What do you guys think of this security setup?

Discussion in 'other security issues & news' started by primesuspect, Dec 31, 2007.

Thread Status:
Not open for further replies.
  1. primesuspect

    primesuspect Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    8
    Hey ya'll,

    I have been doing a lot of research about PC security, and in my searching have been led here as Wilders seems to be one of the most respected security forums. So I come to you guys for some help and guidance.

    I will be getting my new laptop soon and I wan't to get a complete security setup this time. I have had to reformat my old, and current laptops so many times its not even funny. This is mostly do to the fact that I let so many people borrow it/use it that don't have a clue what they are doing. But that is a separate issue...

    By the way, my laptop is going to come with Vista 32-bit, but I am thinking about upgrading to 64-bit. Bad idea?

    This is pretty much the setup I have come up with so far:

    • Anti-Virus: Torn between NOD32 and Kaspersky 7; I like the interface of NOD32 a lot, but I have been reading about a lot of problems with firewalls and internet access in general because it uses some sort of proxy for the internet connection?
    • Firewall: Outpost Firewall Pro; According to Matousec Firewall Analysis Outpost Firewall is the best Vista compatible firewall on the market with a 100% block rate. Comodo Firewall Pro is also suppose to be good but I have read other places that it is not really user friendly and heavy on the popups.
    • Anti-Spyware: This is the subject I am really uncertain about... I have read some good things about Spyware Doctor and Spy Sweeper, but I generally like to stay away from the main stream programs. It seems that there are always less commonly known solutions like Kaspersky that work much better than the common "big guys" like Norton. I just can't seem to find them for Spyware.
    • Active Protection: Threatfire; I have been reading good things about this, everything I have read pretty much says it picks up where other signiture based apps leave off; it is also free which is nice.
    • Browser: Firefox, with the extensions listed is this guide: Five must-have security/privacy extensions for Firefox. Are there any other extensions I should download?
    • Registry: CCleaner; I haven't used it before, but I have been reading really good reviews about it.

    I don't mind paying for security software, as I'm sure you noticed a lot of the programs listed are not free-ware. My main focus is just on getting the best protection, and if that costs me another $50 a year a program so be it.

    I looked at some Security Suites, but have pretty much found like the saying goes... "a jack of all trades is a master of none".

    So what do you guys think? Did I miss anything? See any compatibility problems? I am open to all recommendations and suggestions. Help with getting a good anti-spyware setup in particular would be greatly appreciated as I do my banking online, and I feel the least informed about this topic.

    Thanks!
     
  2. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    You will get a lot of opinions as there are a lot of options. I run a hardware firewall and Outpost Pro Firewall. I also have KAV 7. Both run nicely and I am used to using them both. Depends what you want in a firewall. A lot of people here like LooknStop and Comodo (and others). I use Outpost and let it configure its rules as I am not experienced in setting up firewall rules. Outpost also recognizes KAV now so I don't have conflicts. I don't have any resident anti-spyware. I use a Host-based Intrusion Prevention System (HIPS) type program ProcessGuard which unfortunately may be at the end of its development along with RegDefend. A lot of people use either a Sandbox type program or a HIPS instead of a resident anti-spyware like ProSecurity or Online Armour for zero-day type threats. CCleaner is nice, fast, easy to use and free. Do some research in this forum. Start with this thread, but since it is so long start with the newest and work back.

    https://www.wilderssecurity.com/showthread.php?t=111264
     
  3. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Use what you can afford. be it free or paid they do the same job, some more thouroughly than others, but the best and the worst, are on equal par with each other, dependant on how you set the confiurations, be it default, or you take notice of what others say, bare in mind default settings are most oftenly used and work well in most cases, user custom settings may work for one, but may be totally awful for someone else. Searching through the internet to find the best of whatever, will most certainly result in many different oppinions, what one recomends as the best, someone else will recomend against it. Also take not, just because a software isnt widely recognized, doesnt nessesarily mean its rubbish, there are some excellent programs out there, just waiting to be discovered.
     
  4. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    Both guys below me had posted the best replies for you - 'primeSuspect', and they're right.

    Getting to the bottom line... it's your judgement call. But i would recommend you to do a trial basis on whatever you fancied... prior to being a paid-subscriber of any security apps. By doing a personal trial, you will know what you favored most on a particular app.

    As for freewares... there are some who came in FREE but very very reliable and works as it says.. Still you gotta check it out personally what's best.

    Oh btw, have a Merry New Year too... everybody!
     
  5. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Back to basics

    - Anti-Virus: Kaspersky 7; because of NOD32 proxy issue
    - Firewall: try both (Outpost, Comodo), take your favourite
    - Anti-Spyware: AVG Anti-Spyware Free or SUPERAntiSpyware Free, no need to waste your money
    - Active Protection: no need for Threatfire if you choose Comodo (and Defense +), no need for Threatfire if you don't choose Comodo, Outpost Firewall Pro's Host Protection will do the job for you ;)
    - Browser: as you like
    - Registry: I prefer tools like autoruns or Runscanner to do a manual clean-up.

    "a jack of all trades is a master of none".
    Sometimes I think "a strong one is better than five weak one"

    Cheers
     
  6. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,215
    I also think the antispyware bit isn't necessary. BlueZannetti's current thread https://www.wilderssecurity.com/showthread.php?t=196103 is also worth reading, with virtualization you can really improve the performance of your computer by reducing the number of security applications.
     
  7. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    No it's not. It's the MAIN issue, since it is how you get infected. Anyone jumping
    in this thread, spamming their favourite security apps without considering this point is just adding noise IMHO.

    If you are the only user of your system, i think the security apps you use could be quite different, then if you need to consider usage by other less skilled users.

    A point i learnt recently....
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,215
    If he decided to share his computer with others (family, friends etc) a passworded virtual program (DeepFreeze, to name one) would be ideal. The system would be returned the way he had originally set it, with very low probabilities of infection.
     
  9. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    You asked if you missed anything.

    I suggest you invest a few bucks in disk imaging software, and
    learn how to use it.

    Then, when you lend your machine to reckless friends, you
    will be able to restore it to an uninfected state in minutes,
    rather than spending hours and days reinstalling the system.

    It takes me 20 hours to fully reinstall and configure Windows and
    all my applications. With a disk image, it takes me 20 minutes.

    Virtualization is being mentioned, and is great as long as it is
    turned on. A disk image, properly done, is just about bullet proof.
     
  10. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    Much better answer... :)

    Another possible answer would be to use limited accounts for other people??
     
  11. primesuspect

    primesuspect Registered Member

    Joined:
    Dec 31, 2007
    Posts:
    8
    Wow guys, this forum has been a gold mine of information. I am so glad I found it! And thank you all also for your answers, I appreciate you taking the time to help with this.

    I have continued studying and after doing a lot of reading and searching on the forum I think I have come to a pretty good security solution. Setup like this:

    • AntiVirus: Kaspersky Anti-Virus v7.0
    • Firewall / HIPS Planning on trying both (separately of course) Comodo Firewall Pro w/ Defense + and Outport Firewall Pro with Host Protection, probably will end up with Outpost though because of its auto learning features. But do you guys think I should disable the HIPS functions built into the firewall(s) and spring for a dedicated HIPS like DefenseWall or ProSecurity?
    • AntiSpyware SUPERAntiSpyware Pro; I'm really glad I found this (Thanks to searching on Wilders), I just wasn't really happy with the big names like Spy Sweeper. I might also add Comodo BOCleaner and Spyware Doctor Starter Edition later, just to double check that the SAS scanner isn't missing anything.
    • Registry / System Cleaning: CCleaner; Seems to be the widest used and highest rated registry cleaner, it is also suppose to be good for general system cleaning, which will be my main use for it.
    • Other:
      • Threatfire; For extra zero-day protection, not sure if I need it, but hey its free...
      • MVPS Hosts; Not completely sure how to classify this...It seems to be some sort of anti-spam program.

    I will be adding these programs in layers, at about 1 program every 2-3 days, so I can keep track of compatibility problems. But I will probably start with the firewall and HIPS.

    I have also been looking into sandboxing, like some of you suggested... But I am worried it might be a bit over my skill set. I am pretty computer literate, and I am definately not a novice at all, but I wouldn't classify myself as anything more than experienced. What is the learning curve like with sandboxing / disk freezing? Are programs like Sandboxie or DeepFreeze easy to use? Also, I was reading a lot of good things about Raco's FD-ISR, but it seems that it is no longer available (product page is still up but you can't buy it: http://www.raxco.com/products/FDISR/)... Is there anyway to still get a copy? Or is there a something better on the market now that I could just buy / download from the developer?

    Exactly. Thats what I was saying, I generally prefer the lesser known applications instead of the main stream ones. I find, in most cases, that applications developed by smaller software companies are more reliable, more feature rich, and pretty much just better than the big firms. SAS, which I learned about from this forum would be a good example of that.
     
  12. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Yea for multiple users, security apps will be different. Policy will be important. Need to be able to control how users use the computer.

    Anti-Virus. This is the bread and butter. Make sure you can get one that you can password protect settings so viruses will be automatically quarantined and cant be executed even if the user tries to.

    Firewall. I think leaktesting etc is over-rated. Basic firewall is really a 'dumb' program that allows or blocks packets according to predefined policy. I use Comodo 3 though, but that is because of its behavior blocker Defense+.

    Anti-Spyware. The issue here is policy as most spyware is installed by the user with other 'legitimate' programs. I dont knot any free AS that has resident protection. I use SuperAntiSpyware as an ondemand scan.

    Active Protection (Behavior blockers). Threatfire is great as it doesn't throw too many popups. It is a policy based behavior blocker meaning there is a predefined set of rules built in that helps the program 'decide' for itself if a program is bad. Good for users who dont want to or dont have enough know how to make intelligent decisions on what programs to run or not. I use Defense+ which is part of the Comodo firewall. It doesnt have built policy and will require users to make lots of decisions. This will not be appropriate if you have users who dont want to or dont have enough know how to make intelligent decisions on what programs to run or not.

    Also try virtualization. I use sandboxie. Force all browsers to be started in a sandbox.
     
  13. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    I think the new developer has killed FDISR. Check the FDISR forums here. The snapshot software is not designed as antimalware but a few members of this forums use it as part of their security apps layer.

    Sandboxie is really easy to use so check that out. Theres also safespace which is free and not nagware.
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I think you hit the nail on the head when you said jack of all trades master of none.All the software there Is a lot are very good None are great.The best security is safe surfing habbits and common sense goes alongway. Recommend a good antivirus and maybe a spyware scanner and at least windows firewall.You Can Have a bunch of security apps dragging down you operating system and still be Infected sometimes more is not better most of my experiences Have been to much or wrong apps that dont play well together Is the virus In its self, Its all trial and error with that said best reagrds.
     
Loading...
Thread Status:
Not open for further replies.