What is your security setup these days?

My current Vista configuration is on my website under the PDA section, then under the PC Security heading.

 

Hello,

Please don't consider me paranoid for what I will say, I know the OP is honnest and was wondering the question he asked.

However, if I was a malware writer, I would certainly post this kind of subject on many forums to collect free statistics about the security setup of people, to help me target specific security software with my trojan and have better sucess to infect computers

It's not the case here, but I think that I should bring this point to light, to make people wondering if it's really a safe thing to do, to tell the world what security setup you have. Consider this question as a kind of debate

Regards,
gkweb.

 

Let them gather all the config and data they want. This forum is PUBLIC display for all and also consider this.........

......just as they collect "free statistics" about security programs here, some researchers like myself register into THEIR underground forums also to collect vital data and releases in a covert manner so as not to attract suspicion.

It's a free-for-all and THEY don't have the corner on surveying the latest ideas and/or programs.

 

My setup is now :
1. Firewall of straw + Router of metal.
2. Anti-Executable as whitelist for all executable objects in system partition
3. ScriptDefender with 33 file-extensions to stop, what AE doesn't stop.
4. DefenseWall HIPS to restrict untrusted internet applications.
5. Freeze Storage as whitelist for all objects in system partition
6. Automated Immediate System Recovery (boot-to-restore) to correct the failures of 1.,2.,3., 4. and myself as newbie.
7. Clean FDISR-archives, including Freeze Storage.
8. Clean ShadowProtect Images for restoration only as last resort.

Green = New. I had clean archives and images in the past, but not as guaranteed clean as now. These are my ultimate weapons against the bad guys. Nothing can beat these clean images, except HARDWARE viruses and internet is still full of them.

For the record : I don't consider my DAILY archives and images as SAFE, because they are backups of my actual harddisks and they can be infected in theory, because they have been on-line TOO LONG.
My clean images are the ones I really trust, not the rest.

Next project : Data Partition Protection (DPP)

 

Be interested in your experiences on that task.

My current protection:
Nat router
Comodo firewall, Sygate on another machine.
SSM
Returnil on XP machines
FD-ISR freeze on W2k
Sandboxie
Avast!

Recovery FD-ISR, Acronis.

 

Yeah, me too. I have no idea how to do this yet. It's my weakest point at this moment. I did small things already, but that's not enough.

 

added
changed
removed


XP setup 1 & 2

Resident:

Kaspersky Anti-Virus
Look 'n' Stop
NOD32

On-Demand:

SUPERAntiSpyware Free

Other Security / System Hardening:

nLite'd Windows XP SP2 (with service tweaking based on TweakHound's guide)
RyanVM's Post-SP2 Windows XP Update Pack
Seconfig XP
SocketLock
xp-AntiSpy
Process Explorer
Firefox extensIons: AdBlock Plus, CS Lite, NoScript, and RefControl

Vista setup

 

Mine lately is:

1) Router
2) Avira Suite
3) Firefox

Nothing else...

 

At the moment...

1) Kerio 2 Firewall
2) Deep Freeze
3) Opera

Nothing else...

 

Norton 360

 

I thought all your tests were done with Anti-Executable. What happened?

 

I "retired" from testing. My interest in malware was seeing how it can be prevented from downloading/installing. My opportunities came in email attachments and emails with links to infected sites. Also a few links posted at sans.org

Alas and Alack, about a year ago my ISP installed a new MDaemon.PRO email server which blocks 99% of Spam and 100% of attachments with executable files. I get maybe 2 - 3 spams per week, usually pharmaceuticals.

 

My latest group runs along these lines. I have several snapshots, so far sake of keeping this config as honest to true as possible, this is what rounds things out for me on my most routine (common) internet connected config.

AE

FD-ISR

Kerio 2.15

Sandboxie

EQSecure 3.4

Power Shadow

Script Defender

This is pretty light compared to the heavy arsenal i used to employ.

This is my security forum + Google Search arrangment. I can easily pile on the meat when going after capturing malwares as well as testing virii which i now reserve on a totally isolated and different drive.

I don't fear, so i waive any sort of VMware or Virtual Box to run captures. If they happen to bite hard on something unrecoverable i simply restore a duplicate image and start over again.

On-Demands are too many i don't have time to list but will at some future date.

As an aside: Paragon Drive BackUp 8.51 and/or DriveSnapshot handles the backup detail in this camp.

 

Eversince I changed to gmail, I also feel well protected, and their spam filter is one of the best (they even advise about infected files). I still think running AE is very light on my system (a lot more than running an AV), and will stay with it. You certainly changed my mind about AVs!

 

AE, of course, is not a "substitute" for AV.

I write this as a mild disclaimer for others: that one should begin with a security strategy (as I know you have) to include the conditions in which the computer is used. Security products should be chosen that complement and reinforce that strategy.

-rich

 

At the moment,
ThreatFire Free + SandBoxie + ICF

 

ICF

 

ICF = Internet Connection Firewall (I think)

 

Would somebody please explain the differences between FD ISR and Paragon Drive Backup/Drive Snapshot.
And which do you think is easier for a novice to use - Paragon or Drive Snapshot?

 

NOD32
SAS
Comodo

Ondemand - Spybot S&D.

Somehow, I feel I need to have one more on-demand scanner....Suggestions people??

 

AVG AntiSpyware or a-squared in place of Spybot.

 

I have sent you a PM answering your question.

dja2k

 

NOD32
BOClean
CPF
Security Task Manager
Spyware Blaster
DeepFreeze (as an avid tweaker, this is to protect me from myself)
Security & Privacy Complete

OS wise -
Firefox
LiteStep
ExplorerXP (explorer does not run at all)

 

I think that I already said the same one time, but why don't you read carefully what gkweb said and think a little bit!!!

 

Avira Suite
Sandboxie
AVG-AS on demand