Is my System Secure From Hackers

Hi,
I have recently become interested in the Security of my system. To that end I have tried to set-up my system so it's as safe /secure and still as user friendly as possible. Below is my system please could you correct me on any weaknesses I may have.
My system is partitioned with Truecrypt, I have a decoy win 7 and a hidden win 7, this is encrypted.
I have HMA Pro Secure internet Encryption.
Kaspersky Internet Suite 2012
Sandboxie
Malwarebytes Pro
Cyberscrub Privacy Suite
Firefox Add-ons
Adblock Plus
NoScrypt
BetterPrivacy
HTTSEverywhere
WOT
KeyScrambler
Very strongh passwords (26 digits)
I keep it as clean as possible also update when needed

Thanks in advance

 

looks good

 

Thanks for the quick response, You wouldn't add or change anything then?

 

Is that only digits (1234...) or combination of digits,lowercase,uppercase etc..?

 

sorry I should have made that more clear. It's a combination of uppercase lowercase and symbols numbers.

 

The only thing you're missing is the button you push under your desk...

~ Removed Off Topic Image ~

Other than that and social engineering you shouldn't have much to worry about!

 

Many Thanks can sleep well tonight now. lol

 

I suggest you use EMET.

And if you sandbox everything with Sandboxie and keep strong rules you're going to stop most everything from touching your system.

 

IMO it seems overkill.

You could add a router. If you do so, pick one that suits your needs and configure it properly. A router acts like a 'hardware firewall'.

A proper imaging setup.
Several options, e.g. Macrium Reflect, Acronis etc. use an external storage medium. If something goes wrong you have the easy option to restore a clean image. Over time the system tends to become more unstable. Restoring an image so now and then helps. And when in doubt, restore a known clean image. You won't have to worry if any infections have been cleaned properly that way.

Usually the user is the weakest link.

 

Yes, a router is a simple way to improve security. It hides the internal network, gives you additional ports for devices and usually includes WiFi. You just have to make sure you change the default passwords for accessing the router settings and turn on wireless security (or turn off the wireless if not needed).

 

Short answer no it is not. What is your protection from the 0day that will get discovered tomorrow in that program or process you use a lot. First rule of security, there is no such thing as XYZ proof. The best thing to do is mitigate the risk (which you are doing!) though always realize you can still be subject to an attack. The update you install for X can open you up to Y etc.

As for me I do most of my web surfing in a self contained virtual image on my machine that auto recovers to a default state at shutdown. (no share or copy/paste allocation with host) Through my own track record an analysis my machine 98% of all infections were coming from my browser so I locked it down and placed it in a virtual environment which has lowered my infection to almost null. The other 2% were from adobe exploits. I have since stopped using adobe software.

 

my opinion as well

 

I agree - if you're worried about viruses/hackers (what sort of hackers exactly?) to the extent you're going to use all that software, you'd be better off using Linux based virtual machines or booting from a Live CD.

As a general question - who is your main adversary - who are you trying to protect yourself from?

 

chrismc2, question, do you want and need Windows?

If the answer is yes, then you should really consider, in fact anyone reading this should also consider the same.

Now depending on what you do, this might not be as good as running Windows on the actual hard drive, if you're into high performance gaming, HD movies anything high performance multimedia related, etc...

I highly recommend Windows users to use what is called a Type 2 Hypervisor; (VirtualBox)

https://www.virtualbox.org/

If you really need Windows for gaming, movies etc, then you install VirutalBox on Windows and run Windows inside VirtualBox for all your online activities, this way if Windows in VirtualBox gets messed up, you either replace the files, that is if you backed them up, or use the Snapshot feature which will put back Windows to an original state all cleaned, when you made a Snapshot of a clean system.

If you don't really need Windows for anything high performance, then it's better to ditch it, install Linux on the computer and then run Windows inside VirtualBox in Linux.

This is called Virtualization if you've never heard this before and it's the wave of the future, being able to run multiple systems on one computer.

If you're really into all this, then there are what are called Type 1 Hypervisors that run on the actual computer to use the hardware and take advantage of it.

This is the simplest way to security and restoring a system and nothing can beat it!

 

While I dream for all OS's to follow the Qubes OS ideology, I have a few things to add. Windows is no worse than Linux if maintained correctly. Linux also has its share of baddies a user would at least need to be aware of such as kernel (root kits) and memory exploits.

Windows is user friendly to most average computer goers and it is best not to scare them away completely. I agree with Fox if you can run it inside a VM (and make restore images) you will have very little to worry about. HOWEVER that being said you can just as easily throw a simple linux VM such as Mint onto a windows OS which is very user friendly and perform all your browsing and pdf reading in that and be just as safe. It all comes down to personal preference.

If you plan to use VM’s I would suggest you keep them isolated, disable the main two potential attack vectors: shared folders with host, and shared clipboard with host. Both can be disabled within virtualbox and VMware. A potential 3rd attack layer to keep in mind is your network layer. Your VM could become comprised and while your primary OS will be safe, other computers on the LAN may not be.

Made you all paranoid yet?

 

Virtualization is nothing new, the ability to run multiple operating systems on one computer has been in practice
even before the begenning of time. These so-called modern waves of the future with virtualization are merely
renaming and using the already avaliable brilliant technology of the Ram Disk, also avaliable even before the
begenning of time.

No computerized environment is completely secure from penatration.


HKEY1952

 

No one is safe from hackers
http://arstechnica.com/tech-policy/...aks-the-inside-story-of-the-hbgary-hack.ars/3

Only defense is a Open Air Firewall i.e Pull the plug

 

There are methods for protection against 0day exploits.

Perfect security doesn't exist but you only have to be more secure than the other guy out there. Hackers are not made of time/ money - they're practical.

Running in a VirtualMachine is one way to stay secure. Exploits do happen in VMs so it's important to understand that they aren't bullet proof. You could further sandbox a VM with Sandboxie and if you have the host OS running AppLocker you'll stop remote code execution that doesn't make use of particular exploits.

Running every program you've got in Sandboxie with EMET and strong start/run/ internet restrictions is enough to break any malware out there. Is it perfect? No. But no one bothers to lock themselves down that way so attackers aren't after that crowd - there are easier ones out there.

Unless a hacker is dedicated they're not going to try very hard. If you've pissed an elite hat off, turn the computer off and take a vacation. There's really nothing you're going to do to stop them - especially on windows.

No, virtualization isn't anything new but the implementation we're seeing is. Virtualized file systems per-process is new. Very different from a virtual OS.

 

The virtual soapbox that you are preaching from exists contradiction after contradiction that will eventually
become the aftermath of an persistant gospeler.


HKEY1952

 

They hacked HBGary. What chance have the avg home user got? None

 

I'm going to need some kind of clarification here...

No clue if you're trying to talk about sandboxie or virtualization in general or what you're saying about anything really lol.

Against a direct attack from a legitimate hacker who knows how to whip up 0days on demand? No, not much.

Understand that there are self-imposed time limits on these things. If a hacker is going after my machine they're not going to say "I'll spend a week on this" unless they know for a fact there will be a big payoff.

The idea behind things like AppArmor, SELinux, and ASLR etc is to prevent 0day attacks in such a way that it forces the attacker to work within the confines provided or come up with a new playing field. These mitigations don't prevent attacks they just make them much more expensive and as users it's very easy to be much much more expensive than the other guys.

Close up your ports. Disable running services you don't need. These are the easiest ways to harden a server and the same goes for a user.

Throw down AppLocker if you're on Windows and can handle it. Use Sandboxie and EMET.

Will exploits exist in AppLocker, Sandboxie, EMET? Yes. All security can be exploited or bypassed. But it forces the attacker to spend a lot more time coming up with more and more exploits to gain control - they just won't bother.

 

The moral of this story is, anything you don’t understand is dangerous until you do understand it.
All programs are buggy
Security-relevant program has security bugs.

1. Password system failures are the biggest single problem.
2. Sequence number attacks can be used to subvert address-based authentication.
3. It is easy to spoof UDP packets.
4. ICMP packets can tear down all connections between a pair of hosts.
5. ICMP Redirect messages can subvert routing tables.
6. IP source routing can subvert address-based authentication.
7. It is easy to generate bogus RIP messages.
8. The inverse DNS tree can be used for name-spoofing.
9. The DNS cache can be contaminated to foil crosschecks.
10. Return addresses in mail aren’t reliable.
11. Sendmail is a security risk.
12. Don’t blindly execute MIME messages.
13. It is easy to wiretap telnet sessions.
14. You can subvert NTP in order to attack authentication protocols
15. Finger discloses too much information about users.
16. Don’t trust RPC’s machine name field .
17. The portmapper can call RPC services for its caller .
18. NIS can often be persuaded to give out password files .
19. It is sometimes possible to direct machines to phony NIS servers
20. It is hard to revoke NFS access
21. Firewalls can’t block attacks at higher levels of the protocol stack
22. FSP is often abused to give out files to those who should not have them
23. It is all but impossible to permit most UDP traffic through a packet filter safely
24. A tunnel can be built on top of almost any transport mechanism
25. Network monitoring tools can be very dangerous on an exposed machine
26. Hackers plant silent password grabbers
27. Logging failed logins will often capture passwords

Sometimes you don't need a 0 day at all

 

Paraphrasing

Everything that you don't know - it's safe ... until you realize it

 

There's no such thing as being secure from hackers, just varying amounts of resistance against hackers ranging from easy to break up to very tough to crack. Uncrackable, no such thing. Factor in time. What is reasonably secure today is vulnerable tomorrow.

 

To be fair HBgary had abysmal policy controls in place or did not follow established procedure. It is a shame some companies constantly put security to the back of their minds until it bites them.