Please Advise On Setup

Discussion in 'other anti-malware software' started by Tu123, Dec 26, 2008.

Thread Status:
Not open for further replies.
  1. Tu123

    Tu123 Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    13
    I recently purchased a new Vista SP1 laptop and am looking for the lighest and most secure setup. Based on what ive read I have currently decided on:

    AV:Norton 2009
    Firewall: LooknStop 2.06
    HIPS/Sandbox: Defensewall 2.45
    Backup: Drive Snapshot (Drive Snap frontend)
    Browser: Firefox 3.05 (Adblock, NoScript, SpywareBlaster)

    Both UAC and Windows Defender have been disabled. Is there anything i need to add to this?
     
    Last edited: Dec 26, 2008
  2. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Honestly no. You might get some differing opinions as far as which HIPS, firewall, or AV is better, but those are opinions. Your choices are great and you're pretty well covered.
     
  3. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    I find UAC one of the best features of Vista, specifically having been very effective against rootkits. As for the rest it seems a well balanced security configuration.
     
  4. Tu123

    Tu123 Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    13
    I also have an old FD-ISR 3.31.233 licence from before it was crippled and rebranded as FD-ISR Rescue which ill also add as a replacement to the windows built in system restore.

    Thanks for your opinions, i only asked as ive seen many members using loads of on-demand scanners, sandboxing software, HIPS,virtualisation software etc etc and just wondered if that was all necessary or if simply using a few carefully selected apps would be just as effective.

    Also Osaban, correct me if im wrong, but wouldn't Defensewall make UAC redundant if you run unknown exectables as untrusted? If not, i may consider turning it back on.
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    I suppose it goes down to tolerance levels, and when UAC pops up (IMO not so often) it shows how the OS (Vista) has its own very basic inner HIPS giving you a warning about what goes through the system. It works, in one situation where they were testing rootkits detection with some programs, they had to turn off UAC because NONE of them would install. I'm sure Defensewall is enough, but considering that Vista has been built having UAC as its main security feature, and if it's not physically bothering you, why turn it off? I don't really need it either, but considering I don't have any HIPS, I like its alerts.
     
  6. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    If you wanted total peace of mind I suggest not owning a computer.

    As for UAC, it becomes annoying over time and users tend to just click yes to every single one, completely defeating the point.

    If you have NIS09, you can try Norton's UAC, or User Access Control, designed to replace Vista's UAC.
     
  7. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    So that's the way to go: Turn off Windows UAC and turn on Norton's UAC. NIS 2009 might have improved over the years, but to replace some Windows features outright claiming Norton can do better I think it is really far fetched. Given Norton's overall record I still would trust Windows, IMO.
     
  8. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    Was that from personal experience or peer influence?

    Anyways, it sounds like he has NAV09, so he will have to wait until NAV support is added ...
     
  9. Tu123

    Tu123 Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    13
    I decided to leave UAC turned off as it really serves no purpose for me and the alert just gets irritating. Also found LooknStop to be too difficult to use and so ive decided to replace that. My final setup:

    AV:NAV 2009
    Firewall: Outpost Pro 2009
    HIPS/Sandbox: Defensewall 2.45
    Browser: Firefox (with Adblock Plus, NoScript, Spyware Blaster)
    Backup: FD-ISR 3.31.233 and Drive Snapshot (with Drive Snap frontend)

    Still runs lightning fast and should be pretty solid.
     
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    No experience with NAV2009 but hear good things about it.
    I tried and like Outpost Pro 2009. (prefer LnS myself)
    DefenseWall is an excellent app with top notch support.
    Firefox is safer then IE (Opera here,personal preferance)
    and descent back up.
    Looks pretty solid to me :D
     
  11. Tu123

    Tu123 Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    13
    LoneWolf, i really would like to try to get to grips with LnS and use it on my old XP desktop which is currently behind a router with windows firewall enabled and EqSecure 3.41 and Avira Free installed.

    Is there a guide or tutorial available for internet filtering rule creation in LnS? So far, im using the enhanced ruleset and have imported rules for msn messenger and folder sharing that was available on the website. I need rules for limewire, utorrent and a few other apps. Can you help me find or create these rules?

    Many thanks. Also why do you use both Defensewall and SandboxIE? Im guessing you only use sandboxIE on demand right? Because i would have thought defensewall in conjunction with malware defender would be pretty bulletproof?
     
  12. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    I use LnS with the enhanced ruleset in advanced mode, which works well for me. Sorry I've no experiance with creating rules for LnS but if you have not already tried, I would try posting in the Look'n'Stop section of this forum. You might just get some good advice there.
    Also try here.....
    http://www.mntolympus.org/phpbb2/viewforum.php?f=24
    Might be what your looking for.

    Yes, Sandboxie on demand. For when I know I'm going to the dark side.
    They all work well together, but normally it's Look'n'Stop, DefenseWall and Malware Defender as my active security protection, which so far has worked well.
     
  13. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    lonewolfe trust me on this one with only defensewall and malware defender is more than enough even going to the darkest side of the net:thumb: no sandboxie needed
    note:sandboxie also is very good:thumb:
     
  14. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    You may be right that it's not needed with MD + DW, but they are all bought and paid for, work well together, so why not.
     
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    :thumb:
    i guez so it makes sense to mee;)
     
  16. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,785
    are you guys sure that he needs sandboxie with his set up? i think he is tied up perfectly well.
    agnitum had a very good offer for Christmas and you can check it .it is a lifetime of either the suite or just the firewall. but in case you still need advice
    good luck anyway
     
  17. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Never said the OP needed sandboxie.
    jmonge was referring to me.
    I believe I said..........
     
  18. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Hips are great but they do not protect from malicious scripts XSS and other browser junk..That is why they are better off kept in a "box"
     
  19. Max Zorin

    Max Zorin Former Poster

    Joined:
    Nov 3, 2008
    Posts:
    103
    Your setup is fine, but if I were you, i would be using UAC and Defender.

    UAC has ben shown to stop 80% of rootkits dead in their tracks & Defender imposes almost no overhead - so why not use it!

    Just my opinion though....

    MZ
     
Loading...
Thread Status:
Not open for further replies.