appguard 4.1.45.1 (Paid)** - Locked Down
• NVT ERP 3.1.0.0 Build1 v13 Beta (Paid)** - Lockdown Mode
• Sandboxie 4.15.6 Beta (Paid) - Sandboxie Container Folder on RAMDisk
• Adguard 5.10.1167.5997 (Paid)
• DNSCrypt 0.0.6 - HTTPS Enabled

On-Demand

• PeerBlock 1.2 (P2P Blocking List)
• Shadow Defender 1.4.0.553** (Paid)
• Macrium Reflect 5.3 build 7220*
• VMWare Workstation 11.0.0 Build 2305329** (Paid)

Browser, Immunization, Tweaks

• Chrome 39.0.2171.95 (HTTPS-Everywhere, Gmelius) - Chrome Profile Folder on RAMDisk and Sandboxed
• Homepage and Search Providers set to Startpage (Chrome and IE)
• LastPass 3.1.50 Premium (Chrome and IE)
• Spyware Blaster 5.0 (All Protection Enabled + Customblocking.txt)

*Macrium Reflect (Full Daily Backup -Desktop, Full Weekly Backups - Laptop)
**VMware Workstation, Appguard and NVT ERP only installed on Desktop \ Shadow Defender only installed on Laptop

dja2k