Security that you use and its purpose

Discussion in 'other anti-malware software' started by Blackspear, Jan 21, 2005.

Thread Status:
Not open for further replies.
  1. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    My setup can be seen below. I have ActiveX blocked in Outpost Active Content PlugIn.

    I think this is a very tight setup - allthough lite compared to many others.

    Best Regards
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,634
    wow, this thread is old.

    anyways, the setup i posted in this thread was severely exaggerated (i shouldve tried it first :D )...my current setup can be viewed here.
     
  3. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    Apple Mac OSX :p

    :D
     
  4. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    642
    IMHO this is probably the most bulletproof setup around, 4 sweet programs:

    1) shadowsurfer (it's a deep freeze clone)
    followed by
    2) geswall personal (it's a sandbox/application firewall mix)
    followed by
    3) antivir classic (antivirus)
    followed by
    4) jetico or comodo (firewall)

    the beauty of this setup is all 4 programs compliment each other beautifully. on my system there are no conflicts between them. the other excellent thing about this setup is all 4 programs are completely FREE (for personal use of course)!
     
  5. iNsuRRecTioN

    iNsuRRecTioN Registered Member

    Joined:
    Sep 5, 2003
    Posts:
    303
    Location:
    Germany
    Re: Security that you use and its purpose, why not simply KIS 6?

    Hey,

    why not only KIS 6?

    With Kaspersky Internet Security 2006, you get an AntiVirus, Personal Firewall and HIPS :D

    I don't think that any other solution give you this type of protection plus with minimal resource usage/consumption..(max. 10 MB RAM..)

    And all that in Germany for only 39 EUR ;-)

    Ok, on some local stores for even 29 EUR..

    best regards,

    iNsuRRecTiON
     
  6. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    This is what I would call a MINIMUM setup for my home PC's:

    Hardware:

    Broadband Router

    Software:

    1. 7tools Partition Imager/Ghost 2003 (paid)--HDD imaging program for backing up partitions and general data backup.

    2. NOD32 Antivirus (paid)--Antivirus/Antithreat real-time protection. F-PROT Antivirus (paid)--Antivirus real-time and/or on-demand protection.

    3. Mozilla Thunderbird (free)--better e-mail client.

    4. SpywareBlaster (free)--passive defense against spyware infestation.

    5. IE-Spyad (free)--passive protection against IE hijack/spyware infestation.

    6. Mozilla Firefox (free)--safer web browser.

    Miscellaneous Tools:

    RegSeeker--free registry cleaner.
    Diskeeper (paid)--automatic HDD defragger.
    Contig.exe (free)--On-demand high-speed HDD defragger.
    Look N Stop Lite--free inbound firewall for older laptop.
    ZA Pro (paid)--application filtering firewall.
    BOClean (paid)--antitrojan/antimalware.
    AdAware (free)--adware/spyware remover.
    CounterSpy (paid)--real-time spyware protection/removal.
    ERD Commander bootable CD--computer 'pocketknife'.
     
  7. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,708
    Location:
    New Mexico, USA
    Processguard free
    AVG antivirus
    Snoopfree
    Powershadow
    Sandboxie
    Asquared on demand
    AVG antispyware on demand
    hardware firewall and LnS firewall for outgoing
     
  8. EASTER.2010

    EASTER.2010 Guest

    Kaspersky Internet Suite 6-----Anti-Virus Protection/HIPS/Firewall etc,
    System Safety Monitor ----HIPS
    ProcessGuard Free----Process/App Firewall
    Spyware Terminator--Resident Shield + HIPS
    Powershadow------Virtual Drive (Complete) Protection from Bad Softs/Malware
    SUPERAntiSpyware---Malware Scanning/Removal (On-Demand)
    AVG 7.5 AS----Malware Scanning (On-Demand)
    A2 Squared---Malware Scanning (On-Demand)
    Snoopfree---Keyboard/ScreenCapture Shield
    Kerio 2.15--Firewall (WORKS! In Combo with KIS6)(NO Issues)


    ..............................More to come :thumb:
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Minimum

    - External harddisk with software to backup restore images (Partition Magic paid) and data (Syncback free)
    - Bart's CD with DriveImageXML in case XP fails to start (disaster recovery)
    - Hardening XP (e.g. SafeXP, Seconfig)
    - Windows XP build-in (DEP enabled for all programs, reduced permissions with regedit to add/delete services)
    - passive protection: SpywareBlaster/AdvancedWindowCare, and a scriptcatcher like ScriptDefender)

    First line (gateway to your PC):
    - Inbound hardware firewall, with encrypted wireless traffic plus MAC address control
    - Paid sandbox (PC1 = DefenseWall, PC2=GeSWall Pro)

    Second line (PC wide/general)
    - Processmodification protection (PC1 = SSM-free, PC2=CyberHawk-free)
    - Antivirus (Antivir, because its free with one of the best detection rates and strong heuristics = on both PC's)

    Other:
    - PC1 has a resident third line of defense (outbound software firewall plus datawall = SensiveGuard free)
    - PC2 has an AD HOC defense (PowerShadow = 2.6 free ) for trying out software and extra safe surfing.

    That's it simple and strong and mostly freeware, no on-demand stuff, no anti-spyware (after six month of checking with AVG/Ewido Antispy + SuperAntiSpyware, I know I will not likely get spyware on these configs)
     
    Last edited: Mar 1, 2007
  10. asyland

    asyland Registered Member

    Joined:
    Jun 5, 2006
    Posts:
    90
    Netgear Web Safe Router - Hardware firewall, 1st line of defense
    Spyware Blaster, Seconfig, MVPS Hosts File - Hardening
    LooknStop - software firewall primarily for outbound protection.
    NOD32 - AV and AT
    BOCLEAN - AT and general malware
    Ghost Security Suite - HIPS - Protection from unauthorized access/modification
    LinkScanner Pro - Website code checking/protection
    Firefox with Netcraft Toolbar, NoScript - Safer surfing
    Keepass Portable on a flash drive - Password protection/generator
    SuperAntispyware, a-squared, ewido-micro, Rootkit Unhooker, CWShredder, Rootkit Revealer, Hijack This - Malware scanners
    Process Explorer, Process Monitor, Autoruns, TCPView, Active Ports, AccessEnum, SIW, Faber Toys - Diagnostics/PC info
    Power Shadow - Virtual Drive - erase any changes to PC/Testing software
    First Defense ISR - Recovery
    Image for DOS w/Imageall - Disk/Partition Imaging
    AcomData 250GB External HD - Data backup
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Asyland and Easter,

    For how many PC's do you use these aps?

    ;)
     
  12. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Hardened OS + snoopfree, SonicWall router, Reg Defend free, MJ Registry Watcher, and Tiny Watcher. I have a different approach to security for my box. Simply put I aint got the time for AV scanners, RK scanners, Trojan scanners, etc., etc. even the virtual and sandbox stuff can become questionable even though I currently use off and on POWERSHADOW. I have put the 3 above programs through alot of live malware, RK, Trojan, and Virus testing. I specifically use them for "Red Flagging" any malicious or possible harmful activity on my box and that is all. I'am very impressed with Tiny Watcher's, Reg Defend's , and MJ Registry Watcher's ability to detect system changes including hidden driver files and registry changes that live malware, trojans, rks, and viruses create when they are actively running. What one program misses the other usually catches. Anyways to make a long story short I have kernel level + polling monitoring, if and when I get a redflag, then a simple restore of my OS from my external is in order, takes less than 60 seconds. Of course there are faster ways of restoring using paid programs like FDISR or RollbackRX however my methods are free and I'm able to restore my OS with my original settings even if I have a HD failure. :)
     
    Last edited: Mar 1, 2007
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    YankinNCrankin,

    Could you tell me what the functional difference is between the paid and the free regdefend. I always thought that regdefend free was a cripled application. But in a different post some one claimed that you still could add rules, still could use the block all respond after a pop-up (so the pop-up would never stop).

    Regards K
     
  14. EASTER.2010

    EASTER.2010 Guest

    On my main surfering unit right here. How about that.
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Easter

    That's a triple WOW on process level protection: SSM + PG + ST (HIPS), while also having advanced proactive defense of KIS and IDS of ST.

    Regards K
     
  16. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Can't tell you I don't have paid version but as I said earlier in my post I mainly use it to flag unwanted activity I don't bother trying to clean or stop stuff from happening, a clean restore would be in order. :)
    I'm going a bit off topic but I have personally witnessed malware using deep freeze type and rollbackrx type technology where a simple format and and reinstall of the OS just won't work. The malware lays resting on the drive awaiting to detect an active OS. For now I do know that deleting the actual partition then recreating and formating is able to thwart this type of malware.
    Hehehehe I had to say something cause about 4 days ago I got a BSOD with some funky "alien Characters" near the bottom right of my screen never ever experienced that in my years of testing malware
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    YankinNCrankin

    That is why I use a datawall (like Sensiveguard)

    It does not allow any program with internet connection to drop (create, modify or delete) with the suffixes: *.exe, *.com, *.dll, *.tlb, *.ocx, *.vxd, *.sys, *.ini,*.hta, *.drv. on my C-drive and D-drive

    Besides the outbound protection no programs (except when initiated by user) is allowed to even read *.doc, *.ppt, *.jpg, etc. on my D-drive

    I am wondering whether a good registry monitor and prevention of dropping of potential harmfull files would be sufficient protection (skip SSM, replace it with Regdefend in my setup: Avira free, SSM free, DefenseWall paid, SensiveGuard free).

    Regards K
     
  18. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    It probably would, now a days I don't spend too much time trying to prevent stuff, my main concern is being able to detect an undesirable event(s), then a clean restore is in order, its just alot faster then relying on Av scanners, Spyware,and Trojan & RK scanners to hopefully detect all and reliably clean all. So detecting changes, registry file creations and modifications, driver.sys files etc. etc. both seen and hidden is what I use scanners for. I have have both polling and kernel level scanning, plus on demand scanning if need be, that takes a mere 10-15 seconds. So far I have been 100% successful in detecting system changes (file creations, modifications, deletions, driver, and registry) both hidden and seen that are done by actual "live malware" of different kinds. Mind you I have this method of security set up on a totally clean system thats hardened barebones, so I know all about what should be and should'nt be on my box.
    Memory usage a mere 18,000k for my Idea of security. ;)
     
    Last edited: Mar 7, 2007
  19. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    YankinNcrankin,

    How do you do such a quick reformat?

    10-15 seconds and at only 18,000k memory usage only?

    :thumb:
     
  20. EASTER.2010

    EASTER.2010 Guest

    Yes, i waited a long time for security vendors to coexist with each other and thats becoming more a reality now then ever before. I might add also add makes for a solid shield of defense too without burdening my puny little 512 MB ram.

    Does the trick alright, thats for sure.
     
  21. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    My scanners take that amount of time. I have both kernel level and polling and on demand type scanners that will alert me of file modifications, deletions, creations both seen and hidden, it even covers the registry both seen and hidden. Memory usage for installed running programs and scanners total 18,000k.
    I don't reformat I usually overwrite my OS with a clean image that takes less than 45 seconds, depending on how bad the infection I may even delete the partition, killdisk it, DBAN it, then recreate partition then reformat, then install clean image. :)
     
  22. EASTER.2010

    EASTER.2010 Guest

    To coin some displays courtesy asyland

    NOD32 - AV and AT (not employed but on-hand)
    Kaspersky Internet Suite 6
    Ghost Security Suite plus System Safety Monitor-Lauch Monitor by Info Process HIPS - Protection from unauthorized access/modification (Excellent!)
    EFT for flash drive (can set as Read-Only)
    SuperAntispyware, a-squared, Rootkit Unhooker, Hijack This, Grisoft AVG 7.5 AS, AVZ 4.23, SEEM- Malware scanners
    Snoopfree, Keyboard/screen peeping protection
    Autoruns, TCPView, Active Ports, AccessEnum, SIW, Faber Toys - Diagnostics/PC info
    Power Shadow - Virtual Drive - erase any changes to PC/Testing software
    Paragon Enterprise- Disk/Partition Imaging
    RKUnhooker, Modgreper, SVV, holy_father's PM, Phunter, deep forensics examiners for rootkits/hiders

    Verdict still out on finding a perfect duplicate clone app that can sector for sector plus MBR recover a mirror image of my main unit. (Very-To-Do List) or external drive backup storage.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.