I have been reading with interest the two recent threads on LUA and SRP SuRun: Easily running Windows XP as a limited user and Maximising Windows XP security with LUA and SRP started by Tlu with additional precious contributions from other posters. To my mind, it appears to be a very sensible and relatively down-to-earth (after the initial setup) approach to security for someone like me who doesn't particularly care for trying the latest HIPS or tweaking the OS forever. I certainly need to study the whole thing again, in one go, to firm my understanding before implementing it. Having said that, in the next month or so I intend to make a fresh install of XP slipstreamed with SP3, and I am beginning to ponder what other security apps to add to LUA+SRP. It would seem to me that two additional items would be needed: 1. a two-way firewall. At the moment I am using OA Free together with its HIPS, but I would disactivate the HIPS. Any other suggestions for a firewall? 2. a behavioural analysis security application like Threatfire. Alternatives? Also, as I would be browsing with Firefox and NoScript, would SandboxIE still make sense? Any comments appreciated.