Test results for security illiterate

Hi,

Being a security illiterate, I have used the advice of my company. They supported us with a questionaire and a script to help us with the installation.

This setup is influenced by the context of my PC and ADSL-provider. When the questionaire pointed out that you were a security illiterate you got 25 euro's for a life time license for DefenseWall and a Maxtor one touch external backup drive. When the questionaire pointed out that you were a power user you got a 150 euro gift voucher of a large PC-store.

With the installation script a test script was provided to 'check' whether the install was succesful.

Results of my test (the security illiterate setup):
Test Avira Cyberhawk Defensewall
Regtest fail pass not tested
Regtick fail fail pass
Soundrelsimulator fail pass not tested
Apispy fail pass not tested
kapimon fail fail pass
trojansimulator fail pass not tested
trojandemo fail pass not tested
zapass pass pass also not tested

The DFK-threat simulator V2 test: passed, only Antivir found two virusses after the test. Next we had to restore our pre-test situation. The finjan test and shields-up was used to test webbrowser and firewall setting (passed all).


Adviced security illiterate set up (for my wife's PC)
- hardening: DEP for all programs (when processor allowed this) and SafeXP
- traffic : firewall only inbound protection Microsoft firewall FREE/Nat Router firewall, (with my old wireless Nat-router I had to install encryption, re-route port 135 to a non existing IP and use Mac-address controll, for the three PC's at home).
- data : antivirus ANTIVIR FREE (because I have a ADSL-service provider which supplies free virusscan of e-mails, this is common in the Netherlands)
- process : Cyberhawk FREE
- registry : also Cyberhawk
- threat gates : DefenseWall paid version (Internet, P2P, e-mail, floppy drive, DVD/CD-Rom drives)

For active X and bad-sites SpywareBlaster was installed. For IE7 a security setup script was provided (my wife uses a music download pay-site which needs active X to pay, Firefox was first choice).

Backup-restore:
After atttaching the Maxtor one touch, I ran a script which provided me a CD-rom with Bart's PE and driveimage_XML (to backup/restore my program's drive C) and installed syncback for the backup/restore of our data drive D).


Adviced security set up for power users:
- traffic : Comodo firewall FREE
- data : antivirus ANTIVIR FREE
- process : Antihook FREE (although Comodo claims to protect from DLL-injection, Comodo fails against the Zapass test, therefore Antihook was also adviced)
- registry : MJ Registry Watcher FREE (out IT-manager preferred single purpose protection to avoid interference/instability of security software, when you were a SSM-aduct you could use this instead of Antihook and MJ Registry watcher).
- threat gates : Sandboxie FREE to protect the gates of your PC

My son (15 builds the school web-site) uses this setup (only he preferres SSM instead of Antihook + MJ registry Watcher).