What is your security setup these days?

All behind NAT router with SPI-FW

Gaming PC (Vista64 Home premium)

• UAC on in quiet mode and installer recognition off
• WindowsDefender, create restore on + scan off
• VistaFireWallControl 1.2 (Vista FireWall off)
• PrimaryResponseSafeConnect
• Antivir (check at write only, heuristics high)
• HauteSecure soft sandbox

House PC (XP Home)

• DefenseWall Policy Sandbox
• Comodo V3 with D+ (Loopback network, All objects to monitor against Modification and Direct Access)
• Avast Home only incoming data streams (Web/P2P/Mail/Network shields enabled, others stopped)

Off course the last is all Aigle's and Bellgamin's fault (because they are tyring CFP also and managed to shut it quiet)

 

Changed
Added
Removed

Recovery - FD-ISR
Firewall - Comodo Firewall 3
Anti-Virus - Avira Premium
Browser Protection - SafeSapce
Behaviour Blocker - Winpatrol Plus
Virtual Partition - Returnil
AS - SuperAntiSPyware
Hosts File - HostsMan
Image Restore - Acronis True Image

Others:
IP Blocker - Peerguardian
Spam Filter - Mailwasher Pro
Browser - Firefox with Spoofstick, Adblock, NoScript, CookieSafe
Passwords - Keepass
Encryption - Truecrypt

Vista Ultimate only - no XP anymore

 

Seems Bitdefender expired its 1-year Internet Suite 2008 free key that was floating around, so I had to change my Vista Ultimate setup. Here is my full lineup:

Active
Avast 4.7 (Free)
Look'n'Stop 2.06 (Paid) + Phantom Ruleset v8
Hostsman 3.1.55 (MVPS Host File & HostSrv Enabled)
DriveSentry v3.01 (Free)
Sandboxie 3.22 (Free)
WinPatrol 2007 (Free)

On-Demand
AVG Anti-Spyware 7.5 (Free)
A-Squared 3.1 (Free)

Browser
Firefox 2 w/ KeyScrambler, Roboform, Ad-Block Plus, & Finjan Secure Browsing

Hardening & Tweaks
UAC Tweak (UAC in Silent Mode)
Windows Firewall (Off)
Windows Defender (Off)
Spyware Blaster
Advanced WindowsCare V2
Services Disabled (BlackViper.com Recommended)

Backup
Acronis True Image 10
Acronis Disk Director Suite 10
Acronis OS Selector 10

*This setup is also running under a Linksys WRT54G router with SPI Firewall Enabled.

dja2k

 

F-Secure Antivirus
Sandboxie
Dynaxa Anti-Spam

 

Hey trjam, when/how did you find about Dynaxa? How good is it?

 

It is very good. The best I have found and a IT friend recomended it to me. This thing works.

 

Sadly it's works only with MS Outlook (Express) or MS Windows Mail.

 

what were you wanting it to work with.

 

Removed Comodo after a duplicate file protection add in D+ setup. Is a bug which setsof D+ and ruines userinit in next bootup. The joys of a good image backup.

 

As shown below. Never had malware in 27 years starting with an Apple computer in the early 1980s.

 

What I use and why.

Windows XP behind a router with hardware firewall, Windows Firewall and Firefox with Noscripts.

1. Prosecurity Free (Monitor outgoing connection's and running processes.)

2. Sandboxie Paid (Isolate all files downloaded through browser)

3. KAV 7 (Realtime analysis of files in Sandboxie for detection of known malware)

4. Ad muncher v4.71 Build 28140 (Popups, ads, browser manipulation and refferer blocking).

5. Browser Sentinel v2.1.1 (Monitor drivers, services, startups, activex, BHO's, Toolbars & more).


muf

 

I have changed from Vista LUA, Software Policy Restriction and firewall only to:

Vista UAC
Firewall: Look´n´Stop
Antivirus: Avast Free
Instant recovery: FDISR (Leapfrog original)
Image: ShadowProtect.

Even though I liked the antiexecutable settings in SRP, they cased problems.
Suddenly some items in right click menus didnt work.
Some software that were white listed in SRP consumed alot of CPU cycles and the app became sluggish.
Dont know why but I guess there are additional SRP rules that needs to be done to allow sub processes or something, but I dont how to do that.
So Back to basic.

 

Adjusted security setup do to EAV 3's conflict with Outlook...

Active
Avira AntiVir Premium
Online Armor 2
SandboxIE

On-Demand
SUPERAntiSpyware Pro
Shadowprotect Desktop

Windows XP SP2 and IE7

 

Firewall
Linksys Router RT31P2
Outpost Firewall Pro 6.0.2225.232.465.287
Harden-It 1.2
Windows Worms Doors Cleaner 1.4.1

AV/Anti-Spyware
Kaspersky Anti-Virus Personal 7.0.0.125
Malwarebytes Anti-Malware 1.03

HIPS
Ghost Security Suite 1.110 (AppDefend 1.000 and RegDefend 2.050 with revised custom Ghost Group from Tony Klein 5/29/06)
DiamondCS WormGuard 3
WinPatrol Plus 14.0.2007.1

Block Lists
MVPS Hosts File 2/9/08 (with HostsXpert 4.2)

Resident On Demand Scanners
SUPERAntispyware 3.9.1008
Kephyr Bazooka 1.13.03
Dr. Web CureIt Anti-Virus 4.44.4
Mischel TrojanHunter 5.0 (962)
A-squared scanner 3.1.0.23
Ewido (AVG) Micro 4.0
UnHackMe 4.6
AVG Anti-Rootkit 1.1.0.42
F-Secure BlackLight 2.2.1067
Gmer 1.0.14.14116 (Catchme 0.2)
Resplendence RootKit Hook Analyzer 3.02
Trend Micro Rootkit Buster 1.6.0.1052 Beta
Trend Micro HijackThis 2.0.2

Online Scanners
HijackThis log file analysis & Networktechs HJT log analysis (HijackThis log analyzers)
VirusTotal
Jotti's malware scan
McAfee Freescan

 

Security Hardware: Good quality SPI wired router

Firewall(s): Windows Xp Firewall, CFosSpeed

Anti-Virus/Malware: Avira AntiVir PE Premium

Behavior Blocker: Norton AntiBot

HIPS/CIPS: Prevx (expert mode)

 

QBgreen,
No more BOClean

 

Added
Removed

Resident

ShadowDefender (trial)
Defensewall HIPs
Comodo v3 with defense+ disabled
McAfee AV
SnoopFree
KIS 7 - while waiting for next OA release
EQSecure 3.41
SandboxIE
Hostsman
Spyware Blaster
RegProt

On Demand

AVG Antispyware
A-squared
SUPERAntiSpyware (Paid)

Backup

Acronis TI 10
FD-ISR
DriveImageXML

Other

Firefox with NoScript,AdBlock+,Scrapbook,Site Advisor,RefControl,CookieSafe,Filterset.G,Tab Mix Plus
CCleaner
Easy Cleaner
Filemap by BB
FingerPrint
WhatsRunning
RegShot
Tiny Watcher
MJRegistryWatcher
FileChangeAlarm

 

This is lean and very mean:

Antivir Premium
OA Firewall
SAS Pro
Vade Retro ( This is the best Anti-Spam I have tried.)

Badcompany.

 

ShadowDefender and SafeSpace

They seem to be working well together and no impact on resources. SafeSpace doesnt quite take away that 1.234 millisecond delay that Sandboxie does.

 

Since i use several FD-ISR snapshots that offer multiple configurations all different then the other, the one which seems the most POWERFUL is made up of this:

DEEP FREEZE + ANTIEXECUTABLE + EQS + SANDBOXIE + SURUN as LUA.

This is my most SOLID setup put together that appears the most best of all.

I really don't know what if anything could possibly rupture such a wall of absolute LOCKDOWN as this. Of course Kerio 2.15 also provides the network monitoring.

 

Not for the moment, although I may add it at any time.

 

Added
Removed

Firewalls:
Hardware router+firewall
Windows XP firewall

Anti-Virus/Malware:
NOD32 (paid)
BitDefender 10 - on demand
Avast! Home
ClamWin - on demand
BOClean
SpyBot S&D
SUPERAntiSpywarePro (paid)

Other:
Norton Ghost backups
SysInternals rootkit revealer
and increased caution

 

Ad-Aware SE Pro 1.06 on demand
Admuncher 4.71 active
AVG free edition 7.5.516 active
Ewido 4.0.0.147 Plus on demand (with latest defs)
Hijackthis on demand
AVG anti-rootkit on demand
Rootkit Hook analyzer on demand
GMER 1.04 on demand
BHO Demon on demand
Adsubtract pro 2.55 active
Sysinternals Rootkit revealer on demand
various other rootkit killers/finders
and spare anti-virus progs

Experimenting with but not full time
Shadow defender Beta 1.1
Deep Freeze
anti-executable
Sandboxie

I'm hoping to use Shadow Defender with either anti-executable or sandboxie when things are ironed out with Shadow Defender

........................................

I also go by my own "feel"

 

things are ironed out. If you click on the download page you will see the beta, which it is, and then another release below it that has no issues. It is stable and perfectly fine to use or try.

 

Thanks TRJAM It does look very promising

I meant also that I am looking forward to the reboot in shadow mode when trying software that requires a reboot.

I had an issue with the beta of very long reboots in certain circumstances