New to security want to build a secure system

Hi folks,

New to security, was something I always felt I needed and tried a bit but I was never really secure or anonymous.

I am using win7
McAfee security
I have truecrypt, a few containers which I may run P2P/torrent from

Macfee has a feature called shred which I use.

After reading these forums I have started experimenting with sandbox and VM Virtual Box, is there a preference to these, haven't tried Virtual Box yet as i am downloading win8 to test with.

Also I think I will use a VPN in the near future.

Can you folks help me become more secure and anonymous

 

Hi

Welcome to Wilders. My motto when it comes to security is to keep it simple. Nonetheless, you should also have a layered security comprised of non overlapping elements. My suggestion is my signature when it comes to Windows. Currently I'm using: Private Firewall, Avast Free Antivirus 7, and Bufferzone 4. I can tell you that my system is very responsive, fast, and secure.

Thanks.

 

Given that you're keeping your torrent files in Truecrypt containers, I'm guessing that you want them to stay private. If that's the case, downloading them privately and anonymously would also be wise. So using VPNs is probably the first improvement to make. Have you looked at -http://www.youhavedownloaded.com/ ? BolehVPN and Mullvad are good one-hop torrent-focused VPNs.

 

Hi Cogito,
I gather BufferZone is the same principles as Sandboxie as in working in a protected environment from your operating system?

Mirirmir, thanks for the VPN suggestion, I was looking through the really looong thread on that topic for a few days now and I am mostly decided on BolehVPN.

But if I use VitrualBox to isolate my main o/s and even put that on a truecrypt container that should protect my main o/s from wondering files and windows habit of recording info everywhere.

 

Yes! If in doubt, compartmentalize See -http://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29

 

Many thanks for the reply Jackreacher, sorry I haven't posted back sooner to say this but have got caught up reading your links which lead onto more links. I have enhanced my knowlwdge quite a bit. Thank you

So going to give my PC a complete security revamp.

I am now down to a choice betwen Airvpn and BolehVPN. I am from the UK were our privacy is being eroded everyday, so I want to avoid interferacne form the UK in chossing my VPN. Am I right in saying that AirVPN is from the EU and the EU is possible even worse than the UK with regards to peoples privacy. This is my reason for BolethVPN. Any feedback on this

I think I will use VirtualBox to run a seperate o/s enviroment to keep my pc protected, and place this in a truecrypt container. This will ensure I am protected from downlaoding malicous code, also will keep my main PC clean and hide my surfing tracks. Can Virtualbox make use of snapshots as in return O/s to previous state or is that for Sandboxing only?? Also what type of anti virus would you install in Virtual box for win7 as you know I use McAfee but is that too bloated for VM

McAfee is this a good firewall, antivirus program or do you think big boys such as these record your activites as well..

Is there anything else I need to secure my PC. As i said I am from the UK and don't like whats happening with respect to privacy but that said I will be using the connection for P2P/torrent activites I like to explore the net and differnet peoples view points but I don't want to be labelled or put in a box cause thats not me

 

BolethVPN is an excellent choice as a fast, one-hop VPN. Malaysia seems to be a very low-profile and independent country.

If you do that, make sure to mount the Truecrypt container before starting VirtualBox. Otherwise, it will complain about not finding VM files stored there.

Yes. But be careful, and make sure that you understand how VirtualBox.uses snapshots, because it's possible to break VMs by flailing about.

McAfee is probably OK as Windows anti-malware. I just use MS Essentials, because it's much lighter. Linux VMs don't need anti-malware. Adding a hardware router/firewall and putting your modem in bridge mode would be wise. OpenWRT can be flashed on some routers, and pfSense runs on low-end PCs (but needs two NICs).

 

Good point I only use Windows machines for work, and don't mix work and play But I have used ClamAv on Linux, and it seems to work well.

 

Just like the last guy I told, I'll say the same thing...


https://www.wilderssecurity.com/showpost.php?p=2047121&postcount=28

 

I'm new to this as well so this is more of a question not advice... Wouldn't Full Disk Encryption be the best option all around? I understand compartmentalization but why expose yourself at all if you don't have to?

 

It's not just about what someone might find through physical examination of your computer. Malware could compromise your private information. For example, Anonymous managed to compromise many users of child-porn sites hosted as Tor hidden services. They planted malware which posed as a crucial Tor security update. When installed, the malware waited until users shut down Tor, and then reported the users' true IP addresses to the attacker.

 

Very good point...I was thinking too single-mindedly.