I haven't changed a thing!

.....sometimes you wonder why! ...like why this crypt 32 error comes and goes. As you can see, I change snapshots.

 

Based on the OP question, does 3 weeks count.

 

A bit off topic... but I turned off the Update Root Certificates component and the crypt32 error went away. I think that component conflicts with having Windows auto-updating turned off, i.e, the component tries to connect but can't find the server because I won't let Windows update automatically.

 

For some of us, 3 weeks is an eternity, don't you agree?

 

I am getting a little stuck up these days. I havenot changed a stuff since last two months. But only the day before yesterday I replaced RSS 2011 with WTF and Immunet Pro. Vipre is there for a long time.

 

Please tell me what WTF is?
I'm sure it isn't what I think it is...

 

I bet it stands for... Wondershare Time Freeze

 

@Page42, lolzz ...
@atomomega, you are right...

 

Haven't changed setup for like 2 months also, only removed CTM because it caused some serious problems

 

i have been growing my beard for a while and installing and uninstalling AVG and DrWeb but nothing more.

 

Using Microsoft Security Essentials since its first beta release on June/2009.

 

I've been running Immunet plus for a while now paired with geswall. I'm extremely happy with Immunet and the attention the developers are giving it, consistent updates.
EDIT: 34 days! new record. haha

 

been using avast for almost a year and i like it. i do however run many test systems for general messing around with and i have them also set up since i own a computer repair shop and im always swapping stuff around on those. but for me personally and at home and my desks at the office they run avast for almost a year

 

KIS (each year new version) is my primary defense suite since 2006. I have never thought to replace it with something else. Now WinPatrol PLUS is another tool, which I may never replace with something else. I am using DefenseWall Personal Firewall now and will not change it until Oct 2011.

 

Ive been using LnS for awhile now. Its one of those basic firewalls that offer a very light HIPS, application filtering, protocol filtering, and SPI. Ive also used PrevX SOL for about 2-3 months. Just switched to Dr.Web AV and plan on sticking with that.

 

Well i am getting to the same point as everyone here. I am getting tired about changing security software every few weeks just to see how it works. Currently i have Avast 5 Free/PCTools FW Plus 6 and Immunet Protect free installed.

But i am thinking of ditching IP Free because those times a virus or malware tried to get on my system since i installed IP Free it got caught by Avast. So i am no longer convinced that IP Free is of use to me.

PCTools FW Plus is a good free firewall in my opinion, but in the past few weeks i have been reading up on OA Free here on Wilders and i think it would be a great combination with Avast 5 Free. So i already downloaded it, ones installed i am sticking with those two.

 

I got rid of ThreatFire like 3 weeks ago... that was the last change... although I installed Secunia PSI on all my boxes yesterday but that's merely for software monitoring purposes...

 

Ok OA is of, it does not seem to play well with a game i have installed. Even though i made the game trusted software, OA kept crashing the game. (Damn)

So it is going to be Avast 5 Free and PC Tools FW Plus.

 

For now, I am using Privatefirewall 7 with Avast! 5 Free and do not find any conflicts. It is free as well. When I keep a setup for a few months, will try to remember to post in this thrad.

Gary

 

I also used to change a lot in the beginning because since i was new i liked to test. now that i've tested almost everything i can (Look i said everything i can not every single app there )
I've settled with a stable and IMO very good setup

 

It's fun (and a relief) not to change all the time.
Letting a select group of trusted programs do their job...
day in and day out...
creates a steadiness that can be as addictive as constant change.

 

I see this thread has been resurrected recently! I posted when it started and then forgot about it because I left on a trip soon after.

I mentioned that I had not changed my security in five years, and someone asked if I used Process Guard, so I'll respond that I do not, but I almost did, which brings back memories.

In Win9x days, I used no security product, not even a firewall. The group of people I associated with (in person and online) were a rather self-sufficient bunch, stressing the need to understand what it is you are protecting against, and taking appropriate steps, which, in those days, meant locking down ports and employing policies and procedures regarding what you downloaded. That was about it.

Everyone trusted most everyone - remember Shareware/Freeware sites? No one worried about getting hit if you checked out the author of the software and asked around for user comments.

Along came Windows 2K and the scene changed dramatically due to something called "Services." Now the door was open to nasty things if you didn't insure that your ports were closed -- not always an easy task, depending on what a particular application did with respect to Services. Thus, the Sasser and Blaster worms had a heyday. Time for a firewall.

Next came the proliferation of remote code execution exploits, early ones being the ANI (animated cursor) and WMF (Windows Meta File) exploits, where a file was used to exploit a vulnerability in either a browser, as in the case of ANI and IE browser, or an application, as in the case of WMF and image viewers. In both cases, the payload was a binary executable file. Soon we saw the emergence of anti-execution products, which were not talked about much at all in security circles. The main reason was that the prominence of the AV industry dominated most security discussions so that anything other than blacklisting was considered to be out in the fringes of the security world.

Jumping ahead to today's scene: nothing has changed. ANI and WMF have given over to PDF, FLASH, JAVA. These will soon pass and new threats will emerge, causing havoc with the same types of binary payloads and no one will have learned any lessons from the past.

I found an article discussing some early anti-execution products, so I tried them and didn't care for them -- some had weaknesses or conflicts with other applications. It became evident that the most secure protection would be gotten from a Default-Deny product.

Then came two very interesting products: Process Guard (PG) from DiamondCS, and FreezeX from Faronics. PG had a forum here at that time, and it didn't take very long for me to lose interest, since

1) It wasn't Default-Deny, therefore not useful in the average home environment

2) It caused headaches trying to configure it -- dealing with rundll32.exe caused the most grief.

FreezeX was undergoing a complete revision, including a name change to Anti-Executable. I tested it thoroughly and ended up recommending it for home users, not only for robust protection against remote code execution, but also as a means of controlling what kids in a family could download/install.

So, I had:

Firewall
AE

Now, the constant deluge of articles warning about the dangers of the internet prompted some of us to investigate to see what was really going on. A friend and I did quite a bit of testing with random surfing, and never encountered any drive-by exploits. Why not, we asked? In examining the exploits that were analyzed by security researchers, we discovered that most were triggered by javascript and plug-ins which were controlled by the browser, Opera in our case. The security setup became:

Firewall
AE
Opera as a security product! (Actually, any browser can be made secure)

Talk of Script exploits (not javascript, which is controlled by the browser) became quite fashionable. Script blocking products were created. We found this quite silly, since for a script exploit to work,

1) a malicious script would have to get onto the computer

2) the user would have to click-to-open.

Classic example: the Love.vbs worm which came as an email attachment.

I decided that I could handle these types of exploits with sound user policies and procedures, no security product necessary.

Soon thereafter, I heard about Deep Freeze (DF) where I worked at the time, and was very impressed. I didn't consider it to be a security product for the home user in the strictest sense, because

1) a second partition is required to store data

2) DF doesn't prevent malware from installing, it just removes it on reboot.

Nonetheless, I saw its value in maintaining the System partition (which includes the Registry) in pristine condition, and when I rebuilt my system in 2005, it has stayed clean as a whistle ever since. (It's a great answer for the all-in-the-rage latest threat, the evercookie -- or whatever it's called). So, my setup became

Firewall
AE
Opera
DF

and that's the way it's been since 2005.

I became curious again about the much-feared drive-by download, so I enabled plug-ins in Opera, and I've even surfed with unpatched IE6 on low setting, and still never encountered a drive-by download. When Google's poisoned searches (SEO) were all the rage, I would spend an hour or more just searching randomly for any thing that came to mind, and I never encountered a redirect to a malware site. A friend also tested in the same way, and encountered nothing.

Were we just lucky, or was there something else going on?

I poked around the hijack forums and learned, for example, (from those who would 'fess up) that PDF exploits were encountered via email,and links to a site where the user was enticed to download/open a PDF file. One was even on a Porn site, I was told. Not drive-by downloads, but trickery.

A significant number of infections came from files downloaded via P2P, and from Porn, crack, keygen sites, and those offering pirated software. A tech person at Faronics explained to me how the malware authors rig the installer to call a bat file that installs a trojan disquised as one of the application files. If these are changed on a frequent basis, they get by a AV scanner.

Then a few security researchers began to talk about "social engineering" as a significant cause of malware infections. One prominent one is Marco from Prevx, who wrote in 2008:

The goal of anti-malware products
http://www.prevx.com/blog/109/The-goal-of-antimalware-products.html
December 16th, 2008
Posted by: Marco Giuliani

Most recently, the Microsoft Security Intelligence Report:

The Microsoft Security Intelligence Report (SIR)
TOP FINDS
http://www.microsoft.com/security/sir/default.aspx

That bolsters my contention that I am not in much danger at all from the feared drive-by exploit, nor the many other strange and exotic vulnerabilities that surface in the media from time to time. In looking at the BLADE-defender malware database all this year, the URLs are strange indeed, and I've not figured out how in the world I would ever encounter one of these in my daily work!

The more I look at what is warned against in the security media regarding the remote code execution exploits, as far as it affects me, I think it's a case of the Emperor has no clothes. At least that's the way it seems from where I'm sitting.

The tried and true method of employing sound, secure user policies and procedures is the most important part of my security strategy, and is why I've not found the need to change anything else in five years.

Happy, Safe Surfing to all!

rich

 

Nice post & history of your online surfing precautions etc

It's funny that when some of us have specifically gone looking to try and get infected numbers of times over the years, we never have been

But millions of others out there who don't actually go looking, do get infected, and sometimes often, and again & again

Based on my experiences up to now, i believe i could surf 24/7/365 anywhere without AV, or even AntiExe etc. I've found that locking down my browser & comp are the most important things to do. Everything else is either a bonus just in case, or icing on the cake.

 

Been using Panda Cloud Antivirus for a couple of weeks. So far so good. I always seem to come back to this program after I have been shopping around. Maybe Avast Free 5 is the next stop and then back to ....

 

I enjoyed reading your post, Rich, thanks.