Hardening Tools Please Help!!!!!!!

Discussion in 'other anti-malware software' started by SPEEDY6128, Feb 7, 2006.

Thread Status:
Not open for further replies.
  1. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Hi there tech dudes, :)

    I'd be most gratefull for any help here guys as i'am abit confused o_O on what to do. The security setup i have in place is because I use bittorent and some of the community based apps such as "Gouper" and "IM Radio" also the odd IM Messasing. Plus the feeling of being quite secure is quite comforting :) . First, i'd better mention my current security setup for you guys.

    WINDOWS XP PRO SP2 + LASTEST UPDATES
    DLINK HARDWARE FIREWALL

    IN REAL TIME
    ---------------------
    AD-MUNCHER
    AD-AWARE
    NOD32
    ONLINE ARMOUR
    OUTPOST FIREWALL PRO
    PEERGUARDIAN
    GHOSTSURF
    EMAIL PRIVACY SMPT
    ID BLASTER
    PHISHGUARD
    PROCESS GUARD
    REGDEFEND
    SPAMIHILATOR + ALL PLUGINS
    TROJAN HUNTER
    UNHACKME
    SITEADVISOR - FIREFOX
    WORMGUARD
    SCRIPT DEFENDER



    NOT IN REALTIME
    ---------------------------
    A2 SQUARED - ON DEMAND
    BAZOOKA SCANNER - ON DEMAND
    EULALYZER - ON DEMAND
    EWIDO - ONDEMAND
    F-PROT - ON DEMAND
    SPYWARE BLASTER
    SPYWARE DOCTOR - ON DEMAND
    SPYBOT SEARCH AND DESTROY - ON DEMAND
    PORT EXPLORER
    NEO TRACE
    SECURITY TASK MANAGER
    WINDOW WASHER
    FOLDER LOCK

    + COMMON SENSE :blink:

    All of the above work happily together, and took alot testing/trying/researching to achieve this, apart from the common sense bit. But now that i've got that out the way. My problem is that to do with hardening tools. I currently have these tools that i'am wanting to install.

    SECURE IT
    HARDEN IT
    SAFE XP
    WINDOWS WORMS DOOR CLEANER
    BUGOFF
    PIVX PREMPT

    IE-SPYAD
    SUPER TRICK XG

    Q1. Should i install both IE-SPYAD and SUPER TRICK XG together, or do they both do/cover the same/sites ?

    Q2. Does IE-SPYAD add its list of sites to the hosts file or the registry ?

    Q3. Out of the other top six harding tools that i mention, What combination of those six mentioned tools do you reccomend i install together, which of them if any would overlap each over ? Providing I have set "Safe XP" with "reccomended settings" and all the other tools more or less everything set for full protect.

    Q4. Those that you recommend/should be, installed together. In which order would you install them ?

    Q5. On a fresh reinstall/format of my computer do you recommend installing all harding tools after reinstallation of all applications antivirus,firewall,online armour etc. Or at the begining just after reinstallation of SP2, Windows updates, Drivers. ?

    And Q6. Would there be any point installing "Black ICE IDS" alongside my current setup, or is "Online Armour" considered to be a "IDS" software as well?

    I hope you expert guys can help me figure all this out. I've tried all the harding tools on there own apart from HARDING IT for a couple of days each to see if theres any conflicting problems, so far no problems. But having many of them installed together maybe another story, hopefully this is where you guys can help me out. Also if theres any other harding tools that you can think off that i could add to my security fortress i'd be most gratefull. Oh and i dont mind paying for Pivx's Prempt if its worth having along side the other harding tools.

    Many thanks in advance guys, and if it were'nt mostly for you lot, the security setup that you see upon you would be non existent.

    All the best

    :) :) :) :) :) :) :) :) :
     
    Last edited: Feb 10, 2006
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    1. supertrick xg is a bit dated for a HOSTS file try this one.

    2. the registry; it adds sites to IE's restricted site list.

    3 + 4 im not sure which ones overlap but the ones i use are bugoff, wwdc, harden-it, secure-it, and samurai; i usually install them in alphabetical order as i never thought much of overlap.

    5 on a fresh installation of windows xp i install software in the following order:

    hardware drivers except ethernet
    autopatcher xp
    hardening tools
    resident security
    ethernet drivers
    everything else

    6. you already have outpost pro and a hardware firewall, so theres little point in having blackice.
     
  3. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    if ur rele considering it, i recommend u just trial and see how it goes. i personally would just stick to outpost pro however.
     
  5. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I would hold out on PreEmpt, it seems they may be going out of business. This may not be the case, but I'm sure you don't want to pay money to find out they did. Supertrick was great, but hasn't been updated for years.. which is really too bad.
     
  6. GUI_Tex

    GUI_Tex Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    189
    whoah.. did you pay for all those?
     
  7. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    I have trialed it, and there seems to be no conflicts what so ever. But i'am not excatly sure on what benefits it could give me in addition to me already having Outpost Pro. Going off what those two links say, they make it sound of though BlackICE has something to offer in addition to having another software firewall. Dont suppose WSFuser you could point out exaclty what id benefit from using this alongside my Outpost. Or what it is that there trying to claim it can offer in addition ?
     
    Last edited: Feb 8, 2006
  8. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Sure did GUI Tex mate. Cost me a BOMB!!!:eek: :eek: :eek:
     
  9. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Thought I'd just mention for maybe for the benefits of others. Some other security tools/apps ive just added to me security setup.

    MVPS HOST - (thanks to WSFuser's, cheers mate) - Freeware
    F-Secure BlackLight Rootkit Scanner - Freeware
    Rootkit Revealer - Freeware
    Snoopfree - Freeware
    LockNote - Freeware
    Secure It - Freeware
    Harden It -Freeware
    Windows Door Cleaner - Freeware
    Bug Off
    IE-Spyad - Freeware

    Still considering Safe-XP, Prempt o_O o_O

    Oh and BlackICE
     
  10. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    well the first link says that blackice is an IDS and not a "classic packet filtering firewall". i dont know if it has application control or it works with programs like games or p2p but it wont matter if u dont use them. it also some experts use blackice along a 3rd party firewall and just turn off BI's firewall component.
     
  11. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Thanks for that WSFuser. It does have a application protection feature in it, but i just disable that as i already have Online Armour covering that. I dont think theres anyway of disabling the firewall in it as well. Isnt there any standalone apps out there that you know of WSFuser, that have a IDS system ? Anyway, in case you'd like to know, i've just recieved a email from there Techincal cusomer support, and this is what they had to say on the matter.

    Dear Customer,

    I will be glad to assist you. There shouldn't be a problem having 2 firewalls running at the same time. A more secured computer to protect you from intruders. BlackICE provides a firewall, an Intrusion Detection System and Application Protection. The IDS scrutinizes all incoming data packets for malicious content and stops any that are potentially harmful. It does not block pop-up ads or stop cookies from being placed on your system. It also does not currently have antivirus capabilities.



    A hardware or software firewall can be seen as an armed guard outside your front door. This Guard turns away all ne'er-do-wells before they get to the front door and closes certain doors to everyone (BlackICE's firewall). But, should a villain disguised as a friend make it past the Guard and through the door, the metal detector (BlackICE's Intrusion Detection System) will catch him.



    The Application Protection feature will stop any unauthorized program from running without your consent. It does this by taking a baseline of your system when you first install it and alerting you whenever a program or application it does not recognize tries to run. You can choose to trust an application when BlackICE alerts you to it and the application protection feature is fully configurable in a number of ways. Because of this new feature it is very important to run a virus scan with the most recent definitions prior to installing BlackICE in order to avoid inadvertently trusting a trojan.


    Please be aware that our software does not include an antivirus. It is a firewall and an Intrusion Detection System designed to report and stop hackers and unsolicited traffic. We recommend you run an antivirus program in conjunction with our software.


    Please feel free to contact us at Support-L1@networkice.com if you have any further questions. Thank you for considering BlackICE to defend your computer.

    Emmm, still underdecided in regards to BlackICE o_O o_O
     
  12. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    hey!!!! WSFuser, just discovered that Outpost Pro has a IDS system as well. Tells you here, http://www.agnitum.com/products/outpost/features.php

    Now that, thats sorted. I suppose that only leaves one question. If configured right, is there any benefits wat so ever of having just two software firewalls installed alongside each other, as like Blackice customer support mentioned, it being more secure to have two. I also remember when SP2's firewall was introduced, that from reading from a few respectable PC websites, that they reccomeded to leave SP2's firewall on alongside another third party firewall.

    whats your take on this WSFuser mate ??
     
  13. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Heres one of the links to where it states this, its from a CNET article, with Fred Felmen from ZoneLabs stating it, scroll down to the subheading "No more Internet worms? Read the fine print"

    http://reviews.cnet.com/4520-3513_7-5324906.html
     
  14. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i (along side firewall developers like ZA) would not recommend that u leave the windows firewall on simultaneously with a 3rd party personal firewall. its likely to cause conflicts. blackice is different however, as u can solely use its IDS features. like u discovered outpost does have IDS like features (via a plugin) but im sure that blackice is a bit more comprehensive.

    edit: do u know how to get the latest blackice trial/download? the links on the site dont work.
     
  15. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    This one works for me, let me know if it doesnt and ill see if i can find u another. If/when you get to test it, id be gratefull if you could give us your verdit on it compared to the ids in outpost, thanks.

    http://www.iss.net/issEn/DLC/blackiceevaluation.jhtml
     
  16. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
  17. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  18. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Hey WSFuser, found something that might interest you , its alot better than MVPS HOST. It's called "Hosts Manager" from bluetack the same people who make "Protowall". It enables you to manage/auto download the lastest block list from bluetack and merge it into your host file as well as nurermous other things. I compared the file size of the MVPS Host file to that of Bluetack's host.

    MVPS = 407kb

    BLUETACK = 1.66mb
     
  19. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
  20. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    You do realize you have a MASSIVE array of applications?
    I would cut down a bit, rather than add.
    Mrk
     
  21. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Why you say that Mrkvonic o_O None of them really overlap each other, and they all work nicely together on my setup. I like dedicated apps to do there jobs. And apps that have been recommended by the tech community members and PC websites and my own personal testing. I always aim to strike a balance between protecting myself as much as possible while achieving there to be no overlap, while all being able to get along nicely with each other, depending on you situation of course. I thought thats what the point of it all was ??. I dont see anything wrong with what i have installed, my computers powerfull enough to be up for the task, and i still get the freedom to do what I like on it. It's people who I see that have multiple apps that do the same job that puzzles me, e.g Prevx,Online Armour,Safe n Sec etc etc, now thats what i call having overlap.


    IN REAL TIME
    ---------------------
    AD-MUNCHER -----------------------------------POPUPS
    AD-AWARE ------------------------------------ SPYWARE/ADWARE
    NOD32 ---------------------------------------- VIRUSES
    ONLINE ARMOUR -------------------------------- HIPS
    OUTPOST FIREWALL PRO ------------------------ FIREWALL
    PEERGUARDIAN --------------------------------- P2P FIREWALL
    GHOSTSURF ------------------------------------ IRC/SURF PRIVACY
    EMAIL PRIVACY SMPT --------------------------- EMAIL SEND ANONYMOUS
    ID BLASTER -------------------------------------ID BLASTER
    PHISHGUARD ----------------------------------- PHRISHING/PHARMING PROTECION
    PROCESS GUARD --------------------------------PROCESS PROTECTION
    REGDEFEND ------------------------------------ REG PROTECTION
    SPAMIHILATOR + ALL PLUGINS -------------------SPAM PROTECTION
    TROJAN HUNTER --------------------------------TROJAN PROTECTION
    UNHACKME -------------------------------------ROOTKIT PROTECTION
    SITEADVISOR - FIREFOX ------------------------WEBSITE ADVISOR
    WORMGUARD -----------------------------------WORM/SCRIPT PROTECTION
    SCRIPT DEFENDER ------------------------------ SCRIPT PROTECION
    PIVX PREMPT -----------------------------------AUTO UPDATE/PATCHER/HARDING TOOL - Decided to buy this yesterday.



    Even though some of the above are good at other things i.e NOD32 for trojans. I still like dedicated apps to focus on what they do best. As for the other stuff i've mentioned, it kinda speaks for its self. As most of the ondemand scanners are free. And like all the tech dudes in here say its always good to have a second opinion. And as for harding tools that i've mentioned, you ask any security conscious dude, and they'll recommend using them.
     
    Last edited: Feb 9, 2006
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    Online Armor, PG and RegDefend overlap a lot.
    You don't need Ad-Watch if you run any of the above.
    WormGuard and ScriptDefender are surplus if you run OA, PG or RD.
    You don't need UnhackMe, because PG protects at kernel level, as wells as OA, RD.
    You can dispense with Ad-Muncher, Phishing, Privacy and similar software and replace them with simple extensions for Firefox, or at worst, combine them in a single powerful tool called Proxomitron.
    And finally, Pivx is useless.
    Mrk
     
  23. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    SPEEDY certainly came to the right place . People in here PREACH paranoia !!:D :D
     
  24. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i do not like the Bluetack HOSTS file. it blocks too much and its very large. i purposely chose teh MVPS HOSTS file. also i do agree with mrkvonic, some of ur programs do overlap. but since u didnt ask, i didnt say anything.
     
  25. SPEEDY6128

    SPEEDY6128 Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    101
    Mrkvonic mate,


    Yeah theres a little overlap, but usally that goes for alot of apps that exist. The idea is to disable any features that do overlap on which ever app is least suited for the task. Regdefend overlap alot ?? It only does one thing!! and thats to protect the registry. Not only that sometimes it better to have a little overlap, as to give your self that second chance of not screwing up. You mention to "dispence of Ad-Muncher, Phishing, Privacy and similar software and replace them with simple extensions for Firefox". Your having a laugh arnt you!!! You really think i hav'nt tried and looked at things like that. First off Mozilla Firefox's popupblocker is crap, secondly i cant always use mozilla and have to revert to Avant Browser. And if you can find me a Firefox extension that anonymizers IRC/IM/all browsers at a decent speed, then please tell me ? Proxomitron ?? you ever tried that ?? its a joke!! I could go on but i cant be arsed. Believe me i've spent months/years reading/testing/multi testing/tripple testing, cross referencing, back referencing, side referencing, you name it i've done it. I have a idea mate, why dont you stop using that dinosaur of a machine along with that prehistoric OS, and get something decent.

    No offense like:p
     
    Last edited: Feb 9, 2006
Loading...
Thread Status:
Not open for further replies.