What is your security setup these days?

Hello, I just joined forums but this isn't the first time to being at WSF anyhow had random visits for a while and I like it here, this is my security setup. your advice is appreciated.

OS;
Windos 7 sp1 x64
EMET hardening

backup;
windows/paragon backup & recovery 2011 advanced free

fire wall;
hardware/online armor free

hips;
online armor firewall
mamutu


real-time;
avast free/unistalled bb

on-demand scanner;
mbam free
hitman pro
sas

browsers;
firefox 4
ie 9

firefox add-ons;
adblock plus
betterprivacy
keyscrambler free
wot

ie add-ons;
tracking protection on
NAI
fanboy-adblock
abines
keyscrambler
wot

 

+2. It's been almost 5 months for me with Sandboxie, and Sul has been a great help!
I agree 100% with justenough... SBIE is the core of my security plan.
The way I see it, my computers should be measuring time as BS and AS... Before Sandboxie and After Sandboxie.

 

I really dig native security solutions primarily because in the days of yester-year the options were either fairly resource intensive (bogged you down) or really chatty ("click yes or no"), or both, and native solutions can be very effective and are certainly lightweight! Some of the newer solutions are light-years ahead of thier predecessors in these areas, for sure.

Sandboxie has really been the one tool that no matter what new half-baked security scheme I am toying with, is always there and always does exactly what I want it to. For people using LUA/SUA/UAC, they have a leg up on the whole affair, and Sandboxie might not bring as much to the table as it used to. For those who go further and implement a default deny policy, even more so. But even in those situations, there is nothing quite like it in terms of how quiet it is, in how robust it can be, in how secure you can make it, and IMHO how it can really change how and what you do, especially in terms of online banking and the like.

For myself, I will never be a User on my machine, as I am not a User but an Admin, and all that I do, literally 90% of the time, is Admin related activities. So for me, Sandboxie is my literal sandbox to tinker in with almost all new programs and often settings. It has supplanted vmWare as my test environment because it takes no resources, costs next to nothing compared to vmWare, and is always loaded. vmWare still gets used, but for fewer and more specific purposes than it used to.

I cannot and will not go back to being online without it. I could manage to stay infection free I am sure, but it isn't only the security for me that makes me praise it, it is the whole package.

Sul.

 

I've always wonder, sully did u use anything else real time? (Besides sandboxie)

 

You're set to go. Nothing more is necessary, but you can add internet safety checkers like ClearCloud DNS and BitDefender TrafficLight.

The first checks websites against their database of known malicious sites. Once detected, you are prevented entry and the site won't affect you. For false positives, you can submit them to get it fixed within hours. It is updated automatically on their servers. That, and its excellent detection rate, are why I chose it over several other options. You can apply it on your router as well.

The second scans websites in real-time. Therefore, it's very effective against zero-days. You can go to the website anyways, so that takes care of false positives. I prefer the extension version over install, because it's far lighter and more compatible.

 

My probable future security setup...

System restrictions: SUA+SRP(whitelist via parental controls)+UAC
System Restore: Keriver 1 Click Restore
Browser protection: Sandboxie+Keyscrambler
AV: (?)+Hitman Pro
Windows Firewall


About the AV (?), considering:
- Avast[file shield only, on-execution]
- Panda cloud AV free
- Emisoft AM free [on-demand only]

 

i think i am going to settle down with SpyShelter and hitman pro

 

My current setup :

Resident :
KIS 2011 (everything ON)
NIS 2011 (w/o spam filter)
Mamutu
OA++
Sandboxie
Threatfire
Prevx (w/o Safeonline)

Hardening:
It's a long list but everything is ON (DEP, SEHOP etc.) , UAC on maximum.
EMET of course.

Backup (Images and snapshots are created hourly) :
Ashampoo Backup
Windows Internal Backup System

On demand scanners (daily full scans) :
Hitman
MBAM
Super AntiFighter
Ultra Killer
Giant malware destroyer
Norton power eraser

Firewall is hardware on isolated subnet , using OA firewall along with it just in case.
For DNS protection I'm not sure yet, still testing ... but currently I'm on ClearCloud solution (it's good so far IMO)

Browser isolated all the time via different solutions (Sandboxie, OA Run Safer, KIS)
Various browser addons, mostly privacy, security and malware related.

Machine is running nice and smooth, I think I'm good to go

I'm considering adding Avast to the mix, any suggestions ?

 

Stupid question time. Are you using more than one machine?

 

2 Internet Security and 2 behaviour blockers?! OMG, and you're considering to add Avast...

By Super AntiFighter, do you mean SuperAntiSpyware? Also what is this Giant malware destroyer?

 

AppGuard 3.0.13.0
Sandboxie 3.54
Shadow Defender 1.1.0.325
Macrium Reflect Full Edition 4.2/3141

 

Totally meaningless configuration. It is better to reveal it!

 

Slim and cool!

 

simple is better

 

added sandboxie to a vista x32....

 

good K

 

Trying Vipre Premium and Sandboxie right now..


Slim and powerful

 

Great combo, LB.
VIPRE runs lighter for me than avast ever did.
And with SBIE, you're standing on very solid ground, man.

 

Trying out Vipre Antivirus with Zemana Antilogger and Look N Stop. So far pretty smooth going... I'll probably reinstall OA 5 Premium with Vipre in a few days.

 

Win7 Pro 32-bit:

Sandboxie with internet and start/run restrictions and drop rights with Avira free (Nag screen stopped via Local Security Policy)

MBAM and Hitman Pro on-demand.

EMET at max and configured for all internet facing apps. All Autorun features disabled via Group Policy Editor.

 

No, I don't anymore.

All browsers start restricted via Integrity Levels (usually). All browsers are forced into a separate sandbox. All sandboxes are restricted. All browsers download all files to a common directory, which is itself forced into a separate sandbox with no outbound network access allowed. All media player have thier own sandbox. In short, all programs likely to be an entrance for malicious files are held with Sandboxie.

System hardening rounds out the security, whether using Integrity Levels or rights to files/folders. It is not the right approach for many, but for me, I do not have issues, ever. I like the lack of configuring a piece of software, which gives me more time to check out obscure settings in the OS and see how they might add/detract from my security.

If I am especially nervous about a file, I will upload it to an online scanner, but that is pretty rare. But then, I don't download a lot of stuff that could have malware etc. I primarily look for little tools that have been around awhile, or are open source, or I just search for code to see how it works, and sometimes try to build it myself

Sul.

 

Ahh I got ya dja2k.

 

Post was a joke , after reading what people are using here (and it's not far from that setup, some are even worse) I just needed to have some fun

What I actually use is just Comodo firewall (firewall enabled only, w/o D+ , AV and Sandbox), from time to time I do scans with Hitman and MBAM, that's it.

 

Alright!

Nice setup!

 

cool set up