security strategies that are too big a pain?

Discussion in 'polls' started by acr1965, Aug 3, 2010.

?

Painful security strategies

  1. HIPS - noisy ones, especially

    56 vote(s)
    59.6%
  2. sandboxes

    21 vote(s)
    22.3%
  3. antivirus programs - system slowdowns, false positives

    29 vote(s)
    30.9%
  4. software restriction policies, applocker, uac, etc

    34 vote(s)
    36.2%
  5. limited user account

    41 vote(s)
    43.6%
  6. internet browser add ons (i.e. no script)

    25 vote(s)
    26.6%
  7. web site restrictions (DNS service, sites blockers: ie. WOT)

    18 vote(s)
    19.1%
  8. snapshot and image programs, data back ups, syncing

    8 vote(s)
    8.5%
  9. on demand scanning with 3rd party apps (Hitman Pro, MBAM, etc)

    10 vote(s)
    10.6%
  10. Other- please post which

    2 vote(s)
    2.1%
Multiple votes are allowed.
  1. guest

    guest Guest

    After scanning with MBAM, Kaspersky AVP tool, Norton Power Eraser, Hitman Pro, TDSSKiler and some others, I guess it will be pretty hard for a malware to escape from all these different radars. Of course I only do that about once in a month, or when I suspect of something.

    Other security strategies I employ include enabling Windows Firewall, AdBlock Plus, YesScript, SkipScreen and SpywareBlaster, scanning every new/unknown downloaded executable/compressed file in Virustotal and Jotti, updating software as soon as new versions are released, LastPass bookmarklets, sensitive file encryption with 7-Zip portable, general system tweaks/hardening, several backup strategies and common sense.
     
    Last edited by a moderator: Jul 13, 2011
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Well... those are other security strategies. I thought you were running bare.

    I scan with:
    gmer
    rkill
    emsisoft
    hitmanpro
    superantispyware
    tdss
    avz4

    I still wasn't sure that my test computer hadn't been completely cleaned up.
     
  3. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,112
    Location:
    Slovakia
    Even if you had all soft in the world, you can never be sure and it is still better than to run just one realtime software, which takes resource all the time, you ussually scan when you have nothing to do in backround anyway. And you need to easy down on the ondemand, if you know, that you "can not get infected". You do not need to scan nonstop with everything. If your realtime software did not block/detect anything in past few months/years, then you should be fine even without realtime. ;)
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Whether one method is better than another is debatable. I personally feel more confident in proper prevention techniques than proper removal techniques.
     
  5. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,410
    Location:
    Lancashire
    :thumb: :thumb: :thumb: :thumb: :thumb: :thumb: :thumb:
     
  6. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    565
    For me noisy HIPS is annoying. I just want to use my system for my intended purpose and not to answer frequent and often confusing prompts. With noscript many websites don't function properly and updating its whitelist is a continuous process and takes away the comfort of using my system. Compared with these two sandboxing is easy but then again we have to configure a lot initially thinking of every possibility to give exceptions to certain paths, browser profiles etc.

    Now I have separate user accounts for different purposes with default deny SRP along with a decent antivirus that is light on system and has tiny incremental signature updates:)
     
  7. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,411
    Location:
    USA
    Absolutely. Removal doesn't happen here. Once something gets in you have no idea what else is there. Time to format at that point.
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    It is all a pain unless you enjoy it. Most "average" users I know think it is a necessary evil. They hate it all, they just want to "click and go" but they realize they can't or they will have a crippled machine.

    I am sure I speak for a lot of people here when I say that I want good security with minimum hassle. The list of "methods" in this poll is a good one, it contains many of the ingredients one can use to find thier security without hassle, whatever one considers hassle to be anyway. It just so happens that we each combine different ingredients to make our perfect security dish. As long as it works, what does it matter what it is made of?

    Sul.
     
  9. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,411
    Location:
    USA
    Very good point.
     
  10. adrenaline7

    adrenaline7 Registered Member

    Joined:
    Apr 27, 2011
    Posts:
    128
    Most annoying security strategy I ever tried was noscript by far, second would be a noisy HIPS. The rest don't annoy me too much, some AV's bug me. 99.9% of the time I am using MS word, excel, IE or firefox to browse this forum and some NFL or MMA websites or work related websites, so a LUA/SRP setup doesn't inconvenience me at all. If I were to do a lot of admin tasks such as installing/uninstalling software or had programs that required administrator access only then would it be an inconvenience.
     
  11. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I think the most annoying is a very noisy hips and ones that don't remember my decisions.o_O
    I dont like anti virus programs that cripple a pc or have to many bugs its like a virus.
    I hate waiting for on demand scans that seems like they take for ever just to come up with zilch,elzippo,what a waiste of friggin time.
     
    Last edited: Jul 13, 2011
  12. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Security has to be light and painless. If it works well on my netbook, then it goes on the main laptop.

    Frequent full scans are a waste of time IMO - just check your autoruns, and it's pretty obvious if you have standard malware. Full scans aren't going to show up a rootkit any better either.

    It's probably enough to use Malwarebytes or Hitmanpro quick scans, routinely clear temp files and Java cache, etc (or even better, don't install Java in the first place), keep an eye on autoruns, and just focus on prevention.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I should start testing security software on my old computer first to see noticeable performance hits.
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,726
    Noisy HIPS and Firewalls are very annoying. Even if I can understand them, I won't keep such things. Same with NoScript, which I've actually used for a long time, until I got sick of managing my whitelist. Limited users account is far too limiting for a techie like me. UAC on default is just plain dumb (not even an easy way to remember decisions), but you can tweak it.
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You could also give a try to SuRun. It will remember your choices, if you want so. And, the nice thing is that, when ran elevated, it will elevate for the current user only, unlike UAC. :mad:
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Oh, isn't this the very core of so much?

    It applies to HIPS, to Firewalls, to Default Deny, to just about anything that is really good and granular. This is what finally drove me to quit using such measures. The security was great, the control was even better, but I finally got tired of micro-managing everything.

    You know, some people really dig micro-managing, and knowing exactly what is happening and knowing they have much of the say as to what may happen. It is quite intoxicating IMO. But after years of doing this, it just got old.

    People might see my own posts as well as others who don't use a lot of the security tools that most use, and they might wonder why on earth one would do such a thing. The answer is right there in J_Ls quote - I just got tired of doing that, so now I seek any other method(s) that don't require as much "managing".

    Sul.
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,726
    Currently, I'm not interested in working under LUA even with that. I just don't want more inconvenience.
     
  18. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    I think there is a big difference between using a DNS service and using an add-on like WOT !
    I would have them as seperate options in the poll.

    WOT etc, to me, are intrusive and annoying and pretty pointless.

    Using a DNS service is the total opposite , its transparent , 1 time set-up , and adds good protection for no inconvience.
     
  19. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    It's transparent until you surf somewhere it doesn't like..which can be said for WOT too. With WOT, the only "annoyance" was knowing those little symbols you saw in the search results and on pages were either 1. Outdated. 2. The result of some random persons bias for/against a particular website (or idea, or even a person). 3. Completely wrong, whether that be a good site flagged as bad or bad as good. WOT you take with a grain of salt, a good DNS like Norton can be relied upon fairly well.

    On topic, the biggest security pain of all is figuring out, by trial and error, what software works well with others and isn't going to break things. That's been my life the past 3 days (luckily I seem to be getting set).
     
  20. littlebits

    littlebits Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    262
    1. HIPS (All) too much a pain to setup for most users.
    2. Limited User Account, too limited for every day tasks.
    3. Software Restriction Policies, takes too much work to keep them updated.
    4. Sandboxes, not all but most are too complicated to setup. Some Auto-sandboxing applications work without many issues.

    For antivirus programs, they are so many to choose from that has little system impact and only few false positives. If you suffer from system slowdowns and a lot of false positives then it is time to change your antivirus or upgrade your system's components.

    Thanks.:D
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Sandboxes are so easy to set up. I have Java in a sandbox and I never bother with it except once in a while I'll clear it.
     
  22. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Sandboxes can be a pain, but only temporarily. What I refer to is, for instance, you restrict certain apps to run/have net access in a sandbox. If your browser can run, but your printing process, files used by Windows when saving files, among other things can't, then yeah it can be a hassle. The nice thing about Sandboxie though is when something like that happens, it tells you exactly what is trying to run, and you can add it right then and there.
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    So just don't set it up to block all files from executing =p

    That's sandboxie though, I'm using Comodo. Less secure than Sandboxie but it's a matter of seconds to set up the sandbox and it has proven to break exploits.
     
  24. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, but that's a part of Sandboxies' beauty, pretty much complete control :) Now see, I can handle how Sandboxie does it, you start giving me Comodo pop-ups and I start popping pills :D Granted things may have changed a lot since I last used it several months ago.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Comodo's popups are from a separate module. You can sandbox Java and turn off the rest of the program.

    Autosandboxing and the Defense+ HIPS doesn't give me popups unless I'm running a program that isn't on the whitelist that I haven't ever run before.

    I have Java sandboxed as restricted and have literally never had a popup related to it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.