What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    134
    Location:
    Germany
    renew my Eset Smartsecurity License
     
  2. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Sandboxie and WebrootSA.
     
    Last edited: Oct 6, 2015
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    I did something similar. Since my ESET NOD32 licenses were due to expire in a couple of days, I activated a couple of ESET Smart Security licenses I purchased 10 months ago during a holiday sale. I plan to do the same thing this coming holiday for next year.
     
  4. The Dragonfly

    The Dragonfly Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    39
    Well I decided to go with G Data A/V instead. For 22.26 USD with tax, I couldn't pass that deal up. I'm definitely liking this anti-virus, and I'm also surprised how well Comodo Firewall, SecureAPlus, HitmanPro.Alart 3 work together with no conflicts. My only complaint with G Data is I wish had control over the heuristics settings. I also decided to keep SecureAPlus as well.
     
  5. Windows 10 PRO security
    - Block unsigned binaries to boot/install/elevate (GPO)
    - Disabled risk-ware and user autoruns/startup (GPO)
    - Deny execute Everyone in drive-by folders (ACL)
    - Deny execute Basic User in user folders (SRP)
    - EMET Office 2007 and ASR scripting-DLL's
    - Set WFW default to block outbound also

    Browser tweaking & tricks
    - Blocked IE11 (SRP, WFW), set IE-zones HIGH
    - Edge used as PDF-reader (blocked in WFW)
    - Chrome Sandbox with uBlock (3rd-party)
    - URL filters from OpenDNS and Google
     
    Last edited by a moderator: Oct 8, 2015
  6. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I've been running the beta of the 2016 version of Avast for the last three days. It is exceptionally light, so much so, that I don't even notice it's installed.

    It is one of the lightest antiviruses I've used in recent times.
     
  7. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    My security setup

    Real-time:

    Sandboxie (Lifetime)
    Malwarebytes Anti-Exploit (Premium)
    DNSCrypt Proxy (OpenDNS)

    Windows:
    Windows Defender = Off
    Windows Firewall = On
    Windows SmartScreen = On
    Windows Update = On
    UAC = Always notify
    Security & Privacy tweaks applied

    Network:
    Router NAT
    Manual configuration

    Browser:
    Mozilla Firefox
    Adobe Flash = Ask to Activate
    LastPass
    uBlock Origin
    WOT
    Security & Privacy tweaks applied (about:config)

    On-demand:

    Emisisoft Emergency Kit
    Kaspersky Virus Removal Tool
    Malwarebytes Anti-Malware

    Other Tools:

    CCleaner
    PrivaZer
    Autoruns
    O&O ShutUp 10
    Spybot Anti-Beacon
    VPN (Occasional use on mobile devices)
     
    Last edited: Oct 8, 2015
  8. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    @Tyrizian

    Please can you list Firefox about:config tweaks.
    Thanks
     
  9. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Here you go...

    Network:

    network.websocket.enabled - boolean = false
    network.dns.disableIPv6 - boolean = true
    network.dns.disablePrefetch - boolean = true
    network.prefetch-next - boolean = false

    Browser:

    dom.event.clipboardevents.enabled - boolean = false
    dom.battery.enabled - boolean = false
    dom.storage.enabled - boolean = false - NOTE: This setting may reduce and or break functionality on certain web sites.
    browser.safebrowsing.enabled - boolean = false
    browser.safebrowsing.downloads.enabled - boolean = false
    browser.safebrowsing.malware.enabled - boolean = false
    browser.send_pings - boolean = false
    browser.cache.disk.enable - boolean = false
    browser.cache.memory.enable - boolean = false
    browser.cache.offline.enable - boolean = false
    browser.cache.offline.capacity - integer = 0
    webgl.disabled - boolean = true

    Geolocation:

    geo.enabled - boolean = false
    geo.wifi.logging.enabled - boolean = false
    geo.wifi.uri - string = http://127.0.0.1

    Stats Collection:

    datareporting.healthreport.service.enabled - boolean = false
    datareporting.healthreport.uploadEnabled - boolean = false
    toolkit.telemetry.enabled - boolean = false
    beacon.enabled - boolean = false

    Integration:

    loop.enabled - boolean = false
    browser.pocket.enabled - boolean = false

    Media:

    media.peerconnection.enabled - boolean = false
    media.eme.enabled - boolean = false
    media.gmp-eme-adobe.enabled - boolean = false

    Devices:

    camera.control.face_detection.enabled - boolean = false
    camera.control.autofocus_moving_callback.enabled - boolean = false
    device.sensors.enabled - boolean = false

    Encryption:

    security.tls.unrestricted_rc4_fallback - boolean = false
    security.tls.insecure_fallback_hosts.use_static_list - boolean = false
    security.ssl.require_safe_negotiation - boolean = false
    security.ssl.treat_unsafe_negotiation_as_broken - boolean = false

    WebRTC:

    media.peerconnection.enabled - boolean = false
    media.peerconnection.turn.disable - boolean = true
    media.peerconnection.use_document_iceservers - boolean = false
    media.peerconnection.video.enabled - boolean = false
    media.peerconnection.identity.timeout - integer = 1
     
  10. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    @Tyrizian

    Nice :thumb:
    I'll have to do some testing with these.
    Thanks :)
     
  11. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    417
    Location:
    Event Horizon
    Appguard - Data Partition protected (read only), user profile folders not used for data storage
    EMET 5.5 beta - maximum security, enforce all mitigations for critical apps e.g. browser
    Terabyte Image for Windows - system backup archive stored on external harddrive not connected to the pc
    OpenDNS - set up personal web filter and lock out critical web content
    AMD Ramdisk - Temporary internet files
    VirusTotalUploader2 - integrated into TotalCommander for easy file uploads
    Process Explorer - VirusTotal tabs for running processes
    Windows Defender & Windows Firewall
    Opera 32 - Adguard Adblocker
     
  12. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Sure, no problem, hope that helps.

    Have a good day!
     
  13. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    This isn't just a Windows thread, right guys? :-*

    My security setup:
    • A custom Firewall (my signature);
    • Arch Linux with grsecurity (and softmode=0);
    • Firejail for jailing almost all my programs;
    • Iceweasel with NoScript, RequestPolicy, Disconnect, https-everywhere, and uBlock Origin;
    • VPN sometimes;
    • e-Mail accounts at riseup.net and autistici.org;
    • No Google, Facebook, Yahoo, Outlook, accounts or service used;
    • Encrypted e-Mail when necessary;
    • Encrypted disk with LUKS, cipher twofish-xts-plain64, and an itter time of 5000: that's 10 seconds between each passphrase attempt, making brute-force attacks impossible while still having a simpler passphrase;
    I also took a snapshot (fingerprint) with rkhunter of my recently-installed system, and I do regular checks to see if any system files were altered.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    You're kidding me right? Can you post some screenshots, and what do you like about them?

    EDIT: I always read bad things about SafenSoft SysWatch, so that's why I was surprised. :D
     
  15. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    But it'd be boring if I post say my Chromebook's security setup (same browser profile as Windows and pretty much vanilla crouton). :p
     
  16. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Well, I could say I've got a yoube stick and a dog. Does that count here too? :argh:
     
    Last edited: Oct 8, 2015
  17. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Running what's in my sig
     
  18. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    417
    Location:
    Event Horizon
    If I remember correctly Safensoft Syswatch is some sort of a hips program which offers a sandbox to execute suspicious files as well as a whitelist for the programs that are already installed on the computer. It also has the capabilites to identify threads as it uses Bitdefender engine I think. The problem that I had with Syswatch when I tested it was that the initial scan of the system for the whitelist creation took ages to finish. Also the sandbox feature on execute wasn't really helpful since the majority of files failed to run in the first place. There was no way to find out what exactly a suspicious file does because it didn't even run inside the Syswatch sandbox. So in the end the user had to decide if the file should be run without any restrictions or blocked. There was no in between.

    It is quite an interesting approach that Safensoft does with this program but the implementation needs a lot of work still as the program leaves the user alone with his decision. You either trust a file completely or block it since the sandbox doesn't seem to work properly as explained above.

    It could be that they have already fixed many of these issues as I haven't looked into Syswatch for quite some time.
     
  19. x ZauX x

    x ZauX x Registered Member

    Joined:
    May 8, 2010
    Posts:
    139
    Ahaha yeah alot of people are having issues with it but it always worked perfect for me.

    I've always had problems with most other hips/anti-exe type of programs, everything from hiccups to major issues but as i said it always worked for me :)


    This is correct, the initial scan has improved alot at least for me.
    Yeah i wish they would improve/implement the sandbox at execute, it works more like a anti-exe at this point.
    But you can always change application permissions later.
     

    Attached Files:

  20. Tarantula

    Tarantula Guest

    ZoneAlarm free AV+FW 14.0.522.000

    On demand: Zemana AM
    Backup: AOMEI Backupper
     
  21. Rolo42

    Rolo42 Registered Member

    Joined:
    Jan 22, 2012
    Posts:
    571
    Location:
    USA
    I'd say this is hardening done correctly. Maximal security with minimal overhead and fewest moving parts.
     
  22. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    W7 Pro. Sandboxie - AppGuard - WFW - dnscrypt - 1806 - ublock orgin - netcraft - Tampermonkey, Reek.

    I'm really happy with this setup. I don't have any slowdowns, no conflicts.
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Windows 7 x64 Ultimate
    • Windows firewall (inbound)
    • Software Restriction Policies
    • User Account Control on max

    Sandboxie
    Ublock Origin
    FreedomeVPN
    Macrium Reflect Standard


    On-demand scanners:
    Emsisoft Emergency Kit, Avira PC Cleaner, Malwarebytes AM, ESET Online Scanner, HitmanPro
     
    Last edited: Oct 13, 2015
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Thanks, I have to say that the GUI actually looks kinda nice. It almost makes me want to check it out. BTW, can you perhaps post some shots of the other tabs like "Process privileges" and "Interprocess interaction", what is that all about?

    Yes perhaps it has been improved, who knows. I'm still looking for a good HIPS, Zemana and SpyShelter have been ruled out by me, because of several reasons.
     
  25. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Sandboxie has me back. Just when I thought I was out, it pulls me back in.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.