What is your security setup these days?

Westell 6100 - modem/router. - NAT features and hardware firewall.
ZoneAlarm Security Suite 6.1 - decently light little thing. Only freezes up when I crash it.
Prev1 R - Not much to say about this. I rarely see any prompts even on Pro unless I'm installing.

On Demand
BitDefender Free
Ewido
MSAS, Spybot, AdAware - When I feel like I have 3 hours to kill.

And of course, safe surfing with Maxathon.

 

Kerio Personal Firewall 4.2.2
Symantec Corporate Antivirus 10
Opera 8.5.1
Proxomitron 4.5j with v4.56 of my BSP
Privoxy + Tor (Anonymity on Demand )
Safe Hex (I know when I'm infected and when I'm not )

 

Anyone using Safe'n'Sec 2 ? What do you think? I see more people going towards the appdefend\regdefend route instead.

Better yet I am curious on what you think. What is a better combination HIPS...

Regdefend, Online Armor, Safe'N'Sec and with or without ProcessGuard?

Or Just

Ghost Security Suite (appdefend & regdefend) and Online Armor?

dja2k

 

NAT router with firewall
Windows Firewall
ShadowUser
NOD32
Safe'n'Sec 2

I used the AppDefend beta for a while, but as I couldn't prevent some app from starting up, I tried Safe'n'Sec. I'll try AppDefend again when it's final, but for now I'm very happy with SnS. The (compared to AppDefend) added "file/directory defend" and the ability to limit outgoing traffic to certain ips is another bonus. And if set up correctly SnS can prompt about any new application.

 

Updated...

Realtime - PLUGINS ACTIVE

NOD32 2.50.41 (BLACKSPEAR SETTINGS)
LOOK N STOP 2.05P2 (PHANTOM RULESET)
ONLINE ARMOR 1.1.0.616 (ALL PROTECTION ACTIVE)
SAFE'N'SEC 2.0.725 + ANTI-VIRUS (NO NETWORK ACTIVITY PROTECTION)
REGRUN GOLD 4.50 (ALL PROTECTION ACTIVE + ULTRA HIGH LEVEL)
GGS 1.110 - AD (TEMP-DISABLED) \ RD (ACTIVE + CUSTOM GHOST FILE)

( I hated using the realtime spyware guards of Ewido and Spyware Doctor which were combined about 35 + MB's. Back to full HIPS protection for me.)

Additional Hardening

SECURE-IT
HARDEN-IT
BUGOFF
SAFEXP
IE-SPYADS
SPYWARE BLOCK LIST FILE
SPYBOT IMMUNIZED
SPYWARE BLASTER + CUSTOM LIST
ENOUGH IS ENOUGH
SCRIPT SENTRY
COMPUTER SECURITY TOOL
CURRENT WINDOWS UPDATES
EXTRA SERVICES OFF
MVPS HOST FILE
HOSTS SECURE UPDATE UTILITY

Extra

FIREFOX MAIN BROWSER
JV16 POWER TOOLS
REGISTRY FIRST AID
DRIVE SNAPSHOT
TREND MICRO CWSHREDDER
TREND MICRO ANTISPYWARE
EWIDO 3.5
SPYWARE DOCTOR 3.5
KASPERSKY 5.0 BACKUP SCAN
AD-AWARE
SPYBOT
HIJACKTHIS
A-SQUARED
PROTOWALL + ANTI-P2P LIST

dja2k

 

My security set-up is..............
My own personal business, hackers might browse this site too and don't need to know what I use for security. Makes it harder to get hacked when one doesn't know what you use for security.

 

What custom list do you use with SpywareBlaster? I am using:
http://koti.mbnet.fi/pattaya1/swb3.htm

I also tried Safe XP. I noticed a few minor things that caused me to revert to my normal settings and remove this program (I did not play with it to optimize the settings). It seem to reset the settings in HardenIt and WWDC. I reset the seetings in WWDC and reran the settings (recommended) in HardenIt sure enough when I did RegDefend asked about (some) Registry changes indicating (but not I am not for sure) that Safe XP set it to something different. I noticed an increase in memory usage with Safe XP indicating that some of the setting changes did something to Windows XP to increase memory usage. Also upload speeds on speed tests were slightly slower. Although I know Safe XP only modifies security settings I noticed enough minor changes in my system that I did not keep it. I run HardenIt and WWDC.
Below is my latest set up:

Windows XP Home SP2 (automatic updates set to prompt)(latest patches installed)
Linksys Router RT31P2 (hardware firewall)
Outpost Pro Firewall 3.0.557.5918 (437)(real-time spyware protection enabled)

Kaspersky Anti-Virus Personal 5.0.390 (extended database enabled)
UnHackMe 3.03

DiamondCS ProcessGuard 3.2 (all protection enabled)
DiamondCS WormGuard 3
RegDefend 2.001 (with custom Ghost Files from Kent and Tony Klein)
WinPatrol Plus 9.8.1.0

SpyBot Search & Destroy 1.4 (Immunize enabled)
SpywareBlaster 3.5.1 (& Custom Blocking List: http://koti.mbnet.fi/pattaya1/swb3.htm 1/8/06)
MVPS Hosts File (1/9/06)(Hoster 2.0)
IE-SPYAD (1/10/06)(ZonedOut 2.2)

Windows Worms Doors Cleaner 1.4.1
Harden-It 1.2
FraudEliminator 2.3 anti-phishing toolbar (for IE6)(also use Firefox and Anonymizer for risky surfing)
C/Cleaner 1.26.218
MRU-Blaster 1.5

Resident On Demand Scanners
Ad-Aware SE Personal 1.06
A-squared scanner 1.6.1
Mischel TrojanHunter 4.2
Kephyr Bazooka 1.13.03
Trend Micro CWShredder Version 2.19
F-Secure Blacklight Rootkit Elimination 2.2.1015
Sysinternals RootkitRevealer 1.6
HijackThis 1.99.1
DllCompare

Online Scanners
CounterSpy spyware scan
Ewido online scanner beta & Ewido Micro
Help2Go Detective, HijackThis log file analysis (HijackThis Analyzers)
Jotti's malware scan
McAfee online virus scan
Webroot Spy Audit
Windows live safety center free online scanner
X-Clean Micro (Facetime.com) spyware scanning

 

A better tactic is to lie. Let them waste time working on the wrong info.

 

Yes G1111, I am using the block list from

http://koti.mbnet.fi/pattaya1/swb3.htm

dja2k

 

Microsoft Shared Computer Toolkit and BoClean here

con

 

Hmm - I'm somewhat of a noob. Is there someway people can identify me from my posts here?

cheers

 

there is no way that other people can identify you. Plus, showing the security setup is just like the sign 'Dog Inside' on the fence or 'Alarm System' on the car windshield. I do not think it is a bad idea to scare the thieves away, if you can not catch them anyway.

 

I wouldn't say that.

 

Well, everything is relative. Sure, a hacker breaks into the server will know the IPs. But you would be really lucky if the hacker picks up your IP from the huge log and continue to track you down. That just does not make much sense (moneywise or timewise).

 

That would be just one way yes. Not as hard as you think.

Nah, he doesn't need to look up your ip in a "huge log". Most forum software, automatically tag the post with the ip. Just gaining one of those administrator accounts, should allow an attacker to look up the ip you used to post.

Reading all your posts, would give him a head start into attacking you, because he knows all about your habits, your relative level of skill, your software.

Of course, it's much easier to just randomly port scan looking for targets to own, but if you piss someone off (not hard on the net), it's not beyond the realms of possibility that they decide to target you.

Not that I'm trying to scare anyone or something, but it actually happened to me once.

 

Just did a complete format of my computer and now I want to ask first before I go overboard on installing hardening tools. I only have installed Harden-It and AutoPatcher (all updates) right now. I plan to installed Computer Security Tool next, but besides those, which of these won't overlap and break down IE that much? You are welcome to modify my list and add anything to it.

SECURE-IT
BUGOFF
SAFEXP
IE-SPYADS
SPYWARE BLOCK LIST FILE
SPYBOT IMMUNIZED
SPYWARE BLASTER + CUSTOM LIST
ENOUGH IS ENOUGH
SCRIPT SENTRY
EXTRA SERVICES OFF
MVPS HOST FILE
HOSTS SECURE UPDATE UTILITY

dja2k

 

How did you found this out and what did you do if I may ask?

regards,

Inf.

 

you can install it all, I don't think there is too much overlap if you ask me at least not from kernel driven applications so it wouldn't be a big deal anyway.
it's free software too and a nice list!
I'm not sure but having hardenit and secureit together on the same setup, is that usefull? I guess that would be some overlap, not too sure as I'm not that experienced with those two tools...

 

It happened a few years ago back back before i was this super comp security expert that you all know

He messaged me on a board i used to visit out of the blue (we have never had any contact email or whatever before). Made all sorts of remarks which showed clearly he port scanned me, which means he had my IP....

There were several ways i could think of in which he could have gotten it (e.g sending me a link to a website he controlled and me clicking on it, looking at email headers if i replied to him on email, associating my forum ID, with a usenet ID that showed originating ip etc), but even in those days i was pretty careful, so it was highly likely that the easiest way he got it was by gaining access to the server or maybe he was made admin of the forum I don't know.

Not really a big deal, and he didn't claim to hack me or anything, he gave me a lecture on open ports, not that I didn't already know why they were open!
The unspoken implication though is that if he was truly malicious this was the obvious first step to hacking me, recon. Nothing untold happened , but it was kind of creepy.

There wasn't much i could do really. Call the Feds? Just for a port scan? Get real!

 

From this list above I think I will only install these not to mess up too much IE.

BUGOFF
SAFEXP
IE-SPYADS
SPYWARE BLOCK LIST FILE
SPYBOT IMMUNIZED
SPYWARE BLASTER + CUSTOM LIST
SCRIPT SENTRY
EXTRA SERVICES OFF
MVPS HOST FILE
HOSTS SECURE UPDATE UTILITY

dja2k

 

I had the same thing going on some time ago .. I used some tools of TDS-3 to scan him back, after some minutes my firewall log was going crazy, everything blocked, but now I know if someone is scanning your ports, don't piss them off

 

I don't see any point in "scanning him back". What's the point? To show off that you know how to point and click TDS-3?

Particularly since if he's any good, he won't be using his machine anyway or maybe even using spoofed packets. Trying to return fire if you dont know what you are doing is pointless.

Anyhow, I'm not a firewall weenie, who stares at his firewall log , looking for someone to "scan" him back... If I'm going to do that, it's going to be a full time job.

What is interesting about this case is that the guy messaged me to tell me he port scanned me, he clearly read my posts on the forum etc.. In most cases, people just randomly port scan you, they dont know anything about you.

 

first post!

KAV 5.0
Kerio 2.1.5
BOClean 4.20
spyware blaster
SP2 updated

on demand:
ewido free
A2 free
ad-aware free

previous:
Trend 2005
webroot spysweeper
spyware blaster
ad-aware
spybot SD

thanks to all for the knowledge i've gained here this set-up works fine with my online games like Bf1942 and mods, Call of Duty, etc and p2p.

KIS 2006 beta did not work well w/ these games in multiplayer, but when it's final, i'll give it another try

 

Welcome, pojispear!

 

What options do you people use on Samurai (High, Low, MediumHigh, Medium); obviously High is better but might break some stuff up right? Also I think there is an overlap of using Samurai with Computer Security Tool right?

dja2k