What is your security setup these days?

Updated Security Setup

Real Time

Defensewall firewall 3.0
Panda Cloud

On Demand

Hitman Pro

Backups/Sync

PureSync

Browser

Google Chrome (adblock,last pass, xmarks)

Others
Secunia PSI
OpenDNS
mvpHOSTS

Running these on windows 7 32 bit
__________________

 

Real-time

Avira AntiVir Personal.
Inmunet Protect.
Online Armor Free (Apps set to "Run Safer": Firefox, Windows Live Messenger, Foxit Reader, VLC and OpenOffice).

On-demand

MBAM (daily scan).
Hitman Pro (to check all my downloads).
Hostman (MVPS Hosts)

Browser

Firefox with WOT, Better Privacy, NoScript, TACO, Ghostery and CSLite.

 

Do you feel Immunet actually adds something to your setup?

 

Really? I don't think so (maybe this will change with the upcoming beta). But I like the project and I want to give it my support .

 

Oke, honest answer

 

real time
browser : K-meleon 1.5.4 with Proxomitron
Peerblock
avast! 5.0.57 free
PrivateFirewall
Mailwasher pro

on demand
SAS
or MBAM
CCleaner

restore
Farstone Driveclone pro

backup
Cobian Backup 9

 

Running Following Setup:-

1. Windows 7
2. NIS 2010
3. LUA & DEP
4. AppLocker Policy
5. Returnil 3
6. Non-Sense

No Prevx ...

 

Firewall:
Linksys Router (NAT hardware firewall)
DefenseWall Personal Firewall 3.00 (with Windows XP firewall)

Anti-Virus:
Kaspersky Anti-Virus 9.0.0.736 (a.b)
Malwarebytes Anti-Malware 1.45

HIPS/IDS:
Malware Defender 2.6.0
SpywareBlaster 4.3 (with Ad-Aware custom blocking)

Resident on Demand Scanners:
Hitman Pro 3.5.4 Build 92
Mischel TrojanHunter 5.3 (994)
Trend Micro Rootkit Buster 2.80.0.1077 Beta

 

Pretty much the same here. I installed it on a multitude of computers, it's practically invisible, doesn't harm anything, no resource hog and I like testing new stuff.

 

Windows 7 HP x32
(Windows Firewall: Disabled, UAC: Enabled, DEP: Enabled)

Realtime:
Look 'n' Stop v2.07,
DefenseWall HIPS v3 (final)

On-demand:
ShadowProtect Desktop v4 (image backup),
SyncBack (data backup),
MBAM and Dr.Web CureIt! (scanning once per few months).


Fast & ultra light setup which gives me a lot of fun, control and peace of mind.

 

Prevx and nothing else.

 

Added PeerBlock IP blocker with BlueTack....Ads, Spyware, Bogon, DShield, Hijacked lists.

 

Yeah both in real time, A-Squared is on Exec and Panda on default

 

Testing Norton Internet Security 2011

 

On XP Pro playing machine, back to basics

Realtime Security aps
Windows own FW

Windows own LUA + SRP + ACL (downloads/attachements + user space registry + autorun/task dir)

Avast (file and behavioral shield)

Portable Chrome:
- Chrome's excellent Policy Sandbox FREE
- Trusteer Rapport FREE (protects chrome process itself, key encryption and screen protection on sites selected, )
- Safer-plugins switch, allow cookies, javascript only on selected sites
- SiteAdvisor + WOT FREE
- Manual Privacy Protection in Local State file of Chrome (set red only afterwards)

On demand
Hitman Pro

Lean and mean see pic (less than 0.1 % overhead of security aps)

 

Kees,

SRP has been bypassed in the past, also Xp does not protect against process modifications etc. When something changes the processes in memory, are you still protected?

Regards Newby

 

For "something" to change the processes in memory, that "something" has to run (be executed) first. To execute, if must place itself to a location from which it can be executed. To those locations a limited user has no write access. Also, see the note on Trusteer Rapport in Kees's post.

 

thanks for the explanation Doktor

On top of SRP

ACL trick of deny access to downloaed executables by browser and mail
With a registry tweak the OS sets the ADS bit of downloaded executables (or likes) when browser or mail writes them to disk. While this block is on ACL prevents execution access to these downloads. So when SRP should be bypassed this will prevent execution.

Avast
Avast has one of the best protection rates against scripts (see latest AV-comparatives). Since nothing can execute, scripts are the only possible source of malware entry. Avast filters out 95% of the bad ones when they are executed/written to disk.

Chrome Sandbox
The Chrome sandbox only allows access to temp, download and profile directory (and HKCU google registry key). JavaScript of extentions and content scripts are seperated by Chrome

Trusteer
On top of that Trusteer looks at Windows API interfacing with the browser. It tries to set up a secure tunnel and protects browser process from tampering.

Chrome content settings + WOT + SiteAdvisor
By allowing javascript and storing cookies only on selected sites (okay by WOT plus McfeeSiteAdvisor and Chrome's own phising protection), the remaining risk is minimalised to practically zero.

So I am not afraid of SRP being intruded

 

Light, airy and free. Nice set-up kees. Of course if I had that running I'd be starring at my task manager waiting for a malicious item to pop up.

 

Thanks Doktor & Kees,

I used to be on Vista x64, but due to work related propierty application, I went back to XP. I used SBIE, but dropped it after the latest incident.

I will go for Surun and your anti-execute registry tweak on the user I will be using for work (using IE8 ).

I will go full LUA and deny execute SRP (with PGS of Sully) on my personal user (using PortableChrome). I guess it is better/safer to have two different user profiles/environments).

I will try the keyscrambler + Trusteer Rapport combo you posted

Thx

 

You can substitute PrevX SafeOnline free for Facebook users as an alternative to the Keyscrabler + Trusteer combo.

 

@ Konata: Thanks, is it a one year lisence?


@ Kees: How easy is the script block to use in Chrome?

 

Simple see pic

 

lifetime.
I think I saw Kees said SafeOnline offers more complete protection than Trusteer + Keyscrambler does.

 

That is correct , on my rig PrevX safe online lags when entering something in the address bar