What is your security setup these days?

dont need avast my friend

 

No? Why not buddy?

 

sandoxie and ERP in lockdown mode is very powerfull

 

Very true. I think that I'll go back to my original config.
WSA AV, Sandboxie and NVT ERP. Can't really get any lighter. Instead of Shadow Defender, I'll use Toolwiz Time Freeze.

 

even sandboxie and webroot is very powerfull and light computer

 

I got so excited about the newest avast. I lost my head there for a moment.

 

Ok, ever since the release of EXE Radar Pro 2.7.3, I'm beginning to think that Sandboxie isn't needed in my setup anymore, other than for the following reasons.

1. To run and test software in the sandbox
2. The protection of Browsing history, cookies, and cached temporary files
3. To run my browser with dropped rights

I mean if I'm running EXE Radar Pro in Lockdown Mode, theoretically wouldn't it block what sandboxie can prevent (Exploits, execution of files, etc.)

I know that Sandboxie is a trusted source that everyone loves, but be honest, while using EXE Radar Pro, is it really all that necassary for me to run Sandboxie as well?

I'm at the point where avast! and EXE Radar Pro are both softwares I don't want to give up, and if I'm running an Anti-Exec, I always get the feeling that Sandboxie is just there for the ride.

Maybe I'm not thinking right, maybe one of you could enlighten me a little.

 

By the way, I think Trend Micro deserves more credit than what usually gets.

Bo

 

No.2 (Plus Sandboxie)

 

Same here ,top protection and light,i keep trying Trend and then Bitdefender free and see no difference in speed.Trend cant be beat on protection but gets very little credit here

 

I think most people could make the argument either way with their software. That one isn't needed because of another. Heck... all of this stuff is pretty pointless when we have clean images laying around, or are running in VM's/Shadow Mode, isn't it?

For that matter, I sometimes feel that EVERYTHING is just "there for the ride" because my OS & browsers are so locked down to begin with. When you run with very low rights, have pretty much no vulnerabilities, and the attack surface of a pea, your software just kinda sits there collecting dust (err... fragments, anyway).

Isolation is a part of my security approach, and that's something I love about SBIE. Just knowing nothing else can latch onto it that I don't implicitly allow. It's also why I have so many partitions... almost the entire alphabet. And it doesn't slow anything down... maybe a second or 3 on the boot, but after that I dare say things may even be a hair quicker running sandboxed. There's certainly no loss anyhow. So it's a keeper for me.

And if malware came along I simply "x" out of the session instead of having to reboot entirely, or even reimage... even though I believe doing the latter is good practice anyway in such a case.

 

There is a slight lag. Don't know if it's Avast/Sandboxie/ComodoFW but I live with it. At least I know things are working in my favor.

 

Made me LOL with that one.

 

It will do some damage to your registry when you try to uninstall it.

 

Thanks for your reply, I got to think this one over I guess

 

sandboxie has such a small footprint that you would be crazy not to keep it. The way I look at it is the more layers the better.

 

Even though the two technically fight against the same thing, minus the 3 exceptions I listed in my original post?

 

Testing new setup for post-Vista Win with low application turn-over; behind a strong networking/IPS/DNSSec.

Hardening:

Group policy security/Sharing and remoting policy locked down

Service reduction

Feature reduction (eg Media Player, Media Center, and IE where possible)

EMET 3.5 Preview

Wares:

Comodo HIPS/FW 6: Cloud AV, BB Locked down (custom policy), Geswall-like policy on applications, custom vendor list, FW with custom rights for progs with no need for net resources.

Sandboxie 3.76

MBAM Pro: scheduled daily quick scan

Download/Shared/Vuln folders monitored with automation (Directory Monitor/Watch 4 Folder) and command-line scanners (MBAM, Emsi, Clam, VT, HitmanPro etc)

Chrome C2P, JS rules (kees), PPAPI plugins

 

Windows 8 Pro x64
-Appguard Locked Down
-EMET 3.0
-IE10
-some GPO tweaks here and there.
-VirusTotal uploader

might add Sandboxie 4 final later...

 

Ok this is the 3rd time trying to write this post. Stupid touch pad keeps erasing everything.
They are two different products. They do similar jobs, just in different ways. Sandboxie creates a sandbox to contain and restrict. NVT ERP stops them from executing.
I use sandboxie to contain everything during my browsing session. Whether it is a malicious exe, cookies or temp files. I know that once I close sandboxie that it's all being deleted. I also have my USB drives covered. Things can run but only enough to transfer them over to my system into a sandboxed folder. Once they are there I can do whatever I want with them. If something gets out and tries to run ERP should stop it. I say should because nothing is 100%. That's why we use layers. In the unfortunate event that a piece of malware gets past one of your defenses, you have another one to stop it.
I'm not trying to convince you to use sandboxie. Just to keep you protected with the resources you have.

 

What's in the signature, plus added additional deny rules to restrict execution in user-writable directories within the protected ones in the XP Pro setup. Also using EMET 3.0 in XP setup.

 

Events that are monitored in Jetico's Process Attack filter and a screenshot of partial rules restricting Rundll32.exe actions...

The Process Attack filter compliments and provides some overlap to the SRP restrictions of all executables and DLL's.

 

Good Afternoon! Installed Comodo 6.0 Firewall...Avast 8.0...Free Version...And WSA Essentials...Avast and Comodo...so far smooth sailing...zero conflicts with WSA. Avast is a simply must have A/V...the price certainly can't be equaled...I used their paid product in the past...and the basic product with the new features...bodes well for Avast...being introduced to an even larger user base.Well done Avast! Sincerely...Securon