What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. AKAJohnDoe

    AKAJohnDoe Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    989
    Location:
    127.0.0.1
    My current Vista configuration is on my website under the PDA section, then under the PC Security heading.
     
    Last edited: Sep 28, 2007
  2. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    Please don't consider me paranoid for what I will say, I know the OP is honnest and was wondering the question he asked.

    However, if I was a malware writer, I would certainly post this kind of subject on many forums to collect free statistics about the security setup of people, to help me target specific security software with my trojan and have better sucess to infect computers :)

    It's not the case here, but I think that I should bring this point to light, to make people wondering if it's really a safe thing to do, to tell the world what security setup you have. Consider this question as a kind of debate :)

    Regards,
    gkweb.
     
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,781
    Location:
    U.S.A. (South)
    Let them gather all the config and data they want. This forum is PUBLIC display for all and also consider this.........

    ......just as they collect "free statistics" about security programs here, some researchers like myself register into THEIR :ninja: underground forums also ;) to collect vital data and releases in a covert manner so as not to attract suspicion.

    It's a free-for-all and THEY :ninja: don't have the corner on surveying the latest ideas and/or programs. :thumb:
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    My setup is now :
    1. Firewall of straw + Router of metal.
    2. Anti-Executable as whitelist for all executable objects in system partition
    3. ScriptDefender with 33 file-extensions to stop, what AE doesn't stop.
    4. DefenseWall HIPS to restrict untrusted internet applications.
    5. Freeze Storage as whitelist for all objects in system partition
    6. Automated Immediate System Recovery (boot-to-restore) to correct the failures of 1.,2.,3., 4. and myself as newbie.
    7. Clean FDISR-archives, including Freeze Storage.
    8. Clean ShadowProtect Images for restoration only as last resort.


    Green = New. I had clean archives and images in the past, but not as guaranteed clean as now. These are my ultimate weapons against the bad guys. Nothing can beat these clean images, except HARDWARE viruses and internet is still full of them.

    For the record : I don't consider my DAILY archives and images as SAFE, because they are backups of my actual harddisks and they can be infected in theory, because they have been on-line TOO LONG.
    My clean images are the ones I really trust, not the rest.

    Next project : Data Partition Protection (DPP)
     
    Last edited: Sep 29, 2007
  5. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    Be interested in your experiences on that task.

    My current protection:
    Nat router
    Comodo firewall, Sygate on another machine.
    SSM
    Returnil on XP machines
    FD-ISR freeze on W2k
    Sandboxie
    Avast!

    Recovery FD-ISR, Acronis.
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yeah, me too. I have no idea how to do this yet. It's my weakest point at this moment. I did small things already, but that's not enough.
     
  7. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,634
    added
    changed
    removed


    XP setup 1 & 2

    Resident:

    Kaspersky Anti-Virus
    Look 'n' Stop
    NOD32

    On-Demand:

    SUPERAntiSpyware Free

    Other Security / System Hardening:

    nLite'd Windows XP SP2 (with service tweaking based on TweakHound's guide)
    RyanVM's Post-SP2 Windows XP Update Pack
    Seconfig XP
    SocketLock
    xp-AntiSpy
    Process Explorer
    Firefox extensIons: AdBlock Plus, CS Lite, NoScript, and RefControl

    Vista setup
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,005
    Mine lately is:

    1) Router
    2) Avira Suite
    3) Firefox

    Nothing else...
     
  9. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,994
    Location:
    California
    At the moment...

    1) Kerio 2 Firewall
    2) Deep Freeze
    3) Opera

    Nothing else...
     
  10. The Sand

    The Sand Registered Member

    Joined:
    Aug 16, 2007
    Posts:
    218
    Location:
    Los Angeles, California
    Norton 360
     
  11. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,378
    Location:
    Milan and Seoul
    I thought all your tests were done with Anti-Executable. What happened?
     
  12. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,994
    Location:
    California
    I "retired" from testing. My interest in malware was seeing how it can be prevented from downloading/installing. My opportunities came in email attachments and emails with links to infected sites. Also a few links posted at sans.org

    Alas and Alack, about a year ago my ISP installed a new MDaemon.PRO email server which blocks 99% of Spam and 100% of attachments with executable files. I get maybe 2 - 3 spams per week, usually pharmaceuticals.
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,781
    Location:
    U.S.A. (South)
    My latest group runs along these lines. I have several snapshots, so far sake of keeping this config as honest to true as possible, this is what rounds things out for me on my most routine (common) internet connected config.

    AE

    FD-ISR

    Kerio 2.15

    Sandboxie

    EQSecure 3.4

    Power Shadow

    Script Defender


    This is pretty light compared to the heavy arsenal i used to employ.

    This is my security forum + Google Search arrangment. I can easily pile on the meat when going after capturing malwares as well as testing virii which i now reserve on a totally isolated and different drive.

    I don't fear, so i waive any sort of VMware or Virtual Box to run captures. If they happen to bite hard on something unrecoverable i simply restore a duplicate image and start over again.

    On-Demands are too many i don't have time to list but will at some future date.

    As an aside: Paragon Drive BackUp 8.51 and/or DriveSnapshot handles the backup detail in this camp.
     
    Last edited: Sep 30, 2007
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,378
    Location:
    Milan and Seoul
    Eversince I changed to gmail, I also feel well protected, and their spam filter is one of the best (they even advise about infected files). I still think running AE is very light on my system (a lot more than running an AV), and will stay with it. You certainly changed my mind about AVs!
     
  15. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,994
    Location:
    California
    AE, of course, is not a "substitute" for AV.

    I write this as a mild disclaimer for others: that one should begin with a security strategy (as I know you have) to include the conditions in which the computer is used. Security products should be chosen that complement and reinforce that strategy.

    -rich
     
  16. zhanwest

    zhanwest Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    42
    At the moment,
    ThreatFire Free + SandBoxie + ICF
     
  17. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,688
    ICF o_O
     
  18. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    ICF = Internet Connection Firewall (I think)
     
  19. Doc Serenity

    Doc Serenity Registered Member

    Joined:
    Apr 4, 2007
    Posts:
    105

    Would somebody please explain the differences between FD ISR and Paragon Drive Backup/Drive Snapshot.
    And which do you think is easier for a novice to use - Paragon or Drive Snapshot?
     
  20. inshadesofgrey

    inshadesofgrey Registered Member

    Joined:
    Sep 23, 2007
    Posts:
    3
    NOD32
    SAS
    Comodo

    Ondemand - Spybot S&D.

    Somehow, I feel I need to have one more on-demand scanner....Suggestions people??
     
  21. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,634
    AVG AntiSpyware or a-squared in place of Spybot.
     
  22. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,113
    Location:
    South Texas, USA
    I have sent you a PM answering your question.

    dja2k
     
  23. binary_jester

    binary_jester Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    10
    NOD32
    BOClean
    CPF
    Security Task Manager
    Spyware Blaster
    DeepFreeze (as an avid tweaker, this is to protect me from myself)
    Security & Privacy Complete

    OS wise -
    Firefox
    LiteStep
    ExplorerXP (explorer does not run at all)
     
  24. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,537
    I think that I already said the same one time, but why don't you read carefully what gkweb said and think a little bit!!!o_O
     
  25. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Avira Suite
    Sandboxie
    AVG-AS on demand
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.