A security setup

Discussion in 'other anti-malware software' started by ElPhenix, Dec 18, 2006.

Thread Status:
Not open for further replies.
  1. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France
    Hello all,

    After reading lots of threads in this forum, I've decided to register. I was just wondering what do you guys think about my current security setup :rolleyes:

    AV - Avira Antivir PersonalEdition Premium
    FW - Comodo Firewall
    AS - BOClean
    HIPS - System Safety Monitor (free)


    That's what I am running on my laptop. Here is the ressource usage for each app :

    Avira - (10980ko + 2480ko + 444ko + 188ko) = 14092ko
    Comodo - 17256ko
    BOClean - 1664ko
    SSM - 8264ko
    Total : 41276ko used for security of 523632ko physical memory

    I would appreciate you give me your own security setup (just briefly, summing up why you've chosen that app) :D

    Thanks

    ElPhenix
     
  2. cprtech

    cprtech Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    335
    Location:
    Canada
    IMHO, that is an awesome security setup - just the right amount of layered protection without going overkill. The important thing is you are comfortable with it and quite knowledgeable on how to configure it all, especially the firewall and HIPS.

    BTW, welcome to the forums :)
     
  3. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France
    Another thing, what I have not said is that I have bought SandboxIe (lifetime key) and I am currently running it (it's using 1600kb). I consider SandboxIe as a "special" HIPS, and it's only an outline protection (as it's very light, I use it for sandboxing my mail and my browser, and sometimes risky files).

    Btw, thanks cprtech, just a question, why did you choose SSM ?

    ElPhenix
     
    Last edited: Dec 19, 2006
  4. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado

    Ive been running the same layered defense for awhile now

    ProcessGuard full (early adopter)
    Kerio Personal Firewall2 (used to it) w\ hardware firewall as well
    NOD32\Avast (depending on the box)
    Filechecker (early adopter)
    Ive recently added sandboxie as well

    and Ive historically employed a host of approaches to limit my attack vectors from outright ripping out built in components of the OS (IE, OE, WMP) to disabling protocols\files\commands (WSH\Java\ActiveX)
    sometimes I just refuse to play, no IM (or use a proxy) no HTML in email ect

    Im currently looking for a few alternatives to take for a spin ;)
    Ive downloaded Comodo as an alternate freeware firewall but still looking for a few more
    and Im shopping for some advanced HIPS\Virtualization aps to try out
     
    Last edited: Dec 18, 2006
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    seems like a good setup to me :thumb:

    as for me, my setup consists of KIS 6 and Ad Muncher. Vista compatible software is rather limited at the moment...
     
  6. cprtech

    cprtech Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    335
    Location:
    Canada
    I have never used Sandboxie but if it is working well for you and not noticeably bogging down your resources, then there is probably nothing wrong with using it. There are quite a number of members in this forum who mention it in high praise, so I feel it must be an excellent security app.

    I just like the amount of control over everything it offers, and the support, so far, from the developers has been first-rate. It has never conflicted with any of my other apps or caused system instability, either. There is another HIPS, similar to SSM, called Pro Security which seems to be getting alot of favourable reports from several members in this forum as well. I have never tried it, but I certainly would if I had not already bought SSM. The developer is also very helpful and offers a free version, too. One can not likely go wrong with either product.
     
  7. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France
    Thanks all for your answers. I will test ProSecurity Free when I will finish testing Look'n'Stop 2.05p3.
    I think that firewall is really good, and for me (at the moment) better than the excellent Comodo Firewall (just look at LNS low ressource usage and the number of things you can configure) ... although it's a shareware (that's not a problem for me, I will buy it when the trial period will be finished).

    I have heard some good things about Online Armor, who can confirm that ?

    ElPhenix
     
    Last edited: Dec 19, 2006
  8. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    My setup on this computer is
    NOD32 2.7 - 23,408k
    Look'n'Stop 2.05p3 - 1,936k
    Ghost Security Suite - 5,736k

    Total 31,080k of 1,046,868k

    I use this setup as its light on the resources while offering sufficient protection for me.
     
  9. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    its a good program though not as powerful as either SSM or ProSecurity. OTOH, it is easy to use and understand.
     
  10. TECHWG

    TECHWG Guest

    I would say good choice, as someone else said just right not OTT. but im running AVAST and Prosecurity rather than Antivir and SSM. just my preference right now

    WG
     
  11. Happy-Dude

    Happy-Dude Registered Member

    Joined:
    Aug 28, 2006
    Posts:
    54
    Location:
    United States of America
    Well, my security setup is al follows:

    Antivirus- Avast! Home Edition
    Firewall- Comodo Personal Firewall
    Antispyware- Resident: Windows Defender
    Antispyware- On Demand: Spybot S&D+Ad-Aware+A-Squared Free+AVG Antispyware Free
    Active HIPS- Winpatrol+Cyberhawk
    Browser Protection- SpywareBlaster
    Browsers- Internet Explorer 7+Mozilla Firefox 2
    Operating System- Windows Service Pack 2 [with all updates installed]
    Note: For a great security setup, customizing the programs are truly needed (i customized the Windows XP interface, IE7 and MF2 for optimized security).

    The reasons for this setup:
    -All programs have a simple interface.
    -All programs can be customized easily.
    -All programs have great protection.
    -All programs have easy updating and update well.
    -All programs have been recommended.
    -Most programs have dedicated fourms, which means the company is trying to make quality products.
    -All programs have great overall rating and reputations.
    -All programs have simple and easy intergration with the Windows XP OS.

    Overall, the physical memory usage of the active protection is about 312 MB of 768 MB (without browsers open). With a single browser, it usually jumps to about 350 MB, and with both browsers open, it jumps to about 400 MB. Not bad, considering the active protection doesn't consume much resources.

    P.S-
    Also, some other programs I recommend that are not necessarily security related are:
    -Trillian Messenger Client
    -EasyCleaner
    -CCleaner
    -WeatherPulse
    -7-Zip
     
  12. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France
    I know that Cyberhawk is more a Behaviour Blocker than a 'normal' HIPS (based on the decisions of the user), but I dunno about WinPatrol ... Is it a Behaviour Blocker or another type of HIPS ?

    ElPhenix
     
    Last edited: Dec 19, 2006
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    You dont need 30 coats of paint, if you use a good primer to start with. Get the Avira Suite, trash the rest, and quit strangle-holding your PC.
     
  14. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    I like your way of expressing it Jeff.
    i just got kis6.0
    im gonna ditch spyweeper when it runs out.
    ill use superantispyware as on demand.

    lodore
     
  15. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    thank you, sir.
     
  16. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    funny how Ive not needed a dedicated spyware ap since I gave up on IE altogether :D

    Firefox with the noscript extension made it sort of pointless
    then of course whenever I went slumming it was with Knoppix which is bulletproof
    and now with Sandboxie\Firefox&noscript I really don't see the need even from the main OS

    havent had to do much more than clear cookies in ages
     
  17. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    i stopped using realtime antispyware when spyweeper got to bloated.
    now i use firefox with no script and im fine.
    my dad still insists on using Ie but the pc is always clean.
    my sister uses IE as well.
    lodore
     
  18. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    for awhile I was ripping IE out with XPlite or nLite
    but the constant manual updating via technet got to be a pain
    so I just started to lock it down with the noaccess.rat
    on my box and clients as well, they quickly got the point it wasnt worth the hassle except for a very limted number of sites that absolutely required it.

    Kind of scary to think that sandboxie may actually damage the headway Firefox has made if it becomes truely popular
     
  19. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    You don't even have to clear cookies! Besides setting FF to delete cookies at the end of the session, I love CookieSafe so far. It works like Noscript, but for cookies.
     
  20. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France

    Well, honnestly, I don't like your approach : I mean personally I cannot believe that all my security defence depends of one single application, just imagine that your application is frozen for 5 minutes (i dunno, for example it has to do a major update). For 5 minutes, you will have zero firewall to protect you (the AV is not really necessary, same for the AS). That's what I experienced with KIS, I dunno if it's the same with Avira.

    However, I respect your choice and I understand it : you just want a software which won't bother you and protect you in the same time.

    ElPhenix
     
  21. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado

    just dont have that many legitimate cookies that need saving these days and tools > clear private data is so damn simple :p

    I clear them without really reviewing them at this point then logon to the one or two sites Id actually want a cookie for for a day or so
     
  22. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    CookieSafe doesn't save cookies. It works like Noscript: you block them as default, and make exceptions as you go, temporary, for session, always for a certain site, etc.
     
  23. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    I think that is an excellent setup if you are knowledgeable enough to fully understand the prompts from SSM. My setup is as follows:

    AV - NOD32
    FW - Kerio firewall 4.x
    AS - None, a waste of resources, IMHO
    HIPS - Dynamic Security Agent
    ADDITIONAL - Hosts File with eDexter filter

    I see a lot in these forums about SSM, PG, etc, but am wondering why nobody else seems to be using Dynamic Security Agent. I feel it's much better than Cyberhawk - sits in the background like Cyberhawk but takes a lot less resources. Monitors applications, processes, HOSTS file, protects against keyloggers, rootkit installation, monitors registry, also network TCP control. Also detects anomolies in system, email - you name it. DSA takes about a third of the memory to run than SSM free does on my system. Much less noisy than PG or SSM, but does it's job. It is like having a combination AS/HIPS app in one. Also doesn't slow your system down and isn't as buggy as some others (Cyberhawk comes to mind, at least on my system). I like SSM and run it at times, but DSA covers more of the ground that I am concerned about, with a lot less hassle. My entire setup, as well as system functions (XP AMD64 2.8g processor, 512 MB RAM) take a total of around 250 MB, minimal processor usage. Also, as others have stated, using Firefox or Opera pretty much stops all the crapware. I do use IE7 for some sites, but do that with limited user setting (using DropMyRights). Basically, the bulk of Internet security boils down to being careful about the sites you visit and being very selective on what you download or click to open!
     
  24. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    this is what i am using now

    AVG Free
    Comodo Firewall
    SSM Free
    CyberHawk
    Snoop Free

    on demand - Spybot / A squared / SUPERAntispyware
     
  25. ElPhenix

    ElPhenix Registered Member

    Joined:
    Nov 30, 2006
    Posts:
    11
    Location:
    France
    Having lots of problems with AVIRA Antivir PersonalEdition Premium (with major update for example, and many others), I have just swiched to a more stable engine, Igor's AntiVirus, that's to say Dr.Web Antivirus. I think that even if the Avira's engine is one of the best of the market (maybe the best), I want something really stable and reliable.

    ElPhenix
     
    Last edited: Dec 21, 2006
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.