What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    297
    Location:
    USA
    Yes, I agree
     
  2. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    523
    Location:
    Australia
    Yes they are very affordable, even a Chromebox for a desktop experience.

    regards.
     
  3. brainrb1

    brainrb1 Registered Member

    Joined:
    Mar 15, 2010
    Posts:
    491
    Windows 8.1/64 bit

    AVG Internet security 2015
    HMPA
    NVT. EXE Radar Pro
    MBAM Premium
    UAC-max,SmartScreen

    IE 11 ... Enhanced Protection Mode,ActiveX Filtering
    Chrome x64 with AdBlock,Vanilla Cookie manager, Flash block and Plug-ins=click to play
    Shadow Defender

    Portable/Tools

    Hitman pro
    XyPlorer-full Portable
    Autoruns
    ProcessExplorer
    CurrPorts
    Wireless Network Watcher
    BleachBit
    Windows Disk Cleanup
    Windows Image and Recovery
     
  4. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    RE: ChromeOS - Wouldn't a linux distro serve the same purpose, and even run on older hardware?
     
  5. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    297
    Location:
    USA
    Send PM instead of hogging this thread I think it would be respectful.:thumb:;)
     
  6. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    700
    Location:
    North America
    I uninstalled the 8.0 CFW version and installed the 5.12 V and followed the above recommendations above along with Chiron's tweek for verions 5.12 and will see how it all goes. One thing, there was less bloat to download with this version as opposed to 8.0. Stay tuned......
     
  7. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    You can use Bitlocker and you don't have to use a flash drive. You can choose to use a password to open the drive instead. It's very simple and better than TC. You should change encryption of BL from the default 128 bit to AES 256 bit should you decide to use BL.

    To use BL without TPM:

    Search for Group Policy in the Charms Bar. Then select Edit Group Policy.

    In the left pane of Group Policy, click/tap on to expand Computer Configuration, Administrative Templates, Windows Components, BitLocker Drive Encryption, and Operating System Drives.

    In the right pane of Operating System Drives, double click/tap on Require additional authentification at startup to edit it.

    Select (dot) Enabled, check the Allow Bitlocker without a compatible TPM box, and click/tap on OK.

    To change BL encryption strength:

    In the left pane of Group Policy, click/tap on to expand Computer Configuration, Administrative Templates, Windows Components, and open BitLocker Drive Encryption

    In the right pane of BitLocker Drive Encryption, double click/tap on Choose drive encryption method and cipher strength to edit it

    Select (dot) Enabled.

    Under the Options section, select the encryption AES 256-bit
     
  8. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    Ah I see. Thanks a lot for the information guys. It's lot clearer to me now. I'll definitely keep an eye new Chromebook models this year.:)
     
  9. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    297
    Location:
    USA
    Your welcome, anytime.:):thumb::cool:
     
  10. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Webroot SecureAnywhere, HitmanPro, and HMP.Alert RC3.
     
  11. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Time for a big update on changes;

    Connection/Multi-Homed:
    WideOpenWest 60Mbps Cable Connection WAN1
    AT&T 10Mbps DSL - Multi-Homed, Failover via WAN2.
    AT&T 4G LTE Hotspot Box - Provided by work for free, in the event everything else fails.
    Norton Connectsafe DNS

    Frontend:

    Motorola DOCSIS3.0 SB6141
    ASUS RT-AC87R w/Trend Micro Gateway (UTM)
    Untangle Layer 7 NGFW(UTM in Transparent Mode) w/Virus Blocker Paid(Bit Defender), Virus Blocker Lite(ClamAV), Adblocker, PhishBlocker, Webfilter, Intrusion Guard.
    Layer 3 GBE 16 Port Switch (Cisco)

    Systems:
    Win 8.1x w/Tweaks+Lockdowns
    Norton 2015 w/Aggressive Settings
    K9 Web Protection (Bluecoat - Malware, PUA, Phishing, Adblock, and Exploit blocker databases only - everything else off)
    Chrome w/uBlock, HTTPS Everywhere, Tab Cookies, Norton Toolbar.

    Backup/Redundancy
    Lenovo IX4-300D 12TB Raid10 Network Access Storage (NAS)
    3X Cyberpower 1500VA AVR UPS
    Generac 20,000 Watt Air-Cooled Aluminum Enclosure Natural Gas Powered Standby Gen w/Transfer Switch

    Network Structure
    Subnet Segregation
    VLAN Isolation

    Given the network security, I DMZ policy the DSL (when not in failover capacity) a honeypot system for research purposes, running VMWare. (obviously) I also run multiple servers in the home, including an FTP, Security, Camera, etc.
     
  12. badsector

    badsector Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    51
    that back up... its just... wow...
     
  13. ReverseGear

    ReverseGear Guest

    I know some of those words !!
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    I was aware of the password option, but thought it was for W8 only. Further reading seems to indicate it is for W7 as well. Maybe I figured the flash drive w/key was more secure than the password route. I remember wishing I could figure out how to use KeePass in this mix, both for added security and for ease of long/complex password input.

    Thanks for the post, ams963. :thumb:
     
  15. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I'm super-picky about adding latency, and slowing browsing, so this solution actually adds >2ms latency to the entire 'experience'. But I am also a big fan of hardware based solutions, and solutions that work on web filtration/scanning. So in this case, the following layers are implemented on every HTTP/HTTPS call.

    ConnectSafe DNS ->> Trend Micro (URL/Fingerprint) ->> Untangle Adblock ->> Untangle Web Filter(.SCR blocking, etc) ->> Norton Web Protection ->> K9 Web Protection(Malware/Phish/Ad only) ->> Norton Toolbar ->> uBlock ->> Chrome Malware/Phishing.
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    It's back to Roboscan for me for the moment. I've always liked Roboscan due it being extremely light, and being able to not automatically quarantine threats. Also it's very easy to exclude items from further detection, which I find handy as I have a lot of installers with adware that I want to keep.

    It's a shame that the program has not been updated for over a year, but a least it does not suffer from a having a very slow update server any more. It didn't take too long to 1,188 updates. I can't comment on the download speed to download the installer as I used the downloader FlashGet to download it so that I can easily check for product updates.

    I'm also using BeeDoctor for on demand scans, but it has a few issues with false positives which seem to come from its own heuristics rather than the Avira definitions. But, I'll keep in installed for now as I like its cleaning and speed up features.
     
  17. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    You're welcome.:) I've turned on BL for both the system drive and my documents drive. I had read posts in my thread in the privacy sub-forum about Windows keeping backup of every file or something like that. And I was suggested to encrypt the system drive as well. I use the master password of LastPass on the document drive and part of it on the system drive. That way I have to remember one password and they all can have long complex passwords. I use the password option because I'm not known for keeping everything orderly. What if I can't find my flash drive and lose it? What if I need to use my computer immediately but can't find the flash drive in time? I've deleted the recovery key file of BL as well. Protection, simplicity and convenience. :)
     
  18. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    Fedora 21 workstation locked down through root and hard drive passwords with SELINUX, rkhunter once a week, haven't run clamwin yet. I tried to get DNS-Trigger running for DNSSEC support and its supported but couldn't get SELINUX to allow it. Working on that.

    I'm running Chrome Dev with the following command line switches

    sr/bin/google-chrome-unstable --enable-strict-mixed-content-checking --enable-strict-site-isolation %U

    uMatrix (only running Dan Pollocks Hosts list as I understand it includes some canvas blocking, uBlock w/EasyList w/o element hiding rules and not set to parse and enforce, LastPass, 'strong password generator' (the beast of all password generators), Referer Control set to show [TARGET_HOST] so it shows where I'm going is where I came from, HTTPS Everywhere (finally gave in to running this full time), hyperlink auditing is disabled in chrome:flags, My Google account is set up using two factor authentication.
     
    Last edited: Jan 9, 2015
  19. The layered defense malware needs to pass on my Windows 7 ultimate 32 bits desktop:
    1. WFW 2-way > Norton DNS > OS Sandbox > AVG Linkscanner > ViRobot APT-shield
    2. ACL set deny execute file in threatgate folders > SRP deny execute for basic users
    3. GPO disabled elevation of unsigned, risk-ware, user autoruns, 16bits, cmd, scripts
     
    Last edited by a moderator: Jan 14, 2015
  20. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    You can get similar functionality if you enable Spoof HTTP Referer in uMatrix:
     
  21. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    uMatrix seems to be using a lot of memory these days so I was looking to offload some of the functionality.
     
  22. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Sandboxie and Webroot.
     
  23. Pirate_fin

    Pirate_fin Guest

    Sandboxie and Windows Defender.
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    webroot and hitmanpro
     
  25. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Afternoon! jmonge...secure minds think alike...Lol! Currently...using WSA Security Plus...AppGuard...and MBAM Premium. Stay warm on the Prairie's My Friend. Sincerely...Securon
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.