What is your security setup these days?

win 7 64
comodo d+free
sandboxie free
I dont think i need anything more. Nothing seems to get by sandboxie, so maybe cis is overkill. I just dont want to be changeing apps as often as i change my undies. So until they conflict or something gets through, thats it.

 

Noob you have to try more software its a must lol

what happened to Prevx J? I thought you loved that software

 

Windows 7 Professional 32-Bit

OS Internals (no extra overhead or cost)

• Safe Admin Tweaks [MANUAL] (UAC Hardened, Autorun and Autoplay disabled.)
• Software Restriction Policy (Disallowed: Set as default)
• Windows Firewall setup 2-way [IN/OUTBOUND: Block] (Improved via Baseline Security Templates)

Realtime protection

• Geswall FREE
  [*] Sandboxie Free (for running/testing unsecure software)

Tool:

1. ProcessExplorer
2. Microsoft Security Compliance Manager 1.0 (for downloading Baseline Security Templates)
3. MS LocalGPO (for applying Baseline Security templates) :
   Baseline Security Template: (Merged IE8SSLFUser -> IE8SSLFComputer -> Win7SSLFUser -> Win7SSLFDesktop : Allow Legacy Apps to run, Allow Administrators Group to debug programs to fix compatibility with EMET)
4. EMET 2 (Opt-out, Opt-in, Opt-in)
5. CCleaner

Setup:

1. Google Chrome [Set as Default Browser but NOT ALLOWED to run] ( --safe-plugins | Jailed by GesWall| Low Integrity | click-to-play plugin | SRP Restricted | EMET ) explained here.
   
2. Mozilla Firefox 4.0 Beta 12 [For regular and banking] (Not Isolated by GesWall | EMET | tweaked settings for privacy | Sandboxied )
   
   I have 2 Firefox shortcut to run Firefox in 2 different Sandbox (one for regular browsing and another one for banking)
   
   
   • Regular Sandbox (NoScript/Adblock Plus/Adobe Flash installed here together with my games and messenger)
   • Banking Sandbox (Only Firefox allowed to run and access Internet / No Add-ons installed )
     
     Since I'm using Sandboxie FREE I cant use two sandboxes at a time. I had to terminate all programs from running from Regular Sandbox in able to use Banking Sandbox vice versa.
   
   
3. All Download directories is in separate partition with low rights and have a deny ACL to prevent low rights processes executing in low rights container and is untrusted by Geswall
   (downloaded low rights processes can't execute in medium / high rights directories)
   
4. IE8 Jailed by GesWall.
5. ClearCloud DNS
   

Maybe I can add Prevx SafeOnline and allow screen readers on my Regular Sandbox so that Prevx SOL can protect my browser during regular browsing.
Prevx Malware detection is a plus.

or maybe add Returnil System Safe FREE to make me a bit more paranoid.

A screenshot of my processes attached:

 

Added MBAM as ondemand

 

Konata,

There's no way your running Geswall and Sandboxie together on the same system.

 

They can work perfectly

EDIT: Just don't isolate programs with Geswall that you want to run inside Sandboxie

 

Talk about a good way to have conflicts within a PC,not to mention,complete overkill.

 

I disagree, but I lack the knowledge to talk about my setup

 

You are running Firefox 5.0

 

Dude, FF 4.0 isn't even released.

 

Don't get surprised... We have seen even worse Setups.
-Is it 'Security' or ...

 

Good Morning ! An oversight...or is that no-sight on my part...LOL...I misread the Version # I am using 3.6.13...that's all folks. Sincerely...Securon

 

good setup

could u explain what u mean by " Chrome not allowed to run "

 

I really like this setup.

 

I'm not really sure... but I installed Chrome so that Firefox / Internet Explorer won't be my default browser that will open .HTML shortcuts
(if they did they wont be sandboxed/geswalled)


because I made Geswall NOT to isolate Firefox and IE to allow them to run in Sandboxie

and as you know I'm using Sandboxie FREE which cannot FORCE browsers to RUN in Sandboxie too.


I launch Firefox sandboxed with these 2 shortcuts

Regular Session:

Code:

"C:\Program Files\Sandboxie\Start.exe" /box:Gaming  C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe

Banking Session:

Code:

"C:\Program Files\Sandboxie\Start.exe" /box:Banking  C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe

(Firefox installed in the OS is untouched) ^^

 

• TP-Link TL-WR941ND (SPI Firewall)
  • Windows 7 SP1 Home Premium 64 Bits:
    • Windows Firewall: Disabled
    • Windows Defender: Disabled
    • Admin Account
    • Data Execution Prevention
    • User Account Control:
      • Default Level
    • Structured Exception Handling Overwrite Protection
    • Address Space Layout Randomization
    • Enhanced Mitigation Experience Toolkit 2.0
      • All Internet Softwares
    • USB and DVD Drives Autorun: Disabled
    • MVPS Hosts (Block Banners)
    • Norton DNS (Block Malicious Websites)
    • Windows Internet Explorer 8:
      • Drive-by Protection via 1806 Trick
      • InPrivate Filtering
      • Protect Mode
      • Sandboxed by Avast!
      • Avast! Webrep

• Resident:
  • Avast! Internet Security 6.0.1000:
    • All Shields Enabled
    • Password Protect

• Backup:
  • Marium Reflect Free:
    • Only System Image
  • Microsoft SyncToy:
    • Daily Synchronization

 

RealTime
Online Armor 4.5.1.431
Sandboxie 3.53.05
Zemana 1.9.2.243

Light Virtualization
Shadow Defender 1.1.0.325

BackUp
Macrium Reflect Full Edition 4.2/3141

OpenDNS / Opera 11.01

 

another combo

 

My signature.Light and super strong.

 

brought back sandboxie..

 

thx for explanation

 

I'm using the setup linked in my SIGNATURE below for Windows security.

I have Linux Mint (dualboot) on the same PC. Currently in stock settings. Fully Updated.

any recommended software?

 

Uninstalled Comodo firewall. Installed Outpost Security Suite free to see if it gets along with Geswall mainly out of curiosity although Comodo firewall was compatible with Geswall.

 

trying eset nod32

 

appguard and hitman pro here and very happy