Recommendations for my setup?

Discussion in 'other anti-malware software' started by Spysnake, Aug 12, 2011.

Thread Status:
Not open for further replies.
  1. Spysnake

    Spysnake Registered Member

    Joined:
    Apr 11, 2009
    Posts:
    187
    Hello all,

    I'm starting to get my Windows 7 Ultimate 64-bit desktop running. Wanted to check if my setup is good, and if it needed anything more or if something should be changed.

    The main point is to Keep It Simple, and I don't want to use real-time blacklisting. I have done my best to remove all 3rd party security software I could, as I feel that Win 7 has it pretty much covered. The machine is used for all sorts of tasks, such as programming and gaming, so I can't tweak it to death.

    Here is the list:

    - Sandboxie Paid with experimental protection enabled (browsers, IM, multimedia, pdf reader, office programs)
    - SUA for daily usage, Admin account used only for installations and management
    - UAC at highest level
    - Considering AppLocker. I haven't been able to test it yet, and can't say if it is too restrictive. I think there is no reason to use SRP in place of AppLocker in Win 7 Ultimate?
    - Windows Firewall, most probably with two-way advanced security. Testing isn't done yet, but shouldn't be that hard to implement.
    - EMET with DEP Opt-out, SEHOP Opt-out, ASLR Opt-in, with same apps configured as Sandboxie
    - Considering Image for Windows as a backup solution.
    - Autorun and Autoplay disabled via Group Policy
    - MBAM, Hitman Pro and few bootable AV-CDs for on-demand scans
    - Main browser: Firefox 5.0.1, with Adblock Plus (Easylist), HTTPS-Everywhere, Noscript.
    - The machine is connected to D-link DIR-655 router, which has been reinforced with strong passwords for accounts and WPA2. There is also MAC filtering in place.
     
    Last edited: Aug 12, 2011
  2. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,100
    Location:
    Adelaide
    I think you're fine with that setup. You could even say Sandboxie alone is enough with some common sense. Bundled with everything else you mention you're golden.

    Do setup AppLocker by the way; whitelisting makes all kinds of sense.
     
  3. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    With that level of security you might as well go all the way and remove hard disk failure as a potential issue as well. Raid 1 is not hard to set up and with the prices of hard drives has become quite cheap. Back that up with some kind of external imaging to recover from less catastrophic disk issues quickly.
     
  4. Jose_Lisbon

    Jose_Lisbon Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    245
    Location:
    Portugal
    Yes, Sandboxie and don't be silly (willy? nilly?)
    Joking, just don't be silly.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    You're fine. As others has said Sandboxie alone is powerful enough to protect your system when properly configured.
     
  6. Spysnake

    Spysnake Registered Member

    Joined:
    Apr 11, 2009
    Posts:
    187
    Thank you for your replies :)

    About the Sandboxie being enough, yes, I agree with that. Other hardening methods described in the list are mainly for the peace of mind.

    nosirrah, that was some very good advice, as I haven't taken Raid 1 in the consideration. However, I'm running SATA3 SSD-drive as the main boot drive, and can't get another one for raid. Apart from that, one bigger SATA3 HDD. Maybe I fill the SATA2 slots with some backup disks in the future. Guess it's just imaging to external USB drive for now, atleast I have surge protectors in place so no drive should just go dead without warning.
     
  7. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    If you don't mind a HIPS or a On-Access scanner :D
    But it's all up to you :)
     
Loading...
Thread Status:
Not open for further replies.