What is your security setup these days?

Thanks. Gonna add Sandboxie. I tried Avast 8 sandbox but it was too annoying. Sometimes files saved ok, other times they didn't. Will search for a easy setup guide for Sandboxie.

 

When I installed it without any shields, none of them showed up in the program. Like you said, they may all still be on your computer if you did this but it tells you the amount of mb required during install and I believe it was less with no shields selected. You have your VM's running now dont ya? Give it a try

 

Running the "Noob Special"...Emsisoft!

 

Why do you have them running inside of the sandbox? Not questioning just wondering. Wouldn't you want them to run outside so if something did get out Avast sandbox or comodo D+ would stop it?

 

Was having problems with Firefox and Sandboxie. Removed Emisisoft, now its ok, so will try another AV.

 

He made a mistake when he wrote that, neither "real time" Comodo or Avast can run inside the sandbox folder in C drive. Both programs are allowed to scan the Sandbox folder and pull files out of it but they cant run inside the sandbox folder.

Bo

 

Joffy, look here:

http://www.sandboxie.com/index.php?ExternalTutorials

The Getting started guide is a good place to start.

Bo

 

Ok. I was going to say that it didn't sound right. I tried to install something into sandboxie once and it didn't go rather well. I don't even recall what I was trying to do. I do miss my memory sometimes. I think it may have been ShadowDefender.

 

March 14, 2012 - Updated , Added , Removed

Windows 8 Pro with Media Center x64

Built-In Security

• USER ACCOUNT CONTROL: HIGHEST SETTING
• EMET 3.5 TECH PREVIEW: MAXIMUM SECURITY SETTINGS
• WINDOWS SMART SCREEN: ENABLED
• WINDOWS DEFENDER: DISABLED
• WINDOWS FIREWALL: DISABLED

Network

• Three Netgear WNR3500v2 (DD-WRT Firmware)
• Four Netgear PowerLine AV 500 Adapters
• Wired Cat5e Connection between all 3 Routers
• WPA2-PSK AES Encryption
• SPI Firewall Enabled
• OpenDNS Configuration

Resident

• Online Armor Premium 6.0.0.1798 Beta (Paid)
• Emsisoft Anti-Malware 7.0.0.21 Beta (Paid)
• Sandboxie 3.76 (Paid) - Sandboxie Container Folder on RAMDisk

On-Demand

• Active@ Disk Image 5.4.2* (Paid)
• VMWare Workstation 9.0.2 build-1031769 (Paid)
• Hitman Pro 3.7.2.190

Browser, Immunization, Tweaks

• Firefox 20.0b4 (Fanboy's Blocking Lists via ABP, WOT, Gmelius, DoNotTrackPlus, Google Redesigned] - Firefox Profile Folder on RAMDisk
• LastPass 2.0.0 Premium (FireFox)
• Bluetack Safepeer SPLists (via OA for P2P Only)
• Spyware Blaster 5.0 (All Protection Enabled + Customblocking.txt)
• Tweak-Me!-1.3.0.0 (Customized)
• TCP Optimizer v3.0.8 (Customized)
• Ultimate Windows Tweaker 2.2 (Customized)
• SpeedGuide.net Vista TcpIp Patch 1.5

Active Disk Image (Weekly)

dja2k

 

Interesting idea. I may have to look into this.

 

@gery
Oh I see.

 

@joffy
Good going. Sbie is awesome. I've not faced any problems with avast! sandbox yet.

 

@Rompin Raider
Noob Special is strong you know.

 

Services/features disabled

Disabled Auto Run and Auto Play
Remote Assistance
Remote registry
Server
Windows Defender
Windows media player network sharing
Windows Search indexing
TCP/IP NetBIOS
Workstation


Sandboxie (internet,start/run restrictions) + EXE Radar Free + UAC [max.] + autorun/autoplay off

Chrome｜no java, no adobe reader

On demand: VT Hash Check, Shadow Defender

 

Okay here is the set up that I kept the longest so far:

Security settings:
- Fortinet Client v5.0.1 (includes pretty damn good antiphishing and malware blocking filter)
- No Script + ABP
- UAC: minimal -- never understood the need for maximal UAC window flashing....
- Shell Hardware Acceleration Service Disabled

Privacy
- Self Destructing Cookies
- Disconnect ME

This is a small laptop with little CPU so this set up is a compromise between speed and security.

 

@AlexC and @jo3blac1
Good setup guys.

 

Thanks. I think as most users I started off with a lot of security applications and now I have trimmed down to the essential.

 

@jo3blac1
Good going. I also try to do that.

 

Why bother doing that when you can use Avira free, with half of the bloat (and no P2P and E-mail protection) I tried running Avast with some things disabled and what I see in the system tray is a little exclamation point on the Avast rotating ball, it's kind of worrisome cause it makes you think that the program is not working right.

 

Lol, thats an easy question to answer. They are running INSIDE of Sandboxie, AND OUTSIDE of Sandboxie. I have them set up that way. Bulletproof setup (almost).....If I get a nasty on my box, it is going to be inside the sandbox, where it has to deal with Avast, and Comodo FW. If I see a popup, telling me that a virus, rootkit, or malware is found, I can turn Avast loose on it, THEN terminate the sandbox, with delete invocation, and if I am still paranoid, I can run a bootscan with Avast. I routinely pick overnight times to run MBAM, Avast boot scan, and SuperAntispyware. The next day I will create a restore point if needed. This routine has never let me down.

 

Gotcha. I was taking it a little too literal. Yeah that's how I used to run my setup. One of my favorite combos. Avast, comodo firewall and sandboxie.

 

Both programs CAN run in real time in Sandboxie free. Trust me on that. I have seen proof that it works. When you first set up Sandboxie free, you automatically import Avast and Comodo real time working versions into Sandboxie, while their parent versions remain where they were. It works, really.And they are not just scanning folders, they work as if they were not running in a sandbox. here is just an example, and I can cite real time firewall logs and antivirus logs- if you can watch a You Tube video in a Sandboxie folder, then why can not a real time program like Avast operate in the same folder? Sandboxie does not PREVENT programs from running, it merely contains them in a box. I could literally sandbox my whole computer, and it would still run....

 

Sounds like my concerns are validated here. I could give it a whirl though to test it out myself. What I want is something with only resident file protection. But... I don't want it auto-scanning downloads inside sandboxie. I have VT Hash Check set up to do that, and wouldn't want it to conflict. I just want it there so that in the event something nasty tried to run it would detect it. Like say someone wrote something so cutting edge, crafty, and forget 0 day... 0 second, that eluded all 45 scanners of VT Hash Check. I recover it from SBIE, exclude it in SD, and have it on my real system. But then a few days later or so it's been made aware of, is in the defs on the AV in question, and hence the resident file protection finds it.

Now granted, if this thing were trying to act like malware my D+ would make me aware of it anyhow. And/or my SRP would stop it from happening. Then I'd reboot and/or reimage. But who knows, it's conceivable if it's crafty enough it could terminate Comodo, screw with system settings to thwart things like SRP & mitigation techs (i.e. DEP) from stopping it, and start calling out to it's buddies, or sending info. to God knows where. And the damage is done by the time I reboot/reimage.

Very low odds of such a thing occurring, but not impossible.

So yeah, I may be looking to add the most simple/light, file protection only AV and even disable it from scanning downloads.

 

Also, I got a Windows 7 Ultimate 32-bit disc from a friend that recently upgraded to 8. He really, really loves 8. Speaks of how much more responsive it is than 7, which as a PC gamer is a huge pro for him. So he just flat out shot me his Win7 disc. And I'd said before that if I upgraded that was the version I'd want to upgrade to, because my OCD nature would want to play around with AppLocker/SRP. That and I just don't feel that x64 is fleshed out well enough by vendors for mass deployment just yet. And the Metro thing... just isn't "me". Though with the classic shell remedy I've heard about, it may just salvage it and make it ( an awesome OS. Or even this new "Blue" version I've heard (little) of. but anyhow...

So I'm thinking of going dual-boot and "getting to know" it a bit. Maybe try out a Kees approach and go 1'st party or bust, keep things uber light & secure. Only exception is going with Chrome instead of IE, and studying this integrated sandboxing I've heard of so often but never got to see first-hand. It really intrigues me.

Even though I've said I plan on sticking with XP Pro even past it's EOL, if some major vulnerability came around that our friends at MSFN or elsewhere couldn't remedy, I'd be wishy-washy about it. So I'm glad I've got this contingency plan in place now anyway. And didn't cost me a dime.

 

Yeah, I have had firewalls bypassed by nasty little viruses. HIPS won't protect you. Was reading the specs on the new version of Bitdefender free- thought I saw where it only scans when the system is idle, but can it be effective doing that? And can you custom tailor the scans? Might be a light footprint, though. I have ESET online scanner in one of my folders, will start it up once in a while to do a backup scan, it is very effective. As far as zero day, zero minute, etc, I have all of Avast's settings on high,and no exclusions whatsoever. It may cause a lag, but maybe it will catch a zero day, I don't know....