What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,296
    Yup. Same thing.
     
  2. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    3,684
    So you can use trial mode past 30 days?

    Any recommendations on setup? I'm in alert mode still haha
     
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,296
    There is no trial mode. What version are you running?

    Mine is V 3.1.1.0 BUILD-1 24062015. That's the right one.

    Setup? Alert mode is default. If you're sure you'll never install new software or update it, you can set it on Lockdown.
     
  4. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    3,684
    That is not what I have. Hmm.
     
  5. mood

    mood Registered Member

    Joined:
    Oct 27, 2012
    Posts:
    2,878
    The version which is available from the website is not free.
    The beta (2015) is donationware.
     
    Last edited: Jun 12, 2017
  6. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,195
    Location:
    USA
    Firewall & Anti-Virus:
    Router NAT/SPI (Password Protected)
    Emsisoft Internet Security 2017.5.1.7567 (with hpHosts file)

    Blocking/Hardening:
    AppGuard 4.4.6.1
    HitmanPro.Alert 3.7.0 Build 710 Beta
    Norton ConnectSafe DNS (Malware, Phishing)
     
  7. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,995
    Location:
    Europe then Asia
    The best complementary combo to me. :thumb:
     
  8. Crystal_Lake_Camper

    Crystal_Lake_Camper Registered Member

    Joined:
    Mar 20, 2016
    Posts:
    78
    CIS ( Cruelsisters settings ) - Mbae Pro
     
  9. brainrb1

    brainrb1 Registered Member

    Joined:
    Mar 15, 2010
    Posts:
    481
    Win 10 Home/Pro 64...Creators

    Windows Defender

    Windows Firewall Control 4

    Smart screen

    UAC (Highest Settings)

    Simple Software Restriction Policy

    VoodooShield Pro...Always ON

    On demand ...Zemana AntiMalware Premium

    Google Chrome ... Ublock Origin+Extra, Vanilla Cookie Manager, privacy badger and save to Pocket extensions . Camera,Microphone,Plugins etc. Blocked by default

    Microsoft Edge .... Adguard and Reddit Enhancement Suite extension.


    Others:

    Autoruns
    Everything
    ProcessExplorer
    TCPView
    KeePass
    Ccleaner and Wise disk Cleaner Portable


    And... Windows Backup
     
  10. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    833
    Location:
    UK

    Would love to see your tweaks rather than "etc."
     
  11. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,995
    Location:
    Europe then Asia
    @chrcol too many and lazy to list them :D

    Basically those are reg tweaks , only way when using Win10 home , you can find them in various forums like here, MT or Win 10 Forum .
    I listed the most important already, others are not much needed by the "average geeks"
     
  12. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    383
    Not too much has changed here:
    - KIS 2017 (maximum protection settings, including Trusted Application Mode)
    - HitmanPro, adwcleaner and VT-Uploader as "second-opinion" scanners
    - Firefox with QuickJava and ublock Origin
    - Iperius Backup for daily backups
    - additional security-related apps: Process Explorer and AutoRuns
    - UAC maximum and Smart Screen enabled

    Is there anything else I should use?
     
  13. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    505
    Location:
    USA
    VoodooShield?
     
  14. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,315
    Of course not. Your setup is very secure IMO.
     
  15. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,487
    Location:
    Sweden
    No. That's enough.
     
  16. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,026
    The first rule of my security setup is not to post online what my security setup is.
     
  17. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    383
    @ExtremeGamerBR and @shadek Thank you very much for your feedback, which is very much appreciated.:)

    @Tinstaafl I think Kaspersky's Trusted Application Mode (TAM) is very similar to VoodooShield, so I don't really feel the need to use it. Anyway, thank you very much for your suggestion.:thumb:
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,360
    Location:
    EU • SLO
    Security through obscurity? :)

    My current real-time setup: Windows 7 (SUA, UAC, SRP, WFW) and Macrium Reflect.
     
  19. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,026
    It's just that any information an adversary has on what he is up against is advantagous to him. So why give him any.
     
  20. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,360
    Location:
    EU • SLO
    Yes I understand - Less is more principle.
    Personally I hope that there is no adversary that would be interested in my system or my data.
     
  21. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,026
    They probably do but as long as you dont do or say anything to really tick them off you wont notice anything. If you speak out against their control of our mainstream media our governments and their involvment in global terrorism as I do you will start to notice and realize the need to protect access to media that they could plant something incriminating on. They are utterly ruthless I know I put myself at risk but I will not back down to bully tactics.
     
  22. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    157
    Create Standard user account
    UAC set to Max
    Set Windows Firewall active profile to Public
    Uncheckmark all networking protocols except for IPv4
    No netbios over tcpip
    Disable tcpipv6 and v6 tunneling in registry
    Disable IGMP
    Disable UPNP
    Disable SMBv1 in Control Panel > Program and Features
    Windows Firewall set to Outbound = block
    Make Windows Firewall rules to allow outbound for applications that I use
    Install Simple Software Restriction Policy (SSRP), and add user writable folders to configuration ini > Disabled locations section
    Disable uneeded Windows Services
    Remove DCOM talking protocol on the network - dcomcfg
    Deny Access to this computer from the network
    Kaspersky Small Office end point protection
    VoodooShield
    Unpin unused apps from the start menu
    Turn off AutoPlay in settings > apps
    Disable all apps in Settings > Privacy
    Disable One Drive startup in Task Manager > Startup tab
    Enable DEP (data execution protection)
    Disable dump file creation
    Disable Remote Assistance
    Setup more system restore points memory usage
    Setup View Options in Explorer to show menu, unhide file extensions, unhide system files
    Setup Least Privilege by removing User Group rights to Windows command line tools
    SetUp Role Based Access Control (RBAC). So that there are 3 user accounts, 1) Normal use acc 2) Install+network admin 3) full admin, where ACL's restrict the first two from doing much of anything harmful
    Setup full admin account to automatically disconnect from network, aids in combating attacks where the attacker has remote access to your machine
    Remove System and Adminstrators Group from accessing all Documents folders, so that only the user acc that holds the documents folder has access
    Block low integrity apps from accessing private folders
    Install Sandboxie and configure Restrictions settings: start/run + internet access
    Setup BIOS password
    Setup Syskey to enable use of USB stick for 2nd factor authentication when booting PC
    Setup Event Viewer custome views to see things like SRP violations, application hangs, failed logons
    Setup baselines recording autostart locations and what is currrently there. Useful for investigating attacks
    Setup IPFire router with Guardian Intrusion Protection
    Configure Adobe Reader to not run javascript, and not acces the internet
    Configure Java to not use with browser (if you use Oracle Java)
    Create a system restore point
    Create a backup disk image

    For details, consult http://hardenwindows10forsecurity.com (long read )

    If you think something is missing, please reply
     
    Last edited: Jun 20, 2017
  23. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    540
    Location:
    UK
    Windows 10 standard user account
    Uac on max
    Windows defender with pua tweak and max cloud. Blocking
    Firefox 64 with Adblock plus, privacy badger, https everywhere, no java, no flash
    Zemana antilogger
    Malwarebytes 3
    Sandboxie
    Macrium reflect backups
    Windows firewall
    O&o shutup 10 recommended settings

    Should I add an anti executable or is this enough? Too much?
    Have been considering FIDES pumpernickel.
     
  24. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    157
    Hi pling_man,

    If you are configuring Sandboxie with Settings > Restrictions > Start Run Access, then it is almost an Anti-Executable. Abiet it is only active when using your browser. AE is always good to have, as it is not signature dependent, and stops attacks when exploits attack any program.
     
  25. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,378
    Location:
    Nicaragua
    Not so, lunarlander :). What you doing with your browser can be done in any sandbox for any program you run in your PC. You can set your PDF Reader, video player, Office programs, any program, etc, in a Start/Run restricted sandbox. Look at the example below (my Foxit sandbox). When I click on a PDF, it runs sandboxed automatically in my Foxit sandbox. What you see listed, is all that can run when a PDF found in the hard drive is executed.

    Sin título.jpg

    Bo
     
Loading...