Which Type Of Program You Trust To Protect Your Systems?

Discussion in 'other anti-malware software' started by jmonge, May 22, 2011.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    do you prefer to use hips?
    do you prefer to use sandboxes?
    behabiour blockers?
    antivirus and firewall?
    any combination?
    etc etc
    any coments?
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    My browser is where almost all of my attacks are going to be centralized. It's incredibly unlikely for any other internet-facing application to be exploited by comparison. Therefor native browser security methods are by far the most important in my opinion.

    I don't like antiviruses/ HIDS. They assume you're infected when you're far better off preventing infection to begin with.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks for replying and i like your point of view;)
    in my case i prefer Hips or tweak my registry in a way to use a trick to block or close an open door to infect my system withing my browser(1806 trick):thumb:
     
  4. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Sandboxie + "Common Sense".
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sandboxes with whitelisting restrictions. Scanners are still necessary though (especially multi-engine).
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    what do you mean by whitelisting restrictions?
     
  8. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sandboxie has Internet and Start/Run Restrictions.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    got it:thumb:
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I'll never trust my common sense.

    1) I don't want to have to worry about my browsing habits. If I have to actively think about the site I'm visiting than my defenses have failed =p

    2) It's just not good enough. Legit sites get hacked. There's no way to protect yourself from that in terms of common sense.
     
  11. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    I disagree. AV and HIPS both prevent infection by alerting me to a problem before it becomes a problem.

    As for the OP's question, I think the best security work is being done on my systems with Sandboxie.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool thanks page42:thumb: :thumb:
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Your antivirus is reactive. It won't prevent you from downloading a file and it won't prevent someone from attacking a program. What it will do is stop a file from running once it is on your computer.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i know some programs are very good at reverting or rolling back the systems to cure infestation but in some rare cases some malware will stick like glue and can back or is not that easy to delete(or cure)prevention is good to have in my opinion,also sandboxes contain malware until empty or delete the sandbox is secure in case of sandboxie but i personally dont like the idea of making or putting malware in a cage i will prefer destroye it or prevented in the first place but that's me:D
    what do you guys think?
    also antivirus program has black list of malware and websites blocking capabilities but if malware is unknown or not recognize then it will freelly enter the door and destroy any system:)
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    That's basically my issue with antiviruses. They rely on knowing malware. Heuristics is their only saving ability.

    I'll be honest, for most people you'll be fine with an antivirus and UAC enabled. But security is layered... and the application layer is right at the top. That means it's your applications that need to be secured and your most used/ targeted application is likely your browser.
     
  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yes agree browsers and programs that can tranfer malware such messengers etc etc;)
     
  17. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    2-antivirus programs
    1-hips
    2-firewalls
    2-scanners


    ooops, LOL :rolleyes: my setup below with 2 on-demand scanners Malwarebytes and Hitmanpro served me well for almost 2 years now.
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    ofcourse with GesWall onboard who is going to get infected man:thumb:
     
  19. LethalBoy

    LethalBoy Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    119
    Sandboxie or a program like DefenseWall HIPS + PF.. :thumb: :D
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    agree cause it is a good idea to have a combination of both antivirus + proactive(hips/sandbox etc etc):thumb:
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i hope they develop a 64 bit version of defensewall soon cause it is my faborite program but as i moved to 64 bit system i am waiting for it:)
     
  22. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    Apart from safety practices in regards to browsing and downloading, I favor the concept of hardening my system by running under limited privileges, default-denying unwanted/unknown executable and reducing attack surface area as my first line of defense. That ought to be enough for me personally but alas if I want/need more, this is how my second line of defense would be:

    a) Isolation through sand-boxing or/and light virtualization (but it's mainly used to keep my system as static as possible and clean from what I refer to as 'junk')

    and/or...

    b) HIPS (but it's mainly used to inform me of probable unwanted activities when I'm running an executable or installer..in which case I have placed a degree of trust onto it)

    As for software firewall that monitors outbound connections, my opinion of it is that "it's no security panacea or an end-cure to all unwanted connections. I wouldn't depend on it to stop everything...the least of it an infection. If I were to make use of it as a security tool, it would be among the last in line of my defense setup layers..."

    As for antivirus (be it real-time, on-demand or on-line tools like VirusTotal), I have stated my opinion here.

    That just goes about it. To sum it up, I'm in favor of Sully's take on the whole matter. To quote it here:

     
  23. LethalBoy

    LethalBoy Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    119

    Yea Defensewall is a very great program.. I love it :D Let see if Ilya releases a 64 bit version soon :'(
     
  24. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    The question is what I ask my self everyday

    For some reason I haven't yet satisfied with my own decision
    So I always use :

    Sanboxie+AV+BB+HIPS+FW, plus... Mild system hardening (UAC and EMET)

    The main reason for my dissatisfactory is my own habit of downloading stuff
    But becoming wilders member makes me thinks 100 times before download and running crack/keygen/activator/etc
    Yet some paranoia still exist even when installing legit software coming from trusted source LOL.

    As for browsing seasons, I'll put all my trust at my frontliner team (sandboxie+emet+EAM web filter) :D

    Next time around, I might reduce the number. Which mean I trust and put more confident on my set up+brain.exe. But for now all of that makes me feel more comfortable

    Ps : I'm not going to trust my own brain too much, since my common sense sometimes are uncommon :argh:
     
    Last edited: May 22, 2011
  25. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i like to use what's already in the OS: SUA, SRP, UAC, icalcs.

    this stuff doesn't use any resources and it's problem free.
    from what i gather reading posts from our resident experts this kind of setup is pretty safe as well.

    when this kind of protection is setup properly it is pretty invisible/silent.
     
Loading...
Thread Status:
Not open for further replies.