What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. zitch

    zitch Guest

    Layers are GOOD. Witness: Am running Emet 3.0, along with ExploitShield (outside of Emet).....Avast 7, and have Eset online scanner ready when needed. Have also ran Kaspersky online scanner. Triple threat. Avast is hands down the best. Have been using it for years.
     
  2. VectorFool

    VectorFool Registered Member

    Joined:
    Oct 21, 2012
    Posts:
    280
    Location:
    India
    weren't you using Kaspersky Internet Security?
    what happened?
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Keep in mind that the online scanners generally have significantly lower detection rates compared to the full software. The full software can install drivers and such, which make it harder for malware to hide from compared to a basic user-level scanner. Online scanners may also perform more limited scans.
     
  4. eugene91

    eugene91 Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    192
    Added Zemana AntiLogger from the giveaway to my setup (in my sig) :D
     
  5. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    I'm using what's in my sig.:)
     
  6. Dubslap

    Dubslap Registered Member

    Joined:
    Jan 9, 2013
    Posts:
    21
    Location:
    UK
    Changed mine a little, now using Sandboxie for Firefox with NoScript and Adblock Plus. Also using Emisoft Anti-Malware in real time just incase and also Win7 Firewall block in/out and NortonDNS with Malwarebytes for on demand. Everything runs smooth :), I will probs stick Malwarebytes in real time also as it has no impact on the system because i got used to the website blocking when doing random browsing.
     
  7. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,051
    Hi vector.
    Im still with kaspersky for the forseeable future.Just thought i would go back to a comodo image to see if a few bugs were ironed out but i still dont think they have been.
    Needs more time i suspect.
    Kaspersky runs great here with no problems.:thumb:
     
  8. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    My nice and light setup! I'm using Windows 7 x64; running as admin with UAC at max.

    Real time:
    Sandboxie
    - Sandboxed all internet facing applications in mostly separate sandboxes
    - Set to NOT auto start on boot(for dat boot time)
    - Program restrictions, internet access restrictions, and file restrictions
    Windows Firewall
    - Block all inbound
    - Allow all outbound

    On Demand:
    HitmanPro

    Other:
    KeePass
    TrueCrypt
    Crashplan - Backing up all my files to their server along with a hard drive on my router.
    CloneZilla - Imaging to the hard drive on my router.
     
  9. JohnMult

    JohnMult Registered Member

    Joined:
    Mar 26, 2012
    Posts:
    118
    Location:
    Greece
    1. Comodo Internet Security 6
    2. Zemana free antilogger (on demand)
    3. Sandboxie (browser) Intenet and Run Restrictions (only browser can run and connect to the Internet) Drop my rights and delete contents of sandbox at the end of session
    4. Chrome (Adblock Plus and LastPass)
    5. Norton DNS (Policy 1: Security)

    and nothing else matters...
     
  10. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Layers are good, but they can also interfere with each other if several solutions do basically the same thing. Why on earth are you running both Exploitshield and EMET? They have the same purpose, EMET arguably being a bit better at the job and you're not limited by any "browser vs corporate edition" stuff. Personally I'd just use Avast and, if I thought I needed it, VirusTotal for weird downloads. Do layers, but don't use 3-4 products that do the same job.
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Windows 7 Ultimate 32 bits with internal FireWall also controlling outbound traffic

    Restrictions for Everyone (including Administrators)
    - UAC: set to full and deny elevation to all unsigned executables (e.g. Media Player Classic , 7-ZIP)
    - GPO: Deny installation of unsigned drivers and active-X, deny autorun and execute access to USB
    - ACL: Deny execute for everyone on User Shell Folders, Public and Internet/Download folders
    - EMET: set system wide DEP, SEHOP, ASLR to maximum

    Restrictions for Users/Medium Integrity Level processes
    - SRP: Deny execute for all files (outside Windows and Program Files) and all users (except Admins)
    - GPO: Locked IE10/Chrome/Outlook, denied access to risky OS-programs and HKCU-autostarts
    - ACL: Added Mandatory Medium Level Integrity to Outlook E-mail and Foxit PDF-reader
    - EMET: added Chrome, IE10, Outlook, Foxit, 7-ZIP and Media Player Classic

    Restricted by Low Rights/Intergrity Level sandbox
    - IE10: for on-line banking only (IP/SSL FireWall filter), Keyscrambler free (only add-on), no data cached
    - Chrome: for daily browsing incognito, click to play flash, allow javascript only from COM and NL domains

    On demand
    Toolwiz TimeFreeze
    HitmanPro free
     
    Last edited: Feb 5, 2013
  12. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,970
    I just continue to be impressed with Rising PC Doctor. With the latest updates all issues of the process manager giving a large amount of internet being sucked up by RSTray.exe is fixed. Any UI glitches I have been having was fixed. Now if only it would detect Panda Cloud as an AV installed in the security monitoring area.

    I highly recommend running it with an AV (*cough* Panda Cloud *cough*)
     
  13. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Well stated. And also when all these layers are part of the same product (i.e. Comodo 6), to me it defeats much of the purpose of layers. If this 1 product is compromised/terminated, or becomes corrupt and fails to load properly all those "layers" are swept aside in one fell swoop. That's why I'd never put all my eggs in one proverbial basket with these all encompassing suites.
     
  14. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Here Here! If you feel like you're sacrificing too much performance and/or convenience then it's time to trim back some of these layers/apps... when it's becoming quite obvious that you don't really need them anyway.

    I also used to run LUA, but realized it just wasn't necessary and sometimes a PITA. I run a very safe Admin account that's more than adequate. The real-time AV was easy to leave behind too with SBIE, and now even easier thanks to user Dgiji dropping the knowledge about Download Statusbar.

    But GPO's & SRP is hardening that doesn't interfere with my usage or add footprint (actually it decreases it), in my case. I run a user friendly default deny SRP... with dll's excluded and shortcuts allowed (.lnk excluded). I feel it's a great balance of convenience & security. My D+ renders it pretty moot, but I like to harden at the OS level to begin with and leave less work for my software. Also just in case software glitches out, you're covered.
     
  15. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Yep. I'll bet I could probably get by with nothing but my system hardening, a router, and NS. But I sure sleep better, err... browse better anyway with SBIE. Knowing I'm a closed session away from making malware *poof* into oblivion if it were to occur.

    If it negatively impacted my footprint I wouldn't use it though. But the only thing I notice is that it adds 2-3 seconds to the boot time of a program. And I'm not even sure that's true anymore since FF v17. Since that version FF seems to boot up just as quick with or without SBIE for me. But anyhow, once the program is up and running SBIE has no impact on it. In fact if anything it may make it snappier since it keeps it isolated, but that may just be a placebo effect.

    Things that offer an insurance policy like that and bring along no noticeable footprint... will always get consideration from me. SBIE & imaging mainly fall into that category. And VT Hash Check/Download Statusbar has also joined the ranks.
     
  16. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    True... but I always like to harden my box at the OS level in the first place. That way in the event that software is compromised, becomes corrupt or otherwise fails to load properly for some reason you're already covered.

    I also like to disable all vulnerable services/processes and close up the ports associated with them even though I have a FW & router stealthing all my ports anyhow. Just in case some day Comodo glitches out on me and/or my router breaths it's last breath (inevitable some day).

    So I personally appreciate the tip.
     
  17. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,686
    Kerio Firewall 2.15 + Sandboxie 3.76
    AppGuard 3.4.2 + Shadow Defender 1.1.0.325


    AdMuncher 4.93 + Macrium Reflect 4.2

    OpenDNS + Opera
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    LoneWolf:thumb: :thumb:
     
  19. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    My pleasure bro! Both of your setups, for both XP & Win7 look rock solid. Like me you prefer to build your security from the ground/foundation up. Making it so theoretically you could axe all that software and still get by just fine. IMO that's the way to approach it.

    If you plan on continuing to keep that XP boot around even after it's EOL I recommend favoriting the MSFN Forums website, and checking in periodically. They will keep releasing (unofficial) patches for it to keep it hardened. They still patch 98SE over there and other older OS's. And they will keep XP alive and perfectly healthy for a long time. I know that angers a lot of people... for some reason I don't quite grasp. But figured I'd pass that along to ya anyway.
     
  20. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    That is one sweet setup. Lovin the Kerio 2.1.5. Perfect FW for XP, if Comodo is a bit too clunky for your taste and/or you don't care for HIPS. One of the best legacy apps of all time.

    I've considered using it as well because my SRP probably sufficiently takes care of what D+ provides to me, with albeit a bit less control. It would make my uber light setup even a tad snappier. And now I'm considering it once again...
     
  21. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    Kerio! Wow. That brings back some memories. I used to love that firewall. Is that still supprted Lonewolf?
     
  22. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,686
    Thanks,all running together w/o any problems whatsoever, light,quick and strong,maybe a keeper for a while. :D

    Supprted ? Doubtful but not needed to be here on XP as it's working like a charm.
     
  23. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    I actually did a small test where I ran the Counter Strike Source video tester both sandboxed and un sandoboxed and I got a higher average FPS with is sandboxed. I believe it was up about 10fps. This doesn't really mean much though as I'm already running at ~235fps on max settings as it is but it was still something. I was confused by this so I did something similar in Heroes of Newerth and I got a couple extra fps while sandboxed too. I went from ~33 to ~38 iirc. I never mentioned it on a forum though because it didn't make sense to me and figured I'd be flamed to no end. Haha
     
  24. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    Not ture, EMET doesn't protect you from java exploits.
     
  25. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Thank you for that data Wesley Crusher (I just like to think that's who you are). Yeah it actually makes perfect sense to me. That something is isolated and things are prevented from leaching onto it. Plus just the act of isolation itself, gives it it's own little room/space.

    Like I swear I notice a difference having my OS in it's own partition as opposed to having everything on my computer/hard drive all in the same one. I also think giving it some extra free space helps too. I think of it as "room to breathe", lol. Although (my install of) XP Pro SP3 only takes up about 5 gigs of hard drive space I make the partition 15-20 gigs for this reason. And I think I notice a difference.

    I don't just do it with my OS either. I give a lot of my programs their own partition, including: Firefox, Pidgin Messenger, Comodo, Sandboxie, VLC, Open Office, and UTorrent back when I used it. Isolation is a big part of my security approach. But I believe it also makes things snappier. And it was awesome to see some hard evidence of this.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.