What is your security setup these days?

I previously used :
- Kaspersky AV
- OA
- ZoneAlarm

but al those have become slow crap and real buggy (esp. OA)

Now I use :
- Avira AV Premium
- Kerio 2.1.5
- SSM

Very happy with those secure stable lightweight tools.

 

On my pc I run some discontinued stuff

Sygate Personal Firewall
Avira AntiVir Personal
Returnil Virtual System Personal
ProcessGuard
RegDefend
GeSWall
Port Explorer
GFI LANguard System Integrity Monitor 3 (on-demand scan)

Ad-Aware SE Personal (on-demand; defs downloaded manually)
Spybot (on-demand)
SpywareBlaster

DriveImage XML (+BartPE)
Acronis True Image Personal
GetDataBack for NTFS
GParted
Partition Table Doctor
Knoppix

Process Explorer
Process Monitor
AutoRuns

Closed all ports disabling unnecessary services
Hardened the TCP/IP Stack
Disabled automatic execution of the System Debugger (see paragraph 3.2.2.2 on "Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings 2005, The Center for Internet Security" PDF 1.4MB)

Opera (hardened like CogitoErgoSum: thanks! Java only disabled)
Firefox+XSS Warning
both browsers launched by PsExec

 

I use layered protection myself, but don't you think that's overkill ?

 

One hour behind this system and i turn completely nuts , all the flashing and popups and messages to deal with.Guess Windows crawling like a snail and every time throwing my hands in the air...Why am i infected again !! LOL

Don't become a collector but a good protector.

Bit serious, its much redundant and eventually it can turn against you.

 

Layered protection IMHO is highly essential.

However it must be applied proportionally and in a way that doesn't prohibit normal computer performance or leave out any vector entry points of potential attacks.

Go ahead and apply your preferred security apps accordingly but remember to at least ALWAYS, first and foremost maintain a "clean" backup image or images as well as cover your layered or unlayered security set up with a Virtualization app like say for example Returnil RVS or even an ISR that you can depend on.

This way, you have a relatively dependable fallback measure to turn to in event of any potential catastrophic problem.

 

On daily use I noticed only one annoyance with ProcessGuard: since it doesn't handle command line parameters, every time rundll32.exe starts, there is a pop-up (when you right-click on "my computer", insert a cd, launch something from control panel, ad so on...) However after a few years (PG is part of TDS-fiasco: they offered one of their products in substitution and I've already purchased Port Explorer) this is ordinary administration to me. Among the ones that can handle that, I tried System Safety Monitor but it was much more stressful, and with AppDefend I didn't feel at my ease; I didn't take Online Armor into account because I consider the Sygate better than its firewall. Maybe one day I'll give a look at ProSecurity.
Another pop-up appears when opening .chm files, because the HTML Help Executable starts. Other critical process like Console Based Script Host, Virtual DOS Machine, Windows Command Processor, etc. are very infrequent (I didn't see most of them in action... never). I don't use Internet Explorer and all the harmless programs are in the "white-list" (always allowed).

In RegDefend for all the trusted applications I set their rules so they override the protecting ones: therefore, no pop-ups.

Browsers start automatically isolated with GeSWall Free (I checked "Do not ask again"). Usually only HTML Help Executable (always him) bothers.

Yes, always before and after I install/upgrade something and at regular basis. I used DriveImage then I discovered here that they give and old version of True Image for free.

 

Hi, Wrongway,its not meant in no way to criticise you,if it works for you,great !

as said,personally it would for me a big pain to sustain such a setup like yours,but thats just me.

 

New setup on my 'dummy' PC running on Win XP Pro, Celeron M 1.7GHz, 384MB RAM:

On-access:
Avast Home 4.8
Sygate Personal Firewall
Winpatrol
SnoopFree
SpywareBlaster

On-demand:
SUPERAntiSpyware Free
Rootkit Unhooker/Rootkit Revealer
Returnil
Sandboxie

Browsers:
Avant running on Sandboxie (default)
Firefox w/ NoScript, Adblock Plus, Tor, and Sitehound
Flock/SeaMonkey/K-Meleon/Opera (all good browsers )

 

1) Behind a router
2) Vista Home Premium (UAC on, Windows Defender off)
3) Vista Firewall
4) Threatfire
5) BioClean
6) K9 Web Protection
7) Firefox (noscript, adblock plus)
Key Scrambler with IE 7
9) FirstDefense for any major problems

Testing this configuration and so far so good.

 

Since I am behind a router,I soon intend to have only Threatfire active,maybe modified for outward control-thats it.
In all my years of computing,never had a serious threat,
This should be more than plenty.
As a luxury may activate Windows Firewall,but guess I'm being paranoid.
If I'm proved wrong have plenty of backups.
An occasional malware scan will be carried out also.

 

Geswall and nothing else.

 

Persistent:

Good old SPI wired router

Firewall/AV:

ZoneAlarm AV

Anti-Malware (Active):

ThreatFire Pro

Anti-Malware (On demand):

SAS Free, Prevx CSI, SpywareBlaster

System Hardening:

Seconfig XP, SafeXP

This will change upon the release of Avira's version 8 product line!

 

I ditched Online Armor Free Firewall. Each time my pc burps, OA asks for approval, that was too much for me. So I'm back in search for another firewall. Any suggestion is welcome, but not ZoneAlarm, Look'n'Stop, Comodo and OA.

Although, I have a proven 100% removal tool of malware so far, it doesn't stop the execution of malware immediately.
For those, who still don't know, how I remove malware : it's simple.
During each reboot I replace my actual system partition completely with a fresh installed, clean and unused system partition, which is stored in a FDISR-archive, called "Freeze Storage.arx".
Since September 2007, I added the state "unused" to my FDISR-archive, which turned my archive into a 100% SUPER cleaner, that removes any superfluous object created by any existing software, while it was doing its job, including history, which is also caused by "using" softwares.
I know it's all theoretical humbug, but that's how I reason and it seems to work in practice so far.
You might wonder how I keep my clean archive in a permanent "unused" state : I keep a double set of images and archives, but without doing double work by using ShadowProtect & FDISR in a special way and sequence.

I use AE mainly to protect me against malwares, like KillDisk, Robodog, DeleteVolume and of course any other unauthorized executable object.
I use DW mainly to protect my Data Partition by locking it and of course all the rest of DW.
Yesterday I added ThreatFire (malicious behavior) to my security in order to kill malware immediately, that wasn't killed by AE or DW.

 

What kind of firewall you want? I recommend GhostWall to everyone. Once you build your rules then you can forgot GW totally. No pop-ups or nothing. It just do what you want.

 

@Erik, why not use the humble Windows Firewall?

 

I use it at this very moment, but according my readings, it doesn't offer OUTBOUND protection.
I don't know how to create rules.

 

Nothing wrong with the old Sygate Firewall - as long as you don't use a proxy like Proxomitron as there is an unpatched loopback vulnerability.
Provides outbound protection and if you want you can make rules
in this free version. (It's discontinued now - bought by Symantec)

FREE for personal use, Sygate Personal Firewall 5.6.2808 (last freeware version) provides best of breed security in a user friendly interface, protecting your PC from hackers, trojans and DoS attacks. New features include full-ICS support, protocol driver level protection, enhanced logging, and more. Sygate Personal Firewall is the first FREE personal firewall to offer protection from malicious code intrusions, keeping the information on your PC safe and private.
Features:
- Protects against Trojans, spyware, worms and other known & unknown threats
- Prevents unauthorized or malicious applications from bypassing the firewall
- Enables even inexperienced users to easily customize and fine-tune security policies
- Provides best of breed evidence logs for intrusion analysis
- Easiest-to-use PC firewall and still free for personal/home use.

http://www.freeware-guide.com/dir/util/firewall.html

 

Ocky,
Many thanks, I will try that one in the next coming days.
I already downloaded/unzipped it and stored its download link.
I will see, if I can handle this one.

 

Erik,
Try Sygate Personal Firewall. It's no longer in development, but the final version is solid and stable. It works even on my grandma's Windows 95 PC!

I have a friend who uses Vista, and she says it works flawlessly.
And yes, I also detest those aforementioned firewalls

 

Thought I would make my first post with my current set up.

Checkpoint hardware FW w/AV and IPS

OA FW with browsers, IM, email in run safer

Resident:
NOD32
a squared AM
Haute Secure (testing)
PGP Desktop

On Demand:
DrWeb
SAS
Sandboxie (usually resident)
Returnil

Hardening:
Hardenit
Secureit

Backup:
Acronis

utilities:
ccleaner
defraggler

Browser:

Firefox w/no script and adblock+

Zade retro for antispam

Oh, and Secunia PSI for on demand scans.

Runs extremely smooth with little to no annoyances.

 

Defensewall
Sandboxie
Keyscrambler
Avira Premium (on demand)

 

Real-Time
Look'n'Stop
Geswall
MBAM
ThreatFire


On-Demand
Avira
SAS
Cure It
Prevx CSI


FireFox W/NoScript

 

Security setup changes : Red = new, blue = old

Outpost Firewall Pro 2008 with disabled Anti-Spyware.
To replace the mediocre Microsoft WinXPproSP2 Firewall

Anti-Executable - HIGH
To block any unauthorized executable, including the nasties like KillDisk, Robo(t)dog, ...

DefenseWall HIPS
1. To restrict all untrusted applications to the very bone (policy-based).
2. Locking Data Partition : no reading, no writing, no stealing of personal data.

ThreatFire
To block any malicious behavior, except mine.

FirstDefense-ISR - Industrial Frozen Snapshot Technology.
- full automatic total cleaning of malware, that bypassed any of above mentioned security softwares.
- full automatic safe cleaning of registry.
- full automatic safe cleaning of history.
- full automatic safe cleaning of junk files of any existing software.
- full automatic total uninstall of any unwanted new existing software, better than Total Uninstall
- full automatic repair of any system problem or software problem, the ultimate troubleshooter without words.
All this during each reboot in less than 2 minuts.

The thinking continues ...

 

Hi Erik,

What do you mean with "new" and "old"?
Cheers,

Gerard

 

I never had the new ones (red) on my computer and the old ones (blue) are softwares I already have for quite some time (more than six months or older).
Some members in the thread use also colors to indicate new and old.