Most secure PC setup

Discussion in 'other software & services' started by strongsword, Oct 19, 2011.

Thread Status:
Not open for further replies.
  1. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    What would the most secure PC setup look like?
     
  2. Martijn2

    Martijn2 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    321
    Location:
    The Netherlands
    One not connected to the internet :D (that one was easy). Hmm.. what would be the most secure PC setup, that is very difficult to answer if I may say. I would say a OS on which you can't manually install something and/or a very basic/barebone OS with only the most essential programs needed. The more programs installed, the higher the chance that one of them can be exploited.
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    It looks like what these guys have: security setup
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    An exokernel and nothing but an exokernel.

    You're going to have to be more specific. A windows PC that doesn't have an ethernet cable/ wifi card is plenty secure.
     
  5. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Impossible to know is that question. Clouded is the answer. Let go of your feelings, and then know will you that too many variables there are.

    Yod... erm, I mean Sul.
     
  6. guest

    guest Guest

    One that is definitely turned off by being completely destroyed, internally and externally.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's a fairly loaded question haha

    what is security? Being able to access your files and system while maintaining their privacy and security? There's certainly more to it than that. And even that alone is very complex. Files can be stored off of a computers hard drive now so suddenly we need an internet connection.

    This is why there's no single security setup.
     
  8. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    the most secure pc is the one not connect to the internet + turned off + placed in a safe


    anyway pretty secure computer the one that Have Bios and Firmware writing protection + ReadOnly harddrive for Operating system mmmmmm

    Lots of security products
     
  9. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    LOL, That should keep him busy with nearly twenty thousand replies.
     
  10. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    And after finishing that the question is still unanswered :)
     
  11. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    Ok can I re-iterate?

    What is the most secure PC setup that will allow you to use the internet.

    Before my setup was.

    Internet --> Dynamic IP address --> modem --> Sonic Wall router TZ210 WIRED w/ Cat6 cables --> PCs --> Comodo Firewall --> Bitdefender AV --> PC virtualization/VMware --> Sandboxie --> Comodo Dragon or latest Firefox release --> PC fully encrypted with TrueCrypt

    Can I add on anything to the above?

    *EDIT* I also forgot to mention that I use TOR
     
    Last edited: Oct 20, 2011
  12. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Linux?
     
  13. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Lynx browser.

    Really this is a silly thread without need to know what your priorities/configuration is/are. For example Truecrypt is useless at protecting active drives. VMware is pointless if you store all your data on there.
    Factor in there is more than one way to achieve most security goals (e.g. our laptops are locked down with group policy and limited user accounts and drive permissions that sandboxing is 99% useless).

    We would need to know what do you with your machine, where your willing to accept compromises in usability for security, what exactly you need securing.

    And finally one thing that SO many people on here do not do, that is test that your setup actually is secure. I see loads of people use "recommended" configurations and applications without actually knowing if there security configuration works. All it takes is one easy to hack password, one misconfigurated (is that an actual word ?) app and your whole wall of security comes tumbling down.
    Your configuration is ONLY secure when you know it has successfully been tested or attacked without compromise or else you are just running on blind faith... (all it takes is a bit of human error)...

    Cheers, Nick
     
    Last edited: Oct 20, 2011
  14. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    I use my PC for work.

    I am an online daytrader and poker player.

    The point of Truecrypt is to protect your drive in case it gets stolen. Why would it matter whether the drive is active or inactive?

    As long as I can play poker on Pokerstars and use Questrade to trade stocks, that is all I want from the machine.

    MOST people do not have friends or associates that hack or test their machines, therefore I would have to pay a professional hacker to do that to see how effective my setup is. I will consider it. I make enough money.
     
  15. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    I would like to add that I have never had any virus problems through a web browser when I have my hardware firewall/av and software firewall/av setup.

    It just has never happened, I've tested this by going to many virus infected sites, porn sites, and downloading many infected files.
     
  16. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    I was just trying to work out what your security goal for using Truecrypt is :)

    Along with the info about what you use the machine for, people will be able to help you out better.

    With a bit of knowledge you can do your own testing, e.g. does app X get blocked by firewall, can app Y install unknown addon. Yes its not as substantial as paying for pen-testing, but with help of the community and knowledge on the internet you can go a long way to knowing how well protected your system actually is.
     
  17. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    I looked into Lynx Browser and I will definitely try it out later, but it seems a little excessive.

    But yes, my main concern is being able to work properly. My average work day is 12-16 hours long on the internet, 6 days a week.
     
  18. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Hehe was just a bit of a joke ;). Its a text only browser, 99.999% sure you can't do online poker with it in a usable manner.

    Cheers, Nick :)
     
  19. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    Nonetheless it sounds like a good idea.
     
  20. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    Instead of a router I may use a Dell XPS 9100 with OpenBDS installed, how does that sound?

    Corporations all over the world have been known to use OpenBDS as their hardware firewall when under attack.
     
  21. gambla

    gambla Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    161
    Location:
    Frankfurt, Germany
    What i would recommend to the average User and assuming a correct configuration:

    -NAT Router
    -LAN (no WLAN)
    -Win 7 64bit, UAC, LUA, MET, Firewall on default deny inbound/outbound
    -sign. based Antivirus, e.g. Avira, Avast etc.
    -behaviour based product, e.g. Threatfire
    -HIPS, eg. OA free
    -Firefox (or others) with addon "NoScript" and in Sandboxie
    -System Virtualisation, e.g. Returnil (?) etc.
    -Images on extern. harddrive (not connected)

    I'm pretty sure that this is a very secure setup.
     
  22. wat0114

    wat0114 Guest

    @strongsword,

    you don't even mention your O/S. That said, you don't need to go overboard, as it appears you already have, applying tons of 3rd party security products to secure your machine. Depending on the O/S, ideally a Pro or Ultimate version of Windows, you can, imho, achieve way above average security by using what's already available in the O/S, and perhaps one 3rd party app to augment it. This way you achieve robust security without introducing potentially numerous bugs and other stability resucing issues brought about by all that additional software. Far less chance of something interfering at the wrong time during an important online trading transaction ;)
     
  23. strongsword

    strongsword Registered Member

    Joined:
    Oct 16, 2011
    Posts:
    36
    I'm currently using Windows 7
     
  24. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,248
    Location:
    Chaotic Land
    Well said wat. I agree with this. :thumb: No sense in bogging your system down with lots of 3rd party security and increasing your attack surface with it.
     
  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    No PC in the first place :ninja:.
     
Loading...
Thread Status:
Not open for further replies.