Is possible: Free security setup - without antivirus

Seriously,like I said,for 2 years,no issues.


You dont need a ton of software to protect yourself online,regardless of what some and maybe yourself believes to be true.

 

It is certainly possible and sometimes even recommended.

The SUA + AppLocker/SPR + Windows Firewall combination recommended here is already pretty powerful. Throw in Sandboxie, EMET and browser-hardening, and you're all set. If nothing can run without your consent, then nothing can infect you. Adding even a external HIPS would probably be an overkill.

All features in the list are core Windows security utilities, SUA being your Standard User Account. AppLocker and SRP can be used when the user has a Business (Professional etc.) or Ultimate versions of Windows, through the Group Policy settings in Control Panel. Windows Firewall can work two-way if you so desire, and it is in fact one of the most powerful ones at the moment (who could have believed that in the XP days?). EMET is a small Microsoft program which can be added freely to any modern Windows version. Sandboxie can be used freely, though I recommend the paid version with lifetime license for the Forced Programs feature.

The SUA vs. Protected Admin has some good discussion in several threads, if you have problems going with standard account.

 

A security package based that doesn't use an AV is not only possible, they're some of the most secure packages that you can build for Windows. These are based on default-deny. In its simplest form, it's a whitelist of the allowed applications on your PC, enforced by system policy, Windows built in tools, or 3rd party HIPS. Only the whitelisted applications can run. All others are blocked. When compared to default-permit based AVs, these packages are extremely light and have almost no performance impact on your PC. More comprehensive versions of default-deny can include specifying what other processes (applications or system executables) each allowed process can run (parent-child settings or dependencies). Default-deny can be applied to internet access and web content as well.

I've used default-deny enforced by a classic HIPS, a rule based firewall, and web content filtering for nearly 6 years now, with no problems of any kind. Configuring such a package does require some knowledge from the user for specifying what processes and parent-child settings should be allowed. The whitelist will also require maintenance when the system or software gets updated.

 

i haven't used a real-time AV for almost 2 years now but i still like to scan the odd downloads with Hitman or Virustotal.

 

just a clasical hips will do the job as it covers the whole system ofcourse if you know how to manage a hips program if you do you are cover

 

Please tell me:
1) How to set up and how to use Malware Defender?

2) Which of the security combinations you think would be better:
a) Avast! Free + Sandboxie Pro + Windows XP SP3 Firewall (Roauter Firewal = WPA2-PSK) + Malware Defender
or
b) Avast! Free + Sandboxie Pro + Windows XP SP3 Firewall (Roauter Firewal = WPA2-PSK) + Shadow Defender

 

Sandboxie + KeyScrambler Personal.

 

Sandboxie & Privatefirewall
and if on-demand scans with MBAM and HitmanPro find a problem, use Macrium Reflect or some other system image program

 

i will say sandboxie and mbam pro
and about MD just run it in learning mode for the whole day and white list all your legit software then go back to normal mode then learn how to deal with the allow/denny alerts,this is the simple way to learn day by day

 

Q1 Yes, on a non online banking setup, surfing and email only
Q2 Not sure there, why omit an AV? For me that would be the 3rd item I have

1) Router properly configured
2) Image Backup system for C partition and for data partitions
3) One of the top 5 AV's from AV Comparatives, real time scanning on!
4) Top flite browser

 

Take a look to my signature and remove Webroot SecureAnywhere

 

1.) uhh, if you don't know how to play with softwares (especially HIPS they're all most likely the same) then I don't recommend you using HIPS at all, the prompts are too complicated. (a sample of a complicated HIPS prompt no clear conclusion here for the right answer... I just give up and just pick a lucky yes or no and we ended the discussion)

2.) wow you have paid softwares! lol. A or B both are nice.

if you plan to use Malware Defender I suggest you only use the Network protection module to filter outbound traffic. (like a semi-firewall)

 

Copy the file to another partition and gw icon and protection is gone

 

Could you be more specific,but in the new thread opened by me?
Here https://www.wilderssecurity.com/showthread.php?t=308176
I don't wanna hijack this thread.Thank you.

 

Do I understand right if I assume that OP wants to add security to his setup, which already has a paid AV? It would be good to specify this as to prevent people recommending whole, new setups.

 

Thank you.

 

OK! Thank you.

 

and seriously since you have paid sandboxie that alone is excellent security for me

just experiment and play with your sandboxie's settings it is very customizable...

you can create as many sandboxes as you want.

force each one program on each one of sandboxes.
have another sandbox for testing apps.
have another sandbox to forced drive letters from A:\ B:\, D:\ to Z:\

 

I'm using sandboxing + execution control security combination. On winxp I used SBIE + SSM, now on Win 7 I use SBIE + MD. I think that this combination is much stronger than AV. In my opinion installing additional AV to this setup, dosn't add much to overall security.

 

your wellcome

 

Does MD function on x64 architecture?

 

Assuming we aren't counting the cost of Windows Ultimate? Sure. But it depends on the user.

If all you do is browser the web you can run IE9 in protected mode and full security "scaled up" no problem. No AV necessary, hell no anything necessary.

 

No it does not

I disagree. You still need a security setup configured.

 

Thanks

 

For what? Max IE9 settings blocks downloads and it's sandboxed and running in protected mode.

Socially engineered malware can get through, but application reputation will block something like 98% of it.

It's all about the user. If the user is able to browser safely and understand what reputation means, IE9 max protection is enough. If they aren't, yeah, add some other stuff.