Recommend a good security setup?

Discussion in 'other anti-malware software' started by CaptSaltyJack, Dec 14, 2006.

Thread Status:
Not open for further replies.
  1. CaptSaltyJack

    CaptSaltyJack Registered Member

    Joined:
    Dec 14, 2006
    Posts:
    29
    Here's my current situation & setup:

    I'm running Bitdefender 10. I've been using it since I think version 7 or 8. It seems to have gotten more bloated lately. I've noticed some software conflicts.. specifically, Weather Watches crashes (caused by Bitdefender's sockspy.dll), my professional audio software sometimes misbehaves, and if Sandboxie is running when Bitdefender updates, you're looking at a BSOD.

    I don't really like when software conflicts like this. I can understand that for real-time protection, certain OS hooks are needed.. but come on. Crashes and BSODso_O? Unacceptable. And Bitdefender support is starting to pull that typical, "It's not our software's fault" BS. The fact is, on a computer without Bitdefender, I experience zero issues with the aforementioned software.

    So I'm looking to ditch Bitdefender. My goal is to get another anti-virus app, something that preferably won't conflict with other software. An AV app that plays nice, but still gets the job done.

    Also, while I'm at it, other security apps have caught my attention, such as Online Armor, Safe'n'Sec, etc. I don't want to over-do it and install 8 different applications. I'll tell you a bit about how I use my computer and maybe that will determine what I need:

    - I surf (duh). A lot. But I'm careful about what sites I go to. I do frequent MySpace, so the QuickSpace worm might've gotten me if I wasn't lucky. I refuse to disable cookies or javascript, as doing so would cripple a fair amount of media rich web sites.

    - I do P2P. Again, I'm careful about what I get, but you never know what you might wind up with.

    - I email (again, no brainer). I use SpamBayes which takes care of a lot of spam mail (it just moves it to another folder). I sometimes get phishing attacks via email, but they're no brainers for me to spot. Sometimes for a moment it looks official to me, but I'm always careful to check all links and source code in an email before I mess with it.

    - I like to try out new software all the time. I routinely browse sourceforge and try stuff out, but I always install it using Sandboxie, so it doesn't leave crap behind on my system when I uninstall it.

    Overall, I'm pretty careful about what I install and what I click on. I use Sandboxie if I'm not sure. So I'm just looking for software to catch the non-obvious.. stuff like maybe QuickSpace that I might've missed. What I want is this:

    - good anti-virus protection, but WITHOUT the damn conflicts w/ other software on my machine
    - good malware protection (worms, trojans, rogue scripts, etc)

    I think that's all I need, but I'll take suggestions. Again, I want to keep it as lightweight as possible.. I don't need 10 security apps running. I've got a hardware firewall already, by the way.

    Online Armor looks cool but I'm not 100% clear on what exactly it does.. maybe that sounds dumb, they make it seem like their program does it all (does it?). Can it replace anti-virus software?

    So, any suggestions? I'd appreciate it. Thanks!
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    @CaptSaltyJack,
    you can get online armor with antivirus protection. its mainly to block unknown malware which would help protect against threats like the myspace one before your av would know even thou bitdefender has great heuristics.
    online armor comes in two flavors standard version and plus av version.
    it doesn't work like a normal av thou.

    anyway I would reccomend
    eiether nod32 2.7 or kaspersky 6.0 for your AV
    I would suggest online armor if you want something to block unknown malware and this should be all thats needed if your a safe surfer with a firewalled router.
    im guess you have windows firewall on.
    also online armor will soon have a firewall added as a free upgrade to all customer.
    lodore
     
  3. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    No matter what else you install, I would put NOD32 on your system. It is TOTALLY worth paying for. Excellent AV protection as well as protection from a lot of malware.

    Sanboxie is a good one to have. Definitely keep that.

    What firewall do you use? I would suggest Comodo, Outpost Pro, or Zone Alarm Pro. Comodo is free and just as good as the others.

    Outside of that, maybe Spyware Terminator for it's Active Protection and HIPS. It is free. Or you could just go with a goodscanner/cleaner like SuperAntiSpyware.

    NOD plus SandBoxie plus Comodo plus Spyware Terminator would be a very secure combo if they all play nice together. If you are dead set on an "all free" set up, you could substitute Avira Antivir for NOD. When all my paid apps run out, this is the set up I plan to use.
     
  4. CaptSaltyJack

    CaptSaltyJack Registered Member

    Joined:
    Dec 14, 2006
    Posts:
    29
    Cool, thanks for the suggestions.

    I've always heard (not sure if it's just a myth) that NOD32 is great for malware but weak in AV. True or false?

    I don't use a firewall software (nor the Windows firewall).. I use the builtin firewall in my Linksys (running DD-WRT firmware..can't recommend that highly enough). I know that software firewalls often prompt you when your apps try to access the network, maybe that's why you're suggesting one? If so, I'll check out Comodo.

    So, NOD32 + Sandboxie + Spyware Terminator + Comodo and I'm good? Maybe Online Armor too, for new undiscovered malware?
     
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    @CaptSaltyJack
    its more better at av and weaker at malware but its still very good all round.
    read up on it here http://www.av-comparatives.org/
    I would say nod32+comodo+online armor.
    you dont need spyware terminator if you use online armor.
    or kaspersky 6 av+comodo+online armor.
    lodore
     
  6. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    If you add Online Armor that would be overkill and potentially a conflcit. But on-line armor is good too. So NOD plus OA plus Firewall plus sandboxie or NOD plus Firewall (Comodo) plus Spyware terminator plus Sandboxie.

    By the way, you might get a conflict with Comodo Forewall and Online Armor. That combo didn't work on my machine.
     
  7. CaptSaltyJack

    CaptSaltyJack Registered Member

    Joined:
    Dec 14, 2006
    Posts:
    29
    Hm, maybe i'll go with NOD + Sandboxie + Spyware Terminator + Comodo then, and skip Online Armor. Online Armor might layer too much redundant stuff on top of the other software apps.
    What do you think?

    Quick Q: out of NOD, Sandboxie, Spyware Terminator, & Comodo... which of those would've stopped a web based script worm like QuickSpace? if the answer is "none"... we've got probs ;)
     
  8. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    All of them at various stages.
     
  9. poppy4

    poppy4 Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    5
    Location:
    OH USA
  10. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    -Common sense
    -Backup strategy
    -NAT/SPI router
    -System hardening, immunization
    -Firewall w/application control
    -Sandbox/virtualization HIPS
    -AV with at least "Standard" checkmark in AV-Comparatives
     
  11. CaptSaltyJack

    CaptSaltyJack Registered Member

    Joined:
    Dec 14, 2006
    Posts:
    29
    Check.

    Check. Backup4all, runs nightly, backs up to a 2nd HD, and backs up my most crucial files to an FTP server.

    LinkSys WRT54G v4, running DD-WRT firmware. Only ports open are P2P and Remote Desktop running on a nonstandard port (in other words, as an example, they might connect to my machine thinking they found the telnetd or sshd port, but their ssh client doesn't work & they're left wondering "what the hell is this?"). I know what SPI stands for but I'm not sure what it really does.

    Not sure what that means.

    Check. Comodo Firewall.

    Check. Sandboxie.

    Check. NOD32.
     
  12. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Last edited: Dec 15, 2006
  13. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    @lucas1985,
    I just rebooted and now i only have 51 processes running rather than 59 and only 350mb ram used at boot time.
    and 544mb ram when using firefox which leaks on my pc. I cant believe it can make that much difference by just disabling windows services that are not needed.
    any other guides like that so I can decide what to do with the rest of the services?
    lodore
     
    Last edited: Dec 15, 2006
  14. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
  15. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    @lucas1985,
    i checked to make sure it was ok to do the relivent stuff in my setup and it worked well.
    i disabled the secuirty centre service since i check kis6.0 to make sure its on and updated.
    lodore
     
  16. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  17. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Harden It is another hardening tool that doesn't conflict with anything and gives an extra layer of protection.

    dja2k
     
  18. TECHWG

    TECHWG Guest

    If you dont mind paying for good products, then heres my lineup:

    NOD32
    Comodo Firewall
    ProSecurity (paid)
    im not too familior with antispyware but its a good idea to have 1 or more ondemand scanners

    Also i would suggest that anyone with 1GB or more memory use Vmware for testing software before you throw it on your pc and potentally clutter it. Vmware server is free now and so its worth having!
     
Loading...
Thread Status:
Not open for further replies.