Please Critique my Security Setup.

Discussion in 'other security issues & news' started by eniqmah, Oct 17, 2006.

Thread Status:
Not open for further replies.
  1. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Hello,
    I was on a determined path to redo my security set up. Now that it is finished, I would like your opinions. Please keep the following in mind:
    1. This set up is aimed to maximize security while minimizing resource usage for 2 reasons: a. It is on a company laptop. and b. I do trial a lot of software.
    2. Please provide suggestions for improvements and reasons for doing so.
    3. I am aiming to have the fastest boot time with the most secured set up. My current boot time is 2 minutes total w/ ~40 processes running @ ~500MB Ram.

    Here it goes:

    * Programs running on start up (On access scan):
    1. McAfee Virus scan enterprise v. 8.0i + Antispyware module.
    2. Zonealarm Pro
    3. SuperAntiSpyware Free edition.
    4. System Safety Monitor Free edition. (Not the most current version)

    * On demand Scanners:
    1. Spyware doctor. Most current version.
    2. Spysweeper. Most current version.
    3. Ewido Free version.
    4. F-Secure Blacklight. (Rootkit Scanner)
    5. Zonealarm Pro Antispyware
    * FireFox. No Script/ AI Roboform
    * Hardened Windows.
    * Acronis True Image.

    Again, please keep in mind the objective: fastest boot time w/ most secure setup. I do believe this set up to be very secure, but the boot time is horrible. It has been suggested that if I use NOD32 and a lighter firewall, the boot time will improve. It has also been suggested that using an on-access spyware scanner like SuperAntiSpyware while running the McAfee Enterprise with the Antispyware module installed is overlapping. This is the type of suggestions I am looking for.
    Thanks for your inputs.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    isnt the free version of SAS only on-demand?

    anyways id remove one or two antispyware apps. no two scanners find the same things, but you do have a bit of overkill.
     
  3. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Thank you WSFuser. I can always count on your expertise. I will have to look @ the free SAS. It has been known to block things on acess though, I can verify that. I've been playing with the on-access protection of Spysweeper and Spyware doctor. They are the top rated wares, but they throlttle the CPU from time to time, which I think is annoying. Users have complained about this, but the manufacturer-suggested solution ( turn off the rootkit shield) does not solve this problem in my case. This is why I dont want to run either of these on start up.
    I think the ZoneAlarm spyware module will be uninstalled, even though I am convinced that it provides excellent deep inspection scanning. Hope this will help ZAP load faster. Like wise, if SAS does not provide real time protection, it will have to go.
     
  4. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Well, you are secure software wise. But I believe you are suffering from on line overlap and two many similar software tools in general.

    I had Spyware Doctor and Spy Sweeper, very similar and solid products. You don't need both. I had both of them and let Spyware Doctor (SD) go it takes a bit more resource that (SS). I suspect if you uninstall SD as your only step you system will boot faster.

    I have ZA pro but it's AMW scanner is poor so just turn it off and leave it off unless and until it ranks higher.

    What about a router? It is a primary tool in giving security... you didn't mention it?

    My guideline has been a router, a software firewall, AntiVirus Active, AntiMalare active, and then on demand 1 more Antivius and 1 more AntiMalware scanner.

    Plus a rootkit hunter and a tighened browser, I also advocate a website advisor to help with safe surfing.

    And last but not least back up back up backup
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    when your license(s) to Spysweeper and Spyware doctor expire, id suggest u try the professional version of superantispyware. it provides good protection, meanwhile it wont slowdown your computer.
     
  6. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Thanks for your reply Escalader,
    At work, I am behind a corporate Firewall. At home, I am behind an excellent router that is properly configured, I think. There's always an element of uncertainty with wireless networks, so I still only access my home banking through ethernet. As for security programs, in reference to your thought about having both Spyware doctor and Spysweeper, I guess the essential question that it boils down to is this: given that I can turn off all the services that these software install (via services.msc) until I actually use them, does it really make a difference how many I have? To clarify, if I dont use any particular software and I disable all services that said software installs on my machine until I need to use such software, does my system still suffers a performance hit? Thanks for your thoughts.
     
  7. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Well, I'm not advocating any particular tool such as superantispyware since I haven't used it. Before doing that I would need to research it's dection rate, it's removal performance and how it does on new malware via heuristics. As well, I would need some reason to switch tools and I haven't got such a reason.

    Opinions are not = reasons.

    I don't really want to go in and micro manage services as you suggest, but that is just my opinion. The point I tried to make was I found that SpySweeper was virtually identical to Spyware Doctor on secuity BUT SS takes less resource when running than SD. So if they are = in security why pay for both?

    One point you made worryied me. You said you could turn on and off SD and SS. That is a bad idea since both have an active security features to protect you while on line. So maybe I'm making an unwarranted assumption here that you have been running without one or the other online at all times? Either SD or SS should be active ALL the time but never both. Believe me I know and it is not a good idea.

    It is your call in the end. When I worked full time I found it best to have similar software to the company. It made life easier when opening files from the office to work at home and the learning at work could move to the home front thus freeing up more time for real life!

    On Wireless security, I suggest you look up my earlier posts on this forum and read the reply posts from experts there, secure passwords are critical for the router among other issues. Wi_FI is not my area of expertise but others here will chime in as usual in forums like this.

    I hope this helps you.
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,693
    Hello,
    Looks fairly ok. You got Firefox, Acronis, solid firewall, nothing more is needed.
    On-demand scanners do not hurt, so you can have as many as you please.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.