What is your security setup these days?

Take a look over at av-comparatives, where IBK has published at least 2 tests on KAV's PAD

 

I found those on av-comparatives already before sorry for not being more specific but I am looking for more than those, Thanks!

dja2k

 

Resident:

-Router with SPI firewall
-AShampoo free firewall
-SSM free
-Human brain

On demand:
-AVG Antispyware Free
-A squared Free
-Occasionally online AV scanners in case of suspicious file.

Result:
Joy of having a very fast and snappy system,free of tons of resource hungry security applications that wouldn't have anything to catch anyway

 

Hyperion, how's that AShampoo Firewall now? Looks good, and I heard some improvements were coming, so Im just curious. Also, it sounds like no system slow downs with it, but I see no AV in your list, is that right?

 

Do you guys think that KAV's PDM is on par with SSM Free on protection overall or not?

dja2k

 

My Basic ARSENAL goes something like this for the time being:

A2 Squared (On-Demand)
AVZ (On-Demand) plus (Active Guard-Resident)....if so inclined

System Safety Monitor Registered Version: 24/7 On-Duty
CyberHawk On-Duty 24/7

Kerio 2.15 Firewall. Still not found any others to gain my confidence. This one presents no issues and does the job. (Caught a Virus one day that by-passed AVG of all things) Not bad for an out-dated firewall in these malware hardened times eh?

RegProt
WinPooch Both active registry guards.

ALL THE ABOVE ARE PLACED IN System Safety Monitor's PROTECTION FROM TERMINATION! feature.

RKUnhooker does the On-Demand sweeps for malicious code, hidden files, services, and other possibles since it is a very FORMIDABLE T.e.r.m.i.n.a.t.o.r in it's own right, in a class above IceSword and others that have taken it one the chin lately. This one is rose above the crowd for now and solidly in-command.

 

I´d compare KAV´s PDM with the likes of Cyberhawk. SSM(free or paid) is beyond both. Remember that SSM is a classical HIPS

 

westell 6100 hardware firewall
DSA for outbound and system monitor
AOL virusshield (oh no, AOL!!!)
spywareblaster
firefox (no scripts)
wiccan incantations

 

Thanks! I am playing a lot with my setup this past few weeks and thats why I haven't posted a list in this thread for a while. I have been playing a lot with Prevx1, Cyberhawk, Safe'n'Sec, System Safety Monitor, Spyware Terminator (HIPS Enabled) and now KAV (PDM Enabled).

dja2k

 

Hi Duke,you can read my recent post about both the PRO and Free here:

https://www.wilderssecurity.com/showthread.php?t=155611

Let's say that it has some minor bugs because of its youth,but all i want is simple outbound control,with a very light firewall,that won't slow down browsing and p2p.And Ashampoo does this fine.I don't care about leak tests,termination resistance etc.That's SSM's job.

And yes,no resident AV and i m glad about it.The thing is i don't see live malware with my surfing habbits.I use pop tray to delete all unknown mails at the server,so there is no chance i ll get malware from rogue mail.I ve also a rule in Outlook to show mails with attachment in different coulour,but the people i exchange mail with rarely get infected...

So,the other way i d get infected would be:
1)By browser exploit.I use FF,so already i m more resistant.But even if we assume that something passes with a new expoit or i download a trojan in the temporary internet files,SSM should warn me about execution.

2)By executing on my own an infected file.Theoretically,it's possible to have me fooled,but i scan it with the 2 antitrojans first and if necessary with online scanner.If they all fail,then again,i ve a good chance stopping it with SSM.

In alternative,i d use AVG Free with no HIPS,cause i can't stand burdoning my system.Cause i don't get malware,so i think silly having 10 security applications like i did some years ago.But i d be more vulnerable.Cause in case AVG failed detection,i d be infected and could never even get suspicious of it.So i prefer the HIPS way.

 

Latest "additions/changes" in bold as of 11/27/06:

Resident:

DefensePlus
DefenseWall HIPS
LinkScanner Pro[Added]
Look'n'Stop 2.05p3[+Phant0m's latest r/s]
Netgear RP614 v2 Router w/NAT & SPI
NOD32
RegRun Platinum 4.6

On-Demand:

A-Squared(free)
AVG AntiRootkit
AVG Anti-Spyware(free)
Autoruns[Added]
Avira Rootkit Detector[Added]
BitDefender Rootkit Uncover
DarkSpy
Digital Patrol
F-Secure Blacklight Beta
Gmer
HookExplorer[Added]
IceSword
Process Explorer
Process Walker[Added]
RootKit Hook Analyzer
RootkitRevealer
Rootkit Unhooker[Added]
Seem[Added]
Sentinel
Sophos AntiRootkit
Spy Sweeper[Removed]
SUPERAntiSpyware Pro
Windows Malicious Software Removal Tool

System Hardening:

Applied manual system hardening tweaks
Disabled most WinXP SP2 services
Harden-It
Removed Netmeeting
Removed Windows Messenger
Samurai
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera(w/UserJS scripts)
Email - PocoMail


Peace & Love,

CogitoErgoSum

 

My latest notebook "additions/changes" in bold as of 11/27/06:

Resident:

DefensePlus
DefenseWall HIPS
LinkScanner Pro[Upgraded from SocketShield]
Netgear RP614 v2 Router w/NAT & SPI
NOD32
Windows Firewall

On-Demand:

A-Squared(free)
AVG AntiRootkit
AVG Anti-Spyware(free)
Autoruns[Added]
Avira Rootkit Detector[Added]
BitDefender Rootkit Uncover
DarkSpy
Digital Patrol
F-Secure Blacklight Beta
Gmer
HookExplorer[Added]
IceSword
Process Explorer
Process Walker[Added]
RootKit Hook Analyzer
RootkitRevealer
Rootkit Unhooker[Added]
Seem[Added]
Sentinel
Sophos AntiRootkit
Spy Sweeper[Removed]
SUPERAntiSpyware Pro
Windows Malicious Software Removal Tool

System Hardening:

Applied manual system hardening tweaks
Disabled most WinXP SP2 services
Removed Netmeeting
Removed Windows Messenger
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera(w/UserJS scripts)


Peace & Love,

CogitoErgoSum

 

My Win98 Desktop "additions/changes" in bold as of 11/27/06:

Resident:

BOClean
DiamondCS WormGuard
Look'n'Stop 2.05p3[+Phant0m's latest r/s]
Netgear RP614 v2 Router w/NAT & SPI
NOD32
Online Armor[Removed]
SUPERAntiSpyware Pro[Added]

On-Demand:

A-Squared(free)
Autoruns[Added]
Digital Patrol
Process Explorer

Miscellaneous:

Primary Web Browser - Opera(w/UserJS scripts)
Email - PocoMail


Peace & Love,

CogitoErgoSum

 

Presently:
windows server 2003 hardened

Imaging and recovery:
first defense isr
acronis true image server
a folder mirroring utility that automatically backs up the application data folders of my most important or hard to configure programs to a second hard disk

realtime:
nod32 2.7
avg antispyware
spyware doctor
registry mechanic
prosecurity 1.23 free
process guard full
regdefend full
peer guardian
agnitum firewall with blockpost plugin

scheduled tasks:
spybot, adaware- run mwf at 8am
privacy eraser pro runs every morning @ 6am
cyberscrub cleans behind it every morning @ 6:15am
avg antispyware runs a full scan once a month
nod32 runs a full scan once a month
raxco defragments each monday @ 9am
a disk check runs once per month

on demand:
bitdefender
various rootkit scanners, registry and process monitors as needed

sensitive data encryption: truecrypt

 

I´m shocked

 

bout what? they cause no trouble-nothin moves unless it needs to

 

-NOD 32 has antispyware detection so adding 2 realtime antispyware is overkill
-Outpost can import the blocklists of PeerGuardian so no need of it
-Process Guard full plus ProSecurity and Regdefend. You may have the same protection with ProSecurity full, SSM full o GSS without that extreme overlap
-Registry Mechanic?What does it do to improve your security?

 

a littel overlap is a good thing, in my experience, sometimes one app catches somethin that the other doesnt, so its fine by me.

as regards peer guardian, i dont want to reimport ips into outpost everytime peer guardian updates, so i let it run on its own, again, fine with me.

prosecurity has a couple protections that processguard lacks- i have full version of process guard, but only free version of prosecurity-so i run them both, and regdefend complements this nicely.

and registry mechanic, well, it monitors the registry, so when it cleans, if theres any trouble, it has a well informed record of the registry up until the moment that it made the changes-and i count that as security, anything else?

 

Check
Blocklist Manager download the blacklists you want and export then for Outpost

 

ive been using blocklist manager for some time now-if youre saying peer guardian uses the same lists as bluetack, then i guess i wouldnt need peer guardian ?

 

I'm a realtime software junkie too, but -

nod32 2.7
avg antispyware
spyware doctor
registry mechanic
prosecurity 1.23 free
process guard full
regdefend full
peer guardian
agnitum firewall with blockpost plugin

in my book is overkill massively. How all that doesn't cause any slowdowns or problems in your computer is a mystery to me.

dja2k

 

Yeah, check the source of PeerGuardian updates. They are URLs and most are form Bluetack
They coded Protowall, twin of PeerGuardian. If you have Outpost just use Blocklist Manager

 

Hi everybody,

Blockpost does not work if you browse through a proxy

 

Hi everyone. I love this thread best. And this is where i get to follow what kind of secuirty builds you guys got. Hope i get some advice

My build:

[Realtime]
Nod32 2.5 (Blackspear settings)
Windows Defender Beta1
Spyware Terminator
-Realtime Shield (on)
-HIPS (on)
AVG Anti-Spyware
Comodo Firewall
Windows Firewall (on)
Hostsman (mvps)

[On Demand]
Ad-aware SE Personal
Spybot
SpywareBlaster
CCleaner



[Browser]
Firefox 2
-fasterfox,noscript extensions

Please advice if i got overkills setup or vurnerability thanks!

 

turn off the windows firewall and get rid of a few antispyware apps. u dont need three in realtime plus three more on-demand.