What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. abu shofwan

    abu shofwan Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    358
    Location:
    Earth
    I'm trying Win8 Pro 32bit now.

    Pls,suggest me which AVs (not suite) are most fully compatible with W8 and other security setup that could be add as layer ?

    Current,I let W8 virgin with MSE installed :D and only add SBIE.

    thank in advance,guys
     
  2. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I left my windows 8 X 64 a virgin and nothing but built in security,system hardening and the On Demand of Hitman Pro.Did I mention how light it is.:D

    AFAIK,Most third party Antivirus are or should be compatiable with windows 8.
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Windows 7 Ultimate 32 bits with internal FireWall also controlling outbound traffic

    Restrictions for Everyone (including Administrators)
    - UAC: set to full and deny elevation to all unsigned executables (e.g. Media Player Classic , 7-ZIP)
    - GPO: Deny installation of unsigned drivers and active-X, deny autorun and execute access to USB
    - ACL: Deny execute for everyone on User Shell Folders, Public and Internet/Download folders
    - EMET: set system wide DEP, SEHOP, ASLR to maximum

    Restrictions for Users/Medium Integrity Level processes
    - SRP: Deny execute for all files (outside Windows and Program Files) and all users (except Admins)
    - GPO: Locked IE10/Chrome/Outlook, denied access to risky OS-programs and HKCU-autostarts
    - ACL: Added Mandatory Medium Level Integrity to Outlook E-mail and Foxit PDF-reader
    - EMET: added Chrome, IE10, Outlook, Foxit, 7-ZIP and Media Player Classic

    Restricted by Low Rights/Intergrity Level sandbox
    - IE10: for on-line banking only (IP/SSL FireWall filter), Keyscrambler free (only add-on), no data cached
    - Chrome: for daily browsing incognito, click to play flash, allow javascript only from COM and NL domains

    On demand
    HitmanPro free
     
    Last edited: Jan 31, 2013
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    WSA and HP for backup.:thumb:
     
  5. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,140
    WSA Avast pro MBAM Pro:thumb: :thumb: :thumb:
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Sounds great.
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yes, simplified description
     
  8. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,051
    HI kees.
    If you ever find yourself in england please do come and set my computer up to your specs.
    Marvellous.:thumb:
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thx, you will need a Pro version of Windows 7 (or higher) to raise Ten Thresholds for Threats (AKA a Tripple T rating security setup)
     
  10. guest

    guest Guest

    Emsisoft IS + WSA + Sbie + SD
     
  11. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,286
    Location:
    EU
    Company owned PC:

    OS is W7 Enterprise
    McAfee EndPoint Encryption system encryption
    McAfee Viruscan Enterprise (it sucks!)
    Windows Firewall with standard/default settings
    Chrome with ADBlock+, Adblock, Ghostery, HTTPS Everywhere, Antisocial, DNT, Google Opt-out.
    Cloud files protected with Cloudfogger
    Some sensitive local files with AXCrypt.
    Passwords stored in Keepass2.

    Personal Netbook:

    OS is W7 Starter
    Truecrypt System encryption
    MSE
    Windows Firewall with standard settings
    Comodo Dragon with same extensions like Chrome
    Keepass2
     
  12. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    @Lucid,

    thanks for all those additional tips :) I tried with .NET 2.0 and EMET removed but I had a hard time noticing a speed difference, so I restored the image with them, because I know I read somewhere, an MS article, that XP with EMET is considerably more secure. I might disable a few more services when I get around to it. As for removing themes, I can't bring myself to do that :ouch: Currently I'm using a Noir remix and Noir theme - very cool :thumb:
     
  13. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    You'd certainly notice a difference if you never install .NET Framework to begin with, have a very barebones setup... and then install it. It's very noticeable that your box isn't as responsive anymore. Uninstalling it afterward on the other hand... you don't notice much of a diff. if at all, because once it's on it's almost impossible to actually get rid of. You may uninstall it but it left a ton of junk behind that dug deep into your OS. It's like a point of no return once it's on... pretty much need to reformat to go back.

    As for whether EMET helps much, it certainly depends on your setup. As I look I have no vulnerable services running and no ports hanging open that would otherwise be associated with them. Closing those 2 I mentioned closes a huge gap that would otherwise exist in XP. Even if you disable NetBios those ports aren't completely closed. No Java and things of that nature. A default deny NoScript regimen. Just how is this exploit supposed to, well... exploit me?... with no vulnerable services to piggy back onto and no ports to swoop in on? It'd have to get up pretty early... Really it would take a lapse of judgement on my part. But if EMET isn't slowing you down compared to the way you had it prior, and isn't conflicting with anything, sure why not? That isn't the case with me. Right now windows pop up & pages load immediately the way I have things. If I add something like .NET FW, EMET, and real-time AV's... that's no longer the case. I think when you have things so barebones & light to begin with you notice any little impact. But if things aren't that light to begin with, then adding something else isn't nearly as noticeable.

    And it's a shame, because stripping down those theme settings I mention makes a HUGE difference... probably more than anything else in regards to Windows Explorer. Barebone those settings on a clean/freshly formatted box (without .NET FW), then add it... and I'll bet you notice a difference.
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    I've nLited my XP pro disk, removing 245 MB of clutter in the process :) but I'm all out of optical media to burn the iso to, and I can't boot off of usb no matter what I try in the bios, so I'll have to pick up some disks later then try it out tonight.
     
  15. abu shofwan

    abu shofwan Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    358
    Location:
    Earth
    Thank for input,DS

    Agree with you,now only add SBIE & MBAM Pro plus system hardening.
     
  16. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    And now are you running Avast and Privatefirewall?If yes,could you please block a browser in Privatefirewall and see if it still connects?
     
  17. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,288
    Joe,

    i would be glad to do it but i´m no longer using Privatefirewall.
     
  18. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    Windows 7 Home premium x64
    ° updated

    Realtime protection
    ° Bitdefender Internet Security 2013
    ° Windows 7 Firewall control free

    On demand
    ° Hitmanpro

    Instant Recovery
    ° Rollback RX

    Browser
    ° Firefox
    Addons: Adblock plus & Flashblock
    ° IE9

    Software updater
    ° KC Softwares SUMo
     
  19. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Well wat I assume you have like 4 gigs of RAM on your box? If so, maybe you'll notice nothing at all. I certainly did with only 1. But then again I'd think it would be noticeable no matter how much RAM you have. It just bloats your XP install so much... practically makes it 20% larger. That leaves bloat that goes beyond mere RAM measurements. Hell, I'm not sure it even uses ANY RAM at all really. But I notice a difference afterward that's night & day in terms of responsiveness. But who knows, maybe it wouldn't be the case with XP pushing the max 3.25 of RAM? And your CPU is also undoubtedly better. Mine is but a lowly single core Celeron @ 2.4 ghz.

    If it makes no difference on your box, then go for it. Though I personally would still rather have less attack surface in the first place than add something like .NET FW then EMET to compensate for it. I see that as kind of like painting over rust, or even curing the disease by killing the patient... which becomes especially true once EMET starts conflicting with stuff.
     
  20. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    Ok Alex,no problem.
     
  21. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    I'm still using what's in my sig. Absolutely nothing else. It's light and simple. :thumb:
     
  22. VectorFool

    VectorFool Registered Member

    Joined:
    Oct 21, 2012
    Posts:
    280
    Location:
    India
    no firewall? o_O
    or are you using windows default?
     
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    Windows XP FW. Titanium has the firewall booster thing you see. ;) Also I believe if there's no malware in pc there's nothing to call home. :D I'm being on the simplified side. :)
     
  24. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    Ditto. I have win7 firewall for inbound control and WSA for outbound control. I used to feel the need for a 3rd party firewall but with my current setup nothing mush is getting in to call back out.
     
  25. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    Well this new nLited setup is completed and similar to the previous install except of course this one has less crap on it. I created an image pre-.NET 2.0 and EMET then ran it for a while, then installed .NET and EMET and ran it, not really noticing any performance difference, so I will keep .NET and EMET, as I feel EMET fills a rather significant security hole by protecting against buffer exploits.

    As for RAM, yes I have 4GB although XP sees ~ 3GB. The rig has dual gpu's, nVidia 7900GTX so they take quite a load off the processor as well, which is just an AMD 64 X2, 2.27GHz 4400+.

    The security as I've posted several posts above I feel is near perfect. Many services disabled, SRP covers basic executable whitelisted paths for protected directories, Jetico covers additionally for modify child processes, registry modification attempts and writing to application's memory, then it also has excellent packet filtering and application outbound control, EMET covers buffer exploits and then I'm running as limited user. To top it all off, I'm using Chrome with all kinds of policy hardening and script control plugin.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.