Is this overkill?

Discussion in 'other security issues & news' started by entropism, Apr 27, 2008.

Thread Status:
Not open for further replies.
  1. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    331
    OK, so I've been on a security kick lately, and frankly, I think I've been overdoing things. Maybe you guys can shed some light and share some ideas...

    Right now, I'm on Vista x64, running:

    Comodo 3, with Defense+ active
    Avira 8, no web scanner
    SuperAntiSpyware pro
    A-Squared antimalware for the behavior based HIPS (got that free 1 year license a while back)
    Winpatrol
    SpywareBlaster (protecting the host file and immunizing, obviously not running in the background)

    This is all behind a router with the DD-WRT firmware, SPI/NAT turned on, wireless turned off, default IP changed, and password protected correctly (no backdoor admin defaults).

    The system runs WELL, I have to say. I don't feel like I'm slowed down at all, surfing is quick, games run well, etc. I might surf to some "dangerous" areas, and I run bittorrent to get backups for old CDs/DVDs that are scratched to all hell, but so far, I haven't found anything malicious in a few years.

    I'm thinking about ditching Comodo and Defense+ and just using the Vista FW, but lack of outbound control has me worried, to say the least. Any thoughts on the matter?
     
    Last edited: Apr 27, 2008
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    You could just shut-off the D+ module and keep the firewall running. I can't answer your question of over-kill, but it is curious that YOU worry it's over-kill. If it ain't broke....
     
  3. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    Well Imo is definetly overkill ,but i reply for tellying u about Sphinx addon (the free version)which can be used along vista firewall with advanced security,for outbound protection.It's simple uses minimal resources.
     
  4. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    331
    Why *I* think it's overkill? Basically, I'm getting annoyed with having to approve every slight change through Comodo. Want to download a file in firefox? Comodo asks if it can be created. Using Utorrent? Comodo asks if it can create THAT file. Frankly, it's a bit tedious, and I'm thinking a behavior blocker (or something I can set up once and forget) would be better for me. I have no problems tweaking things to perfection and spending some time making sure everything is set up correctly, I just don't want to have to do it over every time I install something.
     
  5. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Live & learn. It's better to start with too much and wean as you learn, than too start with too little and learn the hard way. The OP does think it's over-kill too....
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    How often do you get infected ? when was the last time you were infected ?
    Do you use system images allowing you to restore within minutes ?

    You will find users here with every kind of security known to man who will swear that they could not survive on line for more than a few milliseconds without all of the programs that they use and that they have ideas as to new programs that they need. You will also find others who run with little or no recognised protection and yet others who deep down know that they don't need all of the programs but get a kick out of playing with programs.

    Just decide which kind of user you want to be - a bit like which football team you want to support - and then you can do as you like.
     
  7. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    331
    Well, I started reading up on this stuff a few years ago, finally installing a firewall (I believe it was Kerio 2.15), switching from Norton to NOD32, etc, etc. Went from Outpost Pro to kaspersky 7, and now I'm looking for more of a free solution. Superantispyware is a lifetime license, A-Squared is a free year's license (till March), Avira was a free 6 month license (till October), etc. So I'm just looking to be economical AND safe, while getting as much performance from my computer as possible.

    OH, yeah... Also have Acronis TI running in the background as well.
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    There are altenative behavior blockers with less noise so to speak, you may want to take a look at threatfire which has a very good free version or even defensewall,Not free but offer a trial.As far as overkill my opinion says yes.
     
  9. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    331
    I have Acronis making an incremental backup every 3 days, and as for infection? Outside of spyware, I don't remember being infected by a virus at ALL. I think the last time was YEARS back, when Kazaa/Bittorrent was the rage and "trying out" programs was my norm. I'm older, I'm wiser, and that crap is in the past.

    Edit: Djohn, I'd love to use either, but they're not available for Vista x64. When Threatfire hits for my OS, I'll be dropping A-Squared. Mainly because A-Squared requires you to run as an admin account, and I'm not a fan of that.
     
  10. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ok, I clearly missed seeing you are running 64 my bad sorry.
     
  11. wat0114

    wat0114 Guest

    Then you could easily shed the last three products, for example, and still be heavily fortified.
     
  12. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    You know you can work with wildcards when you creating rules in D+, this (see screeny) is my "desktop" rule (on XP system where I store utorent files), ComodoFP is great software but it needs some time for configuration...

    sample.png
     
  13. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I agree,In turn free up some resources and still have protection:thumb:
     
  14. gud4u

    gud4u Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    206
    I agree with djohn, for basics:
    - Good Firewall +HIPS
    - Good real-time AV
    - Good real-time AS

    I don't agree with your automatic scheduling of incremental backups. In my opinion, the system should be rigorously inspected for problems prior to backups. If either a system software problem or infection goes unnoticed, automatically scheduled backups will simply automatically backup the problems. If you restore the backup - you'll restore the problems.

    Hope this helps!
     
  15. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
Thread Status:
Not open for further replies.