Is possible: Free security setup - without antivirus

With free current security programs (existing today): can be a good security combination, but do not contain antivirus and ... be still solid? If so: that would be that combination?

 

Sandboxie.

 

Agreed.

 

For almost 2-years now,I've ran with this setup,with no antivirus.

Geswall - Windows firewall - Linksys router- {On demand scanners} Hitmanpro & Malwarebytes

Thats it!

 

GesWall, use the trial first then it will revert to free version

 

Geswall - t provides good security, and it can ensure a safe use of the Internet; but it has no total untrusted file control, nor is it capable of defending from higher level of intrusions.

 

Sandboxie just is not enough.

 

what intrusions do you worry about? maybe you can specify your threatgates so we can help.

 

As some people recommended.

-Get a classical HIPS (Online Armor, Malware Defender, Comodo FW etc.) or something like a policy/rights based HIPS (Defensewall)

-A sandbox for the browser (Also applies to all other software which can be sandboxed such as IM clients) which is one of the main vectors for malware infection nowadays.

-On demand scanner to do regular scans (EAM Free, Malwarebytes, Hitman Pro, PrevX and many others) Personally i recommend getting Hitman Pro + an additional top notch AV.

-Use your windows tools (LUA or SRP/Applocker, EMET etc.)

-Be careful while surfing the web and plugging the lame USB sticks.

 

Perhaps it would be better (free software):
- Firewall + HIPS (Mlaware Defender, ThreatFire, Outpost Free Firewall, Online Armor Free, Comodo etc)
- Sandboxie (or similar)
- Shadow defender (or similar)

 

alright then... seems like you know your options already

 

I not have problems. It is a general discussion about: "Is possible: Free security setup - without antivirus". About Geswall: so said many users.

 

No, not necessarily! Perhaps there are other possibilities (much better).

 

And you have not had any problems?

 

most definitely, it is possible to secure a pc without antivirus.

the thing is I want to know what kind of approach do you want for your setup? so maybe I can help

1. a default deny setup, then everything you explicitly execute will be isolated so nothing can touch your OS? (my preferred setup)
   
2. a setup that monitors everything and alert you of behaviours then you decide what to do? (not my thing)
   
3. both? (overlapping and paranoid) or maybe you have other things in mind?

 

Sorry if i'm asking here,but when i was using Geswall free and wanted to open the downloaded files outside GW,it was always asking me to run as Admin..I am the Admin,damn it!

 

1 - "a default deny setup, then everything ...."

 

If you configure and use it properly it is enough.

 

sorted by resource usage: (light to heavy)

Setup 1: https://www.wilderssecurity.com/showpost.php?p=1936214&postcount=18683

Setup 2:https://www.wilderssecurity.com/showpost.php?p=1935095&postcount=18590

Setup 3:https://www.wilderssecurity.com/showpost.php?p=1912361&postcount=17025


you can add Spyshelter FREE to setup 1 to prompt or auto-block malicious behaviours that tries to run outside sandboxie free's scope of protection.

I recommend setup 1

 

OK! Thanks for answers!

 

Yeah, but the threat of keyloggers type? ...

 

SUA + Applocker. One of the lightest setups you can have.

 

if you always install applications in separate sandboxes and place the right restrictions per sandbox. keyloggers are dead.

especially if you empty sandbox before doing online transactions and limiting only browser to run and or have internet access on that sandbox.


just don't let anything to run outside sandboxie unless you are very,very,very sure the file is trustworthy.

 

Exactly.
Let me repeat myself: If you configure and use it properly

 

Konata Izumi, Jose_Lisbon
OK! Thank you.