What is your security setup these days?

Comodo FW on XP does pretty good.
Feels light to me, anyway.

 

My company uses McAfee and as employees, they offer us free McAfee IS for 3 pc's...decided to give it a try after all these years...very light but still checking it out.

 

But You never drop Shadow Defender, unless I missed one of the changes.

 

It still protects against the following:

quote taken from http://noscript.net/features

 

Jetico fw on XP isn't too shabby either; Besides its excellent packet filtering, it even offers HIPS-like options and it's still supported, unlike both LnS and Kerio...

 

That is the same thing I decided on but I'm exploring some other aspects now. As of now, I have added EMET and use Emsisoft Command Line Scanner instead of HMP.

 

Shadow Defender has worked flawlessly with any and all combination of security set ups I've tried to date. So until that changes SD has a permanent home here.

 

See my sig, all are free, except WinPatrol Plus and Mbam.

 

Trying Bitdefender IS since I'm working on taxes (feel safe) ! Is it just me or does it seem like about 6 months since the last independent tests were published!

 

Added EMET 2.1.

 

back to hips in real time

 

CW9 - There are newer versions of EMET available
-http://www.microsoft.com/en-us/download/search.aspx?q=EMET

 

Yeah but they are much heavier on the system in my experience. I too, use EMET 2.1 when I use EMET.

 

Yup. Although, I'm going to put EMET 3.0 on friends and families computers because it has the notifier, which in my opinion drastically helps them and or me troubleshoot any problems they have. If they know what to do when they see that popup, then they can fix the problem instead of wondering why it isn't working and inevitably spamming the mouse button trying to open the program. And if they don't know how to fix the issue, I can at least figure out what is wrong a lot faster if I have to help them over the phone.

 

Nope, son....it won't get the job done.

 

Good going.

 

Rootkits. Avast caught one on my box the other day. Don't have a dam clue where it came from. Although I have a hunch....anyway, Avast deleted it, i ran a bootscan to make sure (thats what I love about Avast) then to be Doubly sure, ran a system restore (poor mans imaging- yeah, I know some of you will say if you restore to an infected time, the infection will still be there-No, I set restore points after much checking-it is not) Here is one hard lesson why after all these years I still stay with Avast.....'nuff said.

 

Heavier how? There's basically ZERO weight to EMET. It's a DLL, that's it. EAF mitigation adds 1 thread to processes (a bit "active" context-switch wise ). 1 or 2 of the new mitigations in 3.5 also create a thread.

If you're talking about the Notifier in 3.0, don't run it (but again no weight when it's just sleeping). That's the only thing it added, no new protections. (Plus * wildcards and %var% in paths). The ROP stuff was added to 3.5, which again you can use without the Notifier. And I challenge you to show the "weight" difference between 2.1 and 3.5 with ROP enabled.

I don't want anything taking any resources on my systems, and I think my configuration is about as "zero weight" (zero gravity? ) as can be.

 

Avast is very good and the boot scan is great. IMO its close or even on par with some of the big dogs. To top it off Avast offers a free version with a complete package is just generous.

 

I know it might not make sense but it just feels heavier...

 

Actually I noticed the same thing and If I am not mistaken others have reported the later being a little heavier.However,I still use the latter.

 

DefenseWall 3.21
Shadow Defender 1.1.0.325

AdMuncher 4.93
Macrium Reflect 4.2

OpenDNS
Opera

 

The notifier is the only thing that'd make 3.0-3.5 heavier. But even that is very minimal. It adds about 27 MB of RAM on my box, and 0 CPU. Disable it and the new versions are just as light as 2.1

Of course, enabling more mitigation techs on your programs "can" make them a hair heavier too. But I think that'd only apply on a box with dated specs, like the one I owned just 2 short weeks ago. It doesn't show on this one with a Core2Duo CPU & 4 GB of RAM. I have all mit techs enabled for some programs and they're just as fast now as they were before.

I was also apprehensive about 3.5 because it's beta, but it seems very stable to me. So really I see no reason not to use it. Once you get everything set up the way you want it disable that notifier to get that 27 megs of RAM back if you want it that bad. The thing I was more apprehensive about was putting .NET FW on my box, not which version of EMET to use. Because with low specs .NET FW can really make it's presence known. But on my present box, I notice no difference with just fully patched v2.0 SP2.

 

Yes, very light indeed considering it has a comprehensive HIPS attached to it as well. And I've fallen in love with HIPS... great for the OCD's like myself, so it's perfect for me.

But for a pure outbound FW only, on XP, there are none lighter than LnS & Kerio 2.1.5.

 

It aint goin anywhere here either. I was reluctant to use it for awhile because I thought it would be difficult... same with Sandboxie. And as with SBIE, could not believe how simple it was once I actually gave it a whirl. I mean you just pick the partitions you want in shadow mode... toggle it on/off with 1 click. Have your exclusion list that works much like autorecovery in SBIE... for things you want to stick even in shadow mode. And that's that. 2 minutes and I feel like a veteran.

I think of it as a Sandboxie for my entire computer, basically.