Am I SECURE Enough ?

There are always tradeoffs for free software, if you want further consolidation with the same level of protection, you will have to actually pay for the software. Spyware Stopper , for example, has resident blocking (as it comes in through your internet connection) of spyware and also containes the kill bits like Spyware Blaster.. it's up to you if the inconvenience of having 2 different apps is worth the money (although to be fair, Spyware Stopper does have some additional protection that Spyware Guard does not.)

IMO it's really not that hard to have one additional program that you only have to run about once a month, plus it gives you some tools for your hosts file, BHOs, etc. It also really wouldn't hurt to install Spybot Search and Destroy just to do scheduled scans, Spybot and AdAware both catch things that the other doesnt. Take 5 mins to go through the options and set things up correctly, then you can just forget about it. Again, for consolidation, you can check out Spysweeper, it's a spyware scanner that also has resident protection, and MAY suit all of your needs for spyware protection in one app. Again it costs money, trade-offs.

What you really probably want to do is download everything and run what you call "overkill" for a little while just to see what programs work best for you.

You may also want to check out the thread "what is really sensible in terms of security" if you haven't already:
https://www.wilderssecurity.com/showthread.php?t=43117

It should be noted that things didn't get real bad, in terms of security, until just this year. The threats aren't just coming from script kiddies and the like anymore, there is big money behind these threats now, and they are doing everything they can to subvert common protection models. If you choose only to use one spyware scanner, what are you going to do if/when you get something that targets and disables that scanner? This kind of threat is cropping up more and more all the time. The solution? Use a few different apps and make it easier on yourself by automating it as much as possible. It's not too hard to do, and once it's done you can forget about it and just pay attention to your one on demand scanner.

There is currently some very good innovation in the works, but it will probably take some time before some very solid blanket protection can be had with a minimum of applications. Until then, you will need to run several applications to get decent protection against the widest spread of threats. I'm sure that everyone would like to be able to just get a small hand full of programs that will do as much as all of the security apps talked about on this forum, unfortunately it just doesn't work that way, at least not yet. The multitude of applications brought up may seem like "overkill" to someone that hasn't kept up with the mounting threats that have emerged this year, but you have to take into consideration that just about all of these applications are very specialized in what they do, and made by smaller businesses and even individuals. That balance between simplicity, effectivness, and cost can be difficult to achieve, but if you'll put all criticisms aside long enough to shop around and try things out, you will eventually find it. There just aren't any catch-alls.

 

Yes Notok,

I've already tried a couple of free software apps, and still come back to my usual set of free security apps because they work for me, not what is necessary what works for others.

Anyway, I might considering adding ewido to my collection when it inmproves...

 

Have you tried the exploit tests here:

https://www.wilderssecurity.com/showthread.php?t=11975

These are just some of what's out there and the list continues to grow...

Let us know how you go

 

No, because i don't wanna wreck anything due to those tests or stuff up my web browser...

 

Would using IRC (Just to chat, not to download ANYTHING from it)... downgrade a person security defenses dramatically ? ... seeing that a user can see the persons ip address or host name through their irc client and how does this differ from say visitng a whole bunch of websites... ?

 

Is an anti-trojan a 'must-need' like a software firewall or would i be alright if i have an anti-virus... i don't go to questionable websites or download from inreputable sources...

short answer needed not a long answer...
preferably a yes or no answer.

 

you should try prevx, it is free and is one of the last layers of protection in internet security, doesn't need signatures and works flawlessly

 

prevx is beta and is only for people over 18 years of age (see their terms and conditions)

 

Hmm you under 18?

 

You might be able to get by with just KAV, but yes, you need an Anti-trojan. The nastier trojans can hide from most AV.

 

Here's a short answer - READ YOUR OWN !#$£&%! THREAD!!. There have been several posts mentioning this already - if you're now going to forget or ignore previous replies then there is no point in anyone else wasting their time in posting further.

 

Fine...

 

I agree that thereare a lot of very knowledgeable posters here.
I have a lot of security programs plus everything updated including patches. Some might call it serious overkill I call it overlapping protection giving me some peace of mind.
Paranoid you mention using JAP along with Proxomitron ( which I have already ) will this significantly impair my browsing? You also mention disabling Javascript and other options. I have tried that but it meant that I could not browse properly at all. I appreciate my privacy without a doubt. At the moment with Firefox I have Java enabled and yet with so many security software and configuration changes I still have difficulty surfing the net.
An example is when two webpages are loading together they both be able to load and the error proxomitron page comes up. Another example is when one page is loading and I press on another link on another page to load it won't do so and again comes the error proxomitron page.
Privacy Vs Functionality.
However I still will try this JAP if it means that my ISP cannot see which pages I visit. And see how it goes.

 

There are two issues with JAP - availability and download speed. It is a research project so does not have the 24/365 uptime you may expect from an ISP - and there can (and have been) network problems preventing access even when JAP itself is OK. When you use any proxy, you are adding an extra potential point of failure in your Internet connection and this will make troubleshooting problems a little more time-consuming.

With page download speeds, when using JAP you are sharing limited network bandwidth. The best speed I have seen with JAP has been 30-35KB/s on large web pages during off-peak hours (large files seem to get better throughput, likely due to the connection overheads being lower) while the worst case has been 2-3KB/s (slower than dialup) during peak times. If you are used to multi-megabit broadband access then you may consider this unacceptable.

However there are (usually) multiple mixes available and checking availability and current usage via the JAP client periodically to switch to a less busy one is a good idea.

I disable everything by default - if a page does not work, I have a quick peek at the HTML to see if the problem is Java or Javascript related and allow it for that site if needed. The main security problem seems to be links to third party sites triggering scripting exploits - so disabling active content by default avoids this. Creating a filter in Proxomitron to disable content for such external links should be possible (although tricky given the number of techniques available for spawning popups) and should suffice in most cases - but beware of links in spam emails (I had one purpoting to be an order invoice, the link included went to a page that tried an MS-ITS exploit - the domain registrar acted responsibly however and shut the domain down within a hour).

You may however find disabling Javascript with your browser a more usable option since this will set the <noscript> flag used by many web pages to check for (and provide) a fallback if Javascript is not available - this is a browser setting so cannot be handled by external filters like Proxomitron.

That sounds like you have something limiting the number of simultaneous network connections. Your firewall's logs may provide more detail here (was anything blocked?). If the firewall has connection limits (I understand that Look'n'Stop for example has a limit of 100 connections if stateful inspection is enabled) then this may be the cause since using a local proxy will double the number of connections needed to load a web page (browser to proxy - proxy to website) and JAP will add a couple more (it only needs 2 external connections). In such a case, shutting down other programs (like P2P) or using another firewall may be necessary.

I would also advise that you install the OpenSSL libraries to allow Proxomitron to filter HTTPS content as detailed in The dangers of HTTPS.

There are other options, but JAP does seem the best compromise between usability and security for now.

 

Are you using filters with Proxomitron? Such as Kye-U's filters found here:

https://www.wilderssecurity.com/showthread.php?t=11975&page=4

See postnumber 79

Hope this helps...

Cheers

 

I think that a firewall (software or hardware) is the most important security application, a person can have. I tried surfing without a firewall for a few minutes then someone FTPed a trojan with an inbuilt FTP program in windows xp... i had to reformat...

I think that a persons security levels are way better if they have a firewall...

List of must have: Firewall and AV with a browser other then IE and it's third party shells... combined with pretty good security practices is maybe the most minimal security setup... there is for pretty good protection.

I think the forum posters with high amount of posts on this forum have "overkill" security set-ups, after all this IS a security forum. Many people around the world, only know of an antivirus and firewall and havn't really heard of any other programs like anti trojan and IDS... so the posters have other not 'must-have' security applications... and doesn't that mean... programs that you don't need...

I thought it is good to only have the programs you USE... not the ones you MAY need or rarely use, or don't need...

Even though they are security applications, who would want to have a bunch of security programs which are not needed especially when it comes to the time to update the software or update the definitions...

 

You DID read that link I posted earlier in this thread, right? All of it?

 

One night a burglar found a house with a simple lock and picked it. He was in very fast, got him a bag full of goodies and walked out very quietly with a wallet full of credit cards, $200 cash, etc.

The same burglar found another house the next night. It was a better lock, but still, he managed to pick it and he was in. As soon as he stepped into the living area a siren went off and a man rushes into the living room, sees the burglar just as he pulls a long knife - and blows him away with his shotgun.

Now, most people just have locks. Some good, some better than others. But most people rely on solid locks to keep the bad guys out. However, there are a few who go over and beyond because their security means a lot to them. They have a motion detector inside to scan the front area in case someone makes it through the lock. If the siren goes off, some burglars are unfortunate enough that the homeowner not only scans for motion, but has another layer of security (the shotgun) to kill it dead.

It all depends on how important whatever kind of security is to you. I don't rely solely on solid doors and quality locks.

John
Luv2BSecure

.

 

Notok: Yes, I THINK I have read what you have wrote... but maybe I just asked the same question again... whoops... looks like I'm running out of questions on this topic... (Am I SECURE enough)

Luv2bsecure: That is more like it... an answer in real-life terms... even though I think I know what am doing... Being simplfied makes it more simple to understand...

I think i'll choose the minimal, basic "lock" instead of a high-tech lock with the security devices inside...

 

At the end of the day it's up to you what level of security you desire. Even though you have not taken away much from the knowledge posted on this thread many others will and that is what matters.
To Paranoid I have a Dial Up Modem. Which may mean using JAP becomes unusable. However I am willing to give it a go to see what it is like. What I'm thinking of is switching between using JAP and just using Proxomitron. Is there an easy way of switching between using JAP and not using it without having to change the port number on Proxomitron every time?

TIA

 

I'm back... 5 months later for the update. And I registered for those who didn't notice
Note: My first post on Wilders Security Forums

Squash's Security Setup
(DEFINITIVE)​

General

Operating System: Windows XP Home Edition SP2 (The CD is ordered). I run as a limited account for everyday use (But I still have the "safe mode" in-built administrator account and a "Owner" account for when i need to install programs). Automatic updates is going to be on when I install SP2. Windows File Protection is ON.
Anti-Virus: AVG AntiVirus 7.0 with latest updates
Firewall: Kerio Firewall 4.1.2
Anti Trojan: Ewido 3 with latest updates
Anti Spyware: Ad-Aware SE Personal with lastest updates, SpywareBlaster and SpywareGuard with latest updates for prevention
Web Browser: Mozilla Firefox 1.0.1 (with Adblock Extension and 4KB Adblock filter) Default and Primary Web browser also configured to deny referrers and deny Third party cookies
Hosts files: A 1MB Hosts file
IDS: Process Guard, Prevx Home with all updates, Abtrusion Protector (Protects install directory, registry and boot protection) and Kerio Firewall's in-built IDS
Registry Protect: Prevx Home, Abtrusion Protector and Limited XP account (can't write to most of registry with that alone)
Other: Eraser (Gutman 35 pass), Auto Start Viewer (from DiamondCS), Hijack This!, Rootkit Revealer, Safe XP, Regseeker (Registry Cleaner).
Backup: System Restore is on for all drives and the whole computer is imaged/backuped.

Tweaking

Tweaked services.msc, deleted some services left only TCP/IP... Also used various GRC.COM utilities like DCOMBulator etc. and others such as HTASTOP. I turned off Windows Scripting Host (.vb, .vbs) with Symantec's Noscript.exe. And I did all the things mentioned in http://www.markusjansson.net/exp.html from Notok's signature.

Programs

I also hardly ever use any Microsoft products except for Windows Media Player, I've replaced with others instead like open source and freeware ones and I rarely use - if ever Internet Explorer...

Alternative OS

I used Linux before coming back to Windows, only because of hardware compatbility issues, but I am still going to use Linux though only as LiveCD for OpenOffice.org (don't want to download) and for going to websites like online shopping etc. I have Fedora CDs (install only) and Ubuntu (install and live CD) I choose to use Ubuntu Live CD.

Services

Turned off unncessary services with services.msc, Am careful before downloading anything (don't download from inreputable sites), Uninstalled some services and left TCP/IP only (I uninstall NETBIOS/Netbuei) Turned off Windows Scripting Host and check Task manager to see if there are any more processes then the normal

ISP

Am I dial-up so IP Address changes randomly each dial-up
This is a Home computer not a server. So I shut down all the server things.

Physical security

All accounts (including safe mode admin account) are all passworded with a combination of letters of numbers. and I BIOS passworded the computer.

I also keep all my sensitive files on a flash USB not on the hard disk.

Computer Knowledge

And last but not last, I absolutely know what I am doing. I am not a computer newbie, nor am I intermediate. I consider myself to upper-intermediate.

Conclusion

Nothing is secure, but this is fairly adequete for a home computer. And best of all, it all works for me

 

Good to see you back with us, and you now have a nice setup, well done.

Do you still use SpywareBlaster for prevention?

Cheers

 

Thanks Blackspear

Yes I use SpywareBlaster for prevention, too. I'll edit the previous post and put that in. Unfortunately I had to uninstall regprot, as every time i login as limited user (primary account) it keeps on alerting me and i press yes for everything, after i log out and login or reboot and starts alerting me again. Maybe it is because the limited account doesn't allow write access to registry. So I'll just use the registry protect setting in Abtrusion Protector for now, until DiamondCS fixes the problem or there is something better.

 

Frankly given the setup you have (abtrusion protector,prevx etc), regprot is far more limited to be worth running and is probably redudant anyway.

Your setup is reasonable, though I would personally add MSAS to beef up adware detection capabilities, and a backup AV on demand scanner (or online scanner) or two wont hurt.

 

Thanks for replying upper-intermediate. About Microsoft AntiSpyware, it is currently in free beta and I don't know if it will be free when the final version comes out. And I think my adware prevention capabilities are adequete as I use Mozilla Firefox (blocks like all ActiveX spyware and effectively all, if i'm not stupid enough to click install on every XPI i see) and with that alone I don't get any spyware but I have Lavasoft Ad-Aware and Spyware Blaster for prevention just in case. Spyware should be the lesser of my worries.

All these security resident things is already bogging down this computer, but I rather sacriface a little of usability for more security.

Regarding a second on-demand scanner, that is redundant in a way, because I once I setup a security setup and programs I rarely add anymore software. I always use the usual Irfanview, Notetab, 7-Zip, Mozilla Firefox, TV tuner app, RealPlayer and Windows Media Player and thats basically the software on this computer apart from all the security apps. AVG fulfils my requirements, I do not want to go into the burden of having another program to update. So far I have AVG, Ad-aware, Ewido, PrevX to update. Unless someone convinces me other whise, an on-demand scanner is a waste of effort. Some may agree whilst some may not.