What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Just playing a bit on the old XP box to get the fastest start up time of Opera (cold first uncached startup). Achieved a 1 sec plus cold startup with

    Rising FW FREE
    - Trojan scan on startup
    - ARP protection on
    - check on changed Internet facing Programs OFF (is not possible with GW on guard)
    - silent mode (with Trojan scan when denying internet access to new program)

    GeSWall PAID
    - added Aigle's tip to control outbound by untrusted (in combo with Rising FW defeats every leaktest except DSN recursive call, closed DNS service in XP to pass this also)
    - protect Outlook Express mail directory plus Webb Address Book (set confidential)

    Avira FREE
    - rootkit scan on bootup
    - Network shield (light NIDS on worms)
    - Standard shield with on execution scan OFF, check on read access OFF (so only checks at writes)

    Anvir FREE
    - all options OFF, except intercepting Autostart additions
    - start on bootup
    - no icon (to loud/atttracks to much attention)


    Conclusion:

    The traditional layered apporach:
    - policy management (through GeSWall for threatgate aps)
    - Firewall (Rising FW for all plus GeSWall for untrusted)
    - Antivirus (Avast write on access check of Standard Shield, Worms with Avasts Network shield, Trojans with Risings FW extension of Rising AV, Roootkits with Avast boot scan)
    - Antispyware (wth Avast standaard shield and Anvir startup entries warning as light IDS)


    Is not a bad approach after all. Who says it is overrated or bloated try to match a Opera startup cold on a Athlon 3900 just over one sec.

    Regards Kees
     
    Last edited: Jul 23, 2008
  2. Beavenburt

    Beavenburt Registered Member

    Joined:
    Dec 17, 2006
    Posts:
    566
    Or he may not. I've been running naked for some time now and have never even had a sniffle.
    Anyhow, if he does catch flu he's got the good Dr there to CureIt :p
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    hey you got me there:D
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i know well my advice for those whose are going naked dont click to any link you dont know cause may be malicious or drive by infection and other thing
    is to make sure the executables are not infected otherwise you will have a pc
    with a black screen monitor or something like that.
     
  5. Beavenburt

    Beavenburt Registered Member

    Joined:
    Dec 17, 2006
    Posts:
    566
    While i'm here I may as well post my setup.

    Laptop:
    XP partition - Router / Fully patched with Hardening / Alternative browser / Occasional CureIt scan
    Linux Partition - PClinuxOS Minime 2008

    Desktop:
    The mighty Arch :thumb:
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I've only been running naked for about 18 months but can not recall ever being infected since going on line in 1996. Until about 2 years ago I assumed that it was all the Spybot, ad-aware, kerio, avast, ........ hips etc that had protected me.

    anyway as you say if I ever did get infected the good Dr would be there. In practice I wouldn't trust a system that had been contaminated and would just restore a previous image.
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I like naked.:cool: Keep in mind, if you have the firewall in XP or Vista, you arent naked. Being naked, really means, being stupid.
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    even if you have the windows firewall on in these days of hacking and cracking you still nude:doubt:
     
  9. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    FULL LIST JULY 29, 2008

    NETWORK
    Two Linksys Wrt54g Routers (DD-WRT Flashed) in WDS Mode
    SPI Firewall Enabled, MAC Filtering Enabled for Wi-Fi
    Static IP and OpenDNS Setups for all Users

    RESIDENT - XP MCE 2005 SP3 (All Updates Installed)
    Online Armor AV+ v3 Beta (2.1.0.159)
    - Custom Bluetach Blacklists Enabled (For Global and P2P Dependent)
    - RunSafer Enabled for all Browsers, Email Clients, Messengers, Media Players, P2P
    Applications, Text & Photo Viewers
    Sandboxie 3.29.05 (Paid)
    - ForcedProcess Enabled for Email Client and all Browsers
    - Automatic Delete Enabled for all Sandboxes
    - Restricted Executable Settings for Firefox and Opera
    Script Sentry 2.7.1 (All Extensions Associated)
    Process Explorer 11.20 (Task Manager Replacement Enabled)

    HARDENING & TWEAKING
    Harden-It 1.2 (All Default Recommended), Bugoff 1.10 (All Enabled), SeconfigXP 1.1 (Configured for Home), Security & Privacy Complete 3.2.1 (Custom), Spyware Blaster 4.1 (Immunized), Sybot Search & Destroy 1.6.0.30 (Immunized), Advanced System Optimizer (Custom), WinXP Manager (Custom)

    ON-DEMAND
    A-Squared Anti-Malware 3.5 (Paid), Malwarebytes Anti-Malware 1.23 (Free), Avira Antivir Personal 8.1.0.326 (Free), Ewido Micro Scanner 4.0, Prevx CSI 1.9.112.154, Dr. Web CureIt! 4.44

    OTHERS
    VMWare Workstation 6.0.4, KeyScrambler Personal 2.1.0.1 w/ (Firefox Plugin), AI RoboForm Pro 6.9.90 (Paid) w/ (FF Plugin), CCleaner 2.09.600, RunScanner 1.6.1.0, ATF-Cleaner, FileHippo.com Update Checker 1.023 (Beta), Sysinternals Suite

    BROWSERS
    Firefox 3.0.1 (NoScript, Adblock Plus, Adblock Updater, ShowIP, SSL Blacklist, TrackMeNot, Distrust, PhishTank & WOT), Opera 9.51, Internet Explorer 8 Beta 1 (IE Pro)

    BACKUP & PARTITIONING
    Acronis: True Image 10, Disk Director Suite 10, & OS Selector 10*

    *Always have two exact XP images on separate partitions for immediate boot & restore.

    dja2k
     
    Last edited: Jul 29, 2008
  10. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    All depends on how you define naked i guess. I would define my current system as being naked, all i'm running is the default install of vista ultimate. My plan is to just run as is till the end of the year or until something bad happens :).
     
  11. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    As of July 23, 2008:

    Resident Protection:
    DefenseWall HIPS v2.44
    SUPERAntispyware Professional 4.15.1000
    Windows Vista Firewall
    Windows Defender

    On-demand Scanner:
    Malwarebytes' Anti-Malware FREE
    Avira AntiVir Personal 8
    Dr. Web CureIt! 4.44
    Prevx CSI+
    a-squared Anti-Malware FREE
    F-Secure Blacklight
    Panda ActiveScan 2.0

    Backup Software:
    Paragon Drive Backup Personal 9

    Browser:
    Opera 9.51 (along with specific UserJS)
    Ad Muncher 4.72
     
  12. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    I thing I never get is if people are running with no security software how do they know they are not infected? Or do you still use manual analysis or something?

    Thanks
     
  13. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Hi

    Am I missing something or what? Are you using AntiVir, Avast, or AntiVir with Avast? o_O o_O :blink:

    Thanks
     
  14. rolarocka

    rolarocka Guest

    ACTIVE (behind router)

    Nod32 2.7
    ThreathFire
    SandboxIE with Opera 9.5

    ON-DEMAND

    MalwareBytes Anti-Malware
    WinPatrol
    SUPERAntiSpyware Free

    BACK UP/RECOVERY

    Image For Windows/Image For DOS
     
  15. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    ocassionally I just load up the same software as most everyone else and run it.
    I have never found anything other tha the odd flase positive. The benefit I get is a machine which is not running multiple programs which do slow you down - especially Avs. when I have finshed a scan I just reboot and the program is gone. Many times I have asked if anyone knows of a program that I should run but no one has been able to provide me with the name that has been able to find anything bad. So although I can not be sure that my machines are not contaminated I think it reasonable to assume that I'm clean or at leat it would be unreasonable to assume that I'm not.
     
  16. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    OK. Thanks.
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    @ Someone

    Avast standard shield + network shield. Anvir Taskmanager. Rising FW has a component of Rising AF which performs a memory scan on boot up and scans a new program seeking outbound internet access. This component only scans on Trojans.
     
  18. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    OK. Thanks. I thought you said Avira.
     
  19. Bio-Hazard

    Bio-Hazard Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    529
    Location:
    Cornwall, UK
    ACTIVE:

    Router (SPI and NAT)
    Online-Armor AV+ v. 2 with Firewall (Latest Beta)
    DefenseWall v. 2.40 (Latest Beta)
    Winpatrol Plus (Keeping eye on things)

    ON DEMAND:

    Malwarebytes' Antimalware (Paid)
    SUPERAntispyware Pro
    Hijack This
    Spywareblaster 4.0
    ProcessExplorer
    Runscanner
    CCleaner
    Secunia PSI

    BROWSER:

    Firefox 3 with No-scripts, Roboform toolbar, Adblock Plus.

    BACK UP:

    FDISR 3.31 build 232
    ShadowProtect 3.1.0.3
     
  20. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Buffalo WHR-HP-G54 - [DD-WRT + OpenDNS]

    Windows XP Professional SP3 - [Customized + nLited]

    • DefenseWall [Paid, 1 year] - 24/7 Support, thanks Ilya.
    • Online Armor [Paid, 2 years] - Betas, betas and again betas... with 100% stability.
    • Sandboxie [Paid, Lifetime] - Simply awesome.
    • Shadow Defender [Paid, Lifetime] - Full shadowed computer. What else man can want?
    • KeyScrambler Premium [Paid, Lifetime] - Works now with SSH etc.
    • MailWasher Pro [Paid, Lifetime] - Kicks ass spam filter.
    • RoboForm Pro [Paid, Lifetime] - Secure passwords and notes.
    • Ace Utilities + Registry Defragmenter and Compactor [Paid, Lifetime] - Still the best.
    • Cobian Backup [Free] - Simple FTP & USB backup.
    • Mozilla Firefox [Free] with Adblock Plus, CookieSafe and NoScript,

    BTW I'm still seeking orginal FD-ISR license :D
     
    Last edited: Jul 26, 2008
  21. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    ACTIVE

    Router
    Kerio 2.5.1
    DefenseWall

    ON DEMAND

    Dr.Web CureIt
    SuperAntispyware

    BACKUP

    FD ISR
    ShadowProtect
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    hey you are a lifer:D :thumb:
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    current set is DefenseWall and AppRanger with my system lockdown:thumb:
    note:i set AppRanger on low only when microsoft wants to update and then
    put it at guard at high:thumb:
     
  24. Ohmy

    Ohmy Guest

    Waiting for the full version of Defensewall 2.45 to come out. :)
     
  25. ex3

    ex3 Registered Member

    Joined:
    Jul 9, 2008
    Posts:
    34
    Distrust is not computable with FF 3.01
    waiting for the update.

    really nice setup, id you forget to include NoScript
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.