What is your security setup these days?

Tks

 

With Windows 10 / 64bt

SpyShelter Firewall
Faronics Anti-Executable
Shadow Defender
Raxco Instant Recovery
AdGuard

Think I'll stick with this combo for a while as long as no problems arise.

 

My full setup.

Appguard
Emsisoft Antimalware
Malwarebytes Anti Exploit
Chrome with Ublock Origin and Lastpass.
Backups with Drive Snapshot and Aeomi Backupper.
Shadow Defender for testing software.

I have lifetime licenses for MBAM, Zemana Antimalware and Winpatrol, none being used at this time as I don't think they are necessary at this time. Anyone concur?

 

I concur: IMHO no need to add any of the last three apps to your setup.

 

How so? Have a link to some reading on the subject? thx

 

It's been awhile since I've posted here and my setup has changed a bit. Signature is updated.

• I've stopped using Applocker since it get's to be annoying when doing dev work.
• I've stopped using GameSaveManager since I really only play CSGO and Rocket League and both don't use local game saves.
• I've stopped using Easus-Todo for OS imaging since I have all my Windows tweaks memorized and documented and doing a clean install takes no time at all.
• I've stopped using Truecrypt since I almost never access anything that would warrant it's use.
• I've stopped using Emsisoft Emergency Kit since I don't download anything from high risk places.

Much simpler config and I don't feel I'm any less secure.

 

On Vista - usualy still the same team
in realtime - SpyShelter FW on "ask user" level with file/folder protection and restricted apps form some in system
on demand - Shadow Defender, Crystal Security (Kardo) and EEK

 

http://lifehacker.com/how-to-boost-your-internet-security-with-dnscrypt-510386189

http://www.techrepublic.com/blog/it-security/dnscrypt-encrypting-dns-communications-simply/

www.dnscrypt.org

 

Good day everyone. I was wondering how to fully setup Simple DNScrypt in Windows 10? I downloaded the MSI file and ran everything. And then I did a search on 'How to know if Simple DNScrypt is working?' and I didn't get the results I was hoping for. So, really hoping that someone could help out. Thank you very much.​

 

You should have similar settings like in this picture:

 

Yeah. When I do that, most of my applications cannot connect to the internet. Most notably, Adobe products.

 

currently

nod32 for email scanning/hips (manual)
emsisoft anti malware for all of what it offers
SRP
cryptoprevent
HMPA
ZAM - on demand only and startup scan
Various registry tweak to harden windows
Various group policies to harden windows
Some bcdedit adjustments to harden windows
Secureboot
Windows firewall default deny both ways - using windows firewall notifier to help manage it
Windows disabled various tasks in task scheduler typically ones for telemetry
UAC set to max

Under consideration

REHIPS to replace nod32 hips
0patch
EMET for microsoft office hardening

On my entire lan

Router side protection as follows
Malware blacklist of domains - using mix of public and private lists
Some tracking domains blacklisted in router
Dnscrypt setup router side
Outgoing dns requests to 3rd party dns servers redirected by iptables on my router to my configured dns resolver (currently private dnscrypt server).

 

I still have Sandboxie and WFC on my computer, but disabled. I'm trying out Comodo 8.2 FW with hips disabled. It's running very good, with no slow downs.

 

Windows 7 Ultimate, Standard User Account, UAC - max,
Windows 10 Firewall Control (sphinx-soft) Plus: Default zone for initially detected applications: "DisableAll",
MalwareBytes AntiExploit with additional shields,
360 Total Security in Custom Protection Mode: all layers enabled except Bitdefender and Avira engines disabled.

The setup feels very light on my PC.

In this setup I see good ensemble of protection:
W10FC is a rock solid firewall asking for outbound connection, additionally protects system files,
MBAE protects against exploits,
360 TS provides cloud detection of known threats and watches suspicious behavior of applications.

The only inconvenience is that 360 TS seems to be designed to be used in Admin account and I can't use its Sandbox in Standard account. I can change its settings only after I relaunch 360 TS with Admin privileges. But still can't use its Sandbox in Standard account even having 360 TS running with Admin privileges.

 

I'm moving to a simpler setup. Just Webroot Antivirus for PC Gamers + VoodooShield as my RT protection, with Zemana AntiMalware for on-demand scans. I've also moved over to Vivaldi, which I'm really enjoying, although there's a lot more to come in terms of optimisation I feel.

 

Aser Transformer (Home 32 bits Windows 8.1):

1. Windows Firewall 2-way, disabled risk-ware, using Norton DNS
2. UAC set to block elevation of unsigned (still allows unsigned to run)
3. Standard user with parental control and admin consent for Smartscreen
4. ACL deny execute for Everyone on 64GB SD-card,Public and Download folders
5. Hardened Chrome by using existing settings, about flags and command switches:

• uBlock0 in adblocker mode with WebRTC block and disable hyperlink audting
• Disable javascript except from [*.]nl, com, eu, net, org and HxxPS://*:443
• Clik to play plugins, always allow HTTPS:/* and Chrome PDF
• Enabled 3p-scripts block via document write
  
• Enabled Win32 Lockdown for all plug-ins
• Enabled AppContainer Sandbox
• Enabled extension verification
• Reduce referrer granularity
• Disable canvas reading
• Enabled do not track
• Block 3-p cookies

Although parental control is Software Restriction Policies limited to executables only. The advantage of parental control is that it notifies on blocks and asks whether the parent is around to allow this program (run as admin with password). This makes it easier to manage than SRP.

Smartscreen (require admin consent) and Standard user with UAC (elevate signed only) are my second and third safety-net after parental control. Until now only Chrome Update requires a Run As Admin (with password login), all Microsoft software updates fine from standard User.

 

Hi
With your settings the Referer is visible:

https://www.browserleaks.com/javascript

 

Are there any threads explaining these tweaks in detail?

 

Windows Firewall, does it block connection attempts like raw socket or many other obscure ways to connect to internet? Some malwares can do internet connection durin bootup, deep inside kernel(ring) level and i think that windows basic firewall cant prevent that. Zonealarm, what i've heard can block net access deep inside kernel(ring) level. With basic windows firewall, injection is already made and malware has full access to internet.

 

If you set it to block all outbound connection except those already whitelisted, i guess it can.

 

Does it block net access during boot up? How deep in kernel level it operates anyway? Zonealarm uses its own network filterin driver deep inside kernel and ring side boot procedure, so it can stop malware to connect.

 

OS: Windows 7 x64

System protection:
Macrium Reflect
Windows Firewall (outbound also)
Standard User Account
Software Restriction Policies
User Account Control on max

Browser protection (Chromium x64):
uBlock Origin
Sandboxie

On-demand scanners:
Emsisoft Emergency Kit
Avira PC Cleaner
Malwarebytes Anti-Malware
HitmanPro
herdProtect

 

Yes, you are totally right. The --no-referrers switch breaks a site I need for work. I don't mind tweaking, but it has to be set and forget. Therefore I enabled reduce referrer granularity.

 

They are in different threads, buy when you use SD, SB and NVT they won't add much protection (parental control only monitors EXE's in user folders and Program Files, so you are better off with NVT as an example).

 

@Windows_Security
Your security is useless, when an malware does it in ring 0.