Securing Win 7 64 bit

Discussion in 'other anti-malware software' started by diceman, Jun 25, 2010.

Thread Status:
Not open for further replies.
  1. diceman

    diceman Registered Member

    Joined:
    Jan 29, 2010
    Posts:
    24
    I'm looking for info on how I can better secure Win 7 64 bit. I currently have PCTools firewall + Avira + Win Defender is active.

    Anyone either have a link to a list of important things to disable in Win 7, to make it more secure, or any other programs that I may need to add for a more solid security set up?

    Too bad SandboxIE isn't so good on 64 bit. I'll miss that one. :(

    Are there any programs like SafeXP or WWDC but for Win 7 64 bit?

    Thanks.
     
  2. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    The same old routine. Update your software, run as a non-admin user, and install software only from trusted sources.

    Practice the basics properly, and losing hair over which security product(s) to run is nothing but a waste of time.
     
  3. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    AppLocker - available through the Ultimate and Enterprise editions of Win 7. There are a couple of threads with good tutorials here to get you started.

    SRP - available in Professional, Enterprise and Ultimate

    Run one the above with a standard account (LUA), along with UAC, & DEP should help you become better secured.


    Just take a look around Wilders, there are people including myself usng Win 7 64, plenty of info to go on.
     
    Last edited: Jun 25, 2010
  4. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    The developer himself stated, "...even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software."

    http://www.sandboxie.com/index.php?NotesAbout64BitEdition

    Not to mention I've yet to see a single instance of Sandboxie x64's achilles actually having been exploited yet.
    Maybe a year or whatever from now it will be proven obsolete but at this point it's just a bunch of hot air.
     
    Last edited: Jun 25, 2010
  5. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,548
    I asked a similiar question recently, and got lots of good replies that you may find helpful:

    https://www.wilderssecurity.com/showthread.php?t=272564

    For how I use the computer, my conclusion was that 7 x64 comes with a lot of security already built in, and that Sandboxie and on-demand programs and a system image were all I needed.
     
  6. THX1138

    THX1138 Registered Member

    Joined:
    Jul 10, 2007
    Posts:
    13
    Location:
    Under Machine Control

    WIN7 64 OS SECURED AT NO EXTRA EXPENSE WITH:

    - TURN ON 'DATA EXCUTION PREVENTION' (DEP): Fights against Buffer Overflow attacks.

    - USE 'APP LOCKER' AND 'SOFTWARE RESTRICTION POLICIES (SRP)': This restricts execution of rogueware / scripts. Recommend to use it on Web facing software (Web browsers, web chats, etc.).

    - TURN ON 'STRUCTURED EXCEPTION HANDLING OVERWRITE PROTECTION (SEHOP)': Blocks exploits that uses structured exception handler (SEH) overwrite techniques.

    - USE A 'STANDARD USER ACCOUNT (SUA)': Limits exploitation of elevation of rights (number one security vector that is constantly being exploited in WIN OS platforms not properly configured).

    - USE ' USER ACCOUNT CONTROL (UAC)' (*Turned ON by default in WIN7 64): Limits exploitation of elevation of rights. Use this with "CTRL-ALT-DEL for Elevation To Admin" to prevent spoofing of password dialog.

    - USE 'WINDOWS DEFENDER' (*Turned ON by default in WIN7 64) AND DOWLOAD+INSTALL 'MICROSOFT SECURITY ESSENTIALS': Helps fight and clean malware that would break through (unlikely) the other security layers.

    - USE 'WINDOWS FIREWALL' (*Turned ON by default in WIN7 64): Keeps certain Malware (worms) out/contained and other unwanted, unauthorized software from communicating with the outside or into your home network.

    - USE 'AUTO UPDATES': Let it run automatic in order to keep your WIN7 OS up to date and secured from "discovered" flaws or to enable new "features".

    - DISABLE AUTOPLAY: Fights against automatically running 'autorun.inf' that could install Malware into your system via USB, optical disks (DVD, CD, etc.), flopply disks (anyone use these anymore?), bootable external HDD, etc.

    - DISABLE 'ACTIVE X' IF USING INTERNET EXPLORER 8: Eliminates many active-x exploits.

    - ENABLE 'PROTECTED MODE' IN INTERNET AND TRUSTED SITES WITHIN INTERNET EXPLORER 8: This provides a sanbox-like environment for IE8.

    - DISABLE OPTIONS WITHIN 'SECURITY' AND 'PRIVACY' OPTIONS WITHIN MICROSOFT MEDIA PLAYER: This helps reduce exploits created for MS Media Player.

    Other options to add:

    - Use True Crypt to encrypt files, folders or the complete partition if needed.

    - Use Macrium Reflect to backup and/or create images of your OS.

    - Use Virtual Box to run virtual systems for testing or checking out software.
     
  7. Soujirou

    Soujirou Registered Member

    Joined:
    Mar 25, 2008
    Posts:
    63
    I thought SRP was not available in Home Premium editions? I'd be glad to be wrong though.
     
  8. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    You're right, my mistake, it starts with the Professional Edition
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,900
    Lucy, another Wilders member, has done an implementation via the registry for SRP on Win 7 including Home Premium. See the link below for details:

    https://www.wilderssecurity.com/showthread.php?t=262686
     
  10. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Thanks a lot for that list. Very helpful.
     
  11. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    817
    My config: Returnil + Outpost Pro

    haven't encountered any problem since 2009
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.