What is your security setup these days?

It will take months till Comodo IS 6 beta...

 

Here is a detailed description of my computer security setup:

Operating System:
Windows 7 Ultimate 32 bit
Administrator user account
UAC set to default
Unnecessary services disabled

Network security:
Router with firewall to block inbound connections. Wireless access secured with strong password. Access from WAN disabled.
Windows 7 firewall blocking inbound connections from LAN. Outbound connections not monitored.
Malware Defender (MD) monitoring outbound network connections.

System and applications security:
Malware Defender controlling: application executions, other process activities, system modifications, access to and modifying of sensitive/personal data.
Sandboxie: all browsers sandboxed in separate sandboxes. Browsers are run with dropped rights and have no access to personal data.
ESET NOD32 AV: protecting system partition, download folder, Outlook and all http traffic.
EMET: system configured to default, apps to maximum with all mitigations enabled. All apps that have internet access and all apps that open files are subject to EMET mitigations.
Denied execution from download folder with MD rules. Script engines and Powershell executables are also not allowed to run.

Data security:
Access and modification of all important data is controlled by MD.
Acronis True Image: backup of system image to another HDD.
Cobian Backup: backup of Outlook PST file and other personal data.
Manual backup of all important data to external disk.
Using Keepass for storing passwords (unique password for each login). App and database are under MD protection.
Truecrypt: store sensitive data in encrypted container. Access to container is protected by MD.
Recuva: undelete accidentaly deleted files.
HD Tune: check disk's S.M.A.R.T status and scan them for errors.

Internet security and privacy:
Adblock Plus plugin for Firefox and Chrome makes my internet experience clean.
Ghostery plugin for Firefox and Chrome to prevent tracking.
Using Chrome for sites where I have to log on. Using Firefox for other casual surfing.
No third party cookies allowed.
Flash doesn't use local storage.
Sandboxes are automatically deleted when closing browser.
OpenDNS for domain name resolutions.
CCleaner to clean other junk files and MRUs on demand.

Online banking security:
Internet Explorer can communicate only with my bank's site (enforced by MD network rules).
Identification with personal certificate (access to certificate is password protected).
My own personal message on login screen (anti-phishing feature).
Strong login password.
SMS received each time my certificate is used to login.
When transfer to non-saved account is attempted, 2 random letters from additional password must be entered. Letters are selected through onscreen keyboard.
Only payments through Paypal for online purchases.

On-demand scanning:
Daily scan with HitmanPro.
Weekly scan with ESET Nod32 AV .
Monthly scan with BitDefender Rescue CD.
Virustotal Uploader to scan individual files online.
Before installing anything, installer is checked by Virustotal, HitmanPro and ESET Nod32 AV.

Updating:
Windows Update: updating system and other MS's software.
Secunia PSI: check for security updates of my software and system.

Other security related tools:
Virtualbox: used for testing purposes.
Autoruns: used to check all startup entries.
Process Hacker: used to check what's going on under the hood.


IMO this setup is tight with almost no impact on computer performance.

 

Solaris 10


Firewall Filter/Access Control
Zones
Fox+Noscript



Win64 Test (Again)

Comodo FW/D+
Chrome forced to sandbox

 

@Sordid

you are the First who used solaris i think
security by obsecurity is good aginst mass malware

but not against targeted attack just so you don't forget that

 

Thnx. Seems to prove reasonably solid, especially both the HIPS programs. As probably already guessed here, these two drive systems remain completely VOID of any real-time Anti-Virus. Not to brag, only to make the continued point that some seasoned users in fact "can" ride AV free so long as all their other important pieces are firmly in place.

Forgot to add a couple extras when i posted those setups, one also employs Trust-No-Exe (another relic) and the modern Kingsoft PC Doctor w/ the Malware Detector version not the most recent AV one.

These 2 setups have shown me to my satisfaction that ShadowDefender does in-fact dump off rootkit attachments. Also i was highly skeptical when adding/mixing nProtect MBR Guard w/SD but apparently there are no conflicts between them to be found. I ran KillDisk and StealthMBR and MBR Guard "Immediately" revoked both attempts to unbalance/corrupt the MBR. Like to find a more enhanced English version of this one but believe BlueRidge owns the rights to it now which is implimented in AppGuard.

 

removed MJRegistryWatcher v1.2.7.7,with threatfire on level 3 or higher i can protect my registry in real time

 

Crank it up to level 5 and watch the fireworks.

 

but I will still wait, it is worth it

 

dave good idea man thanks for the advise

 

Is it light?

 

it is and outdated too

 

Installed threatFire on my netbook to Reminisce a bit.I can click on my browser then go make coffee and come back just in time for the browser to open.

 

Just installed ScriptNo into Chrome to see if I can live with it.

Edit: There's just no way I can browse with that thing installed. Might as well be malware in its effect. Others who have a different style of browsing might have better luck with it.

 

dave lol too slow

 

once the browser is open its ok after that,but you know it dont take much to kill a netbook anyways.

 

i know here is fast

 

Unless fast is slow

 

lol

 

i will get a raspery pi

wonder but what to or how i will harden it

 

I'm using what's in my sig. I think I'm in good hands.

 

Still running strong with my setup.

I honestly don't think I'll be changing it anytime soon.

Unless...

They all become unsupported

or

They all start to lose their effectiveness

 

I think you are too, that setup looks pretty solid.

 

Good going. You have a very strong setup indeed.

How's Paragon Backup my friend? Are you using the free version or trialing the paid version?

 

Ah thx a lot buddy. I've now topped it off with the all new secunia psi 3.

 

Heh Comodo D+ will never lose it's effectiveness