What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    I have set in WD:

    Cloud Protection Level - Block

    (although the AV is not very important for me).
     
  2. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,444
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    Nine months since my last post on this and I'm still running the same security software. No need to change. :)
     
  3. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,617
    Location:
    USA
    It's in my signature...
     
  4. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    Xubuntu 22.04 LTS (PC my daughter)
    Strong password enabled
    Software Updates - LTS version notification
    Quad9 DNS
    UFW Firewall - enabled

    Google Chrome --disable-webgl --cipher-suite-blacklist=0x0035,0x002f,0xc014,0xc013

    • Javascript blocked for HTTP://*
    • Privacy Sandbox - disabled
    • Third party cookies enabled
    • Clears cookies and data from sites when you close
    • Secure DNS - DOH Quad9
    • Search Engine and Home web-page DuckDuckGo
    • Always HTTPS
    Chrome://flags - Enabled:
    • Block scripts loaded via document.write
    • Strict-Origin-Isolation
    • Parallel downloading
    • Reduce User-Agent request header
    • Enable CSS Container Queries
    • Disable subframe process reuse
    Extensions:
    • Speed Dial [FVD]
    • Stream Recorder
    • VideoDownloadHelper
    • Don't add custom search engines
    • Decentraleyes
    • Ublock Origin in Hard Mode - with TLD by Kees1958:
    * * 3p block
    * * 3p-frame block
    * * 3p-script block
    * com * noop
    * edu * noop
    * eu * noop
    * gov * noop
    * inf * noop
    * io * noop
    * it * noop
    * net * noop
    * org * noop

    P.S. The pc has been transferred today (it had to be transferred Saturday) to my daughter's house.
    I can't control this pc anymore, so I won't post any updates in this thread.

     
    Last edited: May 3, 2022
  5. Freki123

    Freki123 Registered Member

    Joined:
    Jan 20, 2015
    Posts:
    336
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    Th.:thumb:
    Yes, we have discussed this before.
    I also think that Team Mozilla's position is excessive.
     
  7. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    W.10 Home x64 21H2
    Local Account - Standard user - Limited permissions
    UAC maximum - Always notify
    Quad9 DNS
    Onedrive,Cortana,Advertising ID,Web Search - disabled
    Usage of location data for Cortana disabled
    Telemetry OFF
    Removed some Windows optional features.

    Microsoft Defender Firewall hardened with H_C.
    Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

    • Ransomware protection - disabled
    • No run in a sandbox
    • Core Isolation: Memory integrity - disabled
    • Some softwares hardened with maximum AE protection
    • All Windows Exploit Protection options - enabled
    MS Edge
    • Enabled Security Mitigations - Strict
    • Detection Protection - Strict
    • 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
    • TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
    • IL Appcontainer - enabled

    Edge://flags:

    Enabled:

    • Block scripts loaded via document.write
    • Automatic HTTPS
    • Strict-Origin-Isolation
    • Show block option in autoplay settings
    • GPU rasterization
    • Zero-copy rasterizer
    • Block insecure private network requests
    • Enable Digital Signature for PDF
    Disabled:
    • Show feature and workflow recommendations
    • Allow tab-to-search using Microsoft Search with Bing
    • Allow Microsoft Search with Bing for any default search engine
    • Allow preloading of pages by other applications
    Extensions:
    • (MS Store) - Decentraleyes
    • (Chrome Store) - UBO - Hard Mode
    • (Chrome Store) - Don't add custom search engines
    • (Chrome Store) - JShelter
    P.S.

    I had to restore this Insecure Chiper:

    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA


    because without it I can't renew my certified mailbox.
    I also had to remove SumatraPDF portable from the LocalLow (IL low) folder because if the IL is not at the default value (IL medium) it fails to print with my HP printer.

    Security is often inversely proportional to usability.

     
  8. tuvalu_tt

    tuvalu_tt Registered Member

    Joined:
    Apr 28, 2013
    Posts:
    56
    Location:
    Finland
    Nod32 was installed to Win8.1.
    But i need to build new computer that supports Win 11.
    Too risky to continue with 8.1.

    VoodooShield was not installed to 8.1. and i removed it from Win 10.
    i did not like it. also it's not free anymore.
    Not the reason i removed it, but someone who translated it to finnish has not seen the program or does not speak finnish.
    Disabled was translated to finnish word "vammainen" and that means: handicapped.


    I maintain 6 computers that have paid antivirus. 2 use Nod32, 4 use Emsisoft.
    Some also use HitmanPro.Alert.
    And used AV on 1 computer is Windows Defender, + HitmanPro.Alert.
     
    Last edited: May 15, 2022
  9. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Emsisoft abandons Win7 & Win8.1. Fine -- I abandoned Emsisoft a long time ago. Reason: they withdrew from testing by AV-Comparatives. Yes, I know that testing of AVs is not universally respected, but it's better than merely hoping & assuming that Emsisoft does a good job.

    Back OT: I have cut back my real-time security to only AVG & OSArmor. It's a boring set-up when compared to the detailed set-up used by (for example) @Sampei Nihira but I'm hoping it keeps the wolves away.

    If I add anything in the near future, it *might* be SpyShelter Premium. Wow! That security app is extremely multi-faceted and very VERY powerful, but doing its configuration involves a bit of a learning curve. SS has a splendid User Manual but I'm too busy to work with it right now.

    => I fervently wish @cruelsister would develop "expert configs" for SS as she did for Comodo.
     
    Last edited: May 15, 2022
  10. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Windows 10 Pro, latest release:
    • Defender enhanced with Hard_Configurator, including built-in Firewall rules
    • OSArmor with additional Protections enabled
    • Browser: MS Edge with as much telemetry disabled as possible and some recommended flags enabled, Quad9 DNS, uBlockO extension
    • Some security-related Group policy settings enabled
    Linux MX-21 (dual-boot setup with Windows 10):
    • MS Edge enforced with moderately strict Apparmor profile, ublockO extension
    • Thunderbird email client sandboxed under Firejail
    • Network Manager enforced with Apparmor profile
    • UFW (Uncomplicated Firewall), default-deny incoming and outgoing, with a simple set of Outbound rules as per attached screenshot, including Quad9 DNS
    Occasional offline backups using Macrium Reflect free

    UFW Rules-20220515.png
     
    Last edited: May 16, 2022
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I've decided to use this same setup, with the addition of * ca * noop

    It just makes things so much easier :thumb:
     
  12. Scott W

    Scott W Registered Member

    Joined:
    Sep 21, 2008
    Posts:
    659
    Location:
    USA
    Webroot SecureAnywhere - that's it (I get it free from the bank). I know it gets little respect around here but it's been the sole security system on each of my family's 4 PCs over the past 5 years and we have not had any malware issues.
     
    Last edited: May 16, 2022
  13. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Awesome same here Webroot SecureAnywhere Lifetime and I use VoodooShield Pro Lifetime and Glasswire Elite Lifetime nothing else needed.
     
    Last edited: May 16, 2022
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    Yes,it is a good compromise between usability and protection.
    Although you may have to tinker occasionally to make some websites usable.

    Example:

    https://imgbb.com/

    Try uploading and making an image in a forum visible to your browser.
     
  15. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Okay, I decided to add SpyShelter Premium (SSP). So my real-time security trio is AVG, SSP, OSArmor.

    I added SSP because of its wide spectrum of security components: anti-kernel mode keylogger, keystroke encryption, keylogger detection, protects clipboard, protects system (HIPS), provides internet security, enables user to place restrictions on specified apps, protects against unwanted screenshots, enables user-specified files to be protected, enables user-specified registry keys to be protected, & protects against unwanted webcam or microphone activation. NOTE: each of these components has its own On/Off switch & some components have settings. However, it works okay right out of the box.

    In my opinion:

    =>For fans of "set-it and forget-it: SSP will be a pain in the neck for the first several days of use. It can pop a lot of alerts as it develops HIPS rules on its own, based on user's specific apps & activities.

    =>For folks with some knowledge of computer security: SSP has an excellent "rule writing process" whereby users can develop their own, more granular rules, over & above the rules developed by SSP itself.

    =>For folks who want to learn more about computer security (I am in this category): SSP writes its own HIPS rules. Those rules are readable & easy to understand. Ergo, those rules are (so to speak) a text book for "Computer Security 101."
     
  16. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,157
    Location:
    Canada
    Was running MD with Configure Defender, Simple Windows Hardening and Firewall Hardening for quite some time. However, latest version of SWH has an issue whereas it blocks the opening of Excel files. He says he will fix this in a new version later this month. So for now I am running WD with Configure Defender, Voodoo Shield, and Macrium Reflect. When Andy releases the new version of SWH I'll probably uninstall VS and go back to SWH.
     
    Last edited: May 18, 2022
  17. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    @bellgamin
    Pretty much the same what i do, when i use third party firewall(not based on windows own firewall for sure). I run it in "learning mode" for a day. Then i just edit outgoing ruleset which programs(services) are allowed to connect, in which port, in which IP and protocol is used.
    Like windows update, browser updates etc. Then just lockdown your firewall to allow only those components to connect to internet you made ruleset for. Then set your firewall to ask mode.
    I know, it needs some more than basic knowledge, but after all you do have some more control what/who is connecting outside.
     
  18. tuvalu_tt

    tuvalu_tt Registered Member

    Joined:
    Apr 28, 2013
    Posts:
    56
    Location:
    Finland
    Not mean to defend. i just talk...
    I have used paid Emsisoft 8 years. and longer if you count free version and a-squared era.
    So i trust it most, so not good when they stop Win 8.1 updates.
    trust it most, but not currently using it myself:)
    From January, i have been testing NOD32 and it's possible that all computers i maintain is swapped to that.
    (Ideal is to have 1 AV, so it's more easy to give help over phone etc.)

    Anyway, MS is gonna stop extented win 8.1 support early 2023, so i (or my mother) only get extra 7 months with 8.1.
    New OS is needed, maybe new PC too. Cannot install win 11 to pc that has 4th gen. intel.
    with some hack yes, but updates may break hacks. not gonna babysit pc. so new pc is needed.
     
    Last edited: May 18, 2022
  19. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    @tuvalut_tt
    Something like im using, Symantec Endpoint, it's kinda free, tho not directly from downloaded from Symantec(as they still call it).
    Anyway, why im using it is that, rather than their "Norton" consumer products is that, even using self managed version of their endpoint, it will get the new signatures, IDS, etc sigs before basic consumer norton user does.
    And it has the best firewall/IDS/BIP(browser intrusion) system i've ever used, tho you need to configure it for own liking.
    Set SONAR and Bloodhound to "aggressive mode" you'll see how powerfull it is against malware(s).
    However, like i said, as its a self managed version, and its missing a lot of, like autorun(s)/registry/task scheduler/service protections. This can be overcome by using free HiBit startupmonitor, which monitor a lot of diffrent registry startup entries, task scheduler monitorin, process installers.
     
  20. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,344
    Location:
    Italy
    W.10 Home x64 21H2
    Local Account - Standard user - Limited permissions
    UAC maximum - Always notify
    Quad9 DNS
    Onedrive,Cortana,Advertising ID,Web Search - disabled
    Usage of location data for Cortana disabled
    Telemetry OFF
    Removed some Windows optional features.

    Microsoft Defender Firewall hardened with H_C.
    Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

    • Ransomware protection - disabled
    • No run in a sandbox
    • Core Isolation: Memory integrity - disabled
    • Some softwares hardened with maximum AE protection
    • All Windows Exploit Protection options - enabled
    MS Edge
    • Enabled Security Mitigations - Strict
    • Detection Protection - Strict
    • Always HTTPS
    • Quad9 DOH
    • Share browsing data with other Windows features - disabled
    • 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
    • TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
    • IL Appcontainer - enabled
    • Audio Service -sandboxed
    • Network Service - sandboxed

    Edge://flags:

    Enabled:

    • Block scripts loaded via document.write
    • Automatic HTTPS
    • Strict-Origin-Isolation
    • Show block option in autoplay settings
    • GPU rasterization
    • Zero-copy rasterizer
    • Block insecure private network requests
    • Enable Digital Signature for PDF
    Disabled:
    • Show feature and workflow recommendations
    • Allow tab-to-search using Microsoft Search with Bing
    • Allow Microsoft Search with Bing for any default search engine
    • Allow preloading of pages by other applications
    • Enable First-Party Sets
    Extensions:
    • (MS Store) - Decentraleyes
    • (Chrome Store) - UBO - Hard Mode
    • (Chrome Store) - Don't add custom search engines
    • (Chrome Store) - JShelter
     
    Last edited: May 24, 2022
  21. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    Windows Defender
     
  22. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    254
    Location:
    Poland
    these JShelter look interesting how you founded these addon and which settings you use :D
     
  23. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Yes, here and there I've had to do a little tinkering with a few sites, but nothing close to what I used to have to do.
     
  24. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    On my Windows 11 drive:

    Microsoft Defender | VoodooShield Pro | uBlock Origin | Firefox Quantum | Sandboxie Plus in hardened mode | Hard_Configurator FirewallHardening

    Nice and light. Rivals my Windows 10 setup for ease of use and feeling of decent security. :thumb: The extras on top of Defender have no impact on machine performance, nor are false positives and nags a big deal (at all).
     
  25. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    667
    Standard user account
    Microsoft Defender (+ Defender UI)
    Malwarebytes Premium
    WiseVector StopX
    Voodooshield Pro
    Chrome + AdGuard + uBlock + Trafficlight
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.