Which Type Of Program You Trust To Protect Your Systems?

Have a HIPS past when on XP, since Vista using Pro or Ultimate versions, so for me it is what comes with the OS and

. . . occasonal free lisence to evaluate improvements or participation in closed beta's

 

The security apps chosen are only as good as the security policy they're enforcing. I use default-deny exclusively, enforced by HIPS (SSM), a rule based firewall (Kerio 2.1.5), and web content filtering (Proxomitron). My PCs are stripped of unnecessary components, including IE on all but one OS, and all unneeded services are disabled or removed (98lite and XPlite). This minimizes the attack surface and leaves no open ports. Attack surface applications are isolated by configuration and SSM rules and are as un-integrated from each other as possible.

 

my friend good aproach

 

I use Comodo Internet Security, WOT and Spyware Blaster.

 

too much "complicated" security scares my family members

mostly I use these setup on my family computers
- avast free (comes with webshield/network shield, so..it's a catch), some computers uses Norton IS 2011
- WOT
- keyscrambler
- clearcloud/nortondns (on router level, automatically blocks malicious sites, since they use social networking sites a lot)
- up-to-date genuine windows 7
- spybot immune
- sandboxie/virtualbox on my own laptop for "testing purpose,

Actively protecting my family members in background

 

AVG Antivirus Boot Disk for on demand scans only

Mamutu

True Image Recovery Disk "only" so all images and restores are
done outside of Windows

I do not worry about anything else except that I must have
a CLEAN IMAGE

Never seen anything get by this, do not even attempt to clean
if i find anything, just a reimage

 

I, like many, use a combination of most of the above: OS/Browser hardening, Sandboxing, Outbound firewall/HIPS, Imaging/Backup, AV.

But if I were forced to just pick 1 that I feel is the most important, I'd say Imaging/Backup. In the event that something does happen you're a reboot away from resolving it. Sandboxing/virtualization comes in a close 2'nd.

 

That depends on how you set up your package. With a default-deny setup for example, other users have no security decisions to make. The firewall and SSM are set not to prompt when in user mode. No decisions equals no wrong choices. It takes some time and a detailed examination of their usage needs in order to make certain that they're allowed to do all they need to, but not all they would do if it was their PC. If they need an app that's not already installed, I'll check it, then install it if it's ok. It's a bit of an extra hassle for me at times, but it's made up for by not having to clean out infections or remove unwanted apps. For them, they can browse where they want without issues .The system has repelled everything its encountered in the last 6 or 7 years. The only way a user will alter the system is to open the case and start with changing the BIOS settings, just to make a bootdisk or live CD work, hard to do unnoticed.

 

-Virtualization: Sandboxie/Shadow Defender.

-Instant System Recovery: Rollback Rx.

-Only On-Demand Scanners: MBAM, HMP, EEK, GMER etc.

 

Changing a little, since no hips needed in my set up..
I can't trust my self that much

So for non expert like me, its best to contain almost all entry point with sandbox
And let the rest handled by av/bb(with comunity rating)/fw(using expert made rules).

 

1) Sandboxie + Restrictions (Internet access, Start/Run Access, Drop Rights)+Look'n'Stop firewall (mainly for outbound connections).
2) Shadow Defender when plugging in third party USB thumb drives at work.
3) Two scanners (most of the time on demand) to check downloads and USB thumb drives from collaborators (in my experience the most infected devices statistically speaking).

So basically Sandboxie for the Internet and Shadow Defender when I need the whole system protected.

 

PrexSOL or Trusteer+Restore a clean image before going to sleep

Not my approach (see my sig.)...
but why not such a security strategy?lol

Very interesting thread btw, i learn a lot by readind this forum.

 

I trust:

Virtualization: Shadow Defender + Sandboxie

HIPS/BB: Emsisoft Mamutu

Backup and imaging: Keriver 1-Click + Restore Microsoft SyncToy

On-Demand: Hitman Pro

 

I trust:

HIPS/HIDS: Defensewall, WinPatrol
Anti-logger: SpyShelter
Backupc& ISR: Rollback Rx, Norton Ghost
Password Manager: S10 Password Vault

 

Type of program that is my *main* system protector = Imager

Specific Imager = Keriver 1-Click Restore Pro
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
PLUS (in those rare instances when I do keylogger-susceptible biz) >>Prevx/SOL

 

I trust Norton. It doesn't impact my system, it's got many technologies to protect me wherever I am, and on top of that it looks very appealing to me. I love the product and I'm not ashamed to say that. If I need to go for a free solution I choose PCAV which works light on my system and is both automatic and effective. Me like.

 

I do prefer and like to rely on the anti-virus and anti-malware programs since my Windows platform is 64-bit.

The cyberspace policy or A.K.A. Cyber Security Policy is about to be engaged by the US governmental deity soon, and thus I presume I may follow its decision to let 'em protect my security system now on. Thus, I am anticipating in a new program.

But one thign I can say certainly is that as other major security corporations do, I don't rely on the software about the virtualization as some minor companies do although I use, now, the programs such as the Appguard, the Sandboxie, and so forth.

 

I enjoy using the old fashion antivirus/antimalware programs, along with using common sense, and a fresh system image should be all you need.

 

Check sig. I'm sorted.

 

the good thing about the program i am using at this very moment is that i have an antivirus and hips which i love dearly i think i will stick with Nod32 Antivirus and ditch the rest did i do a good choice?yes

 

rofl J.. what happened to spyshelter?

 

this is a similar choice but with antivirus and Nod is very good at blocking malware

 

is that so.. hopefully u will change back very soon..

 

Probably the same thing that happened to Online Armor.

 

The only "program" I trust to protect me is my experience. And the sad thing is if you start to trust something coded by somebody else, your security is in a great danger. At most you can HOPE that a program coded by somebody else can protect you. Without understanding of the core processes and of what your security program can and cannot do you are unsafe by definition (sorry to upset you).

===
the guy who coded one of the first viruses for DOS in the old USSR area, the guy who defeated a lot of Windows malware for the last 5 years, the guy who went to be independent security expert by now