Help non-expert develop system and toolchest for 2 computers...

Discussion in 'other anti-malware software' started by EscapeVelocity, Apr 1, 2010.

Thread Status:
Not open for further replies.
  1. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Hello,

    First time poster, short time lurker. Ive been reading the discussions of people here and elsewhere, Gizmo especially.

    Lord have mercy, Im trying to learn.

    I have 2 computers, one is older desktop that needs a light resource touch. Another is a lappy, that is fairly up to snuff, both running Windows XP Home SP3.

    Ive been trying to learn all the different terminology and types of protection. But its a bit overwhelming. I also have a User2 that is much more less tech savvy than I using the computers, (not calling myself a computer genius). They primarily use the Older Desktop with 2 GHz Celeron 2gb RAM, and I am testintg and trying out things ont the Fast Lappy, and will probably have 2 different setups at the end of the testing and learning (and teaching User2).

    So far I have this...

    Everything is latest release.

    Desktop

    XP Home SP3
    Admin Rights

    Linksys Hub Hardware Firewall

    Windows Firewall On

    Avira 10 Free
    WinPatrol Free - which makes User2 jumpy and agitated.
    KeyScrambler Free
    Hostman with MVPS Hosts list

    On Demand:

    SuperAntiSpyware
    CCleaner

    Macrium Reflect - Just learning to use this.

    IE8 which is basically not used, except for extremely stupid sites.

    Firefox 3.6 (AdBlock Plus, BetterPrivacy, Certificate Patrol, CS Lite, FlashBlock, Ghostery, KeyScrambler, TACO, WorldIP, LinkExtend) Trying out NoScript but it seems a bit busy and labor intensive, I might be able to live with it but User2 will definitely not. Will be teaching User2 some of this stuff.

    Opera 10 used as frequently as Firefox.

    Chrome which I havent messed with much yet, but will be getting use.



    Lappy

    XP Home SP3
    Admin Rights

    Linksys Hub Hardware Firewall

    Windows Firewall On

    Fresh install of OS on new HD.
    Avast 5 Free
    WinPatrol Free

    On Demand:

    SuperAntiSpyware
    A Squared Free
    Malware Bytes Anti Malware
    Hitman Pro
    Secunia PSI
    CCleaner


    Macrium Reflect

    Ditto Browsers

    Thinking about Partitioning and dual booting Ubuntu, as well.


    Need help, going forward.

    Suites: Kaspersky, Comodo, Online Armor
    AntiVirus: Kapersky, Vipre, Microsoft Security Essentials, AVG, Avast, Avira
    Sandboxes: Geswall, SandboxIE, Returnil, Shadow Defender
    Firewalls: PrivateFirewall, PCTools, Online Armor, Outpost, Comodo, DriveSentry
    HIPS & Behavior Blockers: Defense Wall, Spyware Terminator, Theatfire, Mabutu, Immunet, Malware Defender, WinPatrol, ProcesGuard, AppGuard, AppRanger, PrevRX
    Spyware Scanners & Removers: Spyware Blaster, Malware Bytes, SuperAntiSpyware, Hitman Pro, A Squared
    Roll Back: Time Machine, Rollback RX
    Backup and Drive Imagers: Macrium Reflect
    System Hardening & Rights Management: LUC, SRP, DEP, Drop My Rights
    Password Managers: Lastpass, Roboform, Weave
    HostsFiles: Hostman with MVPS & HPHosts, Open DNS
    Reports: HiJack This


    Yikes! Lord Help Me! Information Overload!

    Familar with AVG Free and Spybot S&D, have used those for a long time. Decided to get serious about security. Any help or suggestions appreciated.

    What should I focus on...

    Proxy servers? Backup? Virtualization Sandboxing?

    Trying to keep the Desktop super light. Lappy skies the limit, but lots of popups may be too much.
     
    Last edited: Apr 5, 2010
  2. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Re: Help Newbie develop system and toolchest for 2 computers...

    Thinking about switching Avast to the Older Desktop and Avira to the newer Lappy.

    Microsoft Outlook used on the Older Computer and Avast has email scanning.
     
  3. ratwing

    ratwing Guest

    Re: Help Newbie develop system and toolchest for 2 computers...

    Hi EscapeVelocity!!!

    And you Shall Go to The Ball!!!

    Really,you have set up your two machines pretty danged well.


    "Yikes! Lord Help Me! Information Overload!"

    Yeah,really!!
    Patience Grasshopper!!

    You are secure. 100%? I don't thank it exists.
    But you are OK,fine really.
    If you are bitten by the security bug,you will work it all out in time.
    Jump in here,ask.
    You are in the right place!!

    Just as an example of the many different,equally viable lines of advice,you may recieve,I would tend to reverse the Anti virus switch,and put Avira on the WEAKER system,and Avast! on the STRONGER.

    That based on the purely personal observation that Avira runs a little lighter.

    All respect,
    Rat
     
  4. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Last edited: Apr 1, 2010
  5. ratwing

    ratwing Guest

    EscapeVelocity:

    Yes sir,that is a pretty nice thread.
    Hang around,if you find the time!!

    ratwing.
     
  6. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks. I have a bunch of questions. Lets start here...

    What does turning off DNS with regards to the Hostsfiles do?

    Why would I want to turn that off, since OpenDNS is touted? Is OpenDNS a proxy server? I think Id like to set up a proxy server set up. Also I have a static IP, will Tor or OpenDNS or something like that give me a dynamic IP? Is a static IP something to worry about, if so why?

    What Hosts files do you recommend? Ive seen Malware Domains and BISS mentioned. Should I add those? Or is loading up the file to an unmanagable size undesireable as it slows down the system? Im dont really do P2P filesharing.
     
  7. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Im guessing that VM software isnt the way I want to go, especially on the weaker machine.

    Could I run Sandboxie, Returnil, DefenseWall, Comodo Sandbox, Geswall, semi virtualization on the weaker machine? I might run something like that on the Stronger Lappy.
     
  8. ratwing

    ratwing Guest


    The theory is that disabling DNS will mitigate any drag caused by a large host file.
    At one time I used such a Host file,and dropped it it for the protection offered by SpyWareBlaster,although I seldom used IE.(SpyWareBlaster is geared to IE)
    I still have DNS service disabled,more to save resource then anything else,and see no problem at all.

    MVPS host file is the one I used,if you want to look into it.
    I really do not see the need.

    TOR and I did not get along.
    Wiser heads may comment.
     
    Last edited by a moderator: Apr 2, 2010
  9. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    What does the DNS service in XP do? I did read that a large Hosts file with DNS on could drag the system, that is why I have the smallish MVPS file only on the Slower DeskTop, I loaded HPHosts along with MVPS on the Faster Lappy. Its much larger.

    I tested my Firewall at ShieldsUp, and all ports were hidden. I did get a Ping back though. I have a static IP. Should I be concerned?
     
  10. ratwing

    ratwing Guest


    My policy of a tightly configured Sandboxie+Returnil (but I will probably go back to ShadowDefender), disabling all unneeded services in XP sp3,and selected on demand scanners,is based as much on a need to conserve resource,as anything else.

    So you will be fine taking that tack with a weak machine.
    As far as I am concerned,that is the BEST direction.


    (VMs require you to carry both the overhead of the host,and the guest system.
    my VirtualBox running XP Sp3 works,on my 1 gig RAM system,but I have a lot disabled in services.)

    rat
     
  11. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I have always stayed with stock standard host file. Never saw the need for the specialized ones. ;)
     

    Attached Files:

  12. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Well, the Celeron Desktop is kindof slow already if I open too many programs, but I have plenty of RAM. In fact I have 2gb on the Slower Desktop and only 1gb on the Faster Lappy(which I may be upgrading but not concerned about it).

    The thing about the Slower Desktop is that I need to keep it as simple as possible...without a lot of pop ups and extra steps, or complicated understandings for User2.

    I can run fancier HIPS and Behavior Blockers and anything on the Faster Lappy, or at least try them out and play with them.

    I may have to disable WinPatrol on the Slower DeskTop. That light classical HIPS may be too much for User2.
     
  13. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Yeah, well, I dont do P2P file sharing so I dont really need specialized for those. Although I thought about messing with Miro.
     
  14. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Lets concentrate on the Slower Desktop, and a Lightish (but not necessarily ultralight) collection, with minimal User prompts.

    Both Avira and Avast are relatively fast scanners, which is good. Avast runs faster than Avira, but that could just be the difference in the machines. Avast also updates faster....and scans incoming emails with the Outlook running on there. I think it might be better on the Slower DeskTop.

    SuperAntiSpyware is running on startup. Any advantage to that with that particular program or is it just an On Demand scanner? Should I look into something else like MBAM or Spybot or Spyware Terminator, that adds some extra HIPS or something. Id like to keep Winpatrol on the Slower DeskTop, and might run something a bit more muscular on the Fast Lappy, though.
     
  15. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Having trouble with Web of Trust operating in Google Searches properly. Removed and Added LinkExtend....seems to work better.
     
  16. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    I dont think I really need Tor. OpenDNS seems like I dont really need that either. But I could use some Proxy Servers, occassionally. I see FoxyProxy is a popular FireFox Plugin.
     
  17. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Well dumbarse finally found out what OpenDNS, and what DNS means. Ha! Ha!

    That is one down. I think I will check out OpenDNS.
     
  18. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    One step at a time. Till tommorrow. Thanks and later.
     
  19. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Loaded ThreatFire running concurrently with WinPatrol. Sensitvity level set to 4 out of 5, one level higher than the default 3. Will see how it does and check out how it operates? Got to start somewhere.
     
    Last edited: Apr 2, 2010
  20. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    You should consider not running as admin for both of your systems. That alone will increase your security significantly and make most of these security applications redundant. If you want to enhance this, add a software restriction policy. Here's a pretty good explanation of LUA and SRP and what it can do for you. Using SuRun (there's a thread on this in the forum) makes a limited account on XP a lot more comfortable.

    OpenDNS is an alternative to using your ISP's nameservers or whatever nameservers you are using. There are a lot of publicly available nameservers to use, so you may want to consider using one that gives you the best performance. You can test nameservers with this little app from grc.com. Using this I found out that my ISP nameservers were the fastest of the ones I tested.
     
  21. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks Johnny for the advice and info. Ill give SuRun a look. I heard that running as admin on XP Home edition is more painful than on XP Pro, which allows you to do more via prompts to the limited account.

    Furthermore, Im not sure if that is a viable plan for User2, though, whose surfing is tamer than mine generally. Im also considering DropMyRights as a solution, but Ill have to check out how it operates, like SuRun. Lots of testing and trying out things, to do.
     
  22. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Be careful with how high you set threat fire because it can do some damage if you set it up incorrectly or answer an alert wrong.

    App's like Defensewall can be used on a slower machine. I have ran Defensewall + Threatfire + Winpatrol Free + Counterspy 4 + PC Tools Firewall Plus 6 at one time on a machine with 128 MB memory.

    I have used Microsoft Security Essentials o my faster machine but it still slowed down boot time but I could not notice it once boot was finished. The latest 2.XX version of Defenswall won't work with Microsoft Security Essentials but v3 should be able to
     
  23. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    If I'm guessing correctly, you are suggesting that LUA works differently on XP Home vs. Pro. Not at all, and it's not "painful" if you use SuRun. Now there is a major difference when it comes to the software restriction policy, because XP Home is missing the group policies editor. However, forum member Sully has developed an app called PrettyGoodSecurity which will enable SRP on Home versions. Forum member Kees has posted good info on using it.

    If User2 isn't installing/uninstalling a lot of software and mucking around with the system in general, then User2 might not even notice that the account is limited.

    SuRun makes using a LUA very convenient. Here's a good tutorial on using it and an explanation on why you shouldn't run as admin.
     
  24. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks again. Ill read the tutorial, and look into the Programs you mentioned.
     
  25. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Im having trouble adding filters to the AdBlock Plus program. Im trying to add Malware Domains.

    Question: If I run Hosts files in Hostman, is Adblock Plus redundant? Is AdBlock Plus basically a Hosts file?
     
Loading...
Thread Status:
Not open for further replies.