Please critique my setup and recommend more

Discussion in 'other security issues & news' started by subferno, Dec 25, 2006.

Thread Status:
Not open for further replies.
  1. subferno

    subferno Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    87
    AntiVirus: Kaspersky 6 with ProActive Defense
    Firewall: Outpost 4
    Router: Linksys Wireless Router

    Other (Active):
    BOClean
    Outpost AntiSpyware
    SnoopFree

    Other (Scanners-all free):
    A-Squared
    AVG AntiSpyware
    Spybot
    Spyware Blaster
    Super AntiSpyware

    I would like to know if there are any particular area that I am lacking. Or if any other available software out there that will merge the functionality of the above softwares into a nice single program.

    My system isn't connected to any networks but it is connected to the internet all the time.

    Thanks for the suggestions.
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Personally, I tend to view setups such as a router/top general AV (e.g. KAV)/good firewall (Outpost used as a straight on firewall)/and some active backup (e.g. BOClean) as plenty of coverage with a level of backup to boot.

    Blue
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i think u have more than plenty, particularly with the antispyware apps.
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Drop SnoopFree(KAV PDM covers keylogging) and Outpost Antispyware.
     
  5. subferno

    subferno Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    87
    Are there any other real time active protection programs that I may need?

    Thanks

    The reason why I am asking for advises is that I want to lock down my system for security. My other choice would be switching to Linux but I am too deeply rooted in Windows to do so.
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    If you want, try any of the sandbox HIPS.
     
  7. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    KAV6 w/Proactive Defense and BOClean?
    I'd feel comfortable relying on those two real-time.
     
  8. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    To subferno: Looks good but I think its over kill, I personally would keep the router, BO clean, the Antivirus, too bad you didnt have a HIPS on your system from the very begining, something to restore your system in case your set up has already been compromised....in your case could you really know....:D
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I agree!

    Again :thumb:
     
  10. como212

    como212 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    18
    i think it's too much it's enough to use:
    router
    kav
    outpost firewall
    BOCLEAN
    superantispyware.
     
  11. subferno

    subferno Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    87
    I wanted to try out those sandbox type programs but working in a "temporary" environment is too confusing for me. I am afraid I may wipe some important document away in that sandbox area.
     
  12. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    on the basic level they really arent that complex
    http://www.sandboxie.com

    install

    RClick tray icon > Run sandboxed >

    1. Internet Explorer
    2. Default Browser
    3. Email Reader

    Rclick > Contents of sandbox > Recover files

    or

    VMware Workstation Beta (get it while you can)

    a little time spent here with learning and configuring
    and you have cut the most common day to day attack vectors out of the equation entirely (especially if your doing IM with say meebo) trash your junk email, scan the hell out of what you keep, virtual inspection of increasingly dangerous docs, pdfs again toss the trash and scan the important stuff. Your confounding as far as I know 100% of the current crop of malware.

    these tools are really too powerful to ignore. They do require some learning, behavior modification, powerful enough hardware to number crunch smoothly and a new level of diligence to avoid the pitfall you describe, but the return on that investment currently makes you ten foot tall and bulletproof :D

    other than that Id point out that your security lineup is strong if possibly redundant in places (especially if you wack down the attack vectors at a lower level or virtualize), and that by trying to consolidate into a single suite means youd be consolidating into a potential single point failure
    there is real value in security keeping an eye on security, a single suite is easier to subvert than multiple applications

    you could also extend the Depth of your defense to better determine if a subversion does occur
     
    Last edited: Jan 6, 2007
  13. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    that of course assumes that the third thing approved to run with the HIPS wasnt a kernel mode rootkitted malware loaded application :D

    I love HIPS but they are as fallible as you are
    and misplaced trust is their Achilles heel
     
  14. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Yeah then I guess you blame yourself for allowing it to run in the 1st place. Start clean stay clean......
     
  15. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    It's going payware once it gets out of beta? Is that it?


    Sure, but if you want it to run, you click 'yes' on the prompt. Choosing what to run is the same having HIPS or not. If something runs without you knowledge, and prompt appears, then it's useful. IMO
     
  16. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    alternate strategy
    run everything, log everything, watch what happens
    (virtually or on a dedicated box)
    then you know if that useful ap with a questionable pedigree is really a threat

    workstation normally is paidware
    thats a Beta under test that will eventually be the next full workstation ($189)
    Player & Server are free

     
    Last edited: Jan 6, 2007
  17. pipester

    pipester Guest

    I agree with the Tester, KAV 6 and BOClean are more than sufficient.
     
Loading...
Thread Status:
Not open for further replies.