What does everyone do for internet security?

Here is my set up:

Network:

DD-WRT firmware: WPA2 with a convoluted passcode; mac filter (permit only)list, iptables script to block all unused ports, and a network hosts list via DNSmasq to 'block' (i.e, reroute to local host) a bunch of tlds and ad servers.

I also use opendns primarily for its filter list. This saves me a bunch of time (and memory) of making impossibly long, resource draining black lists.

Windows Machines:

Services - All services that are unused, worthless, or potentially dangerous are either removed or disabled. I usually remove most of the software, services, etc via RT Se7en Lite or xplite before hand).

Firewall - I use the built in windows firewall with my own policy (not recommend for the average user). It is surprisingly powerful when you investigate the advanced settings. A powershell script is used to import ip cidr's en masse. All outgoing traffic that isn't necessary, is blocked. For example; there is no reason for VLC player to connect to a server when it is not being used for internet use; moreover, there is no reason to constantly update software (that is not being used on the web) if it is running perfectly fine.

Browser - Opera (12.15) with no extensions. Due to the ease of customization all javascript, cookies, and flash is disabled except for the sites that I frequent that require them. I use a custom css and urlfilter to surf the web cleanly and efficiently.

Firefox is used only for netflix; since netflix/silverlight is hostile to opera, even when the useragent is changed.

Software - Most of the software on my machine is sandboxed via thinapp. I use the sysinternals tools tcpview, autoruns, and process explorer for monitoring. cclean and defraggler are used for cleaning and defragging. Testing software is done in a VM. I am not a fan of installing things on my main OS and try to avoid it. For example; cclean and defraggler were just extracted from the installer, and run as stand alone apps (no messy folders/uninstallers/files/etc).

Security Software - NONE. All Microsoft security suites are completely removed or disabled from my machines. I use zero antivirus protection. I went through painstaking effort to secure my network and machines - installing a bunch of anti-virus/malware 'protection' would be counter-productive. Besides, I am not a fan of letting software run in the background, 'phoning home' and wasting resources.

It would be very difficult for a piece of malware to reach my main system, but certainly not impossible. If my system would be compromised, I would likely notice it because I monitor everything.

Proxies - NONE. I use no proxies or anonymous software like TOR.

Btw: a lot of my network settings (DNSmaq, port blocking) was set up specifically to protect the mobile devices on my network.

 

You might try posting to the below ongoing thread - What is your security setup these days?
https://www.wilderssecurity.com/showthread.php?t=111264