In real time only, what measures do you have in place to secure your PC? Not a poll of what particular products are used, only what type. Multiple answers are permitted.
You just read my post here didn't you? Well to me, it's the combination of: - A real-time AV. - An OD scanner. - Windows built-in firewall. - My router firewall. - Some OS tweaks (like disabling autorun, UAC, DEP, SEHOP, etc). - My web browser + a script blocker + a secure DNS filter. Simple, to the point, easy to maintain.
I am currently running an AV. Firewall with HIPS. My firefox browser runs sandboxed. Using a standard user account.
Router+Windows Firewall + UAC MAX+Sandboxie, and when the going gets really tough (e.g. third party flash drives) + Shadow Defender.
Router + AV for now, sometimes I skip the AV and use an AE and some other tools instead. Always images also of course..
I don't consider a clean image as a proactive protection. More into "if you're screwed" type of solution. Restoring an image every single month doesn't sound like a good idea IMO, though I agree that it's important to have at least one.
- NoScript - Firewall - Alternative OS: Linux Mint - Sphinx firewall control for Windows - on demand scanners for Windows
- Firewall/Router - Firewall/Software - Firewall/Hardware - HIPS/Classical,Policy Based - OS Built In Protection/(Example) - UAC, EMET
XP FW router + Windows FW - SBIE 4 - ExploitShield - EMET 4 - DropMyRights - Norton DNS 7 64 bit - FW router + Windows FW - SUA - UAC max - EMET - Exploitshield - IL low with Icacls + CHML - trick 1806 + Deny Elevation (TH Kees) - Norton DNS
Router w/SPI XP FW Comodo FW/D+ Sandboxie realtime - Removable drives/USB ports forced VirtualBox - "heavy" virtualization OS hardening - Default Deny SRP, Local/Group Policy edits, folder permissions/LUA, disabled services, and tons more ... good poll idea
The way I do it, I have what I call a "base image" of Win 7, with all updates current. If something gets hosed or messed up, or if I just want to build a new clean setup, I just restore the base image, and rebuild from there, adding the apps I want, etc. Data is on a separate partition also, and I link to that. I update the base image periodically. So this way, there is still some work involved (installing apps), but it cuts down significantly on the time it takes to have a clean new system again. I don't think of it as "proactive" either. Just survival tactics..
Router Winodws Firewall Baidu Antivirus No other real time potection and I'm running a admin account with UAC disabled. + occasional manual scans with MBAM
Everything should be obvious from my signature, except maybe Anti-Executable/Execution control and Sandbox. I believe Avast's Behaviour Shield and Emsisoft Mamutu counts as Execution control. As for sandbox, Chrome comes with one and I use VirtualBox.
[Disclaimer: the following is not expert opinion.] I feel like I should object to that word "proactive," since it looks like it can mean anything in this context. IMO the key word, as someone (Lucy?) pointed out here a while ago, is not "proactive," it's "policy." Security comprises anything that helps enforce certain rules about what happens on a system. e.g. - DEP and ASLR prevent programs from being coerced into doing things they shouldn't - MAC enforces limits on what a program can do in case it is tampered with - AV/AE limits what programs are allowed to run - IDS software limits what intruders can do to cover their tracks - User education (hopefully) limits what stupid input the system might have to deal with It's all about enforcing rules. If you add something that helps enforce those rules, good. If you just throw in some security product because it's "proactive," without regard to whether it's appropriate for your use case, you're wasting your time. (Just my 2c, etc.)
Objection overruled. Seriously though, The word "Proactive" in this case (Proactive Protection Poll), I was referring to "Measures taken for the purpose of prevention of infection in realtime as opposed to an after the fact infection with the use of an on demand scanner/cure" The latter was just too long to fit in the subject line.
I used to run a bunch of separate security programs but now I decided to trim down. Norton Internet Security 2013. It did let through one AdAware but MBAMP Pro on demand picked it up
Ok. Proactive security proven effective in my net machines. First and foremost. HIPS I have an unending hunger for knowing exactly (and when) what is reading writing to any internal system destination in Windows. Classical HIPS uniquely & effectivly tear back the blindfolds on file signal interactions traversing about & around the system. AV's + AS's simply sweep thru the system triggering a target result when a match is made from its source, its database. HIPS unlock and uncover secrets taking place internally, even normal system signals, writing to logs, calling to support modules and the like. Used to be popular classical HIPS like Malware Defender, System Safety Monitor, and my fav, EQSysecure and others proved Xtremely useful in sealing off areas of potential unwanted forced intrusion by making provision for users to first determine if the source file or intended file/process was safe or not by virtue of suspending the origin process, giving the user unlimited time to research whether that action was safe or not. After a period of time a solid ruleset/database is established making for a tighter or narrower channel against forced interruptions by cleverly crafted malware. Combined with a very lite resident AV this combo was quite a formidable defense. Add LV's technology like Sandboxie and Shadow Defender and viruses + malware intrusion on a live system virtually became null. So these are my personal and favorite security shielding apps i found effective and still favor most even though most of the classical HIPS programs that first revolutionized this excellent new windows system security innovation have since been abandoned but somewhat similar methods are implimented in today's AV's and other softs like Comodo, SpyShelter and the like.
OS Built In Protection: UAC at max, DEP at default. Other: Router, OpenDNS, Disabled services, Chromium based browser (sandboxed and with URL malware protection), CCleaner run at shutdown (to clean browser's cache).
A ""clean image"" is the only real protection there is, all others given enough time will fail, the image can be used to bring your system back to life Imaging is the best security program that has ever been invented, "in my opinion"
