What is your security setup these days?

Since SHvFI explained that it first has to get there, I answer with the short version: yes water is wet and anti conception is useless when you are pregnant.

 

I am still interested in reading if you can throw the links my way (I can't find them) Thanks

 

@Overkill

Sorry I don't have them at hand. Most were developed in 2010 when I used Kees1958 as user name, I managed to find a few

UAC https://www.wilderssecurity.com/thre...isks-with-uac-and-reputation-services.382073/

ACL https://www.wilderssecurity.com/threads/is-my-srp-setup-good-enough.346423/#post-2225940 look at the picture)

Smartscreen on the desktop (on Windows 8 and higher): http://www.tenforums.com/tutorials/...een-settings-change-windows-10-a.html#option1 When you are on Windows 7 you can use the drive by block from here https://www.wilderssecurity.com/threads/safe-admin-chrome.296391/

Using Parentel Control as anti-executable: http://windows.microsoft.com/en-us/windows/set-parental-controls

Most of Chrome tweaks are here https://www.wilderssecurity.com/threads/windows-build-in-sandbox.386322/ and https://www.wilderssecurity.com/threads/malvertising-best-practices.385150/

Regards Kees

 

Thanks for digging it up. Will review your posts reg. UAC!

I have a question for you. I would appreciate, if you can give your input when you get a chance..

Background Info - I use

• W10 64 bit
• Firefox with uBO (Medium Blocking mode + deny all pop-ups) and some tweaks to it (like enabling click-to-play, disabling unneeded services)
  
• HMPA forced on VLC, Firefox and any internet facing applications.
  
• Backed with NOD32 (Have HIPS rules for firefox.exe if it tries to start any exe).
  
• And Enabled Smart-screen

1. What would be the added benefit of adding a dedicated ant-executable like NVT, on top of above setup?
2. What is the difference between bouncer and pumpernickel? (i tried looking up in your posts, unfortunately its a no go) Any advantage to above setup?

Thank you!!

 

Thanks Kees, much appreciated

 

With NOD32 you got a blacklist solution and with Smartscreen a whitelist solution, so the only added benefit of NVT ERP would be it command monitoring. Firefox does not have a low rights sandbox, so it is the weak spot in your setup, luckily you have HPMA to protect it against exploits and NOD32 HIPS against drive-by's. Changing from Firefox to Edge or Chrome would have more impact than adding NVT IMO (since I guess that NOD's HIPS probably offers some sort of command execution control).

Bouncer is process execution guard like AppLocker, Pumpernickel is file/folder guard like Secure Folders.

 

Bounder = Pumpernickel

 

@paulderdash THX, corrected

 

@Windows_Security

Thanks for your input

Yes, i know its the week spot. Changing to Chrome is one option. However, i am thinking to reduce the Firefox process to Low. I believe we already have the how-to-do-it in our forum..
B/w I open it in Sandboxie, whenever i think i am opening not-so-harmless sites

 

Windows 7

Panda Free
SpywareBlaster
SUPERAntiSpyware Free
Macrium Reflect
Browser Hardening
F7'ing JS off regularly in K-Meleon

Ubuntu Trusty Tahr LTS

Browser Hardening

 

Windows 10 Home x64
Standard User Account

Zemana AntiMalware Premium
HitmanPro.Alert (paid)
VoodooShield (free)

 

Comodo firewall (Cruelsister's config).
360TS (BD enabled)

 

On new traveling Netbook:
No more third-party AV, only Windows-Defender, with PUS.reg
Chrome with uBlock Origin

That's all I need.
Anything else is just wasting resources and reliability.

 

@Hiltimome less is more, what is PUS.reg?

 

I believe it is PUA / PUP detection registry key you can add to Windows Defender.

 

360 Security Essentials
Zemana AntiMalware Free
Hitman Pro Free
Zemana Anti-keyLogger

 

Upgraded NIS to NS
MBAM Premium
MBAE Free
CryptoPrevent

Standalone scans

GridinSoft Anti-Malware
JRT
adwcleaner
Hitman Pro Free

 

Freeware is your friend...

 

Testing this setup on a 'junk pc' that's running Win 8.1 and 4gigs ram
(runs surprisingly light and play nicely together)

ESET NOD32 AV Beta 10.0.106.0 (AV/Hips/Anti Exploit)
Voodooshield Pro 3.29 Beta (Anti Executable)
Glasswire 1.2.64 Beta Free (Realtime Activity Monitoring)
Adguard 6.1.232.1142 Beta (Fanboy's Ultimate List + Standard Filtering)
Binisoft's Windows Firewall Control 4.8.0.0 (Default Deny, Notifications Disabled)

Edit: 28 June 2016 removed MBAE

 

Still running the config in my sig, btw for my complete config, click on mr. smiley in my sig below.

 

Yes it is

 

i just saw a thread on Windows Defender so i installed it along side Private firewall and Hostsman..

http://www.abelhadigital.com/hostsman

A good host file is a must.. imo

 

Since last week, using WSA, VS, uBlock Origin and Macrium Reflect as my Backup. Simple and effective, I think...

 

You think correct!

 

Aser Transformer (Home 32 bits Windows 8.1):

1. Windows Firewall 2-way, disabled risk-ware, using Norton DNS
2. UAC set to block elevation of unsigned (still allows unsigned to run)
3. Standard user with parental control and admin consent for Smartscreen
4. ACL deny execute for Everyone on 64GB SD-card,Public and Download folders
5. Disabled IE and WMP, hardened Microsoft Office with Trust Center, EMET and ACL
6. Hardened Chrome by using existing settings, about flags and command switches:

• Disable javascript except from [*.]nl, com, eu, net, org and HTTPS:/*:443
• Clik to play plugins, always allow HTTPS:/* and Chrome PDF
• Enabled 3p-scripts block via document write
  
• Enabled Win32 Lockdown for all plug-ins
• Enabled AppContainer Sandbox
• Enabled extension verification
• Enabled reduce referer info
• Disable hyperlink auditing
  
• Disable canvas reading
• Enabled do not track
• Block 3-p cookies

7. Chrome extensions: Blank New Tab, WebRTC leak prevent and Adguard AdBlocker