What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Out for another test drive of OA. :D
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    2 PARTITIONS

    One is defended by ProSecurity 1.43

    Other is defended with EQSecure 4.0 beta w/Alcyon Rules

    Both have Vitual systems, Power Shadow + Returnil

    Both are guarded with SandboxIE

    Both are imaged with DriveSnapshot

    Both employ Kerio 2.15 w/ KZ rules

    BOTH ARE sp2 XP PRO and no issues with either.

    EASTER
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I see you dropped Cyberhawk??
     
  4. Ohmy

    Ohmy Guest

    Vista Home Premium K x32
    Kaspersky Internet Security 8
    SuperAntiSpyware Free
    WebMa2 Browser (works like a charm;))

    This setup until next DW release...

    Hurst, do you only use SandboxIE? :eek:
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Almost :D
    Sandboxie and Returnil.

    Every now and then I scan with MBAM, SAS and/or CureIt (but never find anything)

    I'm behind a hardware router.

    I browse with firefox+noscript.

    DEP enabled for all programs.

    That's it.
     
  6. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    517
    Hi guys, new member here. :)
    I'm glad to have found a forum that focuses on security!

    My current setup is:

    At the office, Windows XP and W2K:
    -BIOS password
    -AVG antivirus + Avast antivirus
    -Comodo firewall pro 3 and Sygate Personal Firewall (other firewalls don't work well with the W2K box, unfortunately. especially Comodo)
    -Various antispyware software such as Spybot, Spywareblaster, Superantispyware
    -Using a non-root/admin environment for daily PC usage.
    -Disabled various services (but that's not an easy task. many services are interconnected with each other)
    -Firefox with Noscript and Blocksite, Opera
    -Regular software updates, using Secunia's software checker.
    -Installing software from good sources.

    At home:
    Laptop and Desktop -

    -Archlinux (a distro that is very charming)
    -Ipfilter
    -non-root environment (using 'su')
    -only vital services/daemons running (Archlinux is great in that regard, that it doesn't come with tons of services enabled post installation, you have to manually add those one by one. I have like 5-6 services enabled)
    - Running HIPS-like software such as Samhain once in a while
    -Rootkit detectors (rkhunter, chkrootkit)
    -Firefox with various add-ons, Opera
    -regular updating of software (well, in Archlinux everything is bleeding software!)
    -using different partitions for /var /usr /tmp /home etc. Those are mounted with different values such as 'read only', 'nosuid', 'noexec' and so on.
    -disabled the flag for various executable files that disables them being run as root/admin for regular users.
    -dualbooting with CentOS 5 on the desktop PC with SELinux enabled
    -Using trusted sources/repositories to install software - but this isn't very reliable at all, at least in theory. Check out this:

    http://www.cs.arizona.edu/people/justin/packagemanagersecurity/

    -I've also tried OpenBSD recently but I felt it didn't fit my needs for a regular desktop system. For example, Firefox crashed repeatedly and it turned out it's a feature not a bug - regular users have restrictive quotas on how much system resources they can use. and it's no news that Firefox 2.x is resource hungry. ;-) ) I also find updating the system quite time consuming - there are no binaries but you have to update one by one using the source code.

    If you want to stay on the edge using its port and snapshot system, especiallly if you want to keep third-party software as current as possible, you seemingly have to spend a considerable amount of time making it work. If you stick to a release version (which is recommended and which I did), you more or less are stuck with outdated software that won't get updated until they make a new relase unless you go for the ports/snapshots option.
    The Firefox in the release version is 2.0.0.12 and the patches are not being backported.

    This issue has been raised pretty often in the OpenBSD's mailing lists and the common reply they get is: "If you don't like it, don't use it. Use a different OS". :rolleyes:

    But OpenBSD's security features would hopefully mitigate any attacks caused by buffer overflows, but I didn't feel very comfy about using outdated software and just hoping for the best.
    Also, applying a small patch to the kernel requires rebuilding both kernel and userland which is pretty time consuming.

    Another thing to consider is that it's only the base system that's been meticulously audited by the developers. The third party software haven't.
    While I feel OpenBSD is a great idea and concept, it lacks stuff that I've got used to in Linux land. Will probably try out *BSD again on a spare drive.

    Sorry for the long post. :)

    Edit:
    *oops* I realized that I probably have posted in the wrong thread! Sorry about that.
     
  7. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Some changes... Still finalizing my totally minimized OS.

    Buffalo WHR-HP-G54 - [DD-WRT + OpenDNS]

    Windows XP Professional SP3 - [Customized + nLited]

    • DefenseWall
    • Online Armor
    • Sandboxie
    • Shadow Defender
    • KeyScrambler Premium
    • MailWasher Pro
    • RoboForm Pro
    • Ace Utilities + Registry Defragmenter and Compactor
    • Cobian Backup
    • FreeCommander
    • K-Meleon
    • KiTTY
    • Proxomitron

    BTW I'm still seeking orginal FD-ISR license :D
     
  8. ParadigmShift

    ParadigmShift Registered Member

    Joined:
    Aug 7, 2008
    Posts:
    241
    My Vista Box:

    Windows Vista Ultimate
    LUA
    SRP (with added DFT and AR)
    Windows Security Defaults (enabled)
    Linksys Wireless-N WRT350N
     
    Last edited: Aug 8, 2008
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Not at all, just forgot to include it, thats all, thanks for reminding me. Old CyberHawk still is covering behavioral blocking as best as it can since it's old timer but it's a TERMINATOR against DLL Injections and thats a rootkit/malware trick that can evade if the originator is focused on today's apps, thats why i mix and match the old with the new because today's malware author's concentrate on the latest security apps and rarely blink an eye to old favs.

    EASTER
     
  10. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    New setup on "dummy" PC:

    Realtime:
    Deep Freeze 6
    Sygate Personal Firewall (custom ruleset)
    Winpatrol
    SnoopFree


    On-Demand:
    Acronis True Image
    ComboFix
    Flash Disinfector
    SAS
    MBAM
    CCleaner
    ToniArts EasyCleaner
    Auslogics BoostSpeed


    Web browsers:
    K-Meleon 1.5 zip version (default and sandboxed by Sandboxie)
    Flock w/ various Firefox addons
     
  11. hex_614

    hex_614 Registered Member

    Joined:
    Jul 17, 2008
    Posts:
    155
    Location:
    Manila, Philippines
    this is my setup. fasts, safe and secure
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    my set up at the moment is:
    AppRanger 1.9(system lockdown)
    SpyWare Terminator 2.3
    waiting for the next DefenseWall with outbound protection:thumb:
     
    Last edited: Aug 10, 2008
  13. jj680

    jj680 Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    1
    Avira AV Free
    a-squared Anti-Trojan
    Firefox 3.0.1
    Kerio 2.1.5
    Cerineal Abnogulous XL v5.3
     
  14. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    In realtime Sandboxie,going dodgy then i'l fire up Returnil,thats it. I have a great trust in this setup,it keeps me clean for the last year,surfing high and very,very low.
     
  15. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    399
    Antivir Premium
    Outpost FW Pro 2009
    Firefox + NoScript
     
  16. Z32

    Z32 Registered Member

    Joined:
    Jul 20, 2008
    Posts:
    51
    I don't think my setup will compare to some of yours, but here goes! :) . Please post any suggestions you feel would compliment this.

    Windows XP SP3 system

    Hardware:
    NAT

    Resident:
    Avast Professional Edition (paid)
    Comodo Firewall Pro (free) - Safe Mode, Defense+ is turned off
    Comodo BOClean (free)
    Defensewall HIPS (paid)
    Peerguardian 2 (free)
    Keyscrambler (paid) - latest addition

    On-demand:
    Registry Mechanic (paid)
    CCleaner (free)

    Firefox: NoScript, Adblock Plus, FlashBlock


    Some questions...

    - Should I be using anything else? i.e. anti-spyware, anti-malware (MBAM, SAS, etc.), backup (FD-ISR, etc.) ?

    - I'm running DefenseWall HIPS & BOClean - is this a double-up? (want to keep DefenseWall regardless :) )

    - Should I have CPF's Defense+ turned on, even though I have DefenseWall?

    - Also, I've heard CPF & PG2 don't play well..but I've experienced no apparent issues. Any ideas? All I can think of is that CPF hasn't blocked *a lot* since I installed/trained it.

    Thanks
     
  17. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Having wiped Vista, XP and 2000 off my PCs, I use a very plugged Win 98 SE with BD Free on 2 PCs, and that's it as per MS software. Otherwise, LCF runs all the rest. MS simply eats the big one!
     
  18. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,571
    Resident:

    NOD32 2.7x & NOD32 3.x
    Microsoft Windows Defender
    Sandboxie (Paid) (All Browsers & E-Mail "Forced" to Sandbox)
    LinkScanner Pro
    Windows XP Pro SP2 Firewall (All Updates)
    Cable/DSL Wireless Router with SPI (Wireless Turned Off, Wired Connections to PC's)

    On Demand:

    SuperAntiSpyware Free
    MalwareBytes AntiMalware
    a2free (Some false positives but will continue to use.)
    AVG AntiSpyware Free (Will use as long as updates are available.)
    Ad-Aware (Rarely used. May uninstall in near future.)
    Spybot S&D (Use mainly for Immunization)
    SpywareBlaster
    AVZ AntiViral Toolkit (Scans with Maximum heuristic settings/Report Only.)
    DrWeb CureIt (Occasional use in Safe Mode)
    TrendMicro SysClean (Rare use)
    DrWeb Live CD? (When it gets out of Beta I will give it a try.)
    Avira System Rescue CD (Have not used it yet. Will give it a try some day.)

    Online Scanners:

    VirusTotal for suspicious files.
    Kaspersky Online Scanner

    Other Tools:

    AutoRuns
    ProcessExplorer
    TCPView
     
    Last edited: Aug 11, 2008
  19. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    You're a real scanner guy :D
     
  20. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Active
    Look'n'Stop
    DefenseWall
    Sandboxie

    On-Demand
    DrWeb
    Malwarebytes Anti-Malware

    Hardening
    Seconfig Xp
    SpywareBlaster


    Hardware Firewall
    AlphaShield

    Opera
    OpenDNS
     
  21. Reimer

    Reimer Registered Member

    Joined:
    Apr 6, 2008
    Posts:
    217
    Windows XP Pro SP3
    LUA + SRP w/ SuRun 1.2.0.0
    Avira AntiVir Premium
    SandboxIE

    Firefox 3.0.1 w/ NoScript

    /edit:

    just added SRP
     
    Last edited: Aug 12, 2008
  22. Ohmy

    Ohmy Guest

    [Active]
    Defensewall
    Vista built-in security (FW,AS,UAC)

    [On-Demand]
    Dr.Web Cureit!
    SAS Free

    back to the old setup. :cool:
     
  23. demonon

    demonon Guest

    How about this setup?

    Windows Vista SP1
    Behind a hardware router with SPI Firewall
    DefenseWall HIPS v2.45
    GeSWall freeware

    Hardening with Spybot SD and Spywareblaster
    Surfing With Firefox 3.01 with Noscript and KeyScrambler (And various other extensions)
    Doing some regular scanning with MBAM and SAS
    Recovery with System Recovery and my music, video's etc. on another isolated HDD.

    Good setup or not?
     
  24. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Using two policy based HIPS at the same time?
    I don't think that is such a good idea.
    May cause more harm then good.
    I would try both but one at a time and see which one fits your needs.
    I would also trial GesWall Pro.
     
  25. demonon

    demonon Guest

    Then my choice probably will be GesWall pro.
    I guess I have sufficient protection now, or am I missing something?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.