What is your security setup these days?

I disabled malware-ids because it could have conflicted with Norton Antibot, both are behavior blockers.

 

I can't speak for NAB, but a-squared's IDS ran well with ThreatFire. You may want to give it a try with NAB too.

 

nod32 3.0.642.0
AVG antispyware 7.5 pro
BOClean 4.25
zoneAlarm 7.0 pro

hmm,do I need something more

 

Maybe something less like BOClean.

 

ESET NOD32 Version 3.0.642
SUPERAntiSpyware Pro 4.0.1154

 

lns
boclean
threatfire(level5)
regrun suite
sandboxy

 

What's wrong with boclean?

 

Intrinsically - nothing.

I'd hazard a guess that the comment is more along the lines of right now, according to the list you provided, you are running a scanner/scanner/scanner/firewall. While various scanners approach things differently and can have unique features, there is also a high level of duplicative coverage. Structurally, it may make more sense to complement things with a solution not predicated on signature scanning. There are many such approaches available.

Blue

 

Jetico v2 (since the beta)
F-prot v6

Malwarebytes' Anti-Malware and Avira Premium On demand
Ad Muncher

Fast, light, …

I have tested many other solutions but, often, the same thing: slowdown, bug.

----
For my opinion, and, on my setup:
Ikarus : too false positives
NOD32 : it’s ok…
Kaspersky : In the past, licensed for 2 years but today, not for me.
Vipre : too early to have an opinion.
GDATA : very good but a little too heavy.
DrWeb : Latency, lag time too noticeable for me.
Norton, Symantec, etc : just don’t want to try it. I have a bad memory of Norton products


ZoneAlarm : I hate this program since…the beginning (In my PII 350 I think).
LnS : good, when it works.
Outpost 6 : Very good but too bugged, too heavy, and I don’t want an antispyware, anti-advertising ect with a firewall.
Comodo firewall : same opinion as ‘Alcyon’ : “it's as good as my toilet papers »... for the firewall section.

All the virtualization tested; slow down when browsing, and sometime the computer -> garbage !!

ProSecurity: BSOD after 15 minutes -> garbage.
Perhaps I will test EQSecure when I will be release for Vista..perhaps.. I am not sure : I have a life ‘outside’ the computers.

 

This is my security setup:


Real-time scanners:
NOD32 v3
Online-Armor Firewall
Comodo Memory Firewall
Winpatrol
SpywareBlaster
SnoopFree


On-demand scanners:
SAS Free
A-squared free


Browser:
Firefox w/ Adblock Plus & NoScript


Other utilities:
Process Tamer
Returnil
CCleaner
PeerGuardian 2
EULAlyzer (MUST HAVE!)


I'm not using a hardware firewall (can't afford one right now)
Uninstalled Threatfire (has become completely non-functional, clicking on the interface doesn't do anything ), BOClean (has become a system hogger and/or conflicts with other anti-malware apps since Comodo's acquisition), and Sandboxie (doesn't even install properly on my Windows XP ).

 

This is my NEW security setup for my new XP laptop (better luck next time Vista )

Real-time scanners:
Avast
Online-Armor Firewall
SpywareBlaster


On-demand scanners:
SAS Free


Browsers:
Firefox w/ Adblock Plus, NoScript and Sitehound
K-Meleon 1.1.4


Other utilities:
CCleaner
EasyCleaner
Returnil

 

Hi everyone,

This is my current security setup. It is effective and extremely light.

- Router: WRT54G (DD-WRT firmware) w/ NAT & SPI

- Antivirus: KAV
- Firewall: ZAP

HIPS
- Classical: EQSecure
- Behavoir Blocker: KAV PDM
- Whitelist/Anti-execution: Anti-Executable
- Program Sandbox/Virtualization: Sandboxie
- OS Virtualization: Deep Freeze

Hardening
- LUA (SuRun)
- Host File
- Dangerous Port Closing
- Services Disabling

Browser
- Firefox _ AdBlock Plus + KeyScrambler

 

Desktop- Vista Home Premium
browsers- FF and IE7
av- NOD32
FW- PC Tools
AS- SuperAntiSpyware Pro
also- Threatfire, CCleaner, System Tuneup, SpywareBlaster, AdMuncher, Mail Washer

Laptop- Vista Home Basic
browsers- FF and IE7
av- Avira Premium
FW- PC Tools
AS- SuperAdBlocker

also- Threatfire, CCleaner, SpywareBlaster, Mail Washer

Best thing about the PC Tools, Threatfire, SAS, AdMuncher and NOD32 is No false positives and everything runs very light. I had a FP on Avira a couple weeks ago but none since. The PC Tools fw, SAB, Avira, Threatfire combo seems to runs really light as well.

 

I have seen many people post to say they are using boclean. I tried boclean once and I found that from memory it only has about 50,000 or 100,000 or something trojan sigs in its data base, considering that there is probably over 1 million trojans on the net because av comparitves have tested avs with over 800,000 trojans I fail to see why BOClean is so good with its so small data base

your Dangerous Port Closing hardening tool, whats the name of that program?? because I want to try it out

 

He might be referring to manually closing those ports or maybe using some software like Windows Worms Doors Cleaner.

dja2k

 

@arran - Each signature can be for one or more malwares. Dont think that less signatures will necessarily mean less detection.

 

ACTIVE:

Router (SPI and NAT)
Online-Armor AV+ v. 2 with Firewall (Latest Beta)
DefenseWall v. 2.30
Threatfire Pro
Winpatrol Plus (Keeping eye on things)
Hostsman with MVPS hostfile

ON DEMAND:

SUPERAntispyware Pro 4.0
Malwarebytes' Antimalware (Paid)
Prevx CSI (Free)

BROWSER:

Firefox with No-scripts, Roboform toolbar, Show IP.

OTHERS:

Hijack This
Spywareblaster
ProcessExplorer
Runscanner
CCleaner
ATF-Cleaner
Secunia PSI

BACK UP:

FDISR 3.21 build 205
ShadowProtect 3.1.0.3

 

ACTIVE:

Vista SP 1 32bit UAC and Software Restriction Policy
Look´n´stop Firewall 2.06 p2
Norman antivirus
Anvir Taskmanager Pro

ON DEMAND:

N/A

BROWSER:

Firefox 3 beta 4 with No-scripts, Roboform toolbar.

OTHERS:

Sandboxie

BACK UP:

FDISR 3.20 build 202
ShadowProtect 3.1.0.3

Seems like this is gonna be my final setup after years of experimenting.
System is lightning fast and I just seem to have lost the will to constantly chase the latest and the greates just for the sake of it.(What´ll I do now?..)

 

Are you really sure on this?

/C.

 

My method of protecting my computers.

Each operating system and computer has a clean install, and updated.

As software is installed I make periodic images of the operating system, with notes of what has been installed, and any changes made in a History file. This way I know when something was installed or changed on the operating system. I use external USB drives to save all files I download or create.

Certain folders and files are backed up on my C: drives with SyncToy in case I needed to restore to an older image, it's a secondary backup of items I don't want to loose on the C: drives.

The C: drive is partition made smaller and I try not to install unnecessary software I don't use. I do this so any maintenance done is quick, plus any images made are smaller plus faster to make, and restore. (just a few minutes)

For some software I don't use very often I use Virtual software, and turn them on if needed. Virtual software is on a seperate partition, so no need to backup these with the C: drive.

I use Returnil when I do email, or go on the net in a real operating system.

I use multiple Virtual machines for most Internet browsing, and for testing out software first, some of these VM's are imaged, and protected in other ways.

I stay away from the dark side of the net and I have no need for any Anti-Virus, or Anti-Spyware software, on the real operating systems.

Never had any malware on my operating systems, nor do I have any problems with SPAM in my email, I take care of that in a different way.

JAH

 

Below is the list of hardening tools that I am using. Port blocking is done by WWDC. I am thinking of blocking all ports by default and only allowing certain ones that I use. I looked at products like AlphaShield or just simply blocking every port in the OS and just keeping common ones that are used (such as port 80 for http) open.

Hardening & Modification
- limited user account
- Harden-it
- Secure-it
- Samurai
- SafeXP
- Security & Privacy Complete
- Seconfig XP
- SocketLock
- Windows Worms Door Cleaner
- BugOff
- SpywareBlaster
- Host file
- Unneeded/Unused/Insecure services turned off (disabled)

 

Sort of a new experimental setup. May become my permanent one.

Active:
Router + Windows Firewall
Prevx 2.0 set to Pro Mode
Defensewall 2.30
Returnil 2008 personal ed. (may buy full edition...still evaluating)
Acronis TI

On demand:
Brain.exe

No av installed at this time but I took Prevx out for a test spin alone one nite and was impressed with it enough that I think that it along with Defensewall will give me more than enough protection for the low risk surfing I normally do. And if I want to get a little more daring I can flip on Returnil and reboot when I am done and if I totally screw up, restore a clean image.

 

I use Nod32 2.7
Comodo Firewall v3
Spyware Terminator
Spyware Blaster
Spybot-only for imunization
+ FF with McAfee SiteAdvisor

 

Router with NAT/SPI

XP-box
a) CFP with D+ trimmed down (see post)
b) DefenseWall
b) Avira with check at write only

Not used any more: Mamutu (paid lisence)


Vista64-box
a) UAC with LUA enabled and ConsentPromptAdmin (zero = quiet mode) and EnableInstallerDetection (zero = disabled)
b) HauteSecure with global filter looking at Registry auto start entries, user startup folder and Creat Service and Load Driver (prompt only, deny within 60 secs) and more restrictive profiles for IE7 (and LimeWire)
c) Avast 4.8 (standard shield check at write only, no outlook shield, others used)

Not used anymore: PRSC (paid lisence)

Kind of made a '270' from AV + AS to AV+HIPS to Sandbox+Behavior Blocker to Sandbox+trimmed down HIPS/LUA again + AV again

 

Linksys router
DarkSpy
McAfee SiteAdvisor
NOD32
Gmer
IceSword
LinkScanner
MultiVirus Scanner 2008
Online Armor
Sandboxie
Sophos Anti-Rootkit
SpywareBlaster
SUPERantispyware
Trojan Remover
ClamWin Portable
CWShredder
ewido antispyware microscanner
Rootkit Unhooker
Seconfig XP
:::::::::::::::::::::::::::::
KeyScrambler
Password Safe
PGP
::::::::::::::::::::::::
Autoruns
CurrPorts
SmartSniff
:::::::::::::::::::::::::::::

paranoid brain

bold, realtime sometimes or all time