What is your security setup these days?

using pc tools internet security.

very silent, install and forget complete security

 

R
OA++
SANDBOXIE
ANVIR TASKMANAGER
SPYWARE BLASTER
OD
HITMAN PRO
SHADOW DEFENDER
BACKUP
DRIVE SNAPSHOT

 

Windows XP Pro SP3

Avast! Free 5 - File and Network Shields
System Safety Monitor 2.4
HostsMan - MVPS & hpHosts (Ad and Tracking servers) lists
Google Chrome 4 - Adblock, Unchromed

Free, Light and relatively secure

 

Konata, what is the point of using Peerblock as realtime tool? Do you have also in realtime any torrent software?
And next question does Peerblock inform you about blocked IP addresses during your normal daily computer usage without torrent activity?
I ask because few days ago I've installed Peerblock to check this application, since then I haven't any torrent activity on my PC, and today is day 3 with Peerblock set as realtime tool and my Peerblock logs are clear.
I don't see the reason why PB should be realtime application if you don't have torrent software setup to start with system start.
And BTW Peerblock - Peak Working Set (Memory) column in Windows Task Manager shows me that PB using ~80,628K - another reason for not using this in realtime for me.

 

Creer,
it would depend on the list of IP's you are blocking through Peerblock ... you can use peerblock not just for torrents but also for malicious IP's and you should have block HTTP activated for it to work. But I would suggest not to depend on it for malicious IP blocking for it tend to block even legit ones.

 

So I guess it works very similiar to edited HOST file (when we are talking about HTTP protection), right? but additionaly PB using system resources.
I disabled HTTP protection in PB since I don't need that even if I don't use AV in realtime and I don't use edited HOST file.
I still think the main priority of PB is protection during torrent activity. To be honest I don't feel I need PB but for sure many other users feel a bit safer with this kind of application.

 

@Creer
I use it to block Non-Lan IPs

 

You mean this:

Code:

invalid ips:0.0.0.0-0.255.255.255
IANA Reserved for private use FNLC:10.0.0.0-10.255.255.255
IANA Reserved for private use FNLC:192.168.0.0-192.168.255.255
IANA Reserved for private use FNLC:240.0.0.0-255.255.255.255

Does your FW can not handle it?

 

Immunet Protect and MBAM real-time.

 

@Creer

I don't know if Winxp firewall can handle it.

All IANA lists, NONLANCOMPUTERS, D-SHIELD, BOGON
I hope those IPs listed there can be transferred to my HOSTS file.

and I want Peerblock to block only P2P lists level 1 to 3 which I can easily disable for HTTP (browsing) without affecting the above lists
cause I do lots of torrenting.




P.S: I think HOSTS file is very critical part of the system, aside from its blocking ability a HOSTS file can also redirect connections (which can be used to phish) while Peerblock is mainly for IP Blocking.

so for safer IP blocking I go for PEERBLOCK

 

as my prevx licence expired already i am currently using blue point security 2010 with mamutu it is very good and lite,also hitman pro ondemand

 

Resident
Twister
CIS without D+
SSM
Threatfire
Returnil

On Demand
Malwarebytes
Hitman Pro

 

Less how is twister this days?

 

Private Firewall has been added to current setup

 

Twister is not so good....Mediocre one !!

 

Windows XP SP3 Pro

• LUA
• ACL
• DEP
• SRP

Realtime

• Prevx CSI Free + SafeOnline
• Sandboxie
• MBRGuard
• Deepfreeze
  

Browser

• Google Chrome (Incognito, Javascript not allowed to run, Plugins not allowed to run, block third party cookies)
• IE8 (All settings: HIGH, SmartScreen Filter: ON)

 

**My Arsenal**

1. Norton Internet Security 2010
2. AppLocker Enabled
3. DEP Enabled
4. Structured Exception Handling Overwrite Protection (SEHOP) Enabled
5. Limited User Account

Virtualization:- Returnil and SandBoxIE

Comodo Time Machine {Just in case}

 

**Virtual System**

1. K7 Antivirus 8.0
2. Hitman Pro (On Demand)

Just for testing purpose...

 

Loving Private Firewall, will be a long time keeper!!

 

If I may say so:
PrevX and MBRGuard are useless. You will discover it over time.
Because you have a first containment with LUA, a second with Sanboxie, plus most of the code will never execute with SRP.
As you are security aware, I believe that you download willingly only safe code from safe places, so you don't need PrevX and MBRGuard.

Ultimately, deepfreeze is useless as well.

Just image your system partition and backup your data partition from time to time and you will be perfect

 

Whoa! thanks
I'll trust you then. I'm removing Prevx ^^
do I need to add some other realtime app? (a software firewall?)

I forgot to wrote down that I also have Windows Defender (application execution agent disabled to reduce I/O) to protect some registry hives. Is that also unneeded?




Am I safe from malware coming thru USB/CD-ROM with only sandboxing?
Can I move a file from my computer to a sandboxed infected usb without getting infected?

 

As Deep Freeze user I´ld be interested in hearing your arguments to say that.

 

Same here,better be very convincing also.

 

I think I get what Lucy wants to say.
It is because I have LUA/SRP/SBie. Disk imaging solution would be much more useful than DF... ahh... but let's leave the explanation to Lucy

I'm illiterate on this XD

 

OK I'll rephrase:
Most of the security tools are nowadays completely useless IF the user knows how to use the OS tools provided, whatever the OS. Then the only supplementary actions to be taken further are imaging (not compulsory) and backing up.

Basically, my opinion is that one could choose different strategies to improve further the security of windows if wished (and with no real gain except comfort and peace of mind):
- sandboxing through virtualization OR through policy,
- sandboxing through snapshot,
- ...
But overlap is totally unnecessary, overkill, brings eventually problems, high maintenance...

I don't like tools of the kind of Deep freeze. This is my opinion, and this is the reason why I suggested Konata Izumi to get rid of it.

BTW, windows defender is useless as well, better to switch it off.

So my dear DF fan fellows, no need to over-react; in the setup of Konata Izumi, many tools are redundant, overlaping and overkilling. Some of them have objectively to be removed.