What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. badsector

    badsector Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    51
    Firefox - Noscript , HTTPSeverywhere , adblock plus with tons of filters , about:config custom tweaks
    Sandboxie - Browsers , IRC and lots of system deamons
    EMET 5.1 - Browsers , IRC and lots of system deamons
    TinyWall
    Windows 7 Ultimate x64 - Disabled Vulnerable daemon plus more tweaks
    UAC - maxed out
    Bitdefender Live USB - on demand - I prefer this

    (If i feel life being paranoid i use these too... all of them :D )
    Dr.web Live USB - on demand
    Kaspersky Live USB - on demand
    AVG Live USB - on demand
     
  2. badsector

    badsector Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    51
    try my setup.. its super light and all free.. but i see on your sig that you have Malwarebytes pro... thats a plus too...
     
  3. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    I can see both sides to this little dust-up. Sandboxie is powerful stuff, but does it mean anything to answer every problem with praise for just one program? Maybe Sandboxie deserves it, I probably appreciate it as much as you do Bo, it's been on my computer since how it worked was first explained to me here a few years ago.

    There might be something to what you and Kees have posted in the last page or so. Layering is the standard here for good protection. Are there areas of security where Kees thinks using only Sandboxie leaves you vulnerable? If so, have you found a reliable way to cover them with Sandboxie?
     
    Last edited: Dec 3, 2014
  4. constantine76

    constantine76 Registered Member

    Joined:
    Dec 18, 2010
    Posts:
    191
    my current setup:

    Desktop 1: Emsisoft Internet Security + Malwarebytes Premium (on-demand) + HitmanPro (on-demand)

    Desktop 2: Avast Premier + Comodo Firewall ver8 (HIPS enabled)+ Malwarebytes Premium (on-demand) + Keyscrambler Pro

    Laptop : EAM + Online Armor Premium + Malwarebytes Premium (on-demand)

    Android 1: Avast Mobile Free + GreyShirts NoRoot Firewall + Adguard for Android

    Android 2: AVG Pro (Yandex Promo) + GreyShirts NoRoot Firewall + Adguard for Android
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,062
    Location:
    Nicaragua
    As far as I am concern, the little dust up is over. Don't stir it up.

    This reply is for you. The layered approach might work great for you but I found my own personal way of taking care of security. For me, it is safer and I feel more comfortable not piling up security programs, one on top of the other. By using three, four, five programs to take care of security, you end up opening holes in programs in order for programs to work well with each other.

    I avoid watering down Sandboxies protection by using Sandboxie on its own. I want Sandboxie at its best and that is what I achieve by not using anything else. You might not see the point of doing that but I do. I don't have to exclude this or allow that for SBIE to work (half fast) with other programs. In my view, that is security and I am being more secure by not doing any workarounds.

    In a few days, its going to be four years since I stopped using antiviruses or anything along Sandboxie. If I was doing things wrong, I would have gotten infected more than a few times already this past four years. But it doesn't happen. Why should I add security programs to protect myself against something that its not happening? It doesn't make sense.

    Besides that, by using Sandboxie the way I do, I don't have to do upgrades or updates everyday. That gives me peace. I get to enjoy computers and the internet more by not doing that every day, every week. You know, I turn on my computers and I use them as I wish. No worries and when I turn them off, I know my computers are clean. I never get the feeling that I have to run scans because I notice something strange. That don't happen at all.

    I can keep going and going but I ll stop here. The way that I take care of my security is not for everyone. I dare you to find one post of mine recommending to do things like I do. You wont find one, anywhere. But you will find many many of my posts recommending Sandboxie. Why shouldn't I recommend the one program that turned my computing experience to be joyful?

    In addition to Sandboxie, I do other things that are not for everyone. I mean, NoScript for me, has never been a pain. Its been a joy to use that program. In fact, I believe, for browsing, I don't really get much from Sandboxie. Sandboxie gets the credit but I believe NoScript is the one that really takes care of my security while browsing.

    And I do other things like not using Java and getting rid of plugins. In my W7, I don't carny any plugins. If I need to use one, I install it temporarily in a sandbox, after using it, I delete the sandbox and forget about it. Doing something like that is not for everyone but for me, its the way to go.

    All files that run in my computers, they run sandboxed from the day I download them till the day they get deleted. There are rare exceptions but thats the rule. And all is done automatically. Some people think that Sandboxie protection stops when you recover files out of the sandbox. Not me, I don't stop sandboxing files just because they have been recovered.

    Another thing that I do is I treat all sites the same. I shake my head when I read someone say, "I use SBIE for suspicious sites or suspicious files", I don't do that and I believe that is the wrong way of using Sandboxie. So I treat all sites, files and programs the same way. It works for me.

    Bo
     
  6. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Unfortunatelly my current home PC is very sensitive to security combos. Especially when I use SBIE or Comodo's sandbox for browsers. Unlike my office PC which is fine whatever paranoid combo I poke into it.

    Yes, that's true. Actually what I get it's unnecessary doubled fuss.

    +1
    I'm still shivering after a "toilet duck" prank from someone Kees1958. :)
     
    Last edited: Dec 4, 2014
  7. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    EMET 5.1
    Windows Firewall Control 4.2 (medium filtering)
    MCShield
    OpenDNS
    SpywareBlaster
    Firefox w/ NoScript
    SUPERAntiSpyware Free Edition
    MBAM (free)
    Sandboxie (free)
    ...and a little common sense

    No realtime AV protection as of now.
     
  8. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    I was trying to do the opposite of "stir things up", like talking about the interesting question of can it work to use one program (Sandboxie) exclusively instead of the accepted method here of layering security. But never mind, I misunderstood, you are layering too and Sandboxie isn't even the primary layer.
     
  9. jpcummins

    jpcummins Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    548
    Location:
    Terre Haute, IN
    I have currently Malwarebytes Anti-Malware (Premium), ZoneAlarm (Free), WinPatrol (Plus), Norton AntiVirus (Paid), Zemana AntiLogger (Paid). Rarely I may use an online scan.
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,062
    Location:
    Nicaragua
    I think, regarding browsing, you can say that NoScript blocks and Sandboxie contains. I guess using both programs is sort of using two layers. During the 6 years that I used both programs, I have never seen a Sandboxie message about blocking an unknown executable or program that attempted to run, that IMO is due to NoScript blocking the bad stuff that is all over the internet and doing it quietly.

    Perhaps, a few times, I had malicious programs downloaded into the sandbox when browsing the internet but they done nothing, some of this things can not even start when they are in the sandbox and since there is no reason to be looking inside the sandbox, I don't know.

    Thats browsing. But for the rest of what I do with computers, I got nothing but Sandboxie doing the protection. In a few words, any file that's downloaded or introduced into my computers, they run sandboxed until the day they are deleted- Its a simple rule and I follow it. Its not hard to do and it has worked for me. Once you get into it, its really easy. I don't even have to think about it, all done second nature.

    I remember telling you a couple of years ago and I think it was in this thread, running files sandboxed doesn't have to stop when they are recovered out of the sandbox. Why stop sandboxing files just because they have been recovered? For me, someone that doesn't have a scanner and totally depends in Sandboxie, sandboxing files for as long as they remain in the computer is they way to do it.

    justenough, I ll finish with this two thoughts about Sandboxie. I use my computers exactly as I would use them if I didn't use Sandboxie. There is nothing that I cant do because I am a SBIE user, if using SBIE was inconvenient or slowed things down, I would not be a SBIE user. Last, I know many people think of Sandboxie as a browser in a sandbox. But thats not what Sandboxie is. Sandboxing the browser is just a taste of what you can do with it. :)

    Bo
     
    Last edited: Dec 6, 2014
  11. After micro-tweaking Safe_Admin on desktop since 2010, I will settle for this, further hardening reduces functionality, so my Saint Nicalaus present for this year to this security forum will be, no more security setup changes, until I upgrade to Windows 10 :D

    My Home Desktop Windows 7 Ultimate 32 bits
    - Recovery: Windows image and SyncbackFree data backup to NAS & remote storage
    - Network: behind SPI-Router with Windows Firewall (set 2-way & risk-ware disabled)
    - Security: SRP, block autoruns/scripts/shell for basic user, added MBAE & Zemana
    - Blacklist: Norton DNS (connect safe), Chrome (safe browsing), µBlock (anti-ad lists)

    My Asus Transformer Windows 8.1 32 bits (with classic shell)
    - Recovery: Windows 8.1 recovery, data to 64GB SDXC Card, sync via cloud to NAS
    - Network: Microsoft Windows Firewall set 2-way and risk-ware services disabled
    - Security: added MBAE & Zemana, System Wide Smartscreen (admin consent)

    - Blacklist: Norton DNS (connect safe), Chrome (safe browsing), µBlock (anti-ad lists)

    Wife's laptop Windows 7 Ultimate 32 bits (light with low pop-ups)
    - Recovery: Windows image backup and SyncbackFree data backup to NAS & remote
    - Security: SRP, Webroot Secure Anywhere (firewall, warn for untrusted), MBAE
    - Blacklist: Norton DNS (connect safe), Chrome (safe browsing), µBlock (anti-ad lists)
     
    Last edited by a moderator: Dec 9, 2014
  12. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,466
    Location:
    Land of the Light
    @Windows_Security

    Why Not running x64 OS?
     
  13. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Disappointment with Bitdefender Total Security 2015. Winamp didn't start and after attempt to run winamp svchost.exe consumed 30% of CPU. Otherwise BTS feels lite.

    Btw they have nice user support for lic users. I had correspondence with them on some other question (couldn't make FW to go in "Ask" mode for outgoing apps). They replied to each email in about 24 hrs. It took me only 4 emails to explain finally what I want and only 2 emails with a bit incorrect explanations from them how to make "Paranoid" for the whole BTS 2015, as for just FW it's not possible. It's OK as the BTS is not for tweaking but for just using - install and forget.
     
    Last edited: Dec 6, 2014
  14. My desktop at that time was a Pentium E6200 dual core with only 2 GB of RAM, so 64 bits would not run nicely. Wife's laptop had 4 GB RAM, but it was a Celeron P4600 dual core with little cache. Since instructions are twice the size as 32 bits, the CPU cache should be twice as effective when on 32 bits OS (I thought). Easier for me to have the same OS on both machines.
     
  15. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Kaspersky IS
    MBAE with 7 additional shields for routine apps, including sidebar and Process Explorer.

    The setup is very lite. I like idle scan in Kasper.
     
  16. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    281
    Location:
    Philippines
    Desktop PC: Microsoft Windows 8.1 SL x64
    - SmartScreen Filter: on, get administrator approval
    - User Account Control: max, always notify
    - Windows Firewall: on
    - Standard User Account
    - EMET 5.1: max settings, popular software and Internet-facing applications

    Mozilla Firefox 34.0
    - Master Password enabled
    - AdBlock Plus: EasyList

    ESET NOD32 Antivirus 8
    - Enabled potentially unwanted, unsafe and suspicious applications
    - Integrated document protection


    Malwarebyte's Anti-Malware Premium
    - Enabled advanced heuristics and rootkit detection

    SyncBackPro 7
    - Back-up on change, but only after 300 seconds of inactivity
    - Mirror important documents and media to separate storage

    _____________________________________________________________

    Wife's Laptop: Microsoft Windows 8.1 SL x64

    - SmartScreen Filter: on, get administrator approval
    - User Account Control: max, always notify
    - Windows Firewall: on
    - Standard User Account
    - EMET 5.1: recommended settings, popular software and Internet-facing applications

    ESET NOD32 Antivirus 8
    - Enabled potentially unwanted, unsafe and suspicious applications
    - Integrated document protection


     
  17. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Looks like you are closer to using the full abilities of Sandboxie than I am. But it's still doing a good job here, the only time something got by Sandboxie was a slip on my part, letting something out of the sandboxed download folder without checking it first with an on-demand scanner. Wasn't running a real-time AV at the time. That's the reason for my layering, for when I slip up.

    Sorry if my last post to you seemed harsh. Looking at it now I don't think the tone intended is apparent. I should have put a wink and smile at the end.
     
  18. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,062
    Location:
    Nicaragua
    This is why I recommended to you not to stop sandboxing files just because they have been saved out of the sandbox. In my personal case, even if I was using real time antivirus or on demand scanners, I would continue sandboxing files for as long as they remain in my computers. When I recover files out of my Firefox sandbox, the only question really is in which sandbox they are gonna run. And that depends where the files are at in the computer and what kind of files they are.

    Greetings

    Bo
     
    Last edited: Dec 9, 2014
  19. That is called seamless containment in the file system, on 32 bits that is provided by a program called DefenseWall (on XP GeSWall sort of does both of what DW and SBIE offer). On 64 bits BufferZone Free offers this when enabling the application (and script) control option. Although BufferZone's sandbox is not as restrictive as SBIE's sandbox or DW's seamless containment
     
  20. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,062
    Location:
    Nicaragua
    DefenseWall is a great program. The only reason why I use Sandboxie instead of DefenseWall is because Sandboxie has a free version. I discovered both programs at the same time but since Sandboxie had the free version, it was easier to test and get to know. And thats what I did.

    After using Sandboxie for about a year, I got me a license for DW and used both programs together for a while. After purchasing my SBIE license, to avoid possible conflicts, I stopped using DW. But to me, both programs are amazing and both do the same, they just get it done differently. I personally dont see much difference between both programs.:)

    Bo
     
  21. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Home PC:

    Windows XP Pro SP3: Secondary Admin, Default Deny SRP, Barebones cubed
    Netgear AC1450 dd-wrt (just upgraded my router)

    Comodo FW/D+ 5.10: FW- Custom Policy, Alerts- Very High, all checked except ICS server setting. Advanced- All checked, All ports stealthed
    D+- Paranoid, Untrusted- Cloud settings unchecked. Sandboxing disabled/all unchecked. All monitoring enabled. Trusted vendor list (vendor.n file) deleted
    Sandboxie Lifetime 3.76: All removable drives and new/incoming files auto-sandboxed & isolated.
    TrueCrypt 7.1: FDE
    Shadow Defender 1.1.0.325: Select partitions (including OS) in Shadow Mode- System Startup
    Macrium Reflect Free 4.2.3638: Several states imaged

    On Demand Scanning:

    VT Hash Check 1.01
    MBAM Free v2
    Hitman Pro 3.7
    TDSS Killer
    GMER

    Firefox 27.0.1, Ixquick Custom Search, Plugins: Adblock Edge, Calomel SSL Validation, CS Lite Mod, HTTPS-Everywhere, NoScript, Private Tab, RequestPolicy, WOT, Youtube ALL HTML5, Element Hiding Helper for Adblock Plus. ABE Filters: EasyList, EasyPrivacy, Fanboy's Annoyance List, Malware Domains.

    No Plugins. No Java. No Flash. No .NET Framework. No PDF program. No MS Office. No IE.
     
  22. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,475
    Location:
    Italy
    Xp Home SP3
    Windows Firewall
    Trick Myrrh-Sebijk-Harkaz
    PsExec
    System Restore Off
    Black Viper's
    Norton Connect Safe
    EMET 4.1 U1 *
    SBIE

    Firefox-ABP,Ghostery,WOT,Noscript,HTTPS Everywhere,Toggle Referer.


    On Demand

    Hitman Pro
    HijackThis Portable

    * Upcoming transition to MBAE Premium
     
  23. Tunerz

    Tunerz Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    110
    Location:
    Philippines
    Prefer running light nowadays.

    UAC
    Sandboxie
    Windows Firewall Control
    Avira PC Cleaner
     
  24. wiwul

    wiwul Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    133
    Windows 7 x64
    With Emsisoft Internet Security
    and Malwarebytes Anti-Malware (MBAM)

    in case of files that I don't trust I check them thru Virustotal on top.

    My guess this is -generally- sufficient.
     
  25. bberkey1

    bberkey1 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    244
    Location:
    United States
    Been testing NVT with Appguard it is has been fantastic. I enjoy using windows firewall control, which has also been easy and light weight. I still have a few programs that I used to run, but wasn't sure if they would be needed with the NVT&AG set up such as; Malwarebytes Anti-exploit and NVT driver pro. Any benefit from running them with the setup? Also, would having UAC set to high be effective anymore?
     
    Last edited: Dec 11, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.