Recommend free layered security solution

Discussion in 'other anti-malware software' started by Kernelwars, Aug 15, 2010.

Thread Status:
Not open for further replies.
  1. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    Hi Guys,
    I invite all the security experts here at wilders to recommend a layered protection suite (preferably free softwares) that can be used to fight zero day threats and provide a solid protection for not so savvy computer users...
    Thanks,
    Kernel
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    GesWall Free:thumb: or BufferZone Free:thumb: :thumb:
     
  3. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Fixed
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I am not a security expert but here goes anyway . . . .

    + Avast-free (antivirus with integral behavior blocker)
    + Private Firewall (firewall with Stateful Packet Inspection plus HIPS)
    + Macrium Reflect (image your system disk at least weekly & retain at least 4 most recent images)
     
  5. eugene91

    eugene91 Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    189
  6. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,078

    Comodo IS (without the AV) Firewall + HIPS + Sandbox
    Avast Free / Avira / MSE
    Safe Online "Free" (facebook)
    Peerblock if you use p2p
    Immunet (Optional)
    Some software for doing backups
     
  7. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,434
    Location:
    Europe


    - firewall router ( sorry, not free :D )
    - HIPS: Comodo or Online Armor free
    - av ( Avira, Avast )
    - GesWAll
    - a disk image software ( Macrium ? I have not experience, I use Acronis True Image buy )

     
  8. tlu

    tlu Guest

    LUA + SRP/Applocker.

    If you have a Windows version that doesn't support SRP, use Sully's PGS. An alternative for Windows 7 (although inferior to a LUA/Applocker combo) is described here.
     
  9. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Firewall + HIPS + Sandbox: Comodo Internet Security 4.1 (Without the AV)
    Antivirus: Avast! - File Guard and Behavior Blocker
    Windows: UAC + LUA + SRP
    Ohers: PrevX SafeOnline (Facebook)
     
  10. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    465
    Location:
    UK
    Set DEP (NX/XD) protection to OptOut - protect against zero-day vulnerability exploits.
     
  11. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    Thanks guys..:thumb: It would also be helpful if ya'll can suggest some thing to lock or somehow get alerted when the hosts file gets modified.. Thanks in advance.
     
  12. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Winpatrol does that....:)
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thomas,

    Thanks for the reference. Only the 1806 trick or Attachment Execution Service protection included in XP since service pack 2 only has 2 known issues

    Please read http://www.heise.de/security/artikel/Flaws-in-the-security-features-of-SP2-270548.html

    As the author states
    The countermeasures
    ISSUE 1
    The countermeasure of the first issue (social engineering) is tackled two times
    a) removing the installer detection & allowing UAC elevation only from safe area's
    b) removing the execute right in download and mail directories through ACL

    ISSUE2
    Allthough issue 2 is a theoretical one, Countermeasure b above would deal with Explorer's theoretical flaw.

    Request
    So please stop addressing the SAFE admin as inferior as it is a very effective way of providing solid policy protection layer in a ADMIN/UAC environment. The term inferior is not based on field testing nor on reported intrusions in the white and black hat community. For someone propogating policy management LUA/Applocker is the best, next LUA/SRP. I agree on this, so be a sport and communicate on facts.

    Applocker (signature issue, see Avast blog), SRP (2 theoretical evasion, see Didier Stevens Blog, also Run as:"Unrestricted"), Attachement Execution Service without other SAFE Admin precautions (1 user 'shoot in the foot' and 1 theoretical evasion), there are bigger fish in the ocean to worry about . . . like running Admin (o_O )

    Thx
     
    Last edited: Aug 17, 2010
  14. tlu

    tlu Guest

    Kees, that's all I wanted to say - in other words, though. I did not intend to belittle the SAFE admin approach. If you feel offended I apologize.:thumb:
     
  15. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Be a member of the User group, not the Admin group. Learn to elevate something (such as a program installation) to Admin level only when needed. This is the easiest approach. If you must remain a member of the Admin group for daily use, protection for the not so savvy user is going to require learning something, IMHO.

    Devise a scheme with which to use Macrium or any disc imaging software to the fullest potential with the least amount of effort. Weekly imaging is, for me, out of the question. Get an external drive, buy another internal drive, use USB thumbdrives, whatever you want. Put the data that you don't EVER want to go bye-bye on one of these 'other' areas for storage. Commit yourself to always putting your data there.. always. You reap the rewards then. Once your data is on a safe location, anywhere but the OS drive, you can create an image of a new fresh OS install. When you make major changes to the OS install, restore the image, do nothing but make your changes, then make a new image. This new image is the one you will use until you need to 'update' it. That may be months or more. When your system is borked or running slow, whatever, you know your data is somewhere other than the OS drive, so you can safely restore your image. No data lost, not much time lost in preparing to restore. Maybe some bookmarks or other mundane things that you might want to keep before a restore.

    There are a great many tools and methods you might employ. Not one of them can be declared the best because not one of the users are exactly the same. The way in which our minds are wired differ from person to person. This is so noticable in software. One software that makes complete sense to me does not to you. In the end, you will have to choose the one that you understand and can control that also offers you the protection in the areas you feel you need.

    It is a tricky question you ask. It normally requires a lot of experimenting with all the suggestions before you come up with what will work for you. But the good news is that there are many here who love to experiment and are happy to share. One of Wilders greatest assets IMO.

    Sul.
     
  16. 031

    031 Registered Member

    Joined:
    Sep 5, 2007
    Posts:
    185
    Location:
    Bangladesh
    avast free

    prevx safe online ( free on facebook)

    Malware defender

    i use this setup on xp sp3 and it never slows me down.
     
  17. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,786
    Comodo Firewall +sandbox
    AVG antivirus free
    Prevx Safeonline facebook edition
    Macrium reflect:thumb: :thumb: :thumb: :thumb:
     
  18. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No worries, you are a big promotor of LUA/SRP and have contributed to it on Wilders a lot. So your opinion has impact IMO. I have done quiet some research and extensive field testing with my manual tweaks. SAFE-admin will be very close to running LUA/SRP security wise. So when people are not willing to run LUA, SAFE admin will be a good alternative.

    I am talking of will be, because the manual tweaks will go over most people's head. Sully is trying to create a program which make it easy and available for everyone running Vista/Windows7, also 64 bits.

    Regards Kees
     
  19. progress

    progress Guest

    Please use another firewall or router :thumb: :thumb:
     
  20. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,078
    Yes, I'm sure the router will sandbox the apps and the HIPS integrated will protect you at the same lvl... \ironic
     
    Last edited: Aug 17, 2010
  21. Dundertaker

    Dundertaker Registered Member

    Joined:
    Oct 17, 2009
    Posts:
    385
    Location:
    Land of the Mer Lion
    Hi;

    (realtime)
    Prevx (one from facebook) or Avast free
    Online Armor free/PrivateFirewall freeware
    GesWall free

    (on-demand)
    MBAM
    HitmanPro

    (imaging/backup)
    for Seagate hdd - DiscWizard (BartPE embedded)
    for WD hdd - ATI-WD (BartPE embedded)
    other hdd - Macrium free (you'll have to download BartPE seperately)
     
  22. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  23. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    I'm not an expert, from practical experience I'd say:

    1) Sandboxie free

    2) Returnil free

    3) Macrium Reflect free (I haven't tried it, but I trust Wilders' members feedback)

    A couple of good scanners on demand (also free, e.g. Avira & Malwarebytes Anti-Malware) to check suspicious downloads.
     
  24. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,285
    Web Browser
    Google Chrome or Firefox
    -WOT (available for both)
    -AdBlock (available for both)

    Resident protection:
    Panda Cloud Free
    Immunet Protect Free
    Outpost Firewall Free

    Virtualization:
    Returnil Free

    On-Demand:
    Hitman Pro
    MBAM Free

    I wouldn't add any system hardening like LUA/SEHOP/SRP/DEP/UAC keeping in mind that basic users would have to download, install, update, run... different apps during their regular tasks. IMHO

    That being said, I'm not a computer expert nor advisor. I don't even consider myself a high-profile computer user. Just a computer enthusiast!;)
     
  25. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,285
    Strongly agree!!! :thumb: :thumb: :thumb:
     
Loading...
Thread Status:
Not open for further replies.