What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. illumination

    illumination Guest

    Nothing on the internet is anonymous.

    Eset IS covers my entire network/mobile devices. If one so chooses, there is a Policy Based Mode available for the HIPS and Firewall both, not to mention many other features not enabled by default. EIS is very powerful if one strolls through the advanced settings and learns the functions. While AG adds another layer, it is not necessary, and frankly money I can spend on other things.
     
  2. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,156
    Location:
    Canada
    Added Sandboxie and Windscribe VPN, just to play around with. Now using WD, MB3, UBO, plus Sandboxie for bowser and Windscribe for kicks.
     
  3. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Windows XP Home (My PC)
    Windows Firewall
    Trick POSReady 2009
    Ps Exec
    Black Viper's List
    Google DNS
    No NET Installed
    No Java
    No Flash I.E.8
    MBAE Premium (ver 24) + Rule HOSTS file - 127.0.0.1 data-cdn.mbamupdates.com

    Firefox ESR

    • Custom Setting About:Config
    • Primetime Content Decryption Module Plugin - Enable MP4 ( H 264 + AAC) HTML5 Video Support
    U.B.O + NoCoin filter List +

    https://ransomwaretracker.abuse.ch/blocklist/

    Added RW_DOMBLDomain Blocklist + RW_URLBLURL Blocklist + RW_IPBLIP Blocklist:

    Noscript
    Canvas Blocker
    No Resource URI Leak
     
  4. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    W.10 Home 1709 (PC my Daughter)
    S.U.A.
    UAC Max
    Windows Smart Screen
    Google DNS
    Windows Firewall
    I.E.11 Off - WMP Off - Disable Flash in Edge
    Validate Admin Code Signatures set to 1
    Additional LSA Protection.
    Windows Defender Security Center - ON

    • Attack Surface Reduction - Block execution of (potentially) obfuscated scripts - Impede JavaScript and VBScript to launch executables.
    • Network protection.
    • Controlled Folder Access.
    • Exploit protection.
    Chrome x64 - https://peter.sh/experiments/chromium-command-line-switches/
    • --disable-webgl --no-referrers
    Chrome://Flags
    • Extension Content Verification - Enforce Strict
    • Enable AppContainer Lockdown - Enabled
    U.B.O. + NoCoin Filter List +

    https://ransomwaretracker.abuse.ch/blocklist/

    Added RW_DOMBLDomain Blocklist + RW_URLBLURL Blocklist + RW_IPBLIP Blocklist +

    https://openphish.com/

    Added OpenPhish Phishing Intelligence Community Feed list

    Immagine.jpg

    ScriptSafe
    HTTPS Everywhere
    Click & Clean

    Exploit Protection - http://sendvid.com/gcftah7j
     
  5. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Any reason you don't add OpenPhish to your own uB0? Looks good, I see VT uses it ...
     
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    I do not need it.;):)
     
  7. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    After upgrading to FCU I had some crashes, so I removed CFW and switched to CCAV

    OS: Windows 10 Home Fall Creators Update 1709 16299.19
    RT: CCAV + Windows Firewall
    OD: Zemana Antimalware free, HitmanPro free and AdwCleaner
    Browser: Chromium with ublock origin
    DNS: OpenDNS
    MS stuffs: SmartScreen enabled, UAC disabled, Windows Defender disabled
    Misc: Some hardening as explained here http://hardenwindows10forsecurity.com/
     
  8. iCurious

    iCurious Registered Member

    Joined:
    Aug 9, 2014
    Posts:
    17
    OS: Win10 Pro Fall Creators
    Windows Firewall Control
    UAC Default
    SmartScreen On
    Real-time: Kaspersky AV Free (only file anti-virus) + Zemana AM Premium (751 days with GIVEAWAY-3667-2597)
    Sandboxed Firefox 57 with profile in RAMDisk (uBlock+uMatrix)
    On Demand: Emergency Kit Scanner + MalwareBytes Premium
    VT Hash Check
    Also got some tweaks from http://hardenwindows10forsecurity.com/
     
  9. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    CLEAN INSTALL OF WINDOWS FALL CREATORS UPDATE - DESKTOP & TABLET

    Nov. 5, 2017
    - Updated, Added, Removed

    Network
    • Two Netgear Nighthawk AC1900 (R7000) Routers (Stock Firmware)
    • Four Netgear PowerLine AV 500 Adapters
    • Wired Cat5e Connection between both Routers
    • WPA2-PSK AES Encryption
    • SPI & NAT Firewalls - Enabled
    • OpenDNS Configuration
    Computers
    • LOCAL ACCOUNTS - Administrator Password Protected
    • DESKTOP (Custom Built) - Windows 10 Pro x64 Ver. 1709 Built 16299.19
    • TABLET (Surface Pro 4) - Windows 10 Pro x64 Ver. 1709 Built 16299.19
    Built-In Security
    • USER ACCOUNT CONTROL: HIGHEST SETTING
    • WINDOWS SMART SCREEN: ENABLED - SET TO BLOCK
    • WINDOWS DEFENDER: ENABLED - GPEDIT CUSTOM SETTINGS!
    • EXPLOIT PROTECTION: ENABLED - IMPORTED EMET XML
    • FOLDER PROTECTION: ENABLED - ADDITIONAL FOLDERS ADDED
    • WINDOWS FIREWALL: ENABLED
    Resident
    • PIA VPN Client v74 - VPN Enabled (Paid)
    • Windows Firewall Control 5.0.0.2 - Medium Filtering Enabled (Paid)
    • Sandboxie 5.22 (Paid) - Container Folder on RAMDisk
    • Adguard Premium 6.2.433.2167 Beta (Paid)
    • Simple DnsCrypt 0.4.2 (Holland & Denmark) - Enabled
    On-Demand
    • Emsisoft Emergency Kit 2017.8.0.7904 - Weekly Manual Scans
    • Macrium Reflect Home Edition 7.1.2646* (Paid)
    • VMWare Workstation 14.0.0-6661328** (Paid)
    Browsers, Immunization, Tweaks
    • Windows 10 Hardening Tips from http://hardenwindows10forsecurity.com
    • Windows 10 Services "Tweaked" for DESKTOP by Black Viper*** | www.blackviper.com
    • Uninstalled Unused Windows 10 Apps via Powershell i.e. Mail, Calender, People, etc.
    • Privacy Repairer 1.5.0.0 - Custom Settings Enabled
    • Windows and User Temp Folders set to RAMDisk - Cleared on Reboot
    • Documents on External Drives - BitLocker Enabled
    • Microsoft Edge and Internet Explorer (LastPass Premium) - Internet Explorer Forced to run Sandboxed
    • Homepage and Search Providers set to Startpage (IE & Edge)
    • CCleaner Professional Edition 5.36.6278 (Paid) + CCEnhancer - Automatic Cleaning Enabled
    • Spyware Blaster 5.5 (All Protection Enabled + Customblocking.txt)
    *Macrium Reflect Home Edition installed in Desktop & Tablet - Backup Template: Incremental Forever
    **VMware Workstation only installed on Desktop
    ***Services only tweaked on Desktop
     
    Last edited: Nov 6, 2017
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Windows 7 x64
    • Software Restriction Policies enabled and configured
    • Standard User Account used
    • User Account Control set to max
    • Windows Firewall monitoring inbound and outbound network traffic
    • various OS tweaks and modifications
    Macrium Reflect using grandfather - father - son backup scheme

    Sandboxie for Chrome with uBlock Origin

    OpenVPN
    and Mullvad as service provider

    Emsisoft Emergency Kit, Avira PC Cleaner and HitmanPro for on demand scans.
     
  11. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    On XP Professional SP3
    firewall - Kerio Personal FW 2.1.5 Free
    HIPS/BB - System Saferty Monitor (full beta)
    LV - Shadow Defender
    browser - Firefox ESR with NoScript, AdGuard (addon), Canvas Defender, HTTPS Everywhere.
     
  12. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Isn't SB obsolete these days?
     
  13. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Maybe but IE rules still get updated once in a while so doesn't hurt.
     
  14. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Why use IE?
     
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    W.10 Home 1709 (PC my Daughter)
    S.U.A.
    UAC Max
    Windows Smart Screen
    Google DNS
    Windows Firewall
    I.E.11 Off - WMP Off - Disable Flash in Edge
    Validate Admin Code Signatures set to 1
    Additional LSA Protection.
    Windows Defender Security Center - ON

    • Attack Surface Reduction - Block execution of (potentially) obfuscated scripts - Impede JavaScript and VBScript to launch executables.
    • Network protection.
    • Controlled Folder Access.
    • Exploit protection.
    Chrome x64 - https://peter.sh/experiments/chromium-command-line-switches/
    • --disable-webgl --no-referrers
    Chrome://Flags
    U.B.O. + NoCoin Filter List +

    https://ransomwaretracker.abuse.ch/blocklist/

    RW_DOMBLDomain Blocklist + RW_URLBLURL Blocklist + RW_IPBLIP Blocklist +

    https://openphish.com/

    OpenPhish Phishing Intelligence Community Feed list

    View attachment 258988
    ScriptSafe
    HTTPS Everywhere
    Click & Clean

    Exploit Protection - http://sendvid.com/gcftah7j
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Hi.
    In the Security Guide below:

    http://hardenwindows10forsecurity.com/

    there is a serious error in the paragraph "Configure Anti-Exploit technology - Setting for Chrome".

    Immagine.jpg
     
  17. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    I use Edge browser as default and IE Sandboxed if I need it.
     
  18. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    Thanks for reporting it, but I haven't set exploit protection for Chrome (yet)
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
  20. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,289
    Location:
    Pennsylvania.
    Modified my sig to reflect my recent setup.
     
  21. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Windows XP Home (My PC)
    Windows Firewall
    Trick POSReady 2009
    PsExec
    Black Viper's List
    Google DNS
    No NET Installed
    No Java
    No Flash I.E.8
    MBAE Premium (ver 24) + Rule HOSTS file - 127.0.0.1 data-cdn.mbamupdates.com

    Firefox ESR

    • Custom Setting About:Config
    U.B.O + NoCoin filter List + RW_DOMBLDomain Blocklist + RW_URLBLURL Blocklist + RW_IPBLIP Blocklist:
    Noscript
    Canvas Defender (NEW)
    No Resource URI Leak
     
  22. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Windows 7 Ultimate

    SUA

    UAC at max behind a password

    Comodo IS 10
    - Firewall in Custom Ruleset
    - Auto-Containment disabled
    - HIPS in Safe Mode

    Zemana AntiLogger
    - Identity Theft Protection on
    - RT with Pandora on

    MBAE with additional shields for some routine apps

    Images with Macrium free and Paragon lic. Paragon is not so convenient as Macrium. I think I could do with Macrium only.
     
  23. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    W.10 Home 1709 (PC my Daughter)
    S.U.A.
    UAC Max
    Windows Smart Screen
    Google DNS
    Black Viper's List

    Windows Firewall
    I.E.11 Off - WMP Off - Disable Flash in Edge - Onedrive Off
    Validate Admin Code Signatures set to 1
    Additional LSA Protection.
    Windows Defender Security Center

    • Attack Surface Reduction - Block execution of (potentially) obfuscated scripts - Impede JavaScript and VBScript to launch executables.
    • Network protection.
    • Controlled Folder Access.
    • Exploit protection.
    • PUA Protection.
    Chrome x64
    • --disable-webgl --no-referrers
    Chrome://Flags
    • Extension Content Verification - Enforce Strict
    • Enable AppContainer Lockdown - Enabled
    • framebusting-needs-sameorigin-or-usergesture
    U.B.O. + NoCoin Filter List + RW_DOMBLDomain Blocklist + RW_URLBLURL Blocklist + RW_IPBLIP Blocklist
    uBlock Protector Extension
    ScriptSafe
    HTTPS Everywhere
    Click & Clean

    Exploit Protection - http://sendvid.com/gcftah7j
     
  24. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    237
    Location:
    The Angel Isle
    Wow, to say abject paranoia is alive and well in this thread is an understatement!
    Some of you must REALLY STRAY from the path in t'interweb land!!
     
  25. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,338
    Location:
    Adelaide
    Started using Quad9 for my DNS queries.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.