What is your security setup these days?

Netgear DG834 Hardware Firewall
Avast - Standard Shield only
ProSecurity 1.24 paid for
FireFox 2.0.0.1 (No Script + SiteAdvisor)
Acronis TI system daily

On demand - every few months

 

Stayed the same:
Added:
Removed:
Updated

Router - Linksys BEFSR41
Firewall - Look 'n' Stop
Anti-Virus - KAV 6
Utility Suite - Regrun Platinum v5.0 (Previous v4.6)
Anti-Exploit - Linkscanner Pro
AntiTrojan - Boclean
IPS - Prevx1
Ad blocking - Ad Muncher
Cookie monitoring - CookiePal
Firewall - Zonealarm Free
Anti-Virus - NOD32


For whatever reason NOD32 was causing considerable delay in Windows starting up. Taking sometimes as long as 3 to 5 mins. I've relegated NOD32 to on-demand only. Re-installed KIS6 but only the AV and Proactive modules. Giving LNS a try and appears easy enough to use. Very light as well at only 3.4mb resident. Might even get 3 weeks out of this setup.

muf

 

Well, my security setup is as follows:

Antivirus- Avast! Home Edition
Firewall- Comodo Personal Firewall
Router Firewall-Westell VersaLink 327 Built-In Firewall Active
Antispyware- Resident: Windows Defender
Antispyware- On Demand: Spybot S&D [with Immunize feature on and, I think, TeaTimer off]+Ad-Aware+A-Squared Free+AVG Antispyware Free
Active HIPS- Winpatrol+Cyberhawk
Browser Protection- SpywareBlaster
Browsers- Internet Explorer 7+Mozilla Firefox 2
Operating System- Windows Service Pack 2 [with all updates installed]
On-Demand Activity- Once every month
Note: For a great security setup, customizing the programs are absolutly needed (I customized the Windows XP interface, IE7 and MF2 for optimized security) and constant updates should be active and monitored.

The reasons for this setup:
-All programs have a simple interface.
-All programs can be customized easily.
-All programs have great protection.
-All programs have easy updating and update well.
-All programs have been recommended.
-Most programs have dedicated fourms, which means the company is trying to make quality products.
-All programs have great overall rating and reputations.
-All programs have simple and easy intergration with the Windows XP OS.
-On Demand activity is easy and simple.

Overall, the physical memory usage of the active protection is about 312 MB of 768 MB (without browsers open). With a single browser, it usually jumps to about 350 MB, and with both browsers open, it jumps to about 400 MB. Not bad, considering the active protection doesn't consume much resources.

P.S-
Also, some other programs I recommend that are not necessarily security related, but help in many OS areas and better than many other programs, are:
-Trillian Messenger Client
-EasyCleaner
-CCleaner
-WeatherPulse
-7-Zip

(People might notice that I already posted this already, but whatever. Better to share and see what people think of it. )

 

Installed new OS XP pro SP2 checked for any Spyware, Viruses that may have been secretly packaged with OS LOL. Checked for RKs with popular RKU. When I felt satisfied that my paid for brand spanking new OS was ok I Kill Disked my drive reformated and installed again same OS,
now my current set up is in my signature

 

I've elected to keep my security setup secret recently after some changes,call it overtly paranoid or maybe not missing a trick, but since i open my normaly secure computer enviroment to multiple malware infections(2-8 daily).I don't want to let the bads guys know who i am so they can *target* an attack.
Suffice to say it incudes software firewall,application firewall and IDS as the core security policy when i'm not malware harvesting.

With that i do utilize various tools/softwares for monitoring and recovery from malware infections after i've grabbed thoes malware bots for widespread vendor distribution
http://www.castlecops.com/f269-Malware_Listserv.html

So here's a shortlist of what i deem to be effective tools by experience of using them on demand only whilst dealing with malware infections at various stages over the past 5 months.

Virus/worm recovery Kaspersky AV 6(currently trialing)
Botkiller SUPERAntiSpyware free
Diagnostic/monitoring ProcessExplorer10(task manager on steroids )
Rootkit/ADS RootKit Unhooker

I have some extra tools for monitoring/diagnostic/debug but they are private builds so listing them here dose'nt make much sense.

 

Hardware: Netgear FVL328

Resident:
Comodo
Nod32
Ghost Security Suite
Prevx1

On Demand:
SuperAntispyware
Rootkit Revealer
Ad-Aware
a-squared free
Process Monitor
Process Explorer
Autoruns

Hardening:
Spywareblaster
IESpyad
WWDC
Socketlock

Browser:
Firefox w/No Script, Shazou, Adblock Plus, Form Fox, Site Advisor
SandBoxie

Backup and Recovery:
FD-ISR
Drive Snapshot

 

Lately, NIS 2007 has kept me clean - it is the only security product I have running in realtime {resident}. I have Spy Sweeper, Spyware Doctor, Spybot S&D which I transferred to a different machine - and I still have BitDefender and KAV which I can run manually. The 2007 version of NIS is also very lite on resources compared to previous versions .. quite an improvement IMHO.

 

am I reading you correctly - you actually go looking for malware ?

I have just tried SUPERAntiSpyware and have found nothing. avast never finds anything nor windows defender not avg nor prevx1 nor........... I do quite often find false positives but never the real thing. so would be interested to know how to go about finding a real virus or any real malware

 

well just do a search on google for cracks and warez
that will find real malware but you cant blame me if you do and dont think about asking how to clean it if you go down that road.
lodore

 

Correct

Follow the MIRT link in my signature for more details

Hmm,its readily available from many sources and all to much of it.I think if you have to ask *where* to find it then maybe for your own 'puters welfare i won't give you sources.

Hunting malware is not about testing how *good* your setup is,because what happens when something gets past all your defenders since nothing is 100% bulletproof ?

own3d


Malware hunting is about collecting new emerging threats/infections and getting the data out to interested parties/distribution points so the good guys can strike back with updated definitions/cleaning routines as quick as possible

 

I wonder how well Prevx works with the latest version of NOD32 2.70.23 which has potentially unwanted and unsafe application settings as well as anti-stealth? Doesn't NOD now duplicate some of what Prevx does?

 

My present set-up is what you find in my siggy below. Not included but installed and protecting is KERIO 2.15.

Debating to add A2Squared or another On-Demand AS proggy.
Mwav for what it's worth carry AV duties along with AVZ AV integrated.

Having trouble running Rustock B and some other malwares since i do believe my arsenal bumps them off into a BSOD, but that's par far the course. Nothing infiltrates when running Shadow-Surfer (dumps session entries no matter what)

My wish-list would be CyberHawk & CoreForce if they could get around to stablizing those security apps. I don't toy with popular Cloners anymore, i manually copy all programs and reg settings to an alternate drive or flash drive.

Seems to be sufficient enough on this end so far.

 

Avira and Pro Security on one machine, other machine gets Windows Defender x64 and Avast 64 on my 64 bit machine, both connected to router with SPI firewall.

 

when i last tried nod32, they worked well together.

while NOD32 has improved and will continue to do so, id still keep Prevx1.

 

Minor changes. Maybe will go to AppDefend if ProcessGuard doesn't progress.

Firewall
Linksys Router RT31P2
Outpost Firewall Pro 4.0.971.7030 (584) (real-time spyware protection enabled)
Harden-It 1.2
Windows Worms Doors Cleaner 1.4.1

AV/AT
Kaspersky Anti-Virus Personal 6.0.1.411
BOClean 4.22.002

HIPS
DiamondCS ProcessGuard 3.410
DiamondCS WormGuard 3
RegDefend 2.001 (with revised custom Ghost Group from Tony Klein 5/29/06)
WinPatrol Plus 10.0.5.0

Block Lists
SpyBot Search & Destroy 1.4 (Immunize enabled)
SpywareBlaster 3.5.1 (Custom Blocking List: http://koti.mbnet.fi/pattaya1/swb3.htm 1/4/07)
MVPS Hosts File (12/29/06)(Hoster 3.6)
IE-SPYAD (10/9/06)(and TNT block list 12/15/06)(ZonedOut 3.2)

Resident On Demand Scanners
Ad-Aware SE Personal 1.06
SUPERAntispyware 3.4.1000
Kephyr Bazooka 1.13.03
Trend Micro CWShredder Version 2.19
A-squared scanner 2.1.0.5
Ewido Micro 4.0
Mischel TrojanHunter 4.6
UnHackMe 4.00
Sysinternals RootkitRevealer 1.71
F-Secure Blacklight Rootkit Elimination 2.2.1055
Gmer 1.0.12.12011
Resplendence RootKit Hook Analyzer 2.0
Sentinel 2.1.0
DllCompare
HijackThis 1.99.1

Online Scanners
CounterSpy spyware scan
Prevx HijackThis analyzer; HijackThis log file analysis (HijackThis Log Analyzers)
Jotti's malware scan
VirusTotal
McAfee online virus scan
X-Clean Micro (Facetime.com) spyware scanning

 

Do you use all those on-demand scanners?

 

finjan to Astaro trial.
Astaro Security Gateway Virtual Appliance for VMWare

 

Updated: 01.01.2007

Realtime: None

OnDemand: A-Squared Free, MWAV Free

 

wow thats quite a minimal setup. also youre behind a router/firewall correct?

 

Nope, no router or firewall (all ports closed). I wonder, how it is gonna to work.
I have read, that some people use nothing for years and they never got infected.

 

G1111

That's quite a roster you keep at the ready. Nice one.

 

Hi,

Wifes Laptop:
Windows Defender (Antispyware)
Zone alarm firewall
AOL Active Virus Shield
Prevx1

On my Desktop computer:
Windows Defender (Antispyware)
Windows Firewall
Antivir Classic AV
Prevx1

Cheers

Jlo

 

Router

NOD32

SuperantiSpyware Free

 

Router
"Drop My Rights" for Outlook, MediaPlayer, Firefox 2 with No Script, and IE
Nod32
Zone Alarm Pro (firewall only)
Prevx1
FD-ISR
Acronis Workstation