What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I've used both. On remote cleanups I use Portable to avoid forgetting to uninstall it on client machines.
     
  2. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    And no difference in functionality?
     
  3. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Haven't seen any.
     
  4. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Thanks again!
     
  5. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    562
    Location:
    The Outer Limits
    The clue is probably in the title "Bleachbit" all sounds a bit drastic to me.

    Regards Eck:)
     
  6. Ro4dRuNn3r

    Ro4dRuNn3r Guest

    F-Secure -> G DATA IS :-*
    Very happy with it. Going to keep it for a while. ( i hope :rolleyes:)
     
  7. darts

    darts Registered Member

    Joined:
    Feb 19, 2009
    Posts:
    443
    Location:
    Netherlands
    How light and goog is G DATA 2015 for you?
     
  8. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,738
    Location:
    USA
    Store your back up drive(s) offsite, like in a bank safe deposit box, or at home in a good fire-rated safe.
    You can also store encrypted drives at a second location, then you'd need to have both locations burn to the ground in order to suffer loss. I utilize the bank and the home safe... as well as fire extinguishers and smoke detectors. ;)
     
  9. Ro4dRuNn3r

    Ro4dRuNn3r Guest

    I had G DATA back in 2008/9 and it was really heavy on my System. Now, i even can't feel it is there (using SSD as my main HD). GUI is easy to use.
    More important to me, G DATA is from Germany, therefore German laws apply (data protection and data security).
     
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,451
    Location:
    Slovenia
    Network Security:
    Router with NAT firewall
    Windows firewall - inbound only

    System Security:
    Software Restriction Policies
    User Account Control
    put on max
    Macrium Reflect - daily incremental system backup
    Various security settings modified using Group Policy
    ESET AV
    - scan on file execution only, HIPS with memory scanner and exploit blocker enabled, protocol filtering disabled

    Applications Security:
    Google Chrome - uBlock (Ads, Privacy, Malware, Social + 3rd party scripts and frames), other privacy and security related setting modified, disk cache directory set on Ramdisk
    Microsoft Office - disabled ActiveX & macros, enabled protected view, disabled all settings under privacy options, in HTML pictures download disabled
    PDF X-Change Viewer - disabled Javascript, removed all search providers
    Utorrent - outgoing protocol encryption enabled; in advanced settings disabled feature content, offers and other unwanted components.
     
    Last edited: Apr 14, 2015
  11. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    • Standard User Account
    • UAC set to Max
    • Windows Firewall enabled + NAT
    • Window SmartScreen enabled
    • Windows Update enabled
    • EMET 5.2 on Recommended settings
    • Sandboxie (Lifetime) - Browsers, Flash Drives, E-mail client all sandboxed
    • uBlock, DuckDuckGo, WOT
    I am going for a simple but secure setup

    What do you think? Anything I should get rid of, Possibly change?
     
    Last edited: Apr 12, 2015
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,451
    Location:
    Slovenia
    It looks solid to me. I would only get something to backup system and personal data.
     
  13. th3m

    th3m Registered Member

    Joined:
    Jan 28, 2013
    Posts:
    11
    can you please explain also the first part?
    "- WFW (two-way), Applocker (allow trusted only), UAC (allow signed elevation only)"
     
  14. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    Sorry, I forgot to mention that, I use EASEUS To Do Backup

    Thanks for your reply, I appreciate it.
     
  15. 1. Windows FireWall also blocking outbound trafffic by default
    2. Applocker is a feature of Windows Ultimate, you can select which publishers you trust and are allowed to run
    3. See this old post When you set "ValidateAdminCodeSignatures" to 1 this pop-up will show when an unsigned program tries to elevate

    Untitled.png
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,074
    Since I unintentially killed Windows 7 a few days with BleachBit, and have not managed to fix my Windows 7 install just yet, I'm back to using Windows 10 until I get my Windows 7 partition working.

    Under Windows 10 I'm running Webroot SecureAnyware. It's very light so far, and I'm quite impressed that it has not remove anything without asking me first. I don't see the point of continued rescans whenever a non active threat is found, but other than that I'm quite happy.
     
  17. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,059
    Basically the same setup as mine. I like it a lot. Just use on demand scanners once a week.
     
  18. koolthing

    koolthing Registered Member

    Joined:
    Dec 6, 2012
    Posts:
    13
    Location:
    Netherlands
    Comodo Firewall
    Mullvad (with firewall settings that blocks certain apps from the internet when vpn is unable to connect)
    UAC Default Settings
    Malwarebytes Anti - Malware Free Edition
     
  19. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! Avira A/V Pro...AppGuard...and Voodoo Shield...Light and Right! Sincerely...Securon
     
  20. Tomorrow Strong & Wrong?
     
  21. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    Every system can be penetrated with half a dozen zero-days, it just depend whether you are valuable enough to target.
     
  22. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Then you haven't seen my network, and systems.
     
  23. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    New updates from this weekend - some changes. Since Trustport is a zero-weight AV, I have it deployed secondary to Norton with AVG+BitDefender enabled, PUA+Heuristic in a 'New File Write' mode ONLY scanning. This gives me 3 extremely light detection technologies on the desktop. Trustport sits silently until a new file is downloaded or copied from an external drive.

    To recap

    All web traffic (80/443) has to transit the following databases: Emerging Threats, BlueCoat, MalCode, Bluetack, Squid, Adblock(UTM Based), SophosThreatCenter, Sophos Enhanced, Norton CS, Google Safe Surf, MalDomains,SpamHaus, Yoyo, CI-Army, CruzIT.
    All File Traffic has to transition: Sophos, Avira, ClamAV, AVG and then Norton, and BitDefender w/extra sigs.
    All Traffic has to traverse: Snort(UTNG), Sophos-Snort w/26,000 threat profiles, Country Blocking (75% of countries blocked via Sophos UTM 9 - IN/OUT), PUA+Exploit Scanning (Sophos)
    Advanced Persistent Threat Detection is active with hourly audits on connected devices on the network with IP banning rules for infected/compromised devices.
    Website/IP Reputation Blocking is ON. Anything below Unrated is blocked. (Sophos UTM - this gets almost every rogue IP I have ever found)

    Connection/Multi-Homed:
    180Mbps Cable Connection WAN1
    AT&T 10Mbps DSL - Multi-Homed, Failover via WAN2.
    AT&T 4G LTE Hotspot Box - Provided by work for free, in the event everything else fails.
    OpenDNS

    Frontend:

    Motorola DOCSIS3.0 SB6141
    Sophos UTM 9.3 Layer 8 NGFW/UTM Appliance (maximum settings)
    Untangle UTM Layer 7 in Bridge/Transparent Mode (Web Filter, Adblocker, CookieBlocker ClamAV)
    ASUS RT-AC87R (Access Point Mode Only w/restricted LAN access)
    - Primary Wireless, Ghetto-vLAN with Restricted LAN access. Hardware timer to kill this from 12m-7am every night. (threat surface and telemetry harvesting reduction)
    TP-Link AP
    - Segregated AP for security cameras only. MAC restricted to just cameras. No LAN connectivity, PF to SEC Server. On 24/7. Signal truncated to exact dimensions of home.
    Layer 3 GBE 16 Port Switch (Cisco)

    Systems:
    Win 8.1x w/Tweaks+Lockdowns
    Norton Security 2015 (Max Aggressive, IPS/FW dialed up)
    TrustPort AV with ONLY 'new file' on-access enabled (AVG+BitDefender Databases)
    PeerBlock (Paid Subscription, Malware/Rogue/Questionable IP ranges)
    Chrome w/uBlock(Advanced+Extra Malware/Spam/Questionable), Vanilla Cookie HTTPS Everywhere.

    Backup/Redundancy/Conditioning
    Lenovo IX4-300D 12TB Raid10 Network Access Storage (NAS)
    Encrypted Cloud Backup to COLO (company solution)
    3X Cyberpower 1500VA AVR UPS
    GOES KVAR 1200 (Power Conditioning, Whole House Surge Protector, Reactive Power Storage)
    Generac 20,000 Watt Air-Cooled Aluminum Enclosure Natural Gas Powered Standby Gen w/Transfer Switch

    Network Structure
    Subnet Segregation (Blue/Green/Red Zones)
    vLAN Isolation
    MAC Filtration

    I also run a variety of servers. Including an obfuscation server that pushes out 'fake' network traffic, searches, and activity to mask real activity. In addition to a security system (including cams) server.
     
    Last edited: Apr 15, 2015
  24. Well for simple Chrome only, world's best security researchers needed half a dozen exploits to craft such a blended multi-stage intrusion.

    So I would say it also depends on the craftsmanship of the hacker and the extra thresholds of the targeted system.
     
  25. Well post some pictures then :isay:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.