Please Advise On Setup

I recently purchased a new Vista SP1 laptop and am looking for the lighest and most secure setup. Based on what ive read I have currently decided on:

AV:Norton 2009
Firewall: LooknStop 2.06
HIPS/Sandbox: Defensewall 2.45
Backup: Drive Snapshot (Drive Snap frontend)
Browser: Firefox 3.05 (Adblock, NoScript, SpywareBlaster)

Both UAC and Windows Defender have been disabled. Is there anything i need to add to this?

 

Honestly no. You might get some differing opinions as far as which HIPS, firewall, or AV is better, but those are opinions. Your choices are great and you're pretty well covered.

 

I find UAC one of the best features of Vista, specifically having been very effective against rootkits. As for the rest it seems a well balanced security configuration.

 

I also have an old FD-ISR 3.31.233 licence from before it was crippled and rebranded as FD-ISR Rescue which ill also add as a replacement to the windows built in system restore.

Thanks for your opinions, i only asked as ive seen many members using loads of on-demand scanners, sandboxing software, HIPS,virtualisation software etc etc and just wondered if that was all necessary or if simply using a few carefully selected apps would be just as effective.

Also Osaban, correct me if im wrong, but wouldn't Defensewall make UAC redundant if you run unknown exectables as untrusted? If not, i may consider turning it back on.

 

I suppose it goes down to tolerance levels, and when UAC pops up (IMO not so often) it shows how the OS (Vista) has its own very basic inner HIPS giving you a warning about what goes through the system. It works, in one situation where they were testing rootkits detection with some programs, they had to turn off UAC because NONE of them would install. I'm sure Defensewall is enough, but considering that Vista has been built having UAC as its main security feature, and if it's not physically bothering you, why turn it off? I don't really need it either, but considering I don't have any HIPS, I like its alerts.

 

If you wanted total peace of mind I suggest not owning a computer.

As for UAC, it becomes annoying over time and users tend to just click yes to every single one, completely defeating the point.

If you have NIS09, you can try Norton's UAC, or User Access Control, designed to replace Vista's UAC.

 

So that's the way to go: Turn off Windows UAC and turn on Norton's UAC. NIS 2009 might have improved over the years, but to replace some Windows features outright claiming Norton can do better I think it is really far fetched. Given Norton's overall record I still would trust Windows, IMO.

 

Was that from personal experience or peer influence?

Anyways, it sounds like he has NAV09, so he will have to wait until NAV support is added ...

 

I decided to leave UAC turned off as it really serves no purpose for me and the alert just gets irritating. Also found LooknStop to be too difficult to use and so ive decided to replace that. My final setup:

AV:NAV 2009
Firewall: Outpost Pro 2009
HIPS/Sandbox: Defensewall 2.45
Browser: Firefox (with Adblock Plus, NoScript, Spyware Blaster)
Backup: FD-ISR 3.31.233 and Drive Snapshot (with Drive Snap frontend)

Still runs lightning fast and should be pretty solid.

 

No experience with NAV2009 but hear good things about it.
I tried and like Outpost Pro 2009. (prefer LnS myself)
DefenseWall is an excellent app with top notch support.
Firefox is safer then IE (Opera here,personal preferance)
and descent back up.
Looks pretty solid to me

 

LoneWolf, i really would like to try to get to grips with LnS and use it on my old XP desktop which is currently behind a router with windows firewall enabled and EqSecure 3.41 and Avira Free installed.

Is there a guide or tutorial available for internet filtering rule creation in LnS? So far, im using the enhanced ruleset and have imported rules for msn messenger and folder sharing that was available on the website. I need rules for limewire, utorrent and a few other apps. Can you help me find or create these rules?

Many thanks. Also why do you use both Defensewall and SandboxIE? Im guessing you only use sandboxIE on demand right? Because i would have thought defensewall in conjunction with malware defender would be pretty bulletproof?

 

I use LnS with the enhanced ruleset in advanced mode, which works well for me. Sorry I've no experiance with creating rules for LnS but if you have not already tried, I would try posting in the Look'n'Stop section of this forum. You might just get some good advice there.
Also try here.....
http://www.mntolympus.org/phpbb2/viewforum.php?f=24
Might be what your looking for.

Yes, Sandboxie on demand. For when I know I'm going to the dark side.
They all work well together, but normally it's Look'n'Stop, DefenseWall and Malware Defender as my active security protection, which so far has worked well.

 

lonewolfe trust me on this one with only defensewall and malware defender is more than enough even going to the darkest side of the net no sandboxie needed
note:sandboxie also is very good

 

You may be right that it's not needed with MD + DW, but they are all bought and paid for, work well together, so why not.

 

i guez so it makes sense to mee

 

are you guys sure that he needs sandboxie with his set up? i think he is tied up perfectly well.
agnitum had a very good offer for Christmas and you can check it .it is a lifetime of either the suite or just the firewall. but in case you still need advice
good luck anyway

 

Never said the OP needed sandboxie.
jmonge was referring to me.
I believe I said..........

 

Hips are great but they do not protect from malicious scripts XSS and other browser junk..That is why they are better off kept in a "box"

 

Your setup is fine, but if I were you, i would be using UAC and Defender.

UAC has ben shown to stop 80% of rootkits dead in their tracks & Defender imposes almost no overhead - so why not use it!

Just my opinion though....

MZ