Safety Without Bloat ?

Discussion in 'other anti-malware software' started by rrrh1, Dec 26, 2008.

Thread Status:
Not open for further replies.
  1. rrrh1

    rrrh1 Registered Member

    Joined:
    Sep 10, 2007
    Posts:
    202
    I am so tired of continuous updating of security, antivirus and antimalware software, seems like it's all I get done.

    I am thinking about:

    a.) "Returnil" or other virtulization product.

    b.) "Anti-executable"

    c.) "Sandboxie"

    d.) "ATI" or other Drive Imaging product.

    e.) "Opera" or "Firefox and Thunderbird" for Browser / Mail Programs...

    First

    Setup windows XP SP2 per my liking then locking it down with a combination of the above.

    Use the drive image for the worst case scenario.

    I am talking about no antivirus software "Norton" , no antimalware "Spybot S&D" and use only windows built-in firewall no "Zonealarm".

    Note: names of products used for example only.

    Can it be done ?

    Would it be safe for web surfing ?

    What's the consensus here ?

    rrrh1 (arch1)
     
  2. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    For surfing, I use Opera forced in Sandboxie (only Opera and Foxit Reader can start).

    For banking etc., I run an Opera Sandboxie session with nothing else allowed.

    For any unusual installs, I dummy in Returnil and scan with Prevx Edge after install ("cloud" driven so no sig updates + very light footprint) and if it's a keeper I install again with protection off.

    I always make a fresh image before doing this with Macrium.

    I don't visit the sewers and never click on any attachments I'm not expecting.

    That's it really.

    I only worry that something already lurking on my box may be piggy-backing Opera when I'm banking.

    Maybe I'm sailing too close...

    philby
     
    Last edited: Dec 26, 2008
  3. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    A) MS VPC ... Free ... light; 10 mb download ... effective.
    B) ThreatFire; Vista UAC
    C) Sandboxie
    D) ISO Recorder; http://isorecorder.alexfeinman.com/v1.htm
    E) Firefox for browsing; Webmail for e-mail or Thunderbird ... I prefer webmail ... in the cloud ... remote and secure ...
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Hmm. I too have found myself becoming tired of endless array of 'needed' apps, or training periods, or schemes that are indeed secure, yet become more of an annoyance than anything.

    So here is what I do right now.

    1. Format and do a clean install ( I use an unattended DVD, tweaked to my likings)
    2. Install Macrium PE. Make baseline image onto 2nd hdd.
    3. Built ramdisks for both liveXP and bartPE. liveXP is my choise for most things I may need to do, while bartPE is for Macrium image restores. Make a baseline image of this after it is working.
    4. Install all my little things that I want on always. Make another image.
    5. I use a reg setting to get a 'Basic User' into SRP, and then set all my internet apps to start as a 'Basic User' via SRP. Opera, Kmeleon, Outlook Express, Bitcomet, IE, Teamspeak. Pretty much anything that I will use routinely that connects online.
    6. I use Avira Free, Cyberhawk 1.1.1.3, TinyWatcher (on demand) and Startup Monitor. Windows Firewall and adding some ipSec policies/rules in for default stuff too.
    7. Sandboxie with enforcing of certain apps like browsers etc. I don't like to 'recover', so I have made a download folder in my profile path, and I allow direct access for Sandboxie to that folder. That takes care of recovering anything because my browsers also don't ask where to downlaod to, the put things in that folder. For extra security, I also force contents of that download folder to start in a sandbox that has no outgoing net access.

    This leaves me with the ability to restore an image in about 3 minute when booting from the bartPE ramdisk. The actual image restoration takes under 1 minute. With the ramdisk boot options built into the restore image now, it is very nice. All is done basically.

    As for security, I am banking on the SRP holding up for most things, with Avira and Cyberhawk hopefully catching anything that might escape. Sandboxie pretty much takes care of most else. Another bonus to using Sandboxie, is that when a browser for instance starts as a Basic User, you don't notice the restrictions imposed when running within the sandbox. When outside the sandbox, which I sometimes do, I have noticed nothign out of the ordinary except I cannot install things from the browser. I have to actually go to the folder the setup.exe lives in, and install it from there. There are a few tricks around that, but overall I am very happy with both the level of security and most importantly, being built into XP, pretty quiet.

    Sul.
     
  5. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Never had a problem running the combo in my signature.

    Common sense plays a role as well :thumb:
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Can it be done ? oh yes

    FF+ Noscript + hardware firewall - for me that is really enough. Other things like Shadow Defender, Shadow Protect, SuRun, Roboform, Secunia PSI.... have benefits but are not strictly speaking necessary. They do however make life easier - which you may find a pleasant change after A/V and A/S programs.
     
  7. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Any virtualization program + AntiExecutable is IMO impenetrable. Your a,b,c,d,e is an ideal modern setup. The reason I don't use AntiExecutable myself (although I do have a license) is that it doesn't allow FirstDefense PC Rescue to work properly, and with Vista it still has a quirky behaviour.

    I also find that running some vitualizers and sandboxie together verges on overkill.
     
  8. GreenWhite

    GreenWhite Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    110

    Two thumbs up. Way up !
     
  9. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    These days i just run linux with firefox + noscript behind a hardware firewall. I keep the OS and apps up to date and use a bit of common sense and i'm fine. Everything runs lightning fast.
     
  10. GreenWhite

    GreenWhite Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    110

    You are free. Run out of fingers, but they are way way up !
     
  11. rrrh1

    rrrh1 Registered Member

    Joined:
    Sep 10, 2007
    Posts:
    202
    I am going to throw a small wrinkle into this thread...

    Can you have good safety with only freeware programs ?

    Which ones ?

    "Returnil" is available as freeware lite version...

    "Anti-executable" is not...

    "Sandboxie" is available as freeware lite version...

    "ATI" is not but there is freeware for the same job...

    Opera" or "Firefox and Thunderbird" are both freeware...

    rrrh1 (arch1)
     
  12. GreenWhite

    GreenWhite Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    110
    Definitely yes. It may sound boring in the midst of all the super security softwares that are recommended here.

    Antivir Free
    Online Armor Free

    Vmware Player

    That´s it, in my opinion, besides the Firefox/NoScript thingy.
     
  13. Jaki

    Jaki Guest


    That is a very interesting approach. Let me think more about it.
     
Loading...
Thread Status:
Not open for further replies.