Securing Win 7 64 bit

Discussion in 'other anti-malware software' started by diceman, Jun 25, 2010.

Thread Status:
Not open for further replies.
  1. diceman

    diceman Registered Member

    Joined:
    Jan 29, 2010
    Posts:
    24
    I'm looking for info on how I can better secure Win 7 64 bit. I currently have PCTools firewall + Avira + Win Defender is active.

    Anyone either have a link to a list of important things to disable in Win 7, to make it more secure, or any other programs that I may need to add for a more solid security set up?

    Too bad SandboxIE isn't so good on 64 bit. I'll miss that one. :(

    Are there any programs like SafeXP or WWDC but for Win 7 64 bit?

    Thanks.
     
  2. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    The same old routine. Update your software, run as a non-admin user, and install software only from trusted sources.

    Practice the basics properly, and losing hair over which security product(s) to run is nothing but a waste of time.
     
  3. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    AppLocker - available through the Ultimate and Enterprise editions of Win 7. There are a couple of threads with good tutorials here to get you started.

    SRP - available in Professional, Enterprise and Ultimate

    Run one the above with a standard account (LUA), along with UAC, & DEP should help you become better secured.


    Just take a look around Wilders, there are people including myself usng Win 7 64, plenty of info to go on.
     
    Last edited: Jun 25, 2010
  4. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    The developer himself stated, "...even with this disadvantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software."

    http://www.sandboxie.com/index.php?NotesAbout64BitEdition

    Not to mention I've yet to see a single instance of Sandboxie x64's achilles actually having been exploited yet.
    Maybe a year or whatever from now it will be proven obsolete but at this point it's just a bunch of hot air.
     
    Last edited: Jun 25, 2010
  5. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    I asked a similiar question recently, and got lots of good replies that you may find helpful:

    https://www.wilderssecurity.com/showthread.php?t=272564

    For how I use the computer, my conclusion was that 7 x64 comes with a lot of security already built in, and that Sandboxie and on-demand programs and a system image were all I needed.
     
  6. THX1138

    THX1138 Registered Member

    Joined:
    Jul 10, 2007
    Posts:
    13
    Location:
    Under Machine Control

    WIN7 64 OS SECURED AT NO EXTRA EXPENSE WITH:

    - TURN ON 'DATA EXCUTION PREVENTION' (DEP): Fights against Buffer Overflow attacks.

    - USE 'APP LOCKER' AND 'SOFTWARE RESTRICTION POLICIES (SRP)': This restricts execution of rogueware / scripts. Recommend to use it on Web facing software (Web browsers, web chats, etc.).

    - TURN ON 'STRUCTURED EXCEPTION HANDLING OVERWRITE PROTECTION (SEHOP)': Blocks exploits that uses structured exception handler (SEH) overwrite techniques.

    - USE A 'STANDARD USER ACCOUNT (SUA)': Limits exploitation of elevation of rights (number one security vector that is constantly being exploited in WIN OS platforms not properly configured).

    - USE ' USER ACCOUNT CONTROL (UAC)' (*Turned ON by default in WIN7 64): Limits exploitation of elevation of rights. Use this with "CTRL-ALT-DEL for Elevation To Admin" to prevent spoofing of password dialog.

    - USE 'WINDOWS DEFENDER' (*Turned ON by default in WIN7 64) AND DOWLOAD+INSTALL 'MICROSOFT SECURITY ESSENTIALS': Helps fight and clean malware that would break through (unlikely) the other security layers.

    - USE 'WINDOWS FIREWALL' (*Turned ON by default in WIN7 64): Keeps certain Malware (worms) out/contained and other unwanted, unauthorized software from communicating with the outside or into your home network.

    - USE 'AUTO UPDATES': Let it run automatic in order to keep your WIN7 OS up to date and secured from "discovered" flaws or to enable new "features".

    - DISABLE AUTOPLAY: Fights against automatically running 'autorun.inf' that could install Malware into your system via USB, optical disks (DVD, CD, etc.), flopply disks (anyone use these anymore?), bootable external HDD, etc.

    - DISABLE 'ACTIVE X' IF USING INTERNET EXPLORER 8: Eliminates many active-x exploits.

    - ENABLE 'PROTECTED MODE' IN INTERNET AND TRUSTED SITES WITHIN INTERNET EXPLORER 8: This provides a sanbox-like environment for IE8.

    - DISABLE OPTIONS WITHIN 'SECURITY' AND 'PRIVACY' OPTIONS WITHIN MICROSOFT MEDIA PLAYER: This helps reduce exploits created for MS Media Player.

    Other options to add:

    - Use True Crypt to encrypt files, folders or the complete partition if needed.

    - Use Macrium Reflect to backup and/or create images of your OS.

    - Use Virtual Box to run virtual systems for testing or checking out software.
     
  7. Soujirou

    Soujirou Registered Member

    Joined:
    Mar 25, 2008
    Posts:
    62
    I thought SRP was not available in Home Premium editions? I'd be glad to be wrong though.
     
  8. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    You're right, my mistake, it starts with the Professional Edition
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,787
    Lucy, another Wilders member, has done an implementation via the registry for SRP on Win 7 including Home Premium. See the link below for details:

    https://www.wilderssecurity.com/showthread.php?t=262686
     
  10. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Thanks a lot for that list. Very helpful.
     
  11. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    740
    My config: Returnil + Outpost Pro

    haven't encountered any problem since 2009
     
Loading...
Thread Status:
Not open for further replies.