What is your security setup these days?

Yep, with FW's particularly it's hardly vital to keep it up to date if it's already working fine on your box. If you find a version you love... keep that installer! That goes for a lot of different apps. Shadow Defender 1.1.0.325 for one. There's a version of ImgBurn (2.3.2.0)... I swear all the ones since won't burn bootable discs correctly. At least not for me. So I stick with that one to slipstream updates into XP. Macrium Reflect Standard 5 didn't work like 4.2 does for me... I'll just come out and say it. It was crap. It almost hosed my machine. I wouldn't recommend the Standard version of 5, though the Free seems to work ok.

AV's on the other hand, I would want the up to date engines (real-time ones anyway). They are interacting directly with malware, and I mean REALLY directly. If I came to find a new version didn't work right on my machine, I wouldn't stick with an older one... I'd pick a new product that did work. Unlike FW's & imaging apps, the pickins on quality products aren't slim. There are plenty of competitive, quality options out there.

 

Still running my old setup, it's starting to get rusty.

 

added DeepFreeze

 

Windows 7 Ultimate 32 bits with internal FireWall also controlling outbound traffic

Restrictions for Everyone (including Administrators)
- UAC: set to full and deny elevation to all unsigned executables (e.g. Media Player Classic , 7-ZIP)
- GPO: Deny installation of unsigned drivers and active-X, disabled autoplay and execute access to USB
- ACL: Deny execute for everyone on User Shell Folders, Public and Internet/Download folders
- EMET: set system wide DEP, SEHOP, ASLR to maximum

Restrictions for Users/Medium Integrity Level processes
- SRP: Deny execute for all files (outside Windows and Program Files) and all users (except Admins)
- GPO: Locked IE10/Chrome/Outlook settings, hardened logon, shell and HKCU-autostarts
- ACL: Added Mandatory Medium Level Integrity to Outlook E-mail and Foxit PDF-reader
- EMET: added Chrome, IE10, Outlook, Foxit, 7-ZIP and Media Player Classic

Restricted by Low Rights/Intergrity Level sandbox
- IE10: for on-line banking only (IP/SSL FireWall filter), Keyscrambler free (only add-on), no data cached
- Chrome: for daily browsing incognito, click to play flash, allow javascript only from COM, NL, EU, ORG, NET and EDU domains

On demand
HitmanPro free

 

a few changes

 

Another look at Bitdefender...been a while.

 

Windows 7 Home Premium SP1 x86

Firewall:
NAT Router (Password Protected)
Look’n’Stop Firewall 2.07 (Phant0m’s Ruleset)

Anti-Virus:
Emsisoft Anti-Malware 7.0.0.18

HIPS/Blocking/Hardening:
DefenseWall HIPS/Personal Firewall 3.21
VoodooShield 1.07
EMET 3.5 (Internet facing applications & MS Office)
SpywareBlaster 4.6 (Ad-Aware custom blocking list)

Several on-demand scanners

 

1. Comodo Firewall 6 (thanks luciddream for harden firewall, Chiron for the general settings)
2. Zemana free antilogger (on demand)
3. Sandboxie (browser) Intenet and Run Restrictions (only browser can run and connect to the Internet) Drop my rights and delete contents of sandbox at the end of session
4. Chrome (Adblock Plus and LastPass) (thanks Kees1958 for the settings)
5. Norton DNS (Policy 1: Security)
6. Registry trick 1806 (thanks Kees1958)
7. Java removed from the system
8. Autorun disabled

Lightest ever really (system after boot consumes 185Mb memory) and without any hard decisions to make, no slowdowns at all ex. in surfing or viewing the contents of a heavy folder. Thanks again luciddream, Chiron, Kees1958 for their advice.

 

Except that once your system becomes unbootable no windows back up is going to help you.

 

My signature and Macrium Reflect Free...

 

You can "Create a system repair disc" and and keep it handy so that you can boot to it to load a Windows image if need be.

 

Nope, sorry I can't. I don't have a CD drive.

Here is what Macrium Reflect offers that windows doesn't:
-creating USB recovery disk that lets me boot my computer when it is unbootable
- creating back up onto the same USB disk.
- restores my system in 20 min

If there is anyway to do the same for Windows back up, then by all means I will start using it tonight.

 

Yeah, lol, I have had that happen.

 

Same here....was waiting for the day. Have tried them all over the years, it was the best of the best, hope it still is.

 

Here is a way to put it on a flash drive. Now as for how long it takes to restore images, I have no idea.

 

Let's all give the new version of Bitdefender free a test drive and see how she runs.....

 

This is my logic behind the setup I'm using.

Try to use my common sense = #1

WOT, OpenDNS = First line of defense

If anything happens to pass through, when the above didn't work...

avast! and Online Armor step in = fight against threats and monitor inbound and outbound connections

If all else fails, EXE Radar Pro will hopefully alert when Lockdown mode is disabled or forbid file execution's while in Lockdown Mode

If anything passes though what I use, then I can hopefully get rid of the threat via Malwarebytes Anti-Malware, Emsisoft Emergency Kit, HitmanPro


My logic seems to be good, but what are your thoughts on it? Please let me know

 

You don't even need common sense Your setup is hardened so extremely it don't need that

 

Thanks

I seem to think it's pretty good

Although, nothing is 100% safe, including my setup.

 

Let's just say that the possibility to slip through is very slim

 

Thanks, same goes for you...Not much can slip through avast! and Shadow Defender.

I like your setup though...

Simple, Light and extremely hard for thing's to get through

It's been a while since I've used Shadow Defender, how is it working for you?

 

Very fine and very light

 

NoVirusThnxPro/NatRouter/Win7 Firewall

 

Hitman Pro
MBAM Pro
DNScrypt
EMET 3.5 (Tech Preview)

That's all. Simple and light.

 

Well... things can slip past you with Shadow Defender on your box. Problem is, as soon as you reboot/shutdown your box... it's gone. It's like turning back the clock on malware... returning your box to the state it was in before your common sense failed you, lol, in the rare occasion it happens. That's why things like SD, SBIE & imaging are so friggin awesome. You can come home drunk some night, possessing the common sense of lawn furniture, and they'll bail you out of some poor decisions.