Security set up advice

Hi,

I am in the process of updating my security on my laptop. Currently I have ESETnod 32 and Kaspersky IS 2009.

What's the general thought about a good combo of software these days? All advice gratefully received.

Nat.

 

You appear to have two antivirus programs running - that's not recommended since they can interfere with each other and cause crashes and other malfunctions, so you should probably remove one of them.

(I'd recommend removing NOD32 and sticking with KIS, since KIS is a whole security suite including some HIPS functionality.)

Other than that... Well, if you don't go around sampling warez you probably don't need anything more. If you're on Windows Vista or 7, I'd recommend enabling UAC so Internet Explorer gets Protected Mode. If you're on XP there's not really a whole lot else to do.

Other general advice:

- If you're not into disabling a ton of features, then you should keep up with Windows updates.
- There's basically no harm in turning on Data Execution Prevention, so you should probably turn it on.

Beyond that I don't really have much to say.

 

I recommend that MBAM run alongside the AV regardless which one.
I have posted this before, but I recently have had two different friends who used Norton, and I think McAfee (not sure on this one) who were infected with rogues. Neither AV caught it, or identified it on a scan.

MBAM identified the rogue on a quick scan and removed it.
That made a believer out of me. No one AV will catch everything, and while I do not subscribe to "use everything" I am persuaded that an antimalware application is useful to run real time also.

Regards,
Jerry

 

If you are a basic user, checking email, surfing, watching movies, you know, just basic everyday stuff, then you might want to sample Sandboxie. Start your browser, email client and other items that you feel might bring you in contact with threats, in a sandbox. If you don't download and keep a lot of files, then it is a simple solution. If you do download files etc, then scan them with whatever you want, AV or MBAM or upload to online scanner,etc. All in all, a simple way to add a great layer of security.

Installing applications and utilities, testing out lots of new settings, and in general doing things that could potentially mess things up (including testing malware and p2p/pron stuff) you can still use Sandboxie to protect those applications that go online, but you could also include something like ShadowDefener or Returnil, which "freezes" the system. You can then "play" and return to normal on a reboot. You might also want to play with things that do require a reboot. In this case, many like Comodo Time Machine or one of its predecessors, all which allow reboots without erasing what you had changed, but allow you to also go "back in time" to before you started the testing. They are soft of like imaging. And finally you might look at vmWare or Vbox if you do a lot of testing etc. I personally like these tools a lot, if you have a machine with enough resources to run them effectively.

Are you logged in daily as an admin or as a user. If you don't have software that requires admin that you cannot part with, seriously consider being a user only.

Sul.

 

Though really, Sandboxie or Geswall alone (with an on-demand AV and a firewall) would probably be enough. These sandboxing softwares are a tad inconvenient at times, but they're mad powerful against most ITW malware.

I just figure though, that if you're got a license for KIS, you might as well use it.

(As for testing malware that's a whole other kettle of fish. That should really be done on a PC dedicated to the task, not in a VM or sandbox, if only so that sneakier varieties of malware present their real behavior.)

 

Keep the Kasperksy Suite and you're ok.

 

Main vectors of infection are unfirewalled systems, email (openning executable attachments), p2p (downloading executables), browser vulnerabilities (ie driveby installations), and clicking on any old link in IM's, emails, etc (which may lead to driveby installations)

......................

KIS is good for you as it's a suite.

Vista and 7 come with windows defender, which is a good program.

If you surf dodgy sites, then Firefox with Noscript makes browsing safer.

Running your computer in user mode rather than admin mode also makes things safer.

If you haven't got a 62bit OS, then for the future, a 64 bit computer, rather than a 32 bit computer makes things safer

Not doing P2P makes things safer

-------------------
If you really want something else on your computer, then I'd suggest something like Threatfire (free), or Prevx (paid).

Personally, I have a 64bit OS, run avast (free), prevx (paid), and windows defender (probably only cause it's on my computer anyway), and use firefox. I'm slack and don't run in User Mode, and occasionaly do P2P. Still, no scanner has found anything on my computer for years.
--------------------
MBAM as suggested above is a great free scanner / virus removal program. It has realtime protection available for a one off fee (with certain limitations)

 

Thanks everyone for the advice. I will keep KIS as it appears most people seem to think its the best.
I used to have Norton but it was a real pain the rear and cause me no end of problems which is why I ended up switching to KIS.

I've heard sandboxie talked about before so I think its worth some investigation.

thanks again

Nat

 

A NAT router helps. There's a link to an article on NAT routers at this page. The list and the site Gizmo's (along with Wilders) is a real education:

http://www.techsupportalert.com/content/probably-best-free-security-list-world.htm

And yes, look into Sandboxie, the more I learn about how it works, the safer I feel, and I lighten up on the other layers.

 

Regardless of any security setup an Imaging app for backups is a must have imho.

 

What about adding Winpatrol to it.!!

 

Avoid an everything including the kitchen sink approach. Layers are good but don't overdo it.

 

I sugesst you to copy my security setup lol... (refer on my signature)

 

Doesn't Kaspersky have a sandbox feature?

 

It does have sandbox feature but that too in 2010 version...not in 2009.

 

1. upgradea1. upgrade to kaspersky 2010
2. uninstall eset, you do not need 2 antivirus at the same time.
3. kasperskys sandbox is not as good as sandboxie, use this tool.

4. your software must be up to date, you can use secunia:
http://secunia.com/vulnerability_scanning/personal/

5. the most important in your setup is you.
download no cracks keygens and so on. open now unknown e-mails.
download only fromlegit websites...
I'm using one av, backups and sandboxie and have no malware for years.
nobody needs 2 or more active avs...

 

Hi,

thanks everyone. great advice.

I have decided to upgrade to kaspersky 2010 and will probably get the full sandboxie as well. People speak of it very well on a few forums I've looked into...


thanks again

Nathan