What is your security setup these days?

i really likes the rollback feature in webroot antivirus

 

This will be the final setup forever I hope so!

 

i think so

 

has zone alarm found anything yet kevin?

 

kelvin

 

I'm back with what suits me like a glove...PCAV Pro,Privatefirewall,Sandboxie.

 

Added Appguard

 

I think it's still prudent to have a few on demand scanners around just to make sure once in awhile. But scanning "every day"?... that's just excessive. I do it once a month, at most. And no, they never find anything. But one of these days, they just might. And it'd be nice to know just in case that day comes, so that I can reimage. So I still want to have a few O.D. ones on hand.

HIPS on the other hand... I can't live without. I'm too much of a control freak. If you take time to set rules accordingly, after a couple weeks of "interference", you rarely see a popup again, and it's just become hardening, like a SRP. And by limiting exactly what an app can do you can really prevent against a plethora of would-be attacks. Combined with SBIE restrictions & DEP, really there aint a whole lot an attacker can do to you with tight HIPS restrictions. Just freeze your app up, then watch DEP terminate it.

I don't see HIPS going anywhere from my setup in the forseeable future. If they would build a nice granular version, similar to D+ into a future Win OS, I may even upgrade. And no AppLocker aint quite it.

 

It keeps things isolated from everything else, namely your operating system. Most machines these days come with at least 2 partitions default now... OS and Data, recognizing the importance of isolating the OS from other things you download that may contain malware. It makes it tougher for it infect your OS if it's in a separate partition.

Tougher yet if the partition is sandboxed (nearly impossible). Like for example I have a partition named "Downloads", with only 1 folder in it, also called "Downloads". And all new downloads are sent to that directory. Even if it were something nasty it couldn't do anything, just sitting there in that restricted sandbox, and isolated from everything else.

Of course this is no full proof solution (but what is?). Since most programs embed files into your OS to function properly, even if you give them their own partition, like your browser for instance. So if it becomes compromised it can jump to your OS partition. But it does help make things more difficult, and I'm all about that.

Also I've come to find things run quicker when isolated, as you noted with Chrome sandboxed. Not exactly sure why, but I've found it to be true as well. It does make sense, that since nothing else can cling to it and it has it's own little work space, like a cubicle or something, lol, it can get more work done without interference. I like that analogy.

Plus it just keeps things more tidy & organized. And I'm kinda OCD about that.

 

Thanks for 'Emsisoft Commandline Scanner' info. Tried it and does a good scanner without install anything.

 

No problem! I actually created a bunch of batch files, some context menu entries, and a few vbs dialog boxes so that I can "right click scan" anything and have a dialog box pop up saying it either found something or did not. I love this setup. Doesn't install anything; nothing runs in the background; and scans sub folders, which is the main reason I switched.

 

Look'n'Stop 2.07 (EnhancedRulesSet)
AppGuard 3.4.2 (Locked Down Mode)
Shadow Defender 1.1.0.325 (Always in Shadowmode)

AdMuncher 4.93
Macrium Reflect 4.2

OpenDNS
Opera

 

I'm back to my light and fast setup.

 

I assume it is what's in your signature?

 

Trying out Avast Internet Security and Sandboxie.
Added Shadow Defender and NoScript to firefox.

 

And here trying out Avast free,ZoneAlarm FW free,WinPatrol and Sandboxie.

 

Ditched NoScript. Super Annoying.
yeah I know it's great protection but not if it's irritating me.

 

Well, it's supposed to only irritate you ONCE.

OT: added Deep Freeze 7.61, although it has some issues on Windows 8 still...

 

I'm planning on organizing my two hard drives (three, counting the plug-in backup hard drive) in a better way soon, I'll think about what you said about how you set up partitions.

 

So lets say that I have NoScript and I allow scripts from that page. If a malicious script starts from that page will NoScript protect me?

 

Yes it still protects against some exploits not in the javascript

 

If you allow scripts on a webpage, all scripts on that site are allowed except the ones from sites that you Untrusted (blacklist).

Bo

 

I notice you keep changing between different outbound FW's. I've seen Kerio 2.1.5 in your sig. twice now, and remember LnS from before too. Have you decided on a favorite yet?

LnS & Kerio 2.1.5 are probably the lightest two way FW's you'll find for XP. LnS being paid, you'd think would be more polished. Does that seem true to you? And which seems lighter? Better period?

 

You're right.

 

I keep changing more then just Firewalls.

Nope.

Both are excellent Firewalls (and light) No real complaints with either one.