What is your security setup these days?

small change but love this combo.

 

There is a lot of knowledge to gain to truly understand how this all blends in together. The effects are not always as you expect. I have been hammering on this stuff for a bit now, and still find some things happen that don't work according to how they "should".

For those of you who might be wanting to test some of this out, all I can say is that it is taking a LOT longer than expected for various reasons, but a big part of it is that while the mechanisms are there, the documentation is lacking quite a bit. A lot of this I am stumbling upon by trying many different things. It might be that some of the stuff we are cooking up hasn't been examined much, thus it takes a lot of "practice makes perfect" to comprehend it. I can't verify that. What I can verify is that I have become pretty good at structuring the "just right" search strings for obscure stuff like this, yet I can't find much infos that go in the direction we seem to be heading.

A little more patience for a working product is needed. If it all comes together like it seems to be (figuring out the small "why is that happening" issues) it appears to hold a lot of potential

Sul.

 

Windows 7 Professional 32-bit (Administrator Account) [UAC: Default]

Safe-Admin manual settings + SRP: disallowed-default
Windows Firewall (default-deny)
Comodo Time Machine BETA
GeSWall
Winpatrol Free
Prevx SafeOnline


gahh 3rd-party apps are building up again

 

don't use'em if u don't like'em, you can be quite safe with a well-hardened-system setup using W7's built-in stuff...

 

under the red umbrella

 

how was ur experience with dr. web?

 

Realtime:
* NIS 2011
* Windows Defender

On Demand:
* Emsisoft Emergency Kit
* Comodo Cloud Scanner
* Virustotal Desktop Uploader
* ThreatExpert Submission Applet
* Different Tools / Boot cd's if/when nedded.

System Tools:
* Comodo Programs Manager
* Comodo System Cleaner
* ESET SysInspector

Browser:
* Google Chrome
* Norton DNS

Other:
* Common Sense 2011

I think ill stay with this setup for a while. If you want, say your thoughts

 

Realtime:
Avira-free
Comodo firewall-free

On demand:
superantispyware-free
Malwarebytes antymalware-free

No problems couple of years.

 

It seems that Chrome does akward when you run it virtualised. The tabs running medium are from extentions. Anyway have removed RunAsInvoker and sandboxes run at low rights again.

USed another new tab (from the russian guy) only and went to virtualise Chrome again. Now I it seems to run ok.

Was forgotten how GeSwall Pro runs under UAC. You can't change status of downloaded files to trusted, so you have to move them to another partition to get the untrusted mark lost (DefenseWall does not have this weakness).

Did give BufferZone free a go and was surprised how fast it loaded IE8.

Play PC setup
Windows FW 2-way (outbound only application level)
Safe Admin (all OS-internals)
- Only install signed drivers
- UAC quiet (test)
- Elevate from safe locations
- Installer recignition switched off
- Run only signed programs elevated
- WinMail : EMET-2, Virtualised, Basic User, 1806 deny excecute
- Outlook : EMET-2, Virtualised, Basic User, 1806 deny execute
- Iron: EMET-2, Virtualised, Basic User, 1806 deny execute, internal sandbox
- IE8: EMEt-2, protected mode, Locked through GPO

CTM Free
AppGuard Beta for IE8 memory protection enabled

Cold start time Iron is < 1 sec and IE8 with AppGuard is < 2 secs, both load www.google.nl as start page. Pretty fast on a E5200 dual core

 

Kees1958,

In the short time I used bufferzone,everytime I launched firefox or IE,they both loaded instantly like what your describing

Just shocked more people dont run bufferzone.

 

Maybe because they don't know what it is?

 

Defensewall 3
Prevx SafeOnline
Immunet protect plus

 

I'd try BufferZone, but it is just for 32bit.

 

Shared Network:
Linksys Router with SPI Firewall
DyDNS Free (Ads and Pop-ups, Conficker Worm, Phishing, Spam, Spyware)

Real-time Protection:
Avast! Free Antivirus (Shields: File System, Network, Behaviour) [Password Protected]
Comodo Firewall (w/ Defense+, Execution Control, Sandbox) [Password Protected]
Malwarebytes' Anti-Malware Full (Protection & Website Blocking)

System (Windows 7 Pro 64-bit):
Enabled DEP, SEHOP, Default-Deny SRP, Silent UAC
Disabled Windows Firewall, Defender, System Restore, Internet Explorer, Autorun/Autoplay
Spybot - Search & Destroy (Immunize)

Firefox 3.6.9:
Adblock Plus (Malware Domains subscription)
LastPass
LinkExtend
SandBoxie Free (+ DropRights & Internet Access Restrictions)

On-demand Scanning:
AVZ Antiviral Toolkit
BugBopper
Digital Patrol
Emsisoft Emergency Kit
ESET Online Scanner (Smart Installer)
Hitman Pro
Norton Power Eraser
SUPERAntiSpyware Free
Trend Micro HouseCall

Analyzers:
http://camas.comodo.com/
http://www.urlvoid.com/
VirusTotalUploader

Updates:
Freeware Files RSS
KC Softwares SUMo

Backup:
Paragon Backup & Recovery Home Special Edition


Ubuntu Lucid Netbook:
Chromium --safe-plugins, AdThwart, LastPass, WOT
Regularly updated. Sudo only, no root

 

ClearCloud DNS

 

Upgraded Winpatrol.
Removed RSS 2011 and added Wondershare Time Freeze and Immunet Pro.
Snadboxie, Taskcatcher kept for on demand use only, also time freeze.

 

Pretty tight setup there sg09

 

Comodo Time Machine

Family Play PC Snapshot:
Windows FW 2-way (outbound only application level)
Safe Admin (all OS-internals)
- Only install signed drivers
- UAC quiet (test)
- Elevate from safe locations
- Installer recognition switched off
- Run only signed programs elevated
- Iron: EMET-2, Basic User, internal sandbox
- IE8: EMEt-2, protected mode, Locked through GPO
- Comodo AV [Defense+ enabled / Auto-sandbox: OFF] (test)

Admin PC Snapshot
Windows FW 2-way (outbound only application level)
Safe Admin (all OS-internals)
- Only install signed drivers
- UAC quiet (test)
- Elevate from safe locations
- Installer recognition switched off
- Run only signed programs elevated
- Iron: EMET-2, Basic User, internal sandbox
- IE8: EMEt-2, protected mode, Locked through GPO
- GeSWall Pro (trial)
- Prevx SafeOnline

 

Windows 7 Home Premium x64:

Real-Time

• Norton Internet Security 2011 (Paid)
• Emsisoft Mamutu 3.0.0.16 (Paid)
• WinPatrol Plus 19.0.2010.0 (Paid)

On-Demand

• Emsisoft Emergency Kit 1.0.0.19
• VMware Player 3.1.2 (W7 HP X64)
• Malwarebytes Anti-Malware 1.46

Windows Hardening

• Admin Account with Safe-Admin Tweaks
• Data Execution Prevention: Always On
• User Account Control: Default Level
• Structured Exception Handling Overwrite Protection
• Address Space Layout Randomization
• Enhanced Mitigation Experience Toolkit 2.0
• USB and DVD Drives Autorun Disabled
• Drive-by Protection via 1806 Trick

Browser and Network

• Mozilla Firefox 3.6.10 (Adblock, Norton IPS, NoScript)
• Internet Explorer 9 Beta X64 (Adblock + Hardening)
• Norton DNS (Block Malicious Websites)

* Awaiting the release of Firefox 4 for using Prevx SafeOnline.

 

Can you EMET Iron? It won't be possible with Chromium/Chrome. Are you sure?

 

I use Iron with EMET

 

So, it seems. Not possible with Chromium, though.

 

Chromium:

 

After many, many different setups over the last few months, I have settled for this: My machine runs nice and quick, I feel about as protected as I can be and can't see myself changing this for a very long time.

Avast Free
Online Armor Free
SandboxIE
ClearCloud DNS
Shadow Defender
Mailwasher Pro
Keepass
Macrium Reflect Free

Firefox with the usual Adblock, Ghostery, CSlite, Keyscrambler, etc, etc

 

Odd. It won't run with EMET here. It must be because of some restrictions I apply to Chromium.

I'll need a clean Chromium folder and check it out. Now, you made me jealous.

Anyway, great to know Chromium does run with EMET.