What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    761
    Location:
    U.S. Citizen
    Salutations/Greetings!!!

    Also, encryption is a must into day world.
    For example, Email Encryption, File Encryption and Disk Encryption.
    With sending things to the cloud, ect...

    Would love to see more individuals showing, what encryption they are using?

    Kind regards,:rolleyes:
     
  2. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    I use ProtonMail for mail encryption, at least for important emails. Junk emails I leave un-encrypted at an alternative email service.

    I don't use disk encryption on my computers, because I never save anything valuable on any of them, and I mean never.

    As far as individual file encryption to and from devices, as well as the cloud, I use Fort - Cryptography Extension for Windows and WinRAR.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,439
    Location:
    Slovenia
    I don't use mail encryption because most of my friends and family wouldn't know how to use it.
    I don't encrypt whole disks but only use encrypted containers (TrueCrypt) to store sensitive data. When storing sensitive data in cloud I encrypt it using Truecrypt (container) and upload it to online service.
     
  4. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    941
    Location:
    Canada
    No need for encryption here, nothing of any value on my PC unless their into pictures of my dog.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,439
    Location:
    Slovenia
    On my Windows 7 x64 I use following security and privacy setup:

    Software Restriction Policies
    Allowed C:\Windows, C:\Program files, C:\Program files (x86) and additional block rules for subfolders where "Users", "Everyone", "Authenticated Users", "Interactive" and my User have write permissions.
    PowerShell and Vssadmin are not allowed to run.
    Apps run from user space are allowed by hash.
    I added JSE, PS1, SCT, VBE, VBS, WS, WSF and WSH to designated file types.
    SRP rules are enforced for ALL USERS.

    User Account Control is set to ALWAYS NOTIFY.

    Windows Firewall - outbound connections blocked by default. Only specific apps can make those connections.

    Hardening
    Disabled unnecessary services: http://www.blackviper.com/service-c...dows-7-service-pack-1-service-configurations/
    Disabled Autoplay and Autorun: https://support.microsoft.com/en-us/kb/967715
    Disabled Windows Script Host: https://technet.microsoft.com/en-us/library/ee198684.aspx
    Turned off unneeded Windows features: http://windows.microsoft.com/en-us/windows/turn-windows-features-on-off#1TC=windows-7
    Turned off Upgrade to the latest OS version: https://support.microsoft.com/en-us/kb/3080351
    Disabled unneeded network protocols: https://technet.microsoft.com/en-us/library/cc754817(v=ws.10).aspx

    Disabled components through Gpedit (Computer configuration - Administrative Templates - Windows Components):
    Biometrics, Desktop Gadgets, Game Explorer updates, HomeGroup, IIS, Location, Windows Anytime Upgrade, Windows Defender, Windows Mail, Windows Media Center, Windows Media DRM, Windows Messenger and Windows Mobility Center.

    Microsoft Office 2010
    Trust center settings:
    - disabled trusted publishers and trusted locations
    - disabled add-ins
    - disabled ActiveX
    - disabled macros
    - enabled protected view and DEP
    - disabled all privacy invading options

    Chrome
    Removed all apps but Web Store
    Disabled all privacy invading options
    Using Policy Templates (https://support.google.com/chrome/a/answer/187202?hl=en) I have set
    - DiskCacheDir on RamDisk
    - Disabled saving browser history
    - Blacklisted all extensions but few

    uBlock Origin
    Disabled Pre-fetching, Hyperlink Auditing and WebRTC IP leakage
    Using default 3rd party filters + few others
    I use medium blocking mode: https://github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-mode

    F-Secure Freedome VPN is used for most internet activity

    ESET Nod32 AV (version 8.0.319.0)
    Real-time file system protection monitors only File execution (File open and File creation are not monitored)
    Disabled Protocol Filtering System integration (driver removed)
    Email client (Outlook) protection is enabled
    After each signature update Memory and Boot sector are scanned.


    Macrium Reflect (version 5.3)
    Once a week full image is created and each day Incremental image is scheduled.

    On demand scanners
    I scan my system by Emsisoft Emergency Kit, Avira PC Cleaner, Malwarebytes Anti-Malware once a week.
    I also scan my system by HitmanPro each day.
     
    Last edited: Apr 25, 2016
  6. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    761
    Location:
    U.S. Citizen
    @SHvFI,

    Do you have a link for ReHIPS 2.2.0? Has it been release? Or is this still a beta?
    Also, I thought that you where using Voodoo Shield? Was there any conflicts?


    Kind regards,:confused:
     
  7. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,211
    Location:
    Italy
    W.10 Home x64
    Windows Firewall
    Google DNS/Open DNS
    SUA
    UAC Always Notify
    Windows Smartscreen enabled
    I.E.11 Off
    Disable Flash in Edge
    WMP Off
    Windows Defender Off
    Validate Admin Code Signatures set to 1
    Block Untrusted Fonts on

    Chrome x64 -Ublock Orign + HTTPS Everywhere

    Appcontainer Rights 10-Apps Shields list of MABE Premium
     
    Last edited: Apr 24, 2016
  8. guest

    guest Guest

    same here; for me it already replaced ERP.
     
  9. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I make use of:
    • Secure Folders (no execution of Windows Vulnerables & corresponding folders in winsxs... untick when needed)
    • Software Restriction Policy (no execution of Windows Vulnerables in syswow64... comment out when needed)
    • Group Policy Editor (running Windows 7 HP, so it's a custom insert because it only exists in Pro or higher... replicates entries from SRP)
    • Sandboxie (Torrents, PDF, LibreOffice with heavy restrictions on what can be accessed)
    • Shadow Defender (2nd partition which contains Downloads folder and TEMP (moved over via Environment Variables))
    • Windows Firewall Control (strict in/out control, along with custom High Filtering in/out rule, custom DNS rule, custom DHCP rules, set up to prevent chit-chat before/during VPN connect)
    • Acrylic DNS Proxy (send unwanted DNS callouts to 127.0.0.1, and bind them to 0.0.0.0)
    • AdGuard for Windows (make use of Stealth Mode to disable WebRTC at network level and to mimic a Linux OS & Browser)
    • run my Windows session in LUA only, UAC set to always notify
    • make use of a VPN (VPNetMon = killswitch 1, WFC High Filtering = killswitch 2, preconfigured nested VPN nodes that make use of VPS's to start me off in one country and spit me out in another - official explanation goes "the entry/jump sees where you're coming from, but not where you're going to, the core doesn't see where you're coming from or where you're going, and the exit sees where you're going but not where you're coming from")
    • disabled a crapload of Windows Services, and unticked all Windows Features
    • On-Demand Scanners: EEK. MBAM Free (have licence but can't be bothered with automated checks), Stinger... only run these before I make a backup
    I could go on, but meh... this is just going off of what I have touched in recent weeks. The tweaks and stuff (disable IPv6, broadcasts, etc...), too many to mention...

    Current issue:
    • I would've used AppGuard for Firefox, but can't figure out why it calls out to a Windows Update domain.
    • I would've used Pumpernickel & MemProtect for Firefox, but am restricted because of W7HP, can't fully shut off Certificate checks to a Windows Update domain after installing KB3033929. Also my hardened settings prevent automation of these two drivers. At the moment, not interested in loosening my stranglehold.
    • I would've used Sandboxie for Firefox, but I like Flash, and removing Protected Mode from mms.cfg, from Addons screen or changing plugin.scan.all to false to "cure" stalls doesn't help.
    • Patiently waiting for stable ReHIPS to see if this will be my Firefox saviour
     
    Last edited: Apr 24, 2016
  10. many tight configurations :thumb: getting curious about rehips
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,377
    Location:
    Canada
  12. Windows 10 Pro x64
    Windows Default
    Appguard
    Process Explorer
    Autoruns for Windows
    TCPview
     
    Last edited by a moderator: Apr 29, 2016
  13. guest

    guest Guest

    Last edited by a moderator: Apr 24, 2016
  14. guest

    guest Guest

    you may like it , ReHIPS offers you some tight controls over Integrity Levels/Access Rights/Privileges of programs.

    Actually im browsing with Chrome in ReHIPS more often than in Sandboxie, Sbie is now dedicated to enforce isolation on internet-facing folders/USB sticks, etc... :D
     
  15. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,113
    Location:
    South Texas, USA
    Apr. 24, 2016 - Updated, Added, Removed

    Network
    • Two Netgear Nighthawk R7000-100PAS Routers (Stock Firmware)
    • Four Netgear PowerLine AV 500 Adapters
    • Wired Cat5e Connection between both Routers
    • WPA2-PSK AES Encryption
    • SPI & NAT Firewalls Enabled
    • OpenDNS Configuration
    Computers
    • Desktop (Custom Built) - Windows 10 Pro x64 Ver. 1151 Built 10586
    • Tablet (Surface Pro 4) - Windows 10 Pro x64 Ver. 1151 Built 10586
    Built-In Security
    • USER ACCOUNT CONTROL: HIGHEST SETTING
    • WINDOWS SMART SCREEN: ENABLED
    • WINDOWS DEFENDER: DISABLED
    • WINDOWS FIREWALL: DISABLED
    Resident
    • Emsisoft Internet Security 11.7.0.6377 Beta (Paid)
    • Sandboxie 5.11.5 Beta (Paid) - Sandboxie Container Folder on RAMDisk
    • Adguard Premium 6.226.1108 Beta (Paid)
    • KeyScrambler 3.8.2.0
    • DNSCrypt 0.0.6 - HTTPS Enabled
    On-Demand
    • PeerBlock 1.2 (P2P Blocking List)
    • Macrium Reflect Home Edition 6.1 Built 1225* (Paid)
    • VMWare Workstation 12.0.1 build-3160714** (Paid)
    Browser, Immunization, Tweaks
    • Chrome 50.0.2661.87 m x64 (HTTPS-Everywhere, Gmelius Premium, Lastpass Premium) - Chrome Profile Folder on RAMDisk and Sandboxed
    • Homepage and Search Providers set to Startpage (Chrome)
    • Cleaner Professional Edition 5.15.5551 (Paid)
    • Spyware Blaster 5.4 (All Protection Enabled + Customblocking.txt)
    • CryptoPrevent Premiium Edition 7.4.20 (Paid)
    *Macrium Reflect Home Edition installed in both Desktop & Tablet - Backup Template: Deferential Backup Set
    **VMware Workstation only installed on Desktop


    dja2k
     
  16. @dja2k your specs mention one SDD and two HDD, you case picture shows two SDD, so I guess they are setup as two raid pairs (one for programs, one for data) :thumb:
     
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,211
    Location:
    Italy
    Those who use 10-Apps is possible make a list?
     
  18. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,113
    Location:
    South Texas, USA
    Yes I have them in pairs as RAID0, 2 SSD & 2 WD REDS. The other pair of WD REDS are in an external dock for bavckup. Actually if you click on the SSD link, it shows the following....
     

    Attached Files:

  19. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    761
    Location:
    U.S. Citizen
    @Tyrizian
    @Minimalist

    Thank you for your information. Looking it over in great detail.

    @digmore crusher would love to see a picture of your baby? Send
    @marzametal Secure Folders outdated and
    not of any security holes with this software?

    File Encryption=
    For Windows 10

    > Encrypt4all= as needed updates.
    > Kruptos 2 Professional = paid
    > pCloud, the free account has the same encryption as the paid.
    Has a free version.

    Believe or not it hard to find a good encryption software for file
    encryption that keep their software updated. Without a bug,
    For Windows 10!
     
    Last edited: Apr 27, 2016
  20. Grumlo

    Grumlo Registered Member

    Joined:
    Nov 14, 2015
    Posts:
    176
    My config:
    Windows 10 64 pro
    Appguard
    SBIE
    Windows defender
    Chrome / ublock
    Any suggest ?
     
  21. Grumlo

    Grumlo Registered Member

    Joined:
    Nov 14, 2015
    Posts:
    176
    I do back up almost 2 weeks . Thanks
     
  22. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    WINDOWS BUILT-IN:

    Standard User Account enabled
    UAC set to Always notify
    Windows SmartScreen enabled
    Windows Firewall enabled

    REAL-TIME:
    Webroot SecureAnywhere Internet Security Plus
    VoodooShield Pro

    SYSTEM TWEAKS:

    Disabled Windows Script Host (Registry tweak) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings\] "Enabled" = dword: 0
    Disabled unnecessary Windows Services
    Disabled Autoplay and Autorun
    Disabled Windows privacy concerns
    Turned off unneeded Windows Features
    Uninstalled Modern Apps via PowerShell

    GROUP POLICY:

    Disabled Biometrics
    Disabled Homegroup
    Disabled OneDrive
    Disabled Windows Defender
    Disabled Windows Media DRM
    Disabled Windows Mobilitiy Center

    GOOGLE CHROME:

    Chrome://flags >
    "Enable PPAPI Win32k Lockdown = All plugins",
    "Enable AppContainer Lockdown = Enabled",
    "Extension Content Verification = Enforce Strict",
    "Reduce default 'referer' header granularity = Enabled"

    Browser tweaks for better privacy
    DuckDuckGo Search
    Extension: uBlock Origin
    Extension: LastPass + Multifactor Authentication

    ON-DEMAND SCANNERS:


    Zemana AntiMalware

    UTILITIES:
    CCleaner (Portable)
    PrivaZer (Portable)
    Autoruns (Portable)
    Process Explorer (Portable)

    RULES:

    The majority of programs are portable
    Install a minimal amount of programs
    Don't keep personal data on hard drives

    OTHER:

    VPN = Laptop
    No VPN = Desktop
    DNS Watch (No Logging, DNSSEC enabled)
     
    Last edited: May 2, 2016
  23. Nocturnalizer

    Nocturnalizer Registered Member

    Joined:
    Oct 4, 2015
    Posts:
    42
    Location:
    London, UK
    I have decided to try a new security config, keeping it very light and simple.

    Windows 10, with all privacy-invasive settings turned off. Standard User Account. No resident AV (Windows Defender disabled). Sandboxie (just bought a lifetime license) protecting Firefox, VoodooShield on Always On mode and Zemana AntiMalware Premium for occasional on-demand scans. No Flash or Java installed, and I browse very carefully anyway.

    I'll also be doing weekly backups to my external hard drive. I'm unsure if disconnecting the drive from the computer between backups is wise or not.

    Do you guys think this is a safe and secure config?
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,439
    Location:
    Slovenia
    IMO it's more than safe. I always disconnect my external drive after I do my weekly backup and would advise you to do same.
     
  25. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    Its better to disconnect.

    I was lazy in taking backups. I have to setup some external drive and do weekly backups manually.
    Just recently lost 2 month of photos from my S6 Edge, due to some weird bug in recent update (was not able to login to the phone, did not accept my neither my fingerprint nor password). Had to do full reset to get it to working unfortunately :(
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.