What is your security setup these days?

trying DefenseWall HIPS + PF and Emsisoft Anti Malware a killer combo

 

Windows XP: Norton Antivirus and Online Armor Premium. Zemana Anti-Malware on-demand.
Fedora 14: SELinux on permissive mode, iptables enabled.

 

Installed ESET Smart Security 5.0.65.0 BETA and Sandboxie 3.54 on my netbook. Also changed the HIPS settings to 'Learning Mode'.

 

Actually it would be better if you told me how they are different? Thanks.

I thought that the main function of both BD Traffic-light and AVG Linkscanner was to rate, and block infected websites?

Yes I know that the other might block what the other miss etc.., but IMO it's too much to have both of them anyway.

 

LOL Noob you are laying it on thick

 

Yeah d00d.
And i will not remove LNK from the options on SRP. Will be default and probably might add a few more extensions.

I want to do some sort of PC lockdown, a classical HIPS (I'm gonna try OA first on my current Windows to see if set at highest it works as a Classical HIPS if it does, then i will definitely keep it, if not i might replace it with Comodo D+ and Firewall which works in a similar fashion to OA HIPS and firewall)
HMP scans on every start and EAM as real time
So it should be:

Real Time Scanner: EAM
Real Time HIPS: OA
On Demand: EAM + HMP

Passive: SRP + EMET and the other generic tweaks.

 

noob OA will do good to ya
just configure files/registry to block unknown and untrusted programs to be block and allow trusted vendors only
block untrusted or unkown programs or files will be block to modify/delete/create/read in real time

 

My current security setup:

Realtime:
- avast! 6 Internet Security (Disabled:Mail, IM, P2P, Behavior, Script Shields)
- Mamutu 3 (From the giveaway)

Firewall:
- avast! 6 Internet SEcurity
- Belkin Wireless Modem Router

On-Demand Scanners:
- MalwareBytes AntiMalware Free

 

Still the same setup as in my sig

 

Thanks for recommendations, haven't used OA for a long time
And the registry feature is a new feature i've never used

Yeah man, finally fixed. But i still need a new DVD Writer to get a fresh Windows install, current one is just like a sandbox.

 

you can always play with this new feature it is fantastic like a dream for medont need anti-executable anymore it protects your registry in real time and also files as system32 etc etc just dirty ur hands configuring and end up dumping your antivirus and just use a ondemand scaner

 

Online Armor ++ and MBAM Pro (but only as on-demand scanner) and Emsisoft Emergency Kit. Thinking about adding Mamutu (because I do have one year licence for it).

 

Setup for now

Realtime:
KIS 2012 (antispam and anti-banner disabled)
AdMuncher 4.92 build 32591 (beta)

On-demand:
Malwarebytes free
SAS 5 free

And that's it! Damn I love this setup and I really have fall in love to kaspersky 2012. They've done good work this time, really really good job!

I tried nod32 v. 5 + outpost firewall pro 7.5 combo, it was good and light but IMO eset just don't have nuts enough more..

 

could u please tell me how to do that?

so did u add root drive such as c:? or specific folder?
and the same question for the registry protection

 

the c:\* is already there just change things around like instead of ask or allow i change to block for files and any untrusted or unknown programs can not delete modify create or within that location,it is simple just go to files/registry feature options and dirty your hands like dirty harry

 

you can add folders too for files rules if you want or eeven start up registry location to block untrusted or unknown programs in real time it is beautifull man

 

Sounds good Noob

 

i am waiting for geswall and defensewall 64 bit versions?

 

Windows 7 Professional 32-bit (Modem-Router NAT: enabled)

separate partitions for:

• SYSTEM
• PROGRAMS
• DATA

Setup:

1. Disabled Windows System Restore and Windows Defender
2. User Account Control set to Highest
3. Microsoft Security Compliance Manager (MSCM) for downloading Baseline Security Templates from Microsoft that will harden Group Policy settings.
4. LocalGPO (included in MSCM) this tool is used to apply Security Templates.
   
   • Templates used: Merged copy of Win7SSLFComputer, Win7SSLFUser and IE8SSLFComputer, IE8SSLFUser
     • Do not allow legacy apps to run
   • Modified GPO thru 'gpedit.msc' also added some Safe-Admin tweaks
     • allowed Administrators to debug programs (Compatibility for EMET. see below)
     • 1806 trick
5. Enhanced Mitigation Experience Toolkit (EMET) to apply the ff. and more:
   • Data Execution Prevention (DEP): Opt-out
   • Structured Exception Handling Overwrite Protection (SEHOP): Opt-out
   • Address Space Layout Randomization (ASLR): Opt-in
6. Returnil for system virtualization (antivirus disabled / trust programs from real disk only)
7. Peerblock
8. Outpost Security Suite FREE ( Firewall:Block Most / Antimalware:Scan on execution / Anti-leak:Low )
9. ClearCloud DNS
10. Hitman Pro (for fast scans)

Google Chrome --safe-plugins -incognito (Regular Browsing)

• Clearcloud DNS
• 1806 Trick

JanusVM + Opera Browser (Anonymous Browsing)
javascript enabled for whitelisted sites only
plugins only on-demand.
disk cache off
never check cached documents and images
Turbo Mode: ON
Disabled Geolocation and mouse gestures.
Fanboy's Adblock list for Opera

 

@jmonge

ok I'll try it, normally I'd wash my hand, but if u say so...

 

only Pontius Pilate wash his hands man

 

Running ESET Cybersecurity for Mac. Works fast and light.

 

Real-Time/Resident/On-Access

• DefenseWall Personal Firewall v3.12 BETA
• WinPatrol Cloud Edition Plus 20.0.2011.2

On-Demand

• Avira AntiVir Rescue System
• Malwarebytes' Anti-Malware Free 1.50.1100.1
• SUPERAntiSpyware Free Edition 5.0.1078
• Norton Power Eraser
• Emsisoft Emergency Kit
• Hitman Pro Paid 3.5.8 Build 119

Network/Browser

• TP-Link TL-WR340G 54M Wireless G Router (SPI Firewall)
• Norton DNS
• Mozilla Firefox 4 (Sandboxed by DefenseWall, NoScript)
• Google Chrome 12 (Sandboxed by DefenseWall, ABP)

System Hardening

• Autorun/Autoplay: Disabled
• Windows Firewall: Disabled
• Windows Defender: Disabled
• Windows System Restore: Disabled
• Administrator Account
• User Account Control: Default
• Enhanced Mitigation Experience Toolkit 2.0.3: Maximum settings
  All Internet-facing applications + Microsoft Office 2010
• Unsigned Drivers: Block
• Detect Application Installations: Off

Instant Recovery

• Rollback Rx

Acer Aspire Netbook:

• Sandboxie Paid 3.54

 

One good reminder I'll try to make my hand dirty whenever I can from now on