What is your security setup these days?

See my thread here.

 

Yep, it is like AppGuard plus Trusteer without the key encryption of trusteer and the memory protection of AppGuard.

I have got a free lisence of AppGuard. For x64 there is no leaner and effective solution than AppGuard. AppGuard has the protection of full flown HIPS without the overhead, because it focusses on the entrypoints of malware only. Don't be disappointed on low matousec or Comodo test scores, in practise it is really strong.

My personal top HIPS sandboxing
On x64 1. AppGuard , 2 SBIE
On x32 (x86) 1. DefenseWall 2. SBIE

On Vista and higher with UAC enabled it really does not matter whether you use first or second choice (personal preference make the difference, not protection power).

You have a Pro version, why not use the power of GPO?

 

DefenseWall 3.21
Shadow Defender 1.1.0.325

AdMuncher 4.93
Macrium Reflect 4.2

OpenDNS
Opera

 

What is everyone's opinion on using EMET with Sandboxie? Do you think it would help much?

 

NoScript is the best!

 

Most definitely. I think DEP especially + a restricted Sandbox provides very good app protection against exploits... not to mention all the other app specific mitigations offered by EMET.

 

But why? Who cares if my browser get's exploited if it's in a sandbox? It can't do anything right? The only thing I can think of would be to log passwords or crash the program.

 

It can steal any information within the sandbox (and your browsing session), unless you've set restrictions. Also will affect any of your resource access locations, and may masquerade as a harmless file for you to recover. Lastly, Sandboxie is not bulletproof: http://sandboxie.com/phpbb/viewtopic.php?t=6123

 

I do have internet access, start/run access, and have the rights dropped of all my sandboxes. I also have blocked access to any of the locations I store my files.

 

Disagree: Nothing beats lynx browser in terms of security.

To put "software mutilation" (disabling features which enhance the user experience of software) in perspective
Allowing all scripts blindly originating from *.com, *.net, *.edu, *.inf, *.org, *.eu, *.nl and blocking all others will reduce my chance of being infected through the internet with 90%. My browser offer this feature. Add a decent AV with web-filtering and script filtering (like Avast) and you end up with a infection chance that is less than the chance of being victim of an airplane accident.

"Best" does not look so good anymore

 

Sounds interesting solution. Lynx browser. Never heard of it. Will need to do some research.

 

Don't bother it is a text based browser dating from ancient history when I had hair , we all dressed as if it was mardy grass all the time and Larry Elison sponsored research on SMP cpu's (multiple cores CPU's sharing same bus) as a cheap version of massive parallel processors (like the cray had at that time).

 

Dear Kees1958.
But surely lynx browser is one of pioneers in browsing and thus should we not be thankful for those as our modern browser would most likely not have evolved.

 

When you guys mention EMET, which version do you mean? 3.0 or 3.5?

 

Hi J L, you are right about SBIE not being bulletproof, as far as I know the sandbox has been leaked a couple of times, who knows, it might of have happened a couple more times than that but when it happens is so rare, always involving special circumstances, that I guess that's why you didn't link anything more recent than 2009.

Bo

 

Exactly what I was thinking. Tzuk is pretty active with the development of Sandboxie. When something get's reported, he fixes it promptly. I'm not too worried about being infected this way as this would most likely be malware targeted at defeating Sandboxie. Imo, the odds of coming across something like that is slim as a very small percentage of the internet user population uses the program and so it wouldn't make sense to create something like that and distribute it when you could be infecting countless other computers. I'm not saying it won't happen, but when it does, I have my on-demand scanners to (hopefully) detect it and images to restore.

 

While I share your thought, and I'm a paid user, we can't forget that Sandboxie isn't massively used.

For example, how many users does Google Chrome (with its own sandbox) have? Compare it with Sandboxie users. Should Sandboxie ever have at least the same amount of users, how fast could Sandboxie's developer keep up with patches, not to mention compatibility issues.

Like every other piece of software, Sandboxie is just code and for sure with its fair amount bugs. I wonder how things would be like if Sandboxie was scrutinized the same way Google Chrome is.

I'm glad Sandboxie isn't widely used.

 

So, I've been testing these setups on a test machine I have for quite some time now, not only for me, but for a few computer clients I have. These are all very good setups, but I would like to get the public opinion on these

Which one of these would you choose?

Number 1:
avast! Free Antivirus
NoVirusThanks EXE Radar Pro x64
Zemana AntiLogger Free

Number 2:
avast! Free Antivirus
Malwarebytes Anti-Malware Pro
Zemana AntiLogger Free

Number 3:
avast! Free Antivirus
Malwarebytes Anti-Malware Pro
NoVirusThanks EXE Radar Pro

Number 4:
avast! Free Antivirus
Online Armor Free

Number 5:
avast! Free Antivirus
Online Armor Free
Sandboxie

Number 6:
avast! Free Antivirus
Online Armor Free
NoVirusThanks EXE Radar Pro

Number 7:
avast! Free Antivirus
NoVirusThanks EXE Radar Pro
Sandboxie

 

for me i think you are doing a good job and your security set up is very strong

 

Thank you

I just want to provide a good and strong setup for my clients. I was thinking Number 2 would probably be more suitable for them.

As for me, I am jumbling between the rest that I listed.

What makes it hard, is that they all perform well in my tests....Kind of hard to choose.

 

5 or 7. Sandboxie has to be involved. Avast 8 free is too good to pass up.

 

Thank you for your input, I'll consider your suggestions

 

I forgot to add one to my list....

Number 8:

avast! Free Antivirus
Sandboxie
Zemana AntiLogger Free

If I remember correctly, that setup was the lightest out of all the one's I tested/listed.

 

I might actually try number 7 myself. I already have ERP and sandboxie. Tough choosing between WSA AV and Avast.

 

You honestly can't go wrong with either of them, WSA AV and Avast are very light and provide great protection.

I don't know, that is one hard decision to make

Although, for me...it's avast! all the way