What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    Here is my current security setup:

    OS:
    Windows 8.1 Update x64 Pro with all updates installed.
    Software restriction policies are applied for all users. Dll monitoring is enabled also.
    User Account control is set to maximum.
    System wide SmartScreen is turned on.

    Firewall:
    I'm behind a router with SPI firewall.
    I have Windows built-in firewall enabled. Outbound connections are not monitored.

    Backup:
    I use Macrium Reflect for daily incremental backups of my system.
    I use Cobian Backup for backup of my personal files.

    For Update checking I use:
    Windows Update
    to check for system and Microsoft updates.
    Secunia PSI to check for security related updates of my software.
    SUMO to check for all software updates.

    Browser:
    I use Google Chrome for my online activities. Startpage is used for searches.
    uBlock is only extension installed. I use group policy to prevent installation of other extensions.
    Plugins are set to Click to play.
    Advanced security an privacy related settings are configured.

    On-demand AM tools:
    HitmanPro - daily scan
    Malwarebytes Anti-Malware - quick scan 2-3 times a week
    Emsisoft Emergency Kit - smart scan 2-3 times a week
    Avira PC Cleaner - system scan 2-3 times a week
    Virus Total Uploader - uploading downloaded files to VT for check before open/running them.

    Other security related tools:
    I use CCleaner to clean temp and other junk files. I also clean registry and overwrite free space once a month.
    I use Clear history TC to clean history in Total Commander.
    I use KeePass to store my passwords. Unique passwords are used for each login.
    TrueCrypt is used to encrypt sensitive data in encrypted container.
    I use VirtualBox for testing purposes.
    I use Process Explorer as replacement for Task Manager.

    hqsec
     
    Last edited: Jul 17, 2014
  2. buckslayr

    buckslayr Registered Member

    Joined:
    Jun 1, 2009
    Posts:
    484
    Location:
    Michigan, USA
    Using what's in my sig. Really liking this set up.
     
  3. guest

    guest Guest

    I actually missed that info, thanks.

    I forgot what the driver does, but it's in HMP's program directory (you need to "install" HMP in your computer BTW). Perhaps it was for context menu scan, but I am not sure. :doubt:
     
  4. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Re-installed Ikarus Anti-Virus/2.7.20...with WSA Security Plus...and AppGuard. Sincerely...Securon
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    OK, to answer my own question - after looking for other executable filetypes, I've added this to my designated file types list:

    BIN
    GADGET
    INX
    ISU
    JOB*
    JS
    JSE
    MST
    PAF
    PS1
    RGS
    SCT
    SHB
    U3P
    VBE
    WS

    I think I covered most of them.

    *JOB file for some scheduled tasks is located in blacklisted C:\Windows\Tasks directory. So when adding this extension all JOB files should be whitelisted, otherwise they can't run. I've whitelisted them by hash. Tasks that are stored in C:\Windows\System32\Tasks don't have JOB extension so I guess they don't have to be whitelisted.
     
  6. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    For as much as I love trying new setups, I am kind of growing tired of not staying in one spot.

    I think I am ready to settle down

    Comodo Internet Security + Adguard Premium
     
  7. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    I have been experiencing with setups lately as I was using Chrome as my main browser. My goal was to find out which setups work best with Chrome and I have found out that anything that injects .dlls (for example: MBAE, HMP.Alert, EAM, Webroot) into the browser processes painfully slows down the web experience for me.

    It is noticeable because my computer is very fast and Chrome is blazingly fast when nothing tampers with it. However dll injection becomes noticeable every time I open a new website. This is because Chrome closes the old tab process and launches a new one. I have also witnessed it happens with Sandboxie, as this program massively tampers with Chrome's own policy in order to make it work in its own context. This shows when opening a new webpage as well because Sandboxie has to manipulate this new process the same way (I wouldn't use Chrome in Sandboxie anyway, just tested it to measure the performance impact).

    Of course this doesn't affect Firefox as everything runs in one single Firefox.exe, aside from plugin-container.exe and Flash, but these processes are not constantly spawned during a single session and hence it is hardly noticeable with them as well.

    I haven't bothered trying programs which scan the http traffic, as there would definitely be slowdown to some extent. On top of that the Chromium developers have stated in the past that anything that tampers with the sandbox rather decreases security instead of adding anything beneficial to it. So I don't see any reason to suffer the performance penalty.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    @FleischmannTV I have similar experience with Chrome. I was using it with Sandboxie and Chrome launch or opening new tab was usually noticeably slower than when Chrome was used alone. That's why I hesitate to use it with software like EMET, MBEA, HMPA or SBIE. Some of Chrome updates can also break compatibility with those tools and I don't like to troubleshoot problems that might arise after each update.
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    You see, this is why I wish Firefox remains Firefox. If this process of making Firefox like Chrome continues, I wont be able to keep using my simple and reliable setup (Firefox with NoScript and Sandboxie).

    Note: To make Firefox, Flash and SBIE work better "in my computers", I have to disable plugin container in XP and Protected mode in W7.

    Bo
     
  10. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    I have not noticed any noticeable differences between Chrome And Firefox. My Chrome is so blocked with HTTP Switchboard against websites and maybe that is why I dont much notice. But all the sites I have white listed usually work sandboxed just as well with Chrome, albeit I am not such a heavy user. Sometimes watch porn vids yes etc lol. Chrome used to take more CPU for those things than Firefox, because of maybe its own flash implementation or something. I have not tested lately.

    I could perhaps same as you FTW, because of AppGuard protection allow Chrome unsandboxed. But I would feel naked without.Despite that AG will offer some protection against the spawned processes from the surfing.

    @Bo, I think you are not using bookmarks toolbar in Firefox, It must be annoying how close the 2 browser interfaces are. I used to custom my Firefox a lot also same as you do I think. I have stopped it and loving the quite same interfaces the 2 of my favorite browsers now have. I can make almost no difference in usage. It is always to accept the change or keep the old habits. I myself bend a little and look to accept what interfaces are given. But I understand you :)
     
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    Hey Jarmo. Bookmarks toolbar? Never used it. I like my browser how browsers functioned and looked before Chrome started showing up. In my opinion, whoever invented early UI for browser did a hell of a job. This people:cool: knew what they were doing. Thankfully, we still can have Firefox that way by using Addon Classic theme restorer.
    https://addons.mozilla.org/en-US/firefox/addon/classicthemerestorer/

    This addon allows me to open bookmarks as a sidebar with one click. And I can set Tabs not on top. Those are preferences that I don't want to bend. To me, its very uncomfortable not to have bookmarks as a sidebar. I also like my Home button. In Firefox you can have it that way.

    Bo
     
  12. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    Then we'll have to get you over to Palemoon (works great with NoScript) in Sandboxie.:cool:

    Anyway, uninstalled Private firewall and will use window's 7 FW, along with a router should be adequate. Installed MSE 64bit and will give that a go. Should be enough with MBAM pro I would think. The rest is in the signature.
     
  13. JohnMult

    JohnMult Registered Member

    Joined:
    Mar 26, 2012
    Posts:
    118
    Location:
    Greece
    After many different compinations I finally found this one:
    1. Chrome with DropMyRights because I am under Admin account
    2. entension ublock with 5 lists enabled (Easylist, EasyPrivacy,  Peter Lowe’s Ad server list, MVPS HOSTS, AntiAdblock)
    3. Norton DNS
    4. AVG LinkScanner 2014
    All together seems to have very llitle impact to Chrome and with good old ESET antivirus I suffer no slowdowns or whatever during casual surfing...
     
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    If you're using Windows 7 or Windows 8 I don't think that this is necessary. Google Chrome is running with Low or Untrusted integrity level. All you have to do is enabling UAC.


    upload_2014-7-13_20-13-31.png
     
  15. JohnMult

    JohnMult Registered Member

    Joined:
    Mar 26, 2012
    Posts:
    118
    Location:
    Greece
    Still Windows XP Home here...
     
  16. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    In that case using DMR makes sense. I like your setup also :thumb:
     
  17. KelvinW4

    KelvinW4 Registered Member

    Joined:
    Oct 11, 2011
    Posts:
    1,199
    Location:
    Los Angeles, California
    What do you guys think about SecureAPlus and Roboscan Internet Security?
     

  18. Solild setup
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
    Thnx :)
     
  20. Smart phones:
    - My Windows phone no 3rd party security
    - Wife's Android phone hardened settings, added applock

    Wife's Laptop WIN7 Ultimate
    - Bios password, default user is running as admin, disabled remote services
    - Secure policy (UAC signed only, SRP user space, ACL deny for drive-by's)
    - Webroot Secure Anywhere warning for untrusted connections & executions

    My Transformer Netbook WIN 8.1 Home, added classic shell
    - Enabled Windows Firewall for outbound, disabled remote access services
    - Deny elevation/installation of unsigned drivers/programs (set through regedit)
    - AppGuard V4 (windows update as power app, all publishers of drivers set to trusted)

    My Desktop WIN7 Ultimate
    - Enabled Windows Firewall for outbound, disabled remote access services
    - Secure policy (locked internet facing, SRP user space, ACL deny for drive-by's)
    - AppGuard V4 (power-aps windows/chrome/mbam update) and MBAM V2 (life time)

    Netbook synchronizes 7 GB to SkyDrive and 5 GB to Asus Webstorage (11 GB free on SSD for data). NAS serves as backup for desktop and laptop. Netbook and smartphones have access to media files on NAS. NAS is behind WL-router and cable modem firewall. Wireless guest usage and TV-settopbox connect to (first) cable modem/router. Trusted PC's connect to second WL-router (laptop and desktop on 2,4 Ghz, smartphones and netbook on 5 Ghz) through static IP-connections and MAC-access control (with email notification for intrusions). With 17 overlapping networks in this neighbourhood, still achieving 90% of advertised ISP download speed.
     
    Last edited by a moderator: Jul 19, 2014
  21. Houley456

    Houley456 Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    186
    Don't know about Roboscan....but SecureAPlus (AV disabled) and KIS 2015 works great for me...
     
  22. trojan

    trojan Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    123
    Location:
    london
    i cant find any hips firewall that doesn't become incredibly annoying or unstable after heavy use so i ditched those
    maleware defender was the best i found for being light on the system but even that had problems with creating open rules that i had to constantly delete
    comodo outpost onlineArmour privite firewall were all given a chance but i find the system performance while these are installed does not justify their use or benefit on my system

    i like to use a virtual machine and sandboxie pchunter (xuetr) to test out new programs
    along with RollbackRX
    not a fan of real time protection anymore because of degradation of system performance
    but i do have pandas free cloud thing on my laptop

    i also like returnil as it stops drivers being loaded during the protected session
    rollbackRX is vulnerable to MBR attacks or win 8.1 update but this is ok since its not designed to be an antimalware programe but i find it one of the best for my usage
     
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    I use WSA.:)
     
  24. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,695
    Location:
    USA
    The other day, for about a minute, I thought about changing my set up then decided against it.
    Still Sandboxie and some other stuff.
     
  25. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    About three years ago, I not only thought about it but actually took Sandboxie down. That lasted for a couple of days. Feeling danger is exciting and for me using Sandboxie makes that feeling go away so it can become monotonous, perhaps boring a little but thankfully I am a routine kind of guy and when my better senses came back to me, I put SBIE back.:)


    Bo
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.