What is your security setup these days?

Firefox is always been a no go for me, it's mostly IE with NoScript or Opera.

Actually with EQS (HIPS) i don't even need alternative script protection.

There is only one serious concern i have in all the internet, well make that two, a destructive file infector or MBR partition killer like KillDisk, which Anti-Executable can pinch off either of them anyway, IF my set up is shored up in that manner.

I deliberately ran Peter2150's KillDisk Virus the other night and sure enough it blowed the recap right off the disk, had to do a full wipeout then restore an image. That is one mean beast.

I put file infectors in the same category because they can ruin your files and data in a one swell swoop.

For my part only FD-ISR and a good Image BackUp app like Paragon or DriveSnapshot/IFW etc. can save the day from these man-made destroyers as well as disk major malfunctions.

Sorry swaying OT a bit, but you bring up some things i like to consider, like recompiling that KillDisk Trojan and delivering it by vbs or reg file insertions.

But i guess my HIPS would spot that a mile off.

 

It's probably the time for me to create another commotion by publicly releasing my proxomitron ruleset I think the rules are mature enough.

 

IE with NoScript

Does DefenseWall stop this?

 

Hello Lonewolf,

I have personally tested DefenseWall against destructive file infectors and KillDisk and it successfully restricts and/or blocks all possible damage of both to the confines of it's sandbox.


Peace & Gratitude,

CogitoErgoSum

 

Thank you.

 

Not the same as firefox's unfortunately, just enables vbs files to open in notepad, something that can also be done in xp folder options.


http://service1.symantec.com/sarc/sarc.nsf/html/win.script.hosting.html

 

You don't like it ? Am I correct in thinking you are on dial-up ? If so is it too slow ? I find it difficult to think of IE being chosen in preference to FF

 

Well, only 50% of the experimental changes was successfully.
1. The implementation of "Delicious Bookmarks" in Firefox was a success.
2. The combination of DefenseWall HIPS and Sandboxie was a disaster.
It was too much at once for this "Old man and the Sea", but I could go back to the past.

Besides cleaning and repairing itself automatically, my computer can also go back in time. Isn't that something ?
Returnil-users will be very jealous with me. After all they only have a Virtual Machine, while I have a Time Machine.

 

How so

 

Error messages, disappearing icons, nothing was normal anymore. I have to try this again, but not today.

 

Never had all the problems with IE that rushed everyone over to firefox for me. Just tightend up the browser, applied good speed tweaks, and it sails along just fine.

FF is ok for some but i detest it, i much prefer Opera over FF anyday, besides you ever read about all the FF issues after everyone jumped on that bandwagon?

And the fear they exhibit all the time over different exploits and all that. Nope, IE is just fine here.

 

Time for a change. Just seems lighter and tighter.

 

At the moment:

Kerio 2 firewall
Deep Freeze

Why? Many people I know use IE and like it just fine.

 

Just a quick Question....

How is ThreatFire & COMODO Firewall Pro 3 working together without any modifications in the products?

Any problems?

Josh

 

Perhaps IE has more security vulnerabilities that needs to be patched than FF??

Anyway, here's my new setup on 'dummy' PC:

On-Access:
Avira AntiVir (trying it for the first time, and like it very much )
Comodo BOClean
Sygate Personal Firewall (forget Matousec )
DriveSentry (this you've got to try out )
Comodo Memory Firewall
Winpatro
DeepFreeze
SpywareBlaster (well, it's on most of the time)l

On-Demand:
SAS Free
ComboFix
SDFix
Auslogics Boostspeed

Browsers:
Flock (my new favorite and default browser )
Opera 9.5 beta

Utilities:
Revo Uninstaller
CCleaner


Ditched a-squared Free for Comodo BOClean's proactive anti-trojan approach.
Besides, it failed to detect 581 malware that SAS Free was able to detect.

 

the only real problem with IE is that by default it doesn't block anything, so the most stupid dropper can bypass it: you have to go in internet options -> security -> internet -> custom level -> file download -> disable
but at this point you can download nothing: neither a pdf file, so if you need of doing it, each time you have to re-enable it

opera & firefox block by default all the .exe, .cmd, .com, etc. that try to land on your pc, asking you what you want to do with them

 

Unaided, IE is a magnet alright. But HIPS fills in nicely for any of those type intrusions and are carted away as in terminated. LoL

 

I choose admuncher over proxomitron because proxomitron doesn't prevent
websites from refreshing your browser like admuncher does.

But if you do post your rule set I'll probably give proxomitron another go. I'm allways looking for ways to filter out malware before it can get into your Sandboxie.

I think its better to fight Malware outside of your Territory rather than let the Malware come into your pc and fight it on your Territory with Sandboxie, HIPs and Returnil etc

 

I still stand by this Q:

 

New.

-Twister AV
-Mamutu.
-PC Tools Firewall

Very, very light setup.

 

Unless there are any major new developments, ill be sticking with the following behind an NAT router:

Windows XP SP3 (nlited)

Resident
Avira Antivir Premium (Heuristics: High)
PCTools Firewall Plus (imported custom ruleset)
EQSecure 3.41 (Alcyon’s Ruleset)
SandboxIE (Paid)

Backup
FD-ISR (Uncrippled version replaces system restore)
ShadowProtect

On-Demand
Dr Web CureIt
Superantispyware Pro
Gmer

Hardening
IE7 Pro
MVPS Hosts File
SpywareBlaster

Other
CCleaner
TrueCrypt
PeerGuardian (Only run during p2p)
Roboform

The only change that I am likely to make to this setup is to replace Avira Premium when my licence expires with KAV 8 or Avira Free.

Windows Vista SP1 (Windows Defender. UAC disabled)

Resident
KIS 7 (till bugs in new version are resolved)

On-Demand
Superantispyware

Hardening
SpywareBlaster

Backup
ShadowProtect (Stored on external drive)

Other
CCleaner
AdMuncher

Both setups are stable, run lightning fast and are extremely light. IMHO, the XP setup is bulletproof, while Vista machine is very well protected for the tasks carried out on it.

 

I have only heard of problems of Threatfire with:

-AVG 8 (experienced them myself).
-Ashampoo Firewall Free (experienced them myself).
-OA
-Sandboxie (experienced them myself. Not incompatibility, but if you are not careful, TF can delete Sandboxie itself, if finds malware in the sandboxed items).

 

Threatfire and CFP work well together with no special modifications.
I had no problem when I ran these together for a while.

 

Switched back.

 

Correct me if I am wrong, but this is in the default Proxomitron
config .... "Anti-Auto-Refresher: Stops pages from "Auto Refreshing". Often used to load a new ad every so often. By default this still allows "quick" refreshes (under five seconds) with normally are used to forward you to a new page, but this can be adjusted with [#5:*]. This rule also creates a link allowing you to refresh manually if needed."