What is your security setup these days?

Added Trusteer Rapport .

 

Indeed people. I have also gave up using any realtime AV scanner some time ago and my CPU have a lot of free time since then
Also for on demand scans I use the lightest and fastest tool available at the moment - HitmanPro and I don't think that I will ever go back to using realtime AV

 

Running whats in my sig. The only thing thats different is I have avast! sandbox enabled and Comodo's disabled and Comodo HIPS turned on but have changed the "Monitoring" settings so it alerts more like a true Behavior Blocker.

Loving this setup so far

 

how did you do that man?it will be nice to have a free behabiour blocker

 

Maybe Paranoid mode like can be done in Mamutu.

It sux big time IMHO that not a single solo developer is fashioned a freeware BB for all us users out here who have been after just one that can simply alert on activity like we expect. Yea I know there is Mamutu and other pay for duplicates on the market but they are always bundled in with their master product.

 

that is very true my friend

 

ThreatFire can still kick some a**...

 

in level 5 it is very nice to have hip's like

 

Home network (LAN) protection
01. Router (inbound) and Windows FireWall also blocking outbound applications, with IE locked (IP's=URL's, 443=HTTPS) for online banking

Intrusion mitigation for all (including admins)
02. Deny installation/elevation of unsigned drivers-activeX-PS1scripts/executables through GPO/UAC-ValidateAdminCodeSignatures
03. Memory exploit protection with DEP/SEHOP/ASLR/HeapTerminationOnCorruption and EMET (for explorer and 'user' applications)
04. Locked System Configuration (FW-rules, logon, shell, command/scripts, regedit, com, user-autostarts/tasks) through GPO
05. Deny execute for Everyone in (drive-by) download/internet/mail/media folders and (drive-in) USB through ACL/GPO

Infection restrictions for (basic) users
06. Locked settings of Outlook, Internet Explorer and Chrome (with AdBlockPlus extension) through GPO (using nsa templates)
07. SRP default level Basic User (set a deny execute) for all software files (in user folders) except for (run as) Administrator
08. Running mail and media in LUA (stripmyrights), web browsers in protected mode/policy sandbox plus ExploitShield free

Real Time third party
09. Baidu Free AV (just trying for fun)

On demand
10. Backup plan: Data (to NAS) with SyncToy and Image (to 2nd HD) with Windows Image

 

That is fabulous stuff.

I beg you to post a full tutorial on how to achieve all this.
Notably on home premium.

 

Sorry, mate you need at least a Windows Pro version for this to realize. Without Group Policy Editor it is not possible.

 

Okey dokey.

Thanks for the info.

 

Tempted to try because of kapersky, avira and own cloud engine, but still in Beta apparently, HIPS is nice (not full flown, but detects quite a few high impact changes), had expected the detection to be higher, will give it a go when it is out of beta.

 

Ditched Baidu AV. Little too many FP for me. It was nice and light though.
Trying out Avast free with my current setup. Yeah I know 2 AV's...bound for trouble....blah blah. So far light and no issues. Love the updated GUI.

 

I've finally chosen DWPF on my office PC (XP x32) as the only resident security (with CTM). Comp feels much lighter with it then with CIS. I'm going to do only sporadic (weekly - monthly) scans with Emsisoft EK here.

BTW I know there's nice internal security in win-7 as SRP, Applocker. Are there such things in XP? I would implement them as well. Emet is no choice here.

 

1) Limited User Account
2) Group Policy

Those are the 2 built-in mechanisms I know of in XP Pro. I haven't implemented any because I feel like I have other measures in place, but they're worth a reading.

 

- IT guys made me "Debugger Users" on this PC - I asked them to enable me to install/uninstall apps here. - it must be of LUA?

- could you say what buttons press?

 

Most likely yes, IT guys love to do that.

These are very good reference materials:
http://www.dedoimedo.com/computers/policies.html
hxxp://www.sos.state.co.us/pubs/elections/VotingSystems/files/WindowsXPSecurityGuide.pdf

 

thanx, studing

 

WSA + Shadowdefender + Macrium Free + Mbam free

 

Yeah, introduced SRP into my XP PC, it wasn't difficult as I did it for win-7. I didn't removed "LNK" from "Designated file types" and anyway browser can be started by its shortcut. PC runs OK.

 

My Security setup:

OS: Windows 8 pro 64 bit

Eset nod32 av 6

Separate standard user accounts for browsing, email and banking and one administrator account ( all are password protected except browsing account)

Default deny Software Restriction Policy

Dyn dns internet guide enabled in router

All suggestions welcome

Edit: Full system partition backups using aomei backupper recovery media

 

Windows 7 Ultmate 32 bits (E5200 dual core at 3 GHZ with SSD + 2xHDD)

Home network (LAN) protection
01. Router (inbound) and Windows FireWall also blocking outbound applications

Intrusion mitigation for all (including admins)
02. Deny installation/elevation of unsigned drivers-activeX-PS1scripts/executables through GPO/UAC-ValidateAdminCodeSignatures
03. Memory exploit protection with DEP/SEHOP/ASLR/HeapTerminationOnCorruption and EMET (for explorer and 'user' applications)
04. Locked System Configuration (FW-rules, logon, shell, command/scripts, regedit, com, user-autostarts/tasks) with GPO
05. Deny execute for Everyone in (drive-by) download/internet/mail/media folders and (drive-in) USB through ACL/GPO

Infection restrictions for (basic) users
06. Running Outlook and WMP in LUA (stripmyrights) and Chrome in its own policy sandbox (with PPAPI flash and internal PDF-reader)
07. Locked and hardened security settings of Outlook and Chrome (whitelist extensions AdBlockPlus and TrafficLight) with GPO
08. SRP default level Basic User (set a deny execute) for all software files (in user folders) except for (run as) Administrator

Realtime
09. SpyShelter free, system protection (HIPS) only, ask user, deny all actions for chrome, office and flash, pdf, 7-zip, media player

On demand
10. HitmanPro free Scan before monthly Data (to NAS) and Image (to 2nd HD) backup

 

added Spyshelter Firewall

 

i hope they build defensewall 64 bit version one day