What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Try WinPatrol PLUS as Classical HIPS.
     
  2. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,530
    Location:
    St. Louis, MO

    Doesn't go into detail but, "Network inspection system* – Protection against network-based exploits is now built in to Microsoft Security Essentials."

    http://windowsteamblog.com/windows/...rosoft-security-essentials-now-available.aspx


    Might work similar to Avast's Network Shield?
     
  3. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Downloading and trying ;)
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Go into the IFS of Emsisoft Anti-Malware

    Uncheck: Intelligent False Positive Reduction
    Check: Paranoid mode

    EAM will fire on any double event trigger and most single intrusion triggers
     
  5. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Testing Norton Antivirus 2010.
     
  6. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Took off Mamutu, added Threatfire.

    After a lot of reading online, figured out how to add VMware and LinuxMint and Chrome.
     
  7. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen

    A bit hard to qualify WP as a real HIPS. :rolleyes:
     
  8. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Removed Threatfire, added trial of Online Armor Premium /dragonslayer for 64bit.
     
  9. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    I have revised my protection system third time. I am much satisfied now.

    1. KIS 2011 CF1 (11.0.1.400a) interactive mode and manually configured HIPS, Firewall, Anti-Banner, Custom Scan, and Exclusions for my personal needs. Offline updates via Kaspersky Updater 2.2.0.72 (Schedules every 1-hour + manual checking too). I also use KIS Vulnerability Scan (twice a month) and Privacy Cleaner (whenever I disable Returnil Safe System) to check system security/health status and clean junk which CCleaner might miss. I clean KIS cache after every major/important update (I do not like duplicates in cache folder).
    2. Structured Exception Handling Overwrite Protection (SEHOP), Full Data Execution Prevention (DEP), and User Account Control (UAC) enabled. Software Restriction Policies (SRP) defined as “Disallow” with additional rules/exceptions. Very secure approaches, although I am considering and testing AppLocker for replacement of SRP to further enhance generic protection.
    3. Malwarebytes Anti-Malware 1.46 Pro (Protection module enabled/Website blocking disabled) configured for personal need (with exclusions in KIS). Working fine without any conflicts.
    4. Manually configured WinPatrol PLUS 2010 (18.1.2010) for supplementary HIPS protection as well as useful "Delayed Start" feature. CPU Temp, Windows Task Manager, and Returnil tray icon starts after 10, 20, and 30 sec delay on each restart. To clean my startup list/entries, I use Autoruns (10.02).
    5. Returnil Virtual System 2010 3.1.8774.5254 to virtualize my system most of the time. I disable safe system only for Windows/Software Updates + for KIS updates (every 3 days). It also helps me try new software(s) before actual install on my system.
    6. Sandboxie 3.46 for virtual browsing suspicious sites, although I use KIS sandbox mostly. I am now considering relying on KIS sandbox only.
    7. Firefox 3.6.8 (latest build) with ABP (EasyList, Fanboy's List, Fanboy's Tracking/Stats Blocking) , No Script, Better Privacy, Memory fox + Office 2010 theme.
    8. All software up-to-date, especially Security Suite (KIS 11.0.1.400a), Malwarebytes Anti-Malware (1.46), WinPatrol 2010 (18.1.2010), Windows 7 x64 (Windows Updates), Java (JRE 6 Update 21 x86), Firefox (Firefox 3.6.8 ), Flash Players (Flash Player 10.1.53.64, Flash ActiveX Player 10.1.53.64, and Adobe Shockwave Player 11.5.7.609 Slim), Returnil Virtual System 2010 (3.1.8774.5254), CCleaner Slim 2.34.1200 with CCleaner Enhancer (customized rules according to my needs), Raxco PerfectDisk Pro 11 (Build 174 x64), and Registry Mechanic (10.0.0.126).
    9. I prefer x64 architecture over x86 due to increased baseline protection and better stability as no good software modifies Windows Kernel (Patch Guard) as well as certified drivers only. Moreover, no rootkit (currently/ITW) can disturb x64 OS.
    10. Common sense and updated knowledge (RSS security feeds, Security podcasts, Membership of many quality antiviruses (new beta tester), Blogs, and Forums), the most important things against latest threats. Constant checking and keeping an eye on what is going on my system (CPU and RAM usage, Active processes, Browser response/hang, and other suspicious things/activities).

    Any suggestion will be welcomed.
     
  10. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    355
    Location:
    Netherlands
    REALTIME:

    Avast v5 Free
    Comodo Firewall v4.1(D+,Sandbox active. Yes the last one does not work as intended in this version. :) )
    Winpatrol Free
    DEP.(All program's)
    SEHOP

    Browser:

    Main: Firefox v3.6.8 with;

    Request Policy: https://addons.mozilla.org/nl/firefox/addon/9727/
    Adblock Plus: Easy Element+Easy List / Malware Domain list /Easy Privacy

    ClearCloud DNS: http://clearclouddns.com/
    MVPS Host file: http://www.mvps.org/winhelp2002/hosts.htm
    Spyware Blaster

    ON DEMAND:

    MBAM Free v1.46
    SAS Free v4
     
  11. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    Oh well, I didn't have high hopes for MSE anyway. I'm really, really picky when it comes to being able to exclude false positives, I like to be able to exclude them if I see one. But with MSE it's like "Would you like to remove or quarantine?" with no option to ignore or exclude on-the-fly.

    Seeing as Panda Cloud can now be run along side another scanner, new setup in my signature. I also have Panda protected from unwanted termination thanks to COMODO.
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Play PC: Business Vista 2GB Ram, E5200 @3GHZ

    Windows FW, also outbound application filter
    UAC + Norton's UAC tool
    SAFE = Lazy ADMIN tweaks https://www.wilderssecurity.com/showpost.php?p=1717928&postcount=1
    Windows Defender: Autostart Entries, System Configuration, Application Registration and Windows plug-ins

    PrevX safe online freebie

    A2 Emergency kit on demand

    Iron as browser
    - don't accept third party cookies
    - block Google cookies
    - Site Advisor for chrome

    That is it
     
  13. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    Well, it took me a while to get these kids to settle down. Panda was off doing his own thing scanning every file I had, and Avira, well she wanted attention and wouldn't stop spiking the CPU. A couple of learning scans and a few reboots later and they play nice with each other, for the most part. Grandpa COMODO is getting tired of asking me if I should allow them to execute or access this and that though... poor guy :(
     
  14. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,557
    copying Kees1958 settings but on Windows XP :D
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Better install Surun then to get UAC like protection. FajoXPSE will give you the security which is missing on XP
     
  16. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Yep, it's more like a software that warns you of any changes, but for my brother which is a Happy Clicker :rolleyes: Nah!
     
  17. hckyo

    hckyo Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    93
    Still using Nod32 v4 in my notebook, but testing in the desktop pc Coranti Multicore AV 2010
    Everything is ok at this moment, I´m wondering what´s going to happen in the next days :blink:

    Seems heavy on the system resources
     
  18. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    What are the updates like with Coranti? Huge I imagine?
     
  19. guest

    guest Guest

    Just uninstalled the NIS 2010. Couldn't resist the temptation of testing Microsoft Security Essentials 2 beta.

    So far, MSE continues to be great.
     
  20. hckyo

    hckyo Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    93
    It has bitdefender´s engine :p .. so you can imagine how frequent the updates are.

    and its a very heavy engine .. feeling heavier than Gdata or trustport :blink:
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    Noob if you got the plus version of WinPatrol you can block/denny changes for services,start up programs,activex,host files,home page etc etc without getting any alert from winpatrol by just simple going to Hide Alert Messages and select to prevent changes of course uncheck ''show all alerts'';) :thumb:
    for me winpatrol plus is a mini-hips:)
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    removed ProcessGuard 3.5 full,finished with my testing and this toy still has some potential;)
     
  23. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    August 10, 2010 - Updated , Added , Removed

    Windows 7 Professional x64 (UAC: OFF, WD: OFF, FW: OFF, DEP: ON, SEHOP: ON)

    Network
    • Two Linksys Routers (DD-WRT Firmware) in WDS Mode
    • WPA2-PSK AES Encryption
    • Wireless MAC Filtering Enabled
    • SPI Firewall Enabled
    Resident
    • Online Armor ++ 4.0.0.174 Beta (Paid)
    • Sandboxie 3.48 (Paid)
    • Malwarebytes' Anti-Malware 1.46 (Paid)*
    • WinPatrol PLUS 18.1 (Paid)*
    On-Demand
    • Shadow Defender 1.1.0.326 (Paid)
    • Active@ Disk Image 4.0.4 (Paid)
    • VirusTotal Uploader 2.0
    • VMWare Workstation 7.0.1 (Paid)
    Browser, Immunization, Tweaks
    • Firefox 3.6.8 (Ad-Block Plus, Better Privacy, Beef TACO, WOT, ShowIP, TrackMeNot, Ghostery)
    • KeyScrambler Personal 2.6.0.0 (IE & FF)
    • LastPass 1.69.0 (IE & FF)
    • RoboForm Pro 6.9.99 (IE & FF)
    • Bluetack Blocklists (Safepeer SPLists via OA)
    • CoU IP Blocklists for Online Armor
    • Malware Patrol's Block List (via Hosts File)
    • Spybot Search & Destroy 1.6.2 (Full Immunization w/o Global Hooks)
    • Spyware Blaster 4.3 (All Protection Enabled + Customblocking.txt)
    • BlackViper's Services Registry Files (Safe W7 Pro 64 Start)
    • Ultimate Windows Tweaker 2.1 (Customized)
    • SpeedGuide.net Vista TcpIp Patch 1.5
    • Panda Research USB Vacine 1.0.1.4 (Computer Vaccinated)
    dja2k

    *MBAM & WinPatrol were taken off temperately but are back!
     
    Last edited: Aug 10, 2010
  24. SPRINTMAN

    SPRINTMAN Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    53
    Location:
    Canberra, ACT, Australia
    NIS 2010, waiting on 2011. MBAM backup scanner, GMER and Sophos root kit scanner. SAS, a-squared, PREVX, Spybot, Counterspy, Spyware Doctor etc all now deleted after nothing found in 9 months since NIS 2009 replaced Panda Internet Security. As an IT pro I never expected to run Norton anything, let alone pay for it, but it's doing the job. It will do till something better comes along but I'm not holding my breath.
     
  25. begemot64

    begemot64 Registered Member

    Joined:
    Jul 28, 2010
    Posts:
    71
    @ dja2k:

    All that security software, but your network is vulnerable to wireless hacking: WEP 128 bit can be opened in under 5 minutes (with no particular knowledge required), and MAC filtering won't stop anything (it's just a hassle for you - the bypass/spoof is trivial). All that is required is for a kid to download a specialised linux boot cd, and bingo - he's in.

    You want to turn on WPA2, and get rid of the MAC filtering. If your network cards don't support WPA2 (ie. they are old), and you are serious about your security, upgrade them!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.