What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Ok then.. LOL
     
  2. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Page, it's always interesting to read your replies, and I think we should all be more understanding and tolerant in this world which is, alas, definitely moving in the wrong direction again...
     
  3. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Hello, Kees!

    I feel respect to your ascetic setups. Why not the latest EMET 5.0 in this setup?

    Cheers!
     
  4. I recently put in a new Mobo (G3240 Pentium dual core with SSD). After re-install I checked whether everything worked correctly and was surprised by the responsiveness. IE11 started in less 0.3 secs for instance. When adding security settings back on again I noticed that EMET 5 delayed IE startup (1.3 to 1.5 secs) and delayed Chrome even more (up to 2 secs). I tried HMPA 3 (which delayed 1.9 to 2.3 secs extra), VI Robot (added 1.1-1.3 secs) and MBAE (added 0.8-1.0 seconds). Then I started tweaking 5.0 until I had the protection left of 4.1 (delayed 0.5 secs), so I tried 4.1. update 1 and this only delayed 0.2 secs.

    I have made a lot of changes/hardening to my setup leaving only javascript in iE and regular page rendering as the most likely source of (in memory only) code execution. Those tweaks might also be the reason of the delay of all those exploit mitigating applications. Therefore decided for a dual browser approach.

    Enabled Hibernation to complete performance optimization and acquire benefit of cached AV security

    Software Mitigations for web sited in IE favourites
    IE11 no plug-ins, hardened through GPO, protected by EMET 4.1 and Panda free 2015, only takes 0.4 to 0.5 seconds to launch IE (feels like a blink)

    Software Mitigations for other browsing (Chrome)
    For untrusted browsing I use Chrome in XP-Mode with Sandboxie Free as extra layer to protect virtualised OS (not allowing access to data partitions in Virtual PC and blocking access to data disks with SBIE restrictions).

    Regards Kees
     
    Last edited by a moderator: Sep 26, 2014
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Kees, what is your startup time for Chrome run in VirtualPC under SBIE?
     
  6. Without Hibernation first cold launch is 40 seconds (including delay of Sandboxie Free), with hibernation of Windows 7 (host OS) and Virtual XP (guest OS) less than two seconds (based on windows clock, AppTimer does not see virtualised + sandboxed Chrome). Keeping everything hybernated seems to by-pass this 5 second dely. SBIE control is visible in system tray (!).
     

    Attached Files:

    Last edited by a moderator: Sep 26, 2014
  7. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Interesting observation. :thumb:
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Thnx Kees. Less than 2 seconds would be similar to running Chrome under SBIE on real (host) system.
     
  9. JohnMult

    JohnMult Registered Member

    Joined:
    Mar 26, 2012
    Posts:
    133
    Location:
    Greece
    Windows XP Home SP3 (all updates) Admin account behind a router
    1 Emsisoft Anti-Malware
    2 Google Chrome starting limited with PsExec and plugins clicktoplay (μblock: Easylist, EasyPrivacy, Peter Lowe’s Ad server list, Dan Pollock’s hosts file, hpHosts - Ad and Tracking servers only, MVPS HOSTS)
    3 Secondary browser Firefox starting limited with PsExec (NoScript block all javascripts)
    4 Yandex DNS
    5 SpywareBlaster (Custom blocking list)
    6 No Java installed
     
  10. Sorry, timed it correctly

    When Host hibernates, first Virtual PC launch of hibernated XP Mode = 3 secs, consequetive launches less than 2 secs. SSD drive read speed is +/- 425 MB, so 512MB RAM hibernated XP should take a bit more than a second load time. I informed Invincea about this Free delay bypass, they have not responded yet.
     
    Last edited by a moderator: Sep 27, 2014
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Kees, the five seconds screen that you get in the free version, starts taking place after 30 days. Before 30 days, there is no delay or nag screen.

    Bo
     
  12. Yes you told me, therefore I put system date a year ahead and it only stopped once. Guest is put in hibernation when you exit XP-mode, when I put host also in hybernation, the delay did not happen at re-launch nor between to hibernation sessions of host. May be I missed something (put date back again). Invincea emailed me that they would check it.
     
    Last edited by a moderator: Sep 27, 2014
  13. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Webroot Security Plus...AppGuard...Voodoo Shield...Homeland Security MK 20...Sure is Funky! Sincerely...Securon
     
  14. powerpack

    powerpack Registered Member

    Joined:
    Mar 23, 2010
    Posts:
    42
    Location:
    Now-here or NO-WHERE
    Hello all! Simple and effective as usual
    Windows 7 Home Premium -PGS, run as basic user, default deny user space & External Drive
    -UAC at Max
    -EMET v5 default recommended settings
    -Google Chrome with ublock plugin
     
  15. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Sandboxie and NOD32
     
  16. Antimalware18

    Antimalware18 Registered Member

    Joined:
    Dec 12, 2008
    Posts:
    417
    Been running AVG free and online armore firewall. to be hobest im quite surprised by AVG. last time i used it was back in 06 and it was terrible. feels light on my system and thrpugh personal testing the detection rates are quite good as well.
     
  17. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,175
    KIS on one computer and AVG IS on the other. No problems so far
     
  18. Desktop setup (Windows 7 Ultimate 32 bits)
    - Hardening: WFW (also outbound), UAC deny elevation of unsigned, SRP for basic users
    - Spyshelter free: allowing Microsoft, added blockrules for office/IE/WMP/SumatraPDF
    - IE11 for trusted sites, no plug-ins (GPO locked), javascript filtered by Linkscanner
    - Chrome for surfing as anonymous user with Sandboxie free in virtual XP-Mode
    - Windows Image Backup and SyncBackFree Data to NAS (monthly backup's)
     
    Last edited by a moderator: Oct 5, 2014
  19. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Eset S.S.8 and Appguard...A Deadly Effective...1-2 Punch! Sincerely...Securon
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    emsisoft internet security :) and hitmanpro
     
  21. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Ron you change AV's like I change underwear. What do you seek?
     
  22. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Excellent Combo...My Foothills Friend! Sincerely...Securon
     
  23. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Change is Never Ending...It Seeks the Seeker! Sincerely...Securon
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thank you securon
     
  25. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    My PC#1 security setup

    Windows 7 x64 Ultimate

    SUA
    UAC at max
    Windows updates automatic
    windows restore off

    Paragon and Macrium images of sys partition with BCDs

    Eaz-Fix 9.1 (Rx clone with imaging) snapshotie time machine

    Comodo FW:
    HIPS - Safe
    FW - Custom
    Sandbox - FV, all browsers and internet apps sandboxed as Partially Limited

    Qihoo 360 IS

    Though this setup is a bit overkill it seems light on my PC.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.