What is your security setup these days?

Just too much time on their hands IMO.

 

Partially because I like playing with/testing the software. Seeing what works and what works with other programs. Waiting for zero-day. Paranoia is fun!

 

Vista 32 SP1 set-up "changes" in bold as of 3/6/08:

Resident:

DefenseWall HIPS v2.21(Compatible w/Vista SP1)
Netgear RP614 v2 Router w/NAT & SPI
Primary Response SafeConnect v3.0.0.1443
Vista Firewall

Other "Paid" Security Applications at My Disposal(Not currently using):

DriveSentry Full
LinkScanner Pro
Look'n'Stop
RegRun Platinum

On-Demand:

Autoruns
AVZ Antiviral Toolkit
GMER
Prevx CSI+
Process Explorer
RootKit Hook Analyzer
Rootkit Unhooker
Runscanner
ShadowDefender(For testing purposes)
SUPERAntiSpyware Free

System Hardening:

Applied manual system hardening tweaks
Disabled non-essential Vista services
Enabled Software DEP for all programs and services
Disable UAC with TweakUAC[Reset/Update]
Set UAC to "quiet mode" with TweakUAC[Undo]
Disabled Windows Defender
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera v9.26(w/UserJS scripts + PhishTank SiteChecker script[Redundant/Uninstalled]; Java disabled, JavaScript enabled, but with options disabled, Iframes disabled and plug-ins disabled)
Email - The Bat! Home


Peace & Gratitude,

CogitoErgoSum

 

Full Current XP List For Old Reference Go HERE

dja2k

 

I have now switch one computer to Sandboxie and Norton Antibot. It is a interesting combo and pretty light.

 

Well the reason I added AntiBot is because of its testing by CogitoErgoSum and I have dropped DriveSentry which I was going to purchase ($10). The development is kinda slow for DriveSentry and its behavior analysis is its last line of defense. DriveSentry was more like an anti-executable and write protection for drives with sorta of an AV kick to it. I got a license for Antibot (1 Year) and it runs well with my setup which you can't even tell its there.

I was also testing Defensewall to run with Sandboxie like a few are doing here at wilders, but I dropped testing that. I have left it to Sandboxie plus Online Armor's "Run Safer" option to cover that department.

dja2k

 

Latest setup on the PC running XP -

Windows FW
Sandboxie
Returnil

All running in LUA (with surun) behind a SPI router.

Also hardened with seconfig, safeXP and xp-antispy.
My PC feels light and snappy and very secure.

Missus' laptop with XP -

OA Free
Avira Classic
+ Hardening

Browse with Firefox and noscript on both.

 

Change:

HIPS: Threatfire (highest setting), no more OA

No more AVG AS now Malwarebytes (tip Lonewolf, thanx)

 

My latest:

Dlink Router and Windows Firewall
Dr Web 4.44
Defencewall
Superantispyware Pro


Dropped:
Prevx 2.0

 

Today's Security SetUp:

"Live Running Apps"

EQS (4.0 Beta)
SandboxIE
Kerio 2.15
Returnil
XP SP2

 

"Today's Security Set Up"

You are as bad as me Easter.

 

Don't feel bad. I think it's safe to assume we all have issues.

 

PC 1 (Windows XP) – My PC - p2p, browsing dodgy sites and general use

AV: Avira Antivir Premium
Firewall: Netgear Router (Hardware), Sygate Pro 5.6 (Software)
Antispyware: SAS Pro 4
HIPS: EQSecure 3.41
Sandbox: SandboxIE
Rootkit: GMER (On demand)
Encryption: TrueCrypt 5
Privacy: R-Wipe and Clean
System Eraser: DBAN 1.0.7
Backup: Shadow Protect, FD-ISR (replaces system restore)
Hardening: SpywareBlaster 4, PeerGuardian 2, Harden It, Secure It, IE7 Pro, MVPS Host File

Will be replacing EqSecure 3.41 and SandboxIE with EqSecure 4 final and replacing Avira Premium with Avira Classic when my licence expires.

PC 2 (Windows Vista) – Family PC general browsing etc

Security: KIS 7, Threatfire
Privacy: Windows Washer
System Eraser: DBAN 1.0.7
Backup: Acronis True Image 11
Hardening: Ad Muncher, SpywareBlaster 4

Both setups are extremely effective, load quickly and run extremely light. IMO pc1 is pretty much bulletproof in terms of protection and i havent had any infections on it so far despite my very bad surfing habits

Unused Licences: Look n Stop 2.06 with Phantoms Ruleset, EAV v3, Outpost Pro 2008.

 

Vista 32 SP1 set-up "changes" in bold as of 3/9/08:

Resident:

DefenseWall HIPS v2.21(Compatible w/Vista SP1)
Netgear RP614 v2 Router w/NAT & SPI
Primary Response SafeConnect v3.0.0.1443
Vista Firewall

Other "Paid" Security Applications at My Disposal(Not currently installed):

DriveSentry Full
LinkScanner Pro
Look'n'Stop
Norton AntiBot
RegRun Platinum
SuperAntiSpyware Pro
Task Catcher
WinPatrol Plus

On-Demand:

Autoruns
AVZ Antiviral Toolkit
GMER
Prevx CSI+
Process Explorer
RegRun Reanimator[Installed]
RootKit Hook Analyzer
Rootkit Unhooker[Uninstalled]
Runscanner[Uninstalled]
ShadowDefender(For testing purposes)
SUPERAntiSpyware Free

System Hardening:

Applied manual system hardening tweaks
Disabled non-essential Vista services
Enabled Software DEP for all programs and services
Disable UAC with TweakUAC
Disabled Windows Defender
Java Runtime Environment[Uninstalled]
Windows Worms Door Cleaner

Backup:

ERUNT(registry)
Paragon Drive Backup

Miscellaneous:

Primary Web Browser - Opera v9.26(w/UserJS scripts; Java disabled, JavaScript enabled(userscripts only), but with options disabled, Iframes disabled and plug-ins disabled)
Email Client - The Bat! Home


Peace & Gratitude,

CogitoErgoSum

 

sandboxie
returnil
KIS
AVGAS

To have max speed when browsing it´s easy to put on returnil session lock, pause KIS protection and disable sandboxie forced programs...This option I like a lot...Max safety with max choices...

 

I guess for just surfing the Web Returnil is all you need.

Be sure to have a clean system beforehand to eliminate any phone home thingy[keylogger with their own SMTP server].

I get used to use only Returnil with everything disabled for the last couple of months,and sofar nothing to worry.

If i do online shopping then browser is also protected by SBIE with only browser allowed to connect so any change that something other will connect is zero.

 

Taken up the challenge of taming the C(K)omodo dragon

So, no more sygate and threatfire for the time being.

 

My current resident protection list in short! (On Trial)

Online Armor AV+
Norton Antibot
Sandboxie
RVS 2008 PE (Trial)

dja2k

*I tried using ShadowDefender in earlier situations but for some reason, it didn't workout, so that's why I am trying out Returnil Virtual System 2008.

 

On the general house PC (XP box):
- Comodo FW with D+ tuned down and extra registry protection
- DefenseWall threatgate policy mitigation
- Avast 4.8 with forward checking on inbound data streams and standard shield off

Thats it

 

Same:
Added:
Removed:

Windows XP behind a router with hardware firewall, Windows Firewall and Firefox with Noscripts.

Prosecurity Free

1. Sandboxie Paid

2. Ad muncher v4.71 Build 28140

3. Browser Sentinel v2.1.1

4. DefenseWall v2.10 v2.20


Until my next change...

muf

 

Allways active:

Sygate Pro 5.6.3408
Online Armor free Hips only
Sandboxie with forced programs etc.
Avira free write only

On demand

Peer Guardian
Returnil
A squared free
Superantispyware
Malwarebytes
Prevx CSI
a boot scan with Avast free
SpyBot SD
Cureit
Secunia PSI

Bootup watch:
Tiny Watcher

and further:
Spyware Blaster
Firefox w NoScript, AdblockPlus, RefControl
Thunderbird w AdblockPlus

(can't LUA because of Peer Guardian)

Last but not least common sense.

Dumped Comodo FW to much hassle with utorrent and trackers
and TF (slowed down system)

 

Yoda. uTorrent works fine for me with Comodo. Did you follow this step.

http://forums.comodo.com/frequently...utorrent_with_comodo_firewall_3-t15677.0.html

 

Yes I did and it still didn't work on some trackers. I painstakedly browsed the whole forum to get answer to my problem. Tried Ragwing's rules too with no good result.

Sygate FW gives no probs whatsoever. Never had. Only the famous loopback problem, well I'll live with that.

 

Hai Kees, wat bedoel je hiermee..I mean, what do you mean by that? I'm curious yellow.

 

I think he means he uses the web shield and maybe email shield to check incoming traffic but he doesnt uses the standard shield.