What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    not much.

    my first line of defense is me, Chrome and UAC at max.
    Chrome protects me from drive-by malware and i don't expect to get drunk enough to install malware myself. :D
    UAC protects Program Files and Windows folders and reduce the Integrity Level for that 'limited' admin account.

    my second line of defense is on-demand scanners: Hitman Pro, VirusTotal and sometimes Jotti.
    anything that i download and that is not from a major publisher is scanned.
    i only make exceptions for Adobe, Microsoft, NVdia. stuff like that.

    my third line of defense is Look and Stop Firewall and Password Depot.
    i don't think i really need any of those 2 but i like the convenience factor.

    if the ~ Snipped as per TOS ~ was to hit the fan big time, restoring a disk image with IFW would fix the problem. unless i were to get a BIOS/hardware virus or something really nasty.

    i've been doing this for almost 6 months without a problem.
    i've even tried to get deliberately infected by drive-by malwares, surfing virus sites for hours.
    nothing got through i'm glad to say.

    this strategy would not work for everyone but it works for me.
    i'm the only one using this computer, so that makes a big difference.
    i only have 1 user to worry about. ;)
     
    Last edited by a moderator: Nov 6, 2011
  2. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    moontan, I like your approach. Things don't have to be complicated when you know what you are doing. I hope to be getting there, though slowly.
     
  3. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,321
    Location:
    USA
    Windows 7 x64
    Applocker with all rules configured and enforced including DLL.
    UAC: Always Notify
    Windows Firewall Notifier (extend Windows Firewall, allowing outgoing connections handling with popups)
    Windows Firewall with advanced security, inbound and outbound blocked by default, restricting web-facing applications to specific remote ports
    Windows Defender
    Firefox Nightly x64
    Internet Explorer 9 hardened though GPO
    Hitman Pro
    Active@ Disk Image w/ three different maintained images on two separate hard drives
     
    Last edited: Nov 8, 2011
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i just like to keep things simple.

    to tell the truth, i think when it comes to security softwares and setups, the cure can sometimes be worse than the disease. ;)
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,742
    Location:
    Canada
    very true:thumb:
     
  6. Francis93

    Francis93 Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    311
    Superb setup! :thumb: Glad you joined the bandwagon. :D :D
     
  7. Tunerz

    Tunerz Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    110
    Location:
    Philippines
    Privatefirewall (previously Comodo Firewall)
    Sandboxie
    Hitman Pro
    MBAM
     
  8. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning ! Avast I.S. Zemana AntiLogger...Hitman Pro...Avast all shields set to the max. Sincerely...Securon
     
    Last edited: Nov 7, 2011
  9. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    MSE, EMET, Sandboxie *puppy*
     
  10. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    feeling pretty secure with just Look n Stop,EMET,SRP :) i dont think i can make it any more lighter than it is now :)
     
  11. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    ESET HIPS feels like an anti executable :rolleyes:
     
  12. wat0114

    wat0114 Guest

    My security setup
    Win 7 x64 Ultimate Desktop: updated November 07, 2011


    New: Blue
    Removed: strikethrough
    1. Using Standard account as default
    2. Hardened Windows 7 with customized baseline via Group Policy Editor with settings found here
    3. UAC at highest level
    4. AppLocker with all rules, including DLL, enforced
    5. Windows Firewall with advanced security, inbound and outbound blocked by default, restricting web-facing applications to specific remote ports and in some cases to remote ip addresses.
    6. Disabled DNS Client service: set DNS ip addresses in Network settings, and created DNS-specific rules for all web-facing apps
    7. IE 9 x64 with several restrictions applied in Group policy editor found here
    8. EMET, with mainly web-facing and MS Office apps configured
    9. MBAM on-demand free (used sparingly)
    10. Routine images of system using ShadowProtect RE disk, saving the images to two separate physical locations.
    11. All sensitive data kept on a TrueCrypt volume on a USB pendrive, and also bitlocker-encrypted volumes.

    the following services are disabled:
    • DNS Client
    • Secure Socket Tunneling service
    • IP Helper
    • Remote Access Connection Manager
    • SSDP Discovery service
    • TCP/IP NetBIOS Helper
    • Workstation re-enabled because of a VMWare component that needs it
    • Function Discovery Resource Publication
    • WinHTTP Web Proxy Auto-Discovery service

    • SuRun, v1.2.0.10 – removed again, having decided to elevate only known Windows services from the Standard account using OTS, Secure Attention Sequence (SAS), UAC and FUS to the Administrator account for all other elevations using AAM, also Secure Attention Sequence (SAS) UAC.

    Note the use of free MBAM for on-demand only.
     
  13. MajorPleasure

    MajorPleasure Registered Member

    Joined:
    Feb 8, 2011
    Posts:
    20
    Location:
    Denmark
    Good job on this set-up, I like it.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,742
    Location:
    Canada
    start using sandboxie and i will wait for defenseall 64 bit version:thumb:
     
  15. abels

    abels Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    103
    Location:
    Danang, VN
    I'm trying the new setup: Avast IS, Spyshelter Free and Appguard 3.
     
  16. wat0114

    wat0114 Guest

    Thank you!
     
  17. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ok I take back what I said to tom of what can be more chatty then MD and I stand corrected.ESET IS Loud.The Hips in Interactive mode is absolutley mental.o_O My index finger is Sore.
     
  18. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Yahoo:thumb:
     
  19. tomazyk

    tomazyk Guest

    If you start with HIPS in Interactive mode you can get crazy from clicking :)

    I managed to disable some rules in Interactive mode by making some general rules (I only left execution control, direct drive access and driver loading on).
    I have Learning mode on and manually move rules to groups that I have made. It's a slow process but after two days almost no new rules are created. In a week or so I will probably put it in Policy-based mode and see how it goes.
     
    Last edited by a moderator: Nov 7, 2011
  20. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    Has Ilya said he will make a 64 bit version?
     
  21. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,321
    Location:
    USA
    I know you were going to remove SuRun again. Hahaha MrBrian LOL... Thanks for your post you Applocker Troll :D
     
    Last edited: Nov 7, 2011
  22. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,965
    Location:
    Canada
    As far as I know, the answer is no.
     
  23. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I hope that changes...I would love to install DW again.
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,742
    Location:
    Canada
    he will but he doesnt know when:)
     
  25. Francis93

    Francis93 Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    311
    Very true :thumb::thumb:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.