The best free security setup

Discussion in 'other anti-malware software' started by Scoobs, Apr 21, 2008.

Thread Status:
Not open for further replies.
  1. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    After doing loads of research a couple of years ago I forked out for KAV and Outpost as, in my research these two products sounded like the best AV and firewall available. What I didn't realise at the time was that they didn't play well together and required far more time to harmonise than I was prepared to spend.

    I have just gone for a complete reinstall of XP and I'm starting afresh, and this time, I'm going free-free-free.

    EDIT: Since posting this OP, I realised that loading security software was part of a bigger process and so I decided to try and come up with a simple guide/proposal for what I (and other newbies) could implement fairly easily. I'm going to try and add links to guides for each part as I find them.

    My Goal

    To produce a system that has a decent balance of usability and unobtrusiveness with a high degree of security and recovery options.

    My Proposed System
    • A PC running XP with a small (30Gb) partition for system files and applications and a larger (90Gb) partition for data (with an external HDD for more storage).(This makes recovery easier and helps minimise the chances of catastrophic loss
    • Security features: Returnil, AVG Antivirus, Online Armor Firewall, Sandboxie, Firefox Web browser (with Noscript and Adblock Plus with Filterset G Updater Easylist and Rick752 (thanks to MikeNAS - see post 5))(This set up should provide several degrees of varying effectiveness against malware threats)
    • Recovery features: (Returnil provides backup for the system partition) Karen’s Replicator.(Between Returnil and Karen's Replicator most of the system should be recoverable)
    Proposed Method
    1. Backup
    1. Back up data on external hdd.
    2. Back up Firefox extensions with FEBE extension onto ext HDD
    3. Backup Firefox Bookmarks with Foxmarks extension onto Foxmark’s online storage
    4. Backup Firefox profile with Mozbackup onto Ext HDD ~ http://mozbackup.jasnapaka.com/download.php
    2. Reinstall
    1. Boot from Partition Boot CD (Eg Ultimate Boot CD – with Cute Partition Manager)
    2. Partition HDD (Eg using Cute Partition Manager: 120 GB HDD – 2 partitions first 30gb, second 90gb)
    3. Restart PC booting from XP install disk.
    4. Load XP onto 30gb partition.​
    3. Loading Security
    1. Install Returnil, AVG, Online Armor, Sandboxie, Firefox.
    2. Move “My Documents” to the Data Partition. ~ http://www.mydigitallife.info/2007/1...-xp-and-vista/
    3. Before running Firefox install and run Mozbackup to move profile to Data partition - http://lifehacker.com/software/ask-l...sta-257297.php
    4. Put a short cut to sandboxed Firefox ~ http://www.sandboxie.com/index.php?ConfigureMenu#shell
    5. Edit the Sandboxie Configuration to allow changes to Firefox (my own personal preference and not very security-minded but it’s one place where I might have to compromise)​
    If anyone's got any tips, changes or recommendations I should add, please let me know. I'll try and update the OP so that it's as close to ideal as possible.
     
    Last edited: Apr 23, 2008
  2. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    I meant to say - I haven't installed Panda Anti Rootkit yet but I intend to.

    Last time I was looking for security options I had conflict problems. Is it fine for all these to be running simultaneously?
     
  3. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Oh, and one more thing! I forgot to ask... Is there anything clever I can do with partitions in XP? I seem to remember something about having programs in one partition and docs in another or something like that... This sounds like another useful free security idea.
     
  4. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    And what about Anti-Keylogger?
     
  5. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Haven't heard of it. A google search throws up a number of posiibilities. Any chance of a linky?
     
  6. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Don't use Filterset G and it updater. Those aren't good nowadays. rick752 EasyList etc. are much better.

     
  7. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Cheers MikeNAS! Very useful. Do I subscribe to rick752 and Easylist via the Adblock Plus Preferences option?

    I'm going to update my OP to show the change.
     
  8. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Just go:

    http://easylist.adblockplus.org/

    and just add what you want (atleast Easylist).
     
  9. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Sandboxie will do a job on it.
    Safespace is better however, for key-loggers, since its more newer and alive with Fancy GUI and technology
     
  10. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Thanks MikeNAS

    I like the simplicity of Sandboxie (although I'd like to know how I can have extensions and themes I d/l whilst sandboxed have effect on sandboxed FF and normal FF).

    Does Safespace offer similar sandboxing or is it another program to add to the (ever-increasing) repertoire?
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I would add Returnil (freeware), because I don't trust scanners to keep my system partition malware-free. Keeping your system partition in an "unused" state isn't possible with Returnil. In that case you have to use your Image Backup software, which isn't ISR anymore.
     
  12. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Thanks Eric, I'm going to read up about Returnil (having seen some other references to it since I started looking around).

    The same goes for Threatfire which seems highly regarded.

    The only problem is I don't want to get any conflicts.

    Can these all play nicely (and do they need specific settings to do so)?

    AVG Antivirus
    Online Armor Firewall
    Spyware Terminator
    Panda Anti Rootkit
    Returnil
    Threatfire
    Firefox Web browser
    Sandboxie

    Edit - And just as importantly, is there any redundancy? The fewer programs running the better as far as I'm concerned.
     
    Last edited: Apr 21, 2008
  13. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Returnil + ThreatFire : if ThreatFire asks me what to do, I would always give a NEGATIVE answer, in other words I wouldn't allow anything to run.

    ThreatFire without Returnil is something else, that requires an user, which can evaluate the questions of ThreatFire in order to give the right answer.
     
  14. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Ooo. Just seen that my presumption AVG Antivirus was the same as AVG Anti-spyware (which is Ewido by a new name). Better add it to the list.
     
  15. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Without experience of either I don't quite understand - it sounds like you implement ThreatFire more rigorously when you are using it with ThreatFire than when you use it on its own, which seems a bit odd.

    Have I misread/misunderstood?
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In my case, but using your list, it would be like this :

    AVG Antivirus
    Online Armor Firewall
    Spyware Terminator
    Panda Anti Rootkit
    Returnil
    Threatfire (Anti-Executable is better, but is payware)
    Firefox Web browser
    Sandboxie
     
  17. bman412

    bman412 Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    261
    Returnil free+ Avira free +router firewall/nat suits my needs. Depending on what you do on your computer I guess. I primarily use mine to play some online games, do a bit of browsing with Opera and an occassional download or two. I tried adding ThreatFire but it doesnt fit well with gaming... I'd suggest trying Returnil + an AV of your choice as your baseline then incrementally adding up on security from there.
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Well, this is a matter of logical reasoning.
    When your system partition is fresh installed, it is malware-free and everything is working properly.
    When you install Returnil you FREEZE that malware-free, good working system partition.
    Each time you reboot you get the SAME system partition back.

    If ThreatFire asks you what to do in order to run something good or bad, you always answer NO.
    You don't need bad changes or good changes, because your system partition is already working properly.
    If you give the wrong answer, the malware might execute itself, but when you reboot the malware will be gone.

    If you don't have Returnil, you don't have a frozen environment anymore, which means that you have a different system partition each time you reboot.
    When ThreatFire asks you what to do in order to run something good or bad, the answer can be YES or NO.
    If you give the wrong answer the malware might execute itself and will be still there the next time you reboot.
     
  19. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    That's very good summary. I'm using that kind of setup too but I don't even want to answer No.
     
  20. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I use Anti-Executable instead of ThreatFire and AE always says NO and doesn't allow me to say YES, so there is no doubt anymore. :D
     
  21. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Yeah I know that. I use DefenseWall and Sandboxie plus Shadow Defender. All drives are shadowed plus couple of usb memorys too. My firewall is always trustworthy GhostWall.
     
  22. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Well, I'm still looking for a firewall, I might try GhostWall. Thanks.
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    I absolutely adore "LITE" becuase mostly my units are medium type components for the most part, so i gone back to Kerio 2.15 and no more worse for wear, good ole obsolete free software firewall for me.
     
  24. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Online Armor is a firewall with a HIPS component which does a lot of things (execution control, process control, etc). If you're going to use OA I'd drop Threatfire and Spyware Terminator. If you like Threatfire, drop Spyware Terminator and search for a light firewall-only app (Windows firewall, Ghostwall, Kerio 2.1.5, LnS, etc)
     
  25. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    GhostWall is awesome. You should test it. Just set rules and forgot it totally.
     
Loading...
Thread Status:
Not open for further replies.