What protection do you use daily.

For starters, EQSEcure 3.4 with customized rules for XTREME sensory perception (HIPS), against potential unwelcome behaviors.

NOD32 AV (On-Demand-Only) for occasional & regular inventory of files protection.

Sandboxie A spectacular new recruit to my defenses and the first version that actually WORKS! Traps unwanted entries into a confinement area for dispersal. Desired keepers can be separated and retained.

Power Shadow Master My Bread-and-Butter (FULL) drive virtualization program where upon exiting, all traces of that Shadowed-Session is eliminated. Keepers need to be moved to a disk not shadowed or pen drive etc.

PCSecurity by Tropical Software for 100% additional Security + Privacy. On-The-Fly locking of anything from folders/directories/workstation/files etc. Options are endless.

 

In WinXP i was using an AV (Symantec) and a behavior blocker (Norton Antibot) because that's pretty much all I need. Anything the AV missed, hopefully the behavior blocker would catch. But based on my habits it's not likely anything will get in to begin with. Right now I'm on Linux again, and using nothing, which of course is the beauty of Linux.

 

Hardware Firewall & Firefox.

Why nothing else ? Because for me they are not needed and even when free they have a tendency to cumulatively slow down a machine.

 

I agree these are the situations where one might regret dearly, if they are dealt without a bit of common sense.

I don't change programs, but first I check that all my security programs are working properly: Firewall and AV (check that every module is on).

Then the browser: If you are an IE 7 lover, I suggest for once to use Opera or Firefox (you could have them only for bank transactions).

Virtualization: I personally do it in virtual mode (I use ShadowUser Pro, but there are at least half a dozen similar programs). I try to stay as little as possible on-line when dealing with my bank. As soon as the session is terminated I REBOOT immediately my computer, everything is wiped out, and I doubt even a 'talented' cracker would have the time to even sigh.

I don't run HIPS anymore, as I think virtualization is enough.

 

I have developed a couple of web page to assist my client base in the acquisition of what I could term Cyber Self Defense skills as well as providing them with effective Anti Exploit Resources!

Those tools are also used on many of my own computers. In this article I tried to stick to free solutions as these are far more likely to be implemented by users of all skills and backgrounds...

Cyber Self Defense!

Anti Exploit Resources!

I hope this helps!

All Comments are welcome! so please if something needs be added or corrected please feel free to let me know.

 

I have just posted my setup in the other thread, IMO realtime protection and system hardening are the most important layers. I still think that SSM Pro is the best when it comes to process execution control + it has a registry monitor which is always important. I have added Neoava Guard for additional protection plus it makes it easy to automaticly restrict certain apps. I´m still playing a bit with the file protection feature. I also use ZA Pro simply because it´s still the easiest to understand/operate firewall IMO.

And as you can see I´m not using any signature based tools, not that I think that they are obsolete (I do sometimes use VirusTotal), but most of them only slowdown the PC, and I´m not willing to pay 30 euro a year for KAV which is the only one I actually like. Besides, I believe that with common sense, some knowledge and a healthy dose of paranoia, a HIPS + system hardening will offer good protection.

https://www.wilderssecurity.com/showpost.php?p=1078114&postcount=1488

 

Antivir - great detection rates and very light on resources.

Dynamic Security Agent - Firewall & very effective HIPS all in one (although I'm behind an ISP router so the firewall isn't necessary)

Kaspersky 4.5 On Demand scanner - KAV engine with no driver or service required.

I have SuperAntispyware and Spyware Terminator but I only use them every blue moon when I'm bored and they always come up empty.

I have Returnil installed but I only use it for test installations.

I have a bunch of rootkit analyzers: Blacklight, GMER, Resplendant Rootkit Analyzer, Rootkit Unhooker and Rootkit Revealer. Antivir has a rootkit scanner as well. Haven't found anything yet.

As for browsers, I have Firefox and Opera but I use an IE shell called Sleipnir for daily usage. It gives you good control over security settings (custom security settings per page/bookmarks and a filter that sets security based on url keywords) so I'm not too concerned.

 

What I use currently is in my signature. I've been lurking here for awhile, gradually absorbing a little knowledge. This site is amazing.

Never satisfied, I'm thinking of installing EQSecure, which seems to be admired here. I usually use Returnil and Sandboxie when I'm online, and when I'm really in a paranoid mood, I use a virtual machine running OpenBSD.

 

About a year ago I settled on the apps in my sig. + FD-ISR. My box is fast, starts up in around 60sec and I feel bullet proof.

Strange, I just typed the exact same thing in another thread.

...screamer