What is your security setup these days?

I feel very safe with the following:

Standard User - Windows 7 Home
Shadow Defender - on boot up
Library moved to Drive D - no exceptions in Shadow Defender
CryptoPrevent - locking down exe's in AppData

That's it

nozzle

 

Installed System Explorer. About to follow J_L's lead and load up HTTP Switchboard for another attempt at figuring out how to use it.

 

I added HitmanPro.Alert. I am so impressed by how light this new setup is that I removed my Kaspersky Internet Security trial to save a little extra money. Is there anything that anyone else would recommend I add?

*EDIT* I should mention that I do not use the Comodo AV component. Malwarebytes, and HitmanPro are also the free, on-demand versions.

 

Let me guess, you got infected?

 

You can always add a light free AV like Avast or Qihoo 360. If you feel comfortable then your original setup should be fine.

 

Instead of the traditional blacklisting approach you can give a try for whitelisting apps or anti-exe. I recommend SecureAPlus which is free, and if you can spend some money then go for AppGuard.

Edit: I just noticed you already have Comodo Firewall, which I think has some kind of whitelisting approach. I don't know if it is as effective as SecureAPlus.

 

Removed HitmanPro.Alert, because it stopped working on my system and I don't really need it.

 

Removed Ghostery.
I wasn't using it and there is some question as to its legitimacy.

 

Didn't like it page?

 

I think ZenMate is a better solution, kjdemuth.
And like I noted, the extension (Ghostery) does have issues associated with it.

Edited for clarification.

 

yeah I use zenmate when running chrome. I hope they keep it fairly reasonable after the trial phase.

 

Windows 7 Ultmate 32 bits with Windows FW 2-way behind Router (with Norton DNS) and a NAS as backup

Execution control & intrusion mitigation
- Deny elevation/installation of unsigned programs/drivers (UAC/GPO)
- Deny execute outside UAC protected folders for basic users (SRP)
- Disabled riskware services (GPO/MMC) & user autoruns (ACL)
- Secured 'scripting' programs (SRP/GPO-templates/EMET)

Internet Explorer security & hardening
- Run IE11 as limited user with DIY privilege / ACL / parential control
- Run IE11 tab/renderer processes and Adobe plug-ins in protected mode
- Disable download/execution of programs from internet (switch 1806 on/off)
- Filter URL's with AVG Linkscanner 2014, the build-in Smartscreen and AddBlock TPL

 

Just noticed that Zenmate was sending my password "in the clear" via XMLHttpRequest to hxxps://api.zenguard.biz/api/v1/auth/locations?. (I absolutely love HTTP Switchboard! ). I'm certainly no expert in authentication, but you'd think Zenmate would hash the password prior to transmission and store a hash on their authentication servers.

DOH! Edited to correct name

 

I've removed ZenMate again until its issues get sorted out, such as continuing to ask for the password and the problem you found.

With HTTP Switchboard how do you know what to allow in order to view the things you want? I'd like to use it but it's mucking up browsing for me.

 

To allow in HTTP Switchboard, click on the icon next to your addressbar, and click on the upper half of the square which you want. Red means blocked, green means allowed. The ones with numbers are what's loaded on the page.

Press the lock to save the settings for your next browsing sessions, otherwise they're temporary. The setting "Auto whitelist page domain" may help. I just whitelist everything by making the all bar green and relying on its extensive blacklist.

 

I saw the password request dialog one time, and has never appeared again.
By any chance, do you think your issue could be related to anything ZM addresses in this FAQ?

 

Added AdGuard and removed Ad Muncher because after trying it out, it feels and seems a lot more robust than AdMuncher was. Hoping when/if AdMuncher 5.0 gets released in the next few months/years it'll be just as robust!

I am a bit surprised that folks didn't say I was overboard this time like I was with my setup about a year ago. I think after I posted that particular one, my PC decided to BSOD and pretty much had to redo the entire install. :X

Ah well, lesson learned; there is such a thing as way too much security. >.>

 

I'd figured out the squares, just not which ones to allow in order to get something working on a page. For instance what should be clicked to green in order to view an embedded YouTube video.

I didn't know there was still good protection when whitelisting everything. I'll try that for now so I can keep HTTP Switchboard. Thanks for the help J_L.

 

Yes, that's probably what's going on, a conflict with another extension, ZenMate is back on for the umpteenth time to find the conflict. Thanks.

 

back to my true first product, well second, Bitdefender was first.

 

The ones with numbers are the only ones trying to load anything. Look at the domain to see if it's YouTube, and allow the necessities across it.

That's the main reason I always seem to get sick of NoScript, but not ScriptSafe and now HTTP Switchboard.

 

If you are using NoScript and like to watch videos in Youtube, all you have to allow is ytimg and youtube. Figuring out what needs to be allowed and why its not really hard.

Bo

 

Yes, but imagine doing that for every site you visit. I'm not a conservative web surfer, so that can be a lot of work I'd rather avoid.

 

Easy NoScript: if necessary, temporarily allow new sites and sites that you rarely visit. And make a white list for sites that you visit all the time.

Bo

 

Easy, but repetitive and takes time. Plus you have to research what needs to be allowed. Sorry, but not my cup of tea.