Advice on my set-up...

hi all,

here is my security set-up:

nod32
ewido security suite (full version)
outpost pro
process guard
spyware guard
spyware blaster
MS antispyware
spybot search and destroy
Ad-aware

Is there anything else I should have eithar for on-demand or real time protection. This is a new set-up and I am adamant to keep my system clean this time as round.

thanks,

James

 

Hi James314,

Looks to me as if you have a decent setup there. I know ppl that have more (and less) but I think you should be protected pretty well.

You may want to get yourself a HOSTS file however.

Some can be found here or here

Some other cool utilities that others on the forums here have used are WWDC which helps to close off some ports that Windows has open by default.

Some other nice ones are SecureIT and HardenIT

If you accept the defaults with them both, you should be good to go. Others here may have different opinions but to me you look pretty good. It all depends if you want to spend $$$ or go for some more freebies like I just told you about.

Either way good luck and keep us posted as to what you decide.

Best Regards,

Jag

 

I agree w/ Jaguar, do some hardening and you're good to go

 

thanks for the tips. I have gone with the hardeining options of secureIT, didnt bother with WWDC as i have disabled most of the services anyway. I want to use the host file but am unclear where, after i have unzipped it, it needs to go. can anyone give me a step by step guide of what to do?

thanks.

James.

 

Hi James,

Where the HOSTS file goes depends on your OS.

See below...

Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98\ME = C:\WINDOWS

So basically what you need to do is backup your current HOSTS file at the location that is specified above. You could simply rename it it to HOSTS.bak or HOSTS.old. Your choice.

Next unzip the HOSTS file to the locations mentioned above, depending upon your OS that you have.

If you have chosen the Bluetack HOSTS file, you may want to dl there HOSTS file manager, which can be found here.

I use it myself and it makes the job very easy to download and update your HOSTS file.

Oh one other thing I should mention. If you have Windows 2000/XP, you should disable your DNS Client service, otherwise you are very likely to see slowdowns while surfing the net. If you are unclear on how to do that, on both the MVPS and Bluetack sites there are explicit instructions on how to do that. If you still need help, post back here as I am sure that someone will be along to get you all sorted out.

Regards,

Jag

 

thank you all so much for your help, where would a newbie like me be without you all! I now have a new host file and have a hardened system as well as all of the above programs. If anyone else has any other recommendations for my set-up please post.

thanks again,

James.

 

oh yes, before i forget, I did not d/l HardenIT as it says on the website that it is for advanced users and im not exactly sure what it even does! do you think I should d/l it and just apply the default settings it recommends despite this.

 

safexp is good too. then there's htastop.exe, dsostop2.exe, dcombob.exe, Bugoff.exe, IESpayad and WMPscriptfix.exe

you can also change the way you logon. you can password protect your account.

Ccleaner is very good, you can set it to clean your system every time you bootup.

MJRegWatcher is good and free, it watches the registry

you can turn off some services you don't need too

Bitdefender is a very good backup AV.

here's a link to help secure IE, it's abit old now but most of it still applies, it's better than default settings.
http://www.dslreports.com/forum/remark,1333507~root=security,1~mode=flat

here's another good page:
http://www.markusjansson.net/exp.html

and if you have XP, turn on clear type

 

i think it would be fine if you are on a standalone PC and aren't running a server. you could try making a restore point first.

something else that's very useful is ERUNT. it can be set to copy your registry every time you boot up. it will only make one backup per day and after 30 days it will start removing those older backups.

you can also make a backup any time you want with ERUNT. there are two versions, a zip and an exe. i think it's the exe version that will make the automatic backups.

 

thanks for the tips, think ill give clear type a miss as i think it looks weird. And i think i have done enough hardening - anymore and itll just get confusing.

One more question - After using secureIT what do i do when i d/l a newer version of it? do i have to uninstall the old version which reverts the changes and then install the new one? Also, is there a way of going through secure IT and changing/reviewing the options i picked or do i have to start over; i ask because there is no settings or menu etc, only the ability to start installation again. In addition, i cannot view the file which shows the changes secure IT has made as for some reason it cannot find it on my computer.

would also appreciate any comments on harden IT.

thanks again all,

James,

 

anyone...


J.

 

Hi James,

I would suggest that you have some image copy software and of course an external image copy of your harddisk stored off-line somewhere.

Other than that, some registry protection and script protection may be something you might want to look at.

Rich

 

thought id let everyone know what i have decided on. As well as the above set-up i now have the following:

hardenIT
secureIT
Samurai
PreEmpt (i am using the 15 day trail)
Preview - this checked my system for vulnerabilities and after installing preempt my rating is 94%, not perfect, but good enough.

Preempt seems like a fantastic program. Its light on resources and easy to understand. Samurai has some great features too like hardening the AOL instant messenger. My only issue at the moment is that i am now really sure i would go about using updated versions of secureIT, hardenIT and Samurai. For instance, I would have to uninstall the old versions (otherwise id end up with loads of old hardening tools) but if i do this it reverts the changes and i have to start over again.

anyway...thank you everyone for all of your help.

J.

 

just to clarify - the above should read 'My only issue at the moment is that i am *NOT* really sure i would go about using updated versions of secureIT, hardenIT and Samurai. For instance, I would have to uninstall the old versions (otherwise id end up with loads of old hardening tools) but if i do this it reverts the changes and i have to start over again'.

sorry about that.

J.