What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. x942

    x942 Guest

    Added:

    Virtual Machine running Debian LXDE for web browsing and mail. Everything is isolated and behind a virtual NAT. The only thing shared is the clipboard (one-way to the guest). Nothing leaves the VM.
     
  2. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,322
    Location:
    USA
    I'll remind you.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    is oa premium competible with kaspersky antivirus 2012?
     
  4. ReverseGear

    ReverseGear Guest

    Must remain vigilant :eek: :eek: :eek:
     
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Appguard,MSE and MBAM real time and still very fast.:thumb:
     
  6. Sevens

    Sevens Guest

    DefenseWall Personal Firewall 3.18 beta
    Malwarebytes Anti-Malware (on demand)
    Blue Coat K9 Web Protection
     
  7. syncmaster913n

    syncmaster913n Registered Member

    Joined:
    Mar 24, 2012
    Posts:
    153
    What about COMODO Defense+ ?
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,692
    What about it?
    Comodo Defense+ is more of a classical HIPS, is it not?
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bufferzone has the option to sandbox all new executables on your harddisk + other drives (contain all, contain signed, contain none).

    I believe the sandbox of C+ (indeed a classical HIPS) can be configured to sandbox all new unsigned programs, so that is some sort of (policy) containment.

    But I agree that GeSWall and DefenseWall resemble the definitions of policy based HIPS more closely. AppGuard also qualifies as a policy based HIPS with the HIPS being limited to file, registry, memory protection and execution protection (although quiet effective with this first stage attack vector focus)
     
  10. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,094
    Location:
    Europe, UE citizen
    Defense+ is a classical HIPS if you disable the sandbox and set it in Paranoid Mode.
     
  11. Newby

    Newby Registered Member

    Joined:
    Jan 12, 2007
    Posts:
    153
    In blue the changes. Don't want to offend Kees1958, but SAFE-LUA was my signature :D
     
  12. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Running Sandboxie and Privatefirewall. Downloads are my main vulnerability, so I have the download folder sandboxed, and an Emsisoft Emergency Kit shortcut for scanning just the download folder before taking anything out.
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    back to Coranti. Big C you are right. Alot of protection that is not noticable.:thumb:
     
  14. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,692
    DefenseWall 3.18
    Shadow Defender 1.1.0.325
    [SIZE="+"]Macrium Reflect ~ System Explorer ~ SeconfigXp ~ AdMuncher ~ OpenDNS ~ Opera[/SIZE]
     
  15. JohnMult

    JohnMult Registered Member

    Joined:
    Mar 26, 2012
    Posts:
    125
    Location:
    Greece
    Re: What is your security setup these days? (updated)

    Comodo Internet Security Premium (Antivirus, Defence+, Firewall)
    DropMyRights (All my browsers) or LUA
    EMET Microsoft (All my browsers, java, Office Programs, Media Player, Foxit Reader)
    Norton DNS (Security Policy)
    AVG LinkScanner 2012
    Spyware Blaster
    Google Chrome (Adblock Plus with Easy List) casual browsing
    Firefox (NoScript and Referer disabled) searching unknown Internet
    Disabled autorun
    All latest updates
     
  16. x942

    x942 Guest

    Host:
    Ubuntu XFCE 11.10
    UFW (Firewall)
    chkrootkit
    rkhunter
    bastille (hardening script)
    PSAD (port-scan attack detector)
    TripWire IDS

    Apparmor profiles for:

    Chrome Dev. + Chrome Sandbox + NaCl
    Transmission
    VLC
    Pidgin
    Virtual Box
    and all the built in profiles.


    Virtual Machine (All Web Browsing):
    Debian Linux LXDE
    UFW - Firewall
    SeLinux installed and enabled
    chkrootkit
    rkhunter
    Chrome Dev.
    No sharing of any kind to host.
    Networking --> NAT


    Web Browsing:
    Chrome Dev.
    Ad block plus
    Ghostery
    Java-script blocked - enabled on persite basis.
    click-to-play
    Always incognito (--incognito)
    Seccomp Sandbox (--enable-seccomp-sanbox)


    Encryption:
    Host - LUKS/LVM
    External HDDs - TrueCrypt
    IronKey - Hardware encryption + TrueCrypt.
    KeepassX - passwords (stored on IronKey).

    Router:
    DD-WRT
    WPA2 Enterprise (AES) - 64 Char. ASCII Password.
    Untangle FireWall - Checks incoming packets for malware + IDS (Snort) + Auto-blocking flagged IPS + Blocking all China and Russia based IPS + Malware-blocking Hosts file + blocking PDFs.

    Search:
    DuckDuckGo
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Network
    DDWRT Router running recommended build - Remote Access disabled
    DDWRT firewall turned on
    OpenDNS with DNSCrypt

    Realtime Protection
    No AV running.
    All ports closed - no need for a firewall.

    System Hardening -- Ubuntu 12.04
    As few programs installed as possible.
    BIOS Password
    Apparmor Enabled - Profiles for all programs



    Browser -- Chrome Dev
    Seccomp Sandbox + Default Sandbox + AppArmor
    Block 3rd Party Cookies
    Built in malware protection
    Default PDF reader -- no adobe necessary
    Adblock Plus with DNT
    HTTPS Everywhere

    A "private" profile with more aggressive privacy/ data settings.

    Chrome Privacy Profile
    No cookies/ no data sent to Google
    Block form validation
    ScriptNo with strict settings
    Working on getting it to run with a RAMDisk.
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I need to look into Bastille.
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    still the same here my faborite firewall:thumb:
    Emsisoft Firewall 5.5
     
  20. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    How long has this one lasted j?
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    1 week already and it is here to stay i dumped any program for this one it is for me complete
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    1 week might be a record. Although you were on Malwarebytes for a while.
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    Mbam Pro is a top notch program i really recomend it:thumb: i have it in my own computer:thumb:
     
  24. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    For about ~ a month that I've removed all low integrity level file system from my system, except chrome.exe. Registry included. So, chrome.exe is the only thing running with a low integrity level, and it can't write to anywhere. :D Changes attempts to Windows protected areas are being redirected.
     
  25. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Removed MSE
    Added PrivateFirewall
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.