Proactive Protection Poll

Discussion in 'polls' started by LoneWolf, May 21, 2013.

?

What Proactive Security measures do you have in place?

  1. Firewall/Built In OS

    39.1%
  2. Firewall/Router

    51.1%
  3. Firewall/Software

    32.6%
  4. Firewall/Hardware

    6.5%
  5. Antivirus

    63.0%
  6. Antimalware/Antispyware

    32.6%
  7. HIPS/Classical,Policy Based

    34.8%
  8. Anti-Executable/Execution control

    23.9%
  9. Sandbox

    38.0%
  10. Light Virtualization

    12.0%
  11. OS Built In Protection/(Example)LUA,SRP,UAC....

    33.7%
  12. All in one Suite/aka Internet Security Suite

    7.6%
  13. Alternative OS/(Example)Linex,BSD

    7.6%
  14. Other

    12.0%
  15. Nothing/I'm Invinciable

    0 vote(s)
    0.0%
Multiple votes are allowed.
  1. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    In real time only, what measures do you have in place to secure your PC?
    Not a poll of what particular products are used, only what type.
    Multiple answers are permitted.
     
  2. guest

    guest Guest

    You just read my post here didn't you? :D

    Well to me, it's the combination of:

    - A real-time AV.
    - An OD scanner.
    - Windows built-in firewall.
    - My router firewall.
    - Some OS tweaks (like disabling autorun, UAC, DEP, SEHOP, etc).
    - My web browser + a script blocker + a secure DNS filter.

    Simple, to the point, easy to maintain. :thumb:
     
    Last edited by a moderator: May 21, 2013
  3. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I am currently running an AV.
    Firewall with HIPS.
    My firefox browser runs sandboxed.

    Using a standard user account.
     
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Router+Windows Firewall + UAC MAX+Sandboxie, and when the going gets really tough (e.g. third party flash drives) + Shadow Defender.
     
  5. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Router + AV for now, sometimes I skip the AV and use an AE and some other tools instead. Always images also of course..
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    It's all in my sig.
     
  7. guest

    guest Guest

    I don't consider a clean image as a proactive protection. More into "if you're screwed" type of solution. Restoring an image every single month doesn't sound like a good idea IMO, though I agree that it's important to have at least one.
     
  8. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    AV+
    router & 3rd party FW
    +OD scanner
    +sandbox
    +hardened Browser
    +encrypted password mgr
     
  9. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    -Wireless Router
    -Windows Hardening
    -Antimalware
    -Classical HIPS
     
  10. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    - NoScript
    - Firewall
    - Alternative OS: Linux Mint
    - Sphinx firewall control for Windows
    - on demand scanners for Windows
     
  11. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Regular testing.
     
  12. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    - Firewall/Router
    - Firewall/Software
    - Firewall/Hardware
    - HIPS/Classical,Policy Based
    - OS Built In Protection/(Example) - UAC, EMET
     
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
    XP

    FW router + Windows FW
    - SBIE 4
    - ExploitShield
    - EMET 4
    - DropMyRights
    - Norton DNS

    7 64 bit

    - FW router + Windows FW
    - SUA
    - UAC max
    - EMET
    - Exploitshield
    - IL low with Icacls + CHML
    - trick 1806 + Deny Elevation (TH Kees)
    - Norton DNS
     
  14. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Router w/SPI
    XP FW
    Comodo FW/D+
    Sandboxie realtime - Removable drives/USB ports forced
    VirtualBox - "heavy" virtualization
    OS hardening - Default Deny SRP, Local/Group Policy edits, folder permissions/LUA, disabled services, and tons more

    ... good poll idea
     
    Last edited: May 26, 2013
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    The way I do it, I have what I call a "base image" of Win 7, with all updates current. If something gets hosed or messed up, or if I just want to build a new clean setup, I just restore the base image, and rebuild from there, adding the apps I want, etc. Data is on a separate partition also, and I link to that. I update the base image periodically.

    So this way, there is still some work involved (installing apps), but it cuts down significantly on the time it takes to have a clean new system again.

    I don't think of it as "proactive" either. Just survival tactics.. :)
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    Router
    Winodws Firewall
    Baidu Antivirus

    No other real time potection and I'm running a admin account with UAC disabled.

    + occasional manual scans with MBAM
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Everything should be obvious from my signature, except maybe Anti-Executable/Execution control and Sandbox. I believe Avast's Behaviour Shield and Emsisoft Mamutu counts as Execution control. As for sandbox, Chrome comes with one and I use VirtualBox.
     
  18. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    [Disclaimer: the following is not expert opinion.]

    I feel like I should object to that word "proactive," since it looks like it can mean anything in this context.

    IMO the key word, as someone (Lucy?) pointed out here a while ago, is not "proactive," it's "policy." Security comprises anything that helps enforce certain rules about what happens on a system. e.g.
    - DEP and ASLR prevent programs from being coerced into doing things they shouldn't
    - MAC enforces limits on what a program can do in case it is tampered with
    - AV/AE limits what programs are allowed to run
    - IDS software limits what intruders can do to cover their tracks
    - User education (hopefully) limits what stupid input the system might have to deal with

    It's all about enforcing rules. If you add something that helps enforce those rules, good. If you just throw in some security product because it's "proactive," without regard to whether it's appropriate for your use case, you're wasting your time.

    (Just my 2c, etc.)
     
  19. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Objection overruled. :D
    Seriously though,
    The word "Proactive" in this case (Proactive Protection Poll), I was referring to "Measures taken for the purpose of prevention of infection in realtime as opposed to an after the fact infection with the use of an on demand scanner/cure"
    The latter was just too long to fit in the subject line. :)
     
  20. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    I used to run a bunch of separate security programs but now I decided to trim down. Norton Internet Security 2013.
    It did let through one AdAware but MBAMP Pro on demand picked it up :)
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Ok. Proactive security proven effective in my net machines.

    First and foremost. HIPS

    I have an unending hunger for knowing exactly (and when) what is reading writing to any internal system destination in Windows. Classical HIPS uniquely & effectivly tear back the blindfolds on file signal interactions traversing about & around the system. AV's + AS's simply sweep thru the system triggering a target result when a match is made from its source, its database.

    HIPS unlock and uncover secrets taking place internally, even normal system signals, writing to logs, calling to support modules and the like.

    Used to be popular classical HIPS like Malware Defender, System Safety Monitor, and my fav, EQSysecure and others proved Xtremely useful in sealing off areas of potential unwanted forced intrusion by making provision for users to first determine if the source file or intended file/process was safe or not by virtue of suspending the origin process, giving the user unlimited time to research whether that action was safe or not. After a period of time a solid ruleset/database is established making for a tighter or narrower channel against forced interruptions by cleverly crafted malware. Combined with a very lite resident AV this combo was quite a formidable defense.

    Add LV's technology like Sandboxie and Shadow Defender and viruses + malware intrusion on a live system virtually became null.

    So these are my personal and favorite security shielding apps i found effective and still favor most even though most of the classical HIPS programs that first revolutionized this excellent new windows system security innovation have since been abandoned but somewhat similar methods are implimented in today's AV's and other softs like Comodo, SpyShelter and the like.
     
  22. Krysis

    Krysis Registered Member

    Joined:
    Dec 28, 2012
    Posts:
    366
    Location:
    DownUnder
    Firewall\HIPS + Sandboxie
     
  23. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    OS Built In Protection: UAC at max, DEP at default.
    Other: Router, OpenDNS, Disabled services, Chromium based browser (sandboxed and with URL malware protection), CCleaner run at shutdown (to clean browser's cache).
     
  24. guest

    guest Guest

    A ""clean image"" is the only real protection there is, all others given enough time will fail, the image can be used to bring your system back to life

    Imaging is the best security program that has ever been invented, "in my opinion":D
     
  25. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Personally i dont see imaging as a protection method but more like a recovery solution.
     
Loading...