Rate my setup

Anti-virus: Dr Web
Anti-Spyware: Trend Micro Anti-Spyware
Firewall: Comodo

On Demand Scanner: AVG Anti-Spyware

*Fully updated Windows SP2 and IE7
*McAfee Siteadvisor free

Note: I love my setup other than the fact that I think Trend Micro resets my taskbar so that only Trend Micro only shows up and the rest are "always hide" which I want to find a way to fix (any help in appreciated)

So any suggestions or thoughts on my setup?

I rate my setup: 8.5!

 

setup looks fine to me but what browser do u use? Firefox and Opera are always nice.

as for the taskbar, u can right-click on it, select properties, and then click the Customize button. From the resulting dialog box u can customize whether XP always shows/hides certain icons or if it should only hides them when idle.

 

8.5 for an average user... if i was to download it.... 7

anti-virus: Haven't tried it... Cannot post good or bad comments, it has avast-like protection.. As many compare it to avast, which is alright.. because I give avast an 8.
Firewall: Awesome 10/10
Anti-Spyware: Good, maybe not the best... Wish there were more tests of it ><, but while i had it... Your taskbar problem i didn't have. 7.5/10
On-Demand 8/10
IE7- 5/10
SiteAdvisor- 0/10. It really screws with schoolwork (it blocks google images ><, and like youtube and crap... youtube I actually need for an assignment... so yea, and every computer has it) so I hate it lol. And because usually its common sense.

 

"as for the taskbar, u can right-click on it, select properties, and then click the Customize button. From the resulting dialog box u can customize whether XP always shows/hides certain icons or if it should only hides them when idle."


I do that and it still resets by itself, which is so annoying



Wow, good scores so far!

 

Hello,

Assuming each items gets the same rating:

AV 10/10
AS 5/10
Firewall 10/10

OD AS 10/10

Fully updated Windows 10/10

IE 0/10

SiteAdvisor 0/10

Total score: 45/70 or 6.5.

Mrk

 

well i thing u need something behind dr web like cyberhawk.

 

Hmm, not so bad, I like my scores, but I don't want to have cyberhawk type programs etc I know they are good, but don't feel like I really need it.

 

I dont know your antivirus, but Comodo firewall is about the best i have tried thats free. I personally run comodo

 

Not very strong and actually with no HIPS you may be asking for trouble. Reason is I used to have a similar set up like yours and overkill on scanners etc. I do alot of high risk surfing but luckily I had a HIPS like GSS 'cus it caught a file
a.exe trying to run which apparently silently downloaded itself onto my machine with out my knowing about it but my HIPS caught it trying to run. I think if it ran my system would of got hosed. Now a days you dont even have to high risk surf to come across a situation I encountered. Malware is becoming so advanced now that if it runs and executes its code before you can stop it good luck on disinfecting the normal way. May take some extreme methods of cleaning to have a uninfected system again which I think personally
your setup wouldnt be able to do .

 

Hello,
yankin, that's a completely ... erroneous statement.
Mrk

 

but which part?

surely not the part where once compromised and possibly rootkitted a reinstall is called for. Since thats what a senior Microsoft Security Analysis admitted to last year as a best practice.

the HIPS part holds some validity as well it was what ID'd the attempt and prevented it

but I agree with the 6.5 rating
(back to the same old song)
how is the OS hardened?
Where is the virtualization\sandbox?
where are the checksum monitors and security logs?
where are the security benchmarks?
all free stuff above and below the levels detailed

 

Your setup looks fine.
If you want to see your icons you'll have to right click on the taskbar, click on properties and uncheck hide inactive icons. Hopefully that will solve your issue.

 

Well, I guess I have an overall mixed review on my setup according to the post. On that icon taskbar help, I've tried it all, and nothing works.

 

I wouldnt say that specifically
both myself and Mrkvonic are grinding (slightly different) axes

I wouldnt speak for him
but for myself there is a tendancy to have aps that overlap in capabilities but little discussion of employment of the integral tools in the OS that aid security, tripwires to detect anomalies and security benchmarks to refer to when attempting to track down what ap has done what to the OS\registry\services\ect

the biggest hole I see is lack of a sandbox or virtualization which if properly and religiously employed would isolate most of the threat vectors
easily addressed, VMware Workstation Beta (get it while you can), or sandboxie

then make an effort to learn what you can accomplish with logging and checksums (of your security aps (exe & dll) as well as critical OS files)

the lineup you mentioned looks sound if maybe a little redundant or unnecessary in spots if you where whacking down the possible threat vectors at a lower level (or virtualizing them)

the up side here is all that costs nothing but time
adds considerable depth to a defense and is worth learning in and of itself

regarding a HIPS, I use one, consider it a valuable information tool, and additional tripwire
but if your virtualizing maybe more for curiosity sake than frontline defense
they are above all a good educational tool as to what is happening with your OS

as far as siteadvisor goes I personally have no need for it
I already know Im in a bad part of town and Im certainly not using IE

your current config is likely very secure,
but you are placing your faith in applications that could well be fallible now or eventually
depending on what is encountered, if all your faith is there, detecting a subversion may take considerable time
and the worse case scenario is its not detected at all

Virtualization is I think the greatest tool currently in our arsenal for day to day protection against threats, but eventually you trust something and install it directly if that choice is incorrect and its evaded identification by definition\signiture or behavior, its likely to modify security, indirectly detecting that maybe the only clue you get.

While we are discussing smaller and smaller probabilities here, the tools to accomplish this arent theoretical they are being employed, just not typically on end users on a mass scale. And since these steps are largely behavior modification and investment of time, the return on investment needs to be weighed against the probability of it actually happening to you. And that largely depends on what your doing with your box.

 

Hello,

Ice, as to the security practices, I do not like to spend too much time tweaking Windows - it's like trying to save a sinking ship by tossing bucketfuls of water overboard.

Tweaking = Linux.

Windows = leave it as it is, anyhow it's a mess. I do not feel compelled to watch every little thing that happens in my system, because I know full and effective control of such a tast would be impossible. If one feels a need to control the operating system because he / she does not trust it, then one may as well ditch it. I am on my way there.

Virtualization is important - although I use it primarily for education and testing of compatibility. I prefer to avoid doubtful products altogether. If there's a doubt, there's no doubt.

I believe the user is the bottleneck and the hyperthread of the computer usage and down the ladder of time, the performance and the security of the machine will be decided by the user. Software control and monitoring can help minimize damages to some degree, but there will always be a moment when the user does the one step too many and ruins everything.

I think that one should invest 20 hours reading about OS rather than tweaking for 20 hours, because the knowledge of how things works, and even more importantly, taking things in their right perspective - computers are only dumb machines - is far more crucial than patchwork on a system so full of holes like Windows.

Of course, tweaking and hardening is a nice HOBBY, but it is a wrong practice for people with little understanding of the OS. Just think of it. If you can edit registry, edit group policies, change permissions etc, then you can do this in the event of a possible security breach, as well! This means that you can retain full functionality of the system alongside full awareness. For people who simply apply tweaks they downloaded off the net, it's a forfeit match.

Feeling the system - understanding it - is 99% security. The rest is mere convenience.

You can always reinstall - or if you're lazy, reimage. The only irrecoverable things are personal - images, documents etc - and these should be fanatically backed up. But the system? It's nothing an afternoon of clicks can't recreate from the scratch.

Therefore, it comes down to the relationship one has with his PC. You can feel if something is wrong. Windows is not that good a system that trouble will lurk in the dark corners and you won't notice it. Things are so entwined and so inter-dependent that tweaking is almost as bas as getting infected for real. Errors, BSODs, strange things not working etc. Is there a difference? It's just that you disabled the RPC Locator in the services ....

Cheers,
Mrk

 

Interesting analogy, Id counter with its the only ship I can competently pilot that will haul my cargo
Better to bail than sink.

Its hard to give up what you know you can keep secure to embark into largely unknown territory where (as you so eloquently point out) the user and his knowledge are the determining factor in security.

Concurrently Ive had very little success convincing friends, forummates, and clients to toss Windows out the err...Window

So at least some of what Ive learned will have continuing utility.

I do see the writing on the wall however and have been making a study of your excellent Linux Guides, VMware Workstation and additional Linux Security resources, just not quite ready to scuttle my W2K ship yet.

(But I will before submitting to DRM fascists)

 

It depends. If you're using a limited account while surfing, it could well rate a 7. Otherwise, it rates a 4 at best.

PS: SiteAdvisor is NOW, in my experience, worse than useless. Sorry.

 

Anti-virus: Dr Web - 8.0

Well, it has a good heuristic and fair detection as well.

Anti-Spyware: Trend Micro Anti-Spyware - 8.0

Well, in combination with other stuff, it will do its job, more or less.

Firewall: Comodo - 9.0

What can be said it is one of the best firewalls, but it still sucks in few areas.

On Demand Scanner: AVG Anti-Spyware - 7.0

Ewido used to be good, but I guess, that they put too much money to research.
Since Grisoft bought them due to that, its rating will unfortunatelly go down soon.

Fully updated Windows SP2 and IE7 - 9.0

That is the way to go. If you would say IE6, I would rate it 4.0.

*McAfee Siteadvisor free - 5.0

It does not harm to have it, but it does not help too much neither.

Overall rating: 7.6

 

What part? Be specific and I'll get very detailed with you, better yet send me a pm.

 

Hello,

Sent you a pm and we'll discuss it.
What I wanted to publicly state, for the benefit of all, may they agree or not:

Security = user. Software = convenience that should reflect one's taste, budget, software/hardware compatibility. Things don't happen by themselves. People happen.

You can have no security software and be perfectly safe. You can have 13 applications and still get owned every second Thursday.

Understanding the system = control of the system. Piling of software = a stopgap measure without a real strategy or effectiveness.

Lots of software = lots of user decisions. Wrong decisions = infection. Software - merely another waypoint to infection.

Internet = fun.

Mrk

 

I agree with farmerlee, your setup is fine.

 

I will say that the WWW has provided me totally free money ($$$) and merchandise which would not be possible otherwise (other than winning the lottery or sweepstakes). I got virtually all of my computer hardware online (not through any retail store or mail order). The convenience of comparison shopping is the most time saving and gas savings benefit of using the Net. You can purchase virtually anything on the Net without having to rely on price quotes by agents which you had no choice prior to the 1990's. I save tons on postage (I was never a fan of the Postal Service) by using electronic transactions. And I was able to communicate with people across every continent (except for Antarctica). Without the Internet, I would still be using the card readers/punchers and storing the huge card decks in the warehouse.

P.S. Your setup looks pretty good to me.

 

Yep, its database is going downhill Do you have any other experiences with others site rating tools like Link Scanner (my current favourite), Calling ID, SiteHound ?

 

If you review my forum signature links, all those i employ and i run ONLY Internet Exolorer and have no problems whatsoever. Yes i have OPERA & FIREFOX but they are no more secure then IE with the protections i guard IE with.

 

I don't have any experience with very reliable ones, no...

Given the fact that many malware authors are now using DIFFERENT behavior of the pages depending of the IP location of the client visiting them, I am absolutely pessimistic about SiteAdvisor. It's just not possible to maintain an active monitoring of millions of sites multiplied by every Country... No wonder I'm seeing 'green' ratings for exploit-loading, malware-pushing sites (besides, Site Advisor has been rating erroneously rating "red" some sites too).