What is your security setup these days?

I noticed AppGuard (LockDown) in your sig. I've looked at the website and still am not sure what this program really does. Is it similar to AE? Is there an instant recovery feature as well? I ask the latter because of your putting 'LockDown' in parenthesis.

Thanks!

 

In lock down mode it becomes AntiExcutable and by lowering the settings such as high - medium - install mode and off that changes whats guarded such as signed,Scripts,MBR guard and so forth.There is no instant recovery if your refering to like Deepfreeze.

 

That's how it is, ESET is very good at preventing infections wich is the most important thing.

And as I said in the Av-test thread.
ESET have never performed good in the tests by AV-Test and they didn't this time either, wich wasn't surprising for me at all.
But why that's the case idk but I would sure like to find out, it's all really weird

 

OA IS DOING GOOD HERE

 

Webroot SecureAnywhere .......I love it

 

Webroot SecureAnywhere
i think webroot firewall is only for outbound protection

 

avast! Free Antivirus 7.0
Comodo Firewall 5.10

 

For the inbound you can use the windows firewall or am i wrong??

Greats,

darts

 

win7 fw is two ways.....in that case why not other 3rd party fw like privatefirewall?........xp fw is the most suitable with wsa as xp only has inbound.....but then again xp fw's inbound is very weak......

 

Yep Windows FW is good, because it is started very early in boot process. WFW default is for INBOUND only (it allows all outbound on Vista and Windows7). The inbound filtering ruleset of WFW is decent (according to our Wilders firewall guru Stem). When you have a nice outbound FW like WSA, keep WFW for inbound.

At default setting WSA firewall only kicks in after WSA has detected an intrusion. You can also set the WSA firewall to warn for all untrusted (not in the whitelist) or for all new (outbound) programs. When you are a bit familiar with security, the warn for all new untrusted is a good alternative setting to the default of WSA. No need for another 3rd party firewall with WFW and WSA, IMO

 

I used that setup for more than 2 years......solid setup

 

Thanks ams963

 

Sandboxie, PandaCloud, and Mamutu.

 

yeah that's great for avast .......

 

After two years of safe-admin, now safe-lua on Win7 32 bits ultimate

----------- from network stack to process stack ------------------
Use Windows FW both for inbound and outbound. Set a deny execute on receiving folders of browser, e-mail and media player using Access Control Lists deny execute/traverse folder for Everyone (change ACL with right click folder, tab security).


--- from Low Rights (Protected mode) to Medium Rights (LUA) ---
Using Chrome (Comodo Dragon version incognito all the time) with its internal (low rights) sandbox and AVG Threatlabs plug-in (plus build in safe browsing of Google)

-------- from Medium (LUA) rights to High (Admin) Rights ---------
Running LUA with basic user as default level (run as admin for both EXE and MSI to install) which acts as deny execute in user folders. Group Policy hardening (e.g. deny elevation of unsigned, deny install from USB, System & Logon options to block autostarts for users) on top of that used ICACLS to add a mandatory Medium Level Intergrity to Outlook, media player and pdf-reader and browser.


---------------------------- Real Time -----------------------------
EMET 2.1 (Browsers, eMail, Media Player and PDF reader).


--------------------------- On demand -----------------------------
- Windows7 Image backup (saved a clean install to revert to)
- Sync Toy data backup (quick save to old 2nd HD, NAS for pictures and USB disk for business data).
- Hitman Pro free quick scan before monthly data backup

Is problably the end of my security quest

 

Comodo Internet Security Premium (Antivirus, Defence+, Firewall)
DropMyRights (All my browsers) or LUA
EMET Microsoft (All my browsers, java, Office Programs, Media Player, Foxit Reader)
Norton DNS (Security Policy)
Spyware Blaster
Google Chrome (Adblock Plus with Easy List) casual browsing
Firefox (Adblock Plus with Malware Domains list only, NoScript and Referer disabled) searching unknown Internet
Disabled autorun
All latest updates
Common Sense 2012

So far so good no conflictions, rare questions from CIS and easy rides...

 

So, you finally surrended to lua...

 

Yep it has taken some time. On Win95 I started to use an antivirus. With XP I engaged in third party security (programs like Antihook/SSM and a good old Tiny FireWall/Kerio with Blitzen Zeus rules), evolving via many HIPS setups to geswall and defensewall security focused on threatgates.

Since Vista I am buying Business/Pro versions of the OS. I really think Vista was a landmark in terms of security (user rights, integrity levels and access control lists). Under Vista the good old run as basic user still worked. So combining SRP (with sully's PGS) with right click (ACL) and ICACLS (assigning mandatory tokens) was the idea behind safe-admin.

Windows 7 has a different implementation with basic user. So I finally surrended to LUA.

 

you can change windows firewall to block all inbound for Home and public networks.

 

change notification settings.

 

Now I'm using:

TrueCrypt 7.1a - TweakUAC

MSE - Comodo FW with D+ - Mbam Pro - Hitman Pro (on demand)

Kerier 1-click restore free

Gonna add something like Panda USB Vaccine or similar. And maybe SpyShelter free.

I think it's nice setup, what do you think?

 

Looks good to me

 

Good to hear, most versions after v1 were kind of buggy for me,shame as I always liked OA.

 

DOING GOOD HERE alone with run-safer my browser
i want to add Mbam Pro

 

Don't you have any issues with this combo?I mean high CPU usage by CIS even when nothing is open...If i deactivate D+ everything is normal...