Whats your security setup?

[ande]

I let people to use my lappy and that's why I must have some sort of real-time protection.

When I'm not using any protection here's my config (usually when I'm working and need highly responsive machine):

let only EMET as a real time protection.

Defender - OFF

UAC - Default

Autoruns disabled for USB

Windows Firewall - Block globally with exceptions (Firefox and few more apps)

Host - Clear

Windows Features - IE, Media, Games, Tablet, Gadget Platform, Print and Document Services... - Disabled

Windows Classic Theme (unless I'm multitasking)

And finaly latest hotfixes, if they are not security related I wait 1 month and then, if they aren't superseeded, I install them on machine.

When I'm without real-time protection I usually check hashes of every potentially risky file downloaded.

Firefox with NoScript , HTTPS Everywhere and VPN or proxy.

Also all sensitive information are encrypted.

[xpmule]

Lyon275

Your avatar is funny lol ..looks like a cat i had when i was a kid. (well making a funny face though, it didn't look like that normally lol)

anyway ya cool i used to use Agnitum Outpost Firewall a long time ago and i still think they offer a solid program. i'd recommend it to people.

and Kalju

"And I am already so old that even condoms are not needed."

LOLOL

I'm just lucky.. i got none and don't want any but i have brothers and sisters with like 10 kids :o

The key to this issue i think is having enough experience to know when your infected because if you can't tell then, well.. game over lol

And the advanced complexity of malware these days means we can't get over confident with the whole i know my computer is clean routine..

Ya never know what kind of hardcore rootkit or whatever is going around.. or if someone made something custom just to target you only etc

I am cocky and i am very experienced and i use minimal security but i am under no illusion that i am safe.. no matter what crap i use or how smart i think i am..

If the bad guys want you bad enough.. your screwed. end of story.

The key is don't be Low Hanging Fruit lol

And do your best to use good judgement when surfing / downloading etc (every once in a while i am guilty of getting sloppy on that one lol)

If people don't have a solid grasp of what runs at all times i find it doubtful they would ever know they are infected.

How many processes do you have running and do you know what ever one of them is ?

Free programs like Sysinternals Process Explorer or Process Monitor or even Autoruns are super handy at keeping control of things.

[insanedown58]

Just moved back to ESS as it is the most optimal one that I can get to work with my VM.

[dcs18]

Recent addition to my security....a large mote around my house with these in them...

Did you notice that your little pet phallus has a few puppy teeth. :P

[ande]

@xpmule You're right, but sometimes to much arrogance if not backed with good knowledge can lead to total disaster.

Very easy example:

Edit:

Picture source changed.

[darko999]

On my notebook I use Emsisoft Anti MAlware v7, light and god detection rates.

Ony my desktop computer I'm using GData Total Protection 2014, Both engines enabled, on execution only scan, manual firewall rules.

So far 0 infections in 7 months.

[MrHacker]

PC Environment: Home Shared
Security Awareness: Intermediate
Exposure to Malware: Low
Infection Rate: Low
Anti-Malware Testing: No
Operating System: Windows 8 Pro with Media Center
Architecture: 64-bit
User Account: Administrator
Real-time Protection: Norton Internet Security 2013 (NIS)
On-Demand Tools: Hitman Pro | Emsisoft Emergency Kit | Comodo Cleaning Essential
Web Browser: Mozilla Firefox | Internet Explorer
Extensions and Plugins: Bitdefender Traffic Light | Adblock | Bitdefender Quick Scan(Disabled) | Goo.Gl URL
Social Media Protection: Bitdefender Safego
Windows Update: Turned on but lets me choose what updates I want to Download & Install
Process Monitor: Comodo Killswitch & Emsisoft Hijack Free
Sandbox/Virtualization/Rollback: VirtualBox
Startup Manager: CCleaner | CCE | MSConfig | StartupLite
System Backup: None (Refresh my Windows instead of Backup)
Word Processing: MS Office 2013 Professional Plus
Download Manager: Internet Download Manager & uTorrent
Online Storage: Google Drive
User Account Control: Enabled
Updater: FileHippo Updater
Cleaning Utility: CCleaner
File Archivers: 7-Zip
Uninstaller: Iobit Uninstaller (Portable)
File/Folder Unlocker: Unlocker (Portable)
Burning: Img Burner | Windows Explorer
Virtual Disc Mount: Windows Disc Mount
Music Player: Windows Media Player
Video Player: VLC Media Player
PDF Reader: Windows 8 Default
Messenger: Skype & Google Talk
Disk Derangement: Auslogics Disk Defrag

[Ponting]

Added KeyScrambler Premium and AppGuard to my security setup

[LonePirate]

ESET NOD32 Antivirus | NoVirusThanks EXE Radar Pro | Sandboxie | Shadow Defender

[Nautilus]

On Windows 8 Pro:

BullGuard Internet Security 2013

Hitman Pro

OpenDNS

[Kalju]

Only one evil woman or devil woman, that's all. Full protection, nothing more isn't needed.

[MrHacker]

PC Environment: Home Shared
Security Awareness: Intermediate
Exposure to Malware: Low
Infection Rate: Low
Anti-Malware Testing: No
Operating System: Windows 8 Pro with Media Center
Architecture: 64-bit
User Account: Administrator
Real-time Protection: ESET Smart Security v6 (ESS) | Emsisoft Mamutu
On-Demand Tools: MalwareBytes Anti-Malware | Hitman Pro | Emsisoft Emergency Kit | Comodo Cleaning Essential
Web Browser: Mozilla Firefox | Internet Explorer
Extensions and Plugins: Bitdefender Traffic Light | Adblock | Bitdefender Quick Scan(Disabled) | Goo.Gl URL
Social Media Protection: Bitdefender Safego
Windows Update: Turned on but lets me choose what updates I want to Download & Install
Process Monitor: Comodo Killswitch & Emsisoft Hijack Free
Sandbox/Virtualization/Rollback: VirtualBox
Startup Manager: CCleaner | CCE | MSConfig | StartupLite
System Backup: None (Refresh my Windows instead of Backup)
Word Processing: MS Office 2013 Professional Plus
Download Manager: Internet Download Manager & uTorrent
Online Storage: Google Drive
User Account Control: Enabled
Updater: FileHippo Updater
Cleaning Utility: CCleaner
File Archivers: 7-Zip
Uninstaller: Iobit Uninstaller (Portable)
File/Folder Unlocker: Unlocker (Portable)
Burning: Img Burner | Windows Explorer
Virtual Disc Mount: Windows Disc Mount
Music Player: Windows Media Player
Video Player: VLC Media Player
PDF Reader: Windows 8 Default
Messenger: Skype & Google Talk
Disk Derangement: Auslogics Disk Defrag

[dMog]

firewall in my router... norton internet security because it came with 60 days free with my computer(then eset AFTER THAT) super antispyware pro..but have no idea id i really need the last one

[mazigh]

Updating the OS ASAP, ESET with firewall set to Interactive mode and Braiin :)

[Lyon275]

+ =

Strong , but HEAVY ;)

Pure is bloated cr@p , better get Internet Security :P

My opinion :) Don't get pissed off :lol:

Cheers :cheers:

[Bergo]

Comodo Internet Security PRO 2012+Emsisoft Mamutu+Panda URL Filtering

[Vatos Locos]

Realtime protection :

Microsoft Security Essentials

Online Armor Free Firewall

and in case I fcuk up : Toolwiz Timemachine Beta

On demand : Malwarebytes Anti Malware , Hitman Pro

for my browsing pleasures I use :

Mozilla Firefox

extensions : Lastpass , Https Everywhere and Bitdefender Trafficlight , Adblock Plus ( Fanboys lists )

and Norton Connectsafe as Dns

thanks :)

[mrgoodtimes]

As I see in most replies in this thread, why do you guys fill up your systems with so much anti-malware, as opposed to hardening windows itself instead? If you're running windows 8, take advantage of the high entropy ASLR, enhanced DEP, SEHOP, low integrity process, UEFI, and so many other security enhancements already BUILT-IN.

Don't even get me started with: "I've tested my antimalware setup with live malware, and nothing got through!!!11", seriously, viruses, trojans, and that sort consist of what you call "legacy" applications that target the lowest common denominator, people who do not or forget to patch and run in administrator mode. All of your antispyware, antivirus, spyware protection gets over-ridden by a some remote code execution that relies on OS and/or application exploits, and your nice little hacker doesn't even need to run a single executable to gain privilege escalation to gain kernel access without disk access, then he's off to unhooking anything he wants.

Current setup:

Win 8 PRO 64bit, windows update set to install automatically

Running as Standard User

EMET 4 beta; Running with DEP for all processes, SEHOP, ASLR, Certifcate trust, ROP protection
Windows Defender & Windows firewall

HOSTS file modification http://winhelp2002.mvps.org/hosts.htm

Software Restriction Policy on, including DLLs

Google Chrome (to take advantage of the sandbox system provided by the OS to make the browser process marked as untrusted)

VHDs with Bitlocker for critical files.

...and a system image.

Amount spent on security software: NOTHING.

[DKT27]

As I see in most replies in this thread, why do you guys fill up your systems with so much anti-malware, as opposed to hardening windows itself instead? If you're running windows 8, take advantage of the high entropy ASLR, enhanced DEP, SEHOP, low integrity process, UEFI, and so many other security enhancements already BUILT-IN.

Don't even get me started with: "I've tested my antimalware setup with live malware, and nothing got through!!!11", seriously, viruses, trojans, and that sort consist of what you call "legacy" applications that target the lowest common denominator, people who do not or forget to patch and run in administrator mode. All of your antispyware, antivirus, spyware protection gets over-ridden by a some remote code execution that relies on OS and/or application exploits, and your nice little hacker doesn't even need to run a single executable to gain privilege escalation to gain kernel access without disk access, then he's off to unhooking anything he wants.

Current setup:

Win 8 PRO 64bit, windows update set to install automatically

Running as Standard User

EMET 4 beta; Running with DEP for all processes, SEHOP, ASLR, Certifcate trust, ROP protection

Windows Defender & Windows firewall

HOSTS file modification http://winhelp2002.mvps.org/hosts.htm

Software Restriction Policy on, including DLLs

Google Chrome (to take advantage of the sandbox system provided by the OS to make the browser process marked as untrusted)

VHDs with Bitlocker for critical files.

...and a system image.

Amount spent on security software: NOTHING.

While hardening the system is an important step, one shouldn't trust the OS to secure you fully. If you go in past and take worms and viruses in past, you'd see that anti-malware companies and anti-virus companies have been the first one to notice them mega malwares and are the first one to secure systems from them - on the other hand, Microsoft has taken months to releases fixes for the OS - while the worms spreading like wild fire by then. It's because of AVs and AMs and layered security that people have got rid of such infections from their computers.

Also, gone those days where browsing only trusted sites mattered - any site can be infected these days and can be made to serve malware.

One more thing, MSE (AKA Windows Defender on Windows 8 ) is nothing but crap. If, if an malware manages to inter the system folder and delete couple of non-system files, MSE instantly stops working - it says it's working, but doesn't find or scan or catch anything whatsoever. I'm saying this cause I've found the hole myself and I'm sure MS is yet to fix it.

And I simply don't trust Windows firewall to give me sufficient protection, and even if it does, not sufficiently easy control and customization.

As for Chrome, it's sandbox has been hacked time and again - gives false sense of security.

I for one didn't pay for any security (and still got everything legitimate). :P

[ande]

As I see in most replies in this thread, why do you guys fill up your systems with so much anti-malware, as opposed to hardening windows itself instead? If you're running windows 8, take advantage of the high entropy ASLR, enhanced DEP, SEHOP, low integrity process, UEFI, and so many other security enhancements already BUILT-IN.

Don't even get me started with: "I've tested my antimalware setup with live malware, and nothing got through!!!11", seriously, viruses, trojans, and that sort consist of what you call "legacy" applications that target the lowest common denominator, people who do not or forget to patch and run in administrator mode. All of your antispyware, antivirus, spyware protection gets over-ridden by a some remote code execution that relies on OS and/or application exploits, and your nice little hacker doesn't even need to run a single executable to gain privilege escalation to gain kernel access without disk access, then he's off to unhooking anything he wants.

Current setup:
Win 8 PRO 64bit, windows update set to install automatically
Running as Standard User
EMET 4 beta; Running with DEP for all processes, SEHOP, ASLR, Certifcate trust, ROP protection
Windows Defender & Windows firewall
HOSTS file modification http://winhelp2002.mvps.org/hosts.htm
Software Restriction Policy on, including DLLs
Google Chrome (to take advantage of the sandbox system provided by the OS to make the browser process marked as untrusted)
VHDs with Bitlocker for critical files.
...and a system image.
Amount spent on security software: NOTHING.

While hardening the system is an important step, one shouldn't trust the OS to secure you fully. If you go in past and take worms and viruses in past, you'd see that anti-malware companies and anti-virus companies have been the first one to notice them mega malwares and are the first one to secure systems from them - on the other hand, Microsoft has taken months to releases fixes for the OS - while the worms spreading like wild fire by then. It's because of AVs and AMs and layered security that people have got rid of such infections from their computers.

Also, gone those days where browsing only trusted sites mattered - any site can be infected these days and can be made to serve malware.

One more thing, MSE (AKA Windows Defender on Windows 8 ) is nothing but crap. If, if an malware manages to inter the system folder and delete couple of non-system files, MSE instantly stops working - it says it's working, but doesn't find or scan or catch anything whatsoever. I'm saying this cause I've found the hole myself and I'm sure MS is yet to fix it.

And I simply don't trust Windows firewall to give me sufficient protection, and even if it does, not sufficiently easy control and customization.

As for Chrome, it's sandbox has been hacked time and again - gives false sense of security.

I for one didn't pay for any security (and still got everything legitimate). :P

If he configured SRP properly it is the only thing he needs to keep him safe.

As for choice of browser, I'd avoid Chromium since it's know privacy risk,

I find Firefox with NoScript and/or Adblock Plus with default deny filter to be optimal solution.

To achieve sandboxing features in Firefox use Sandboxie.

Also AFAIK EMET is sufficient on Windows 8, plus it's beta.

And finally fully disable MSE, you don't need it plus it reduces performance of Windows 8.

Cheers.

[benvan45]

It bothers me that so many people kick down Microsoft all the time and I just wonder why all those negative Windows users keep on using Windows. I would say, if MS is that bad, switch to Mac or whatever. It's the same with cars, if I had bad experiences with a certain brand, I would never drive that brand again. I'm sure Windows has some options that don't operate 100%, but so does Mac etc. So......please stop moaning about Windows or switch to something else to give yourself and many others peace of mind.

It's the same with security products, they all have some flaw, but posting all that shit every day won't make your PC more secure. If you don't like a product, switch to another. All software has trials, so time enough to make sure if it meets your needs. Same here, stop bashing everything and especially if you're not paying for it.

Hope this helps banning all negative posts every day.

Ben

As I see in most replies in this thread, why do you guys fill up your systems with so much anti-malware, as opposed to hardening windows itself instead? If you're running windows 8, take advantage of the high entropy ASLR, enhanced DEP, SEHOP, low integrity process, UEFI, and so many other security enhancements already BUILT-IN.

Don't even get me started with: "I've tested my antimalware setup with live malware, and nothing got through!!!11", seriously, viruses, trojans, and that sort consist of what you call "legacy" applications that target the lowest common denominator, people who do not or forget to patch and run in administrator mode. All of your antispyware, antivirus, spyware protection gets over-ridden by a some remote code execution that relies on OS and/or application exploits, and your nice little hacker doesn't even need to run a single executable to gain privilege escalation to gain kernel access without disk access, then he's off to unhooking anything he wants.

Current setup:
Win 8 PRO 64bit, windows update set to install automatically
Running as Standard User
EMET 4 beta; Running with DEP for all processes, SEHOP, ASLR, Certifcate trust, ROP protection
Windows Defender & Windows firewall
HOSTS file modification http://winhelp2002.mvps.org/hosts.htm
Software Restriction Policy on, including DLLs
Google Chrome (to take advantage of the sandbox system provided by the OS to make the browser process marked as untrusted)
VHDs with Bitlocker for critical files.
...and a system image.
Amount spent on security software: NOTHING.

While hardening the system is an important step, one shouldn't trust the OS to secure you fully. If you go in past and take worms and viruses in past, you'd see that anti-malware companies and anti-virus companies have been the first one to notice them mega malwares and are the first one to secure systems from them - on the other hand, Microsoft has taken months to releases fixes for the OS - while the worms spreading like wild fire by then. It's because of AVs and AMs and layered security that people have got rid of such infections from their computers.

Also, gone those days where browsing only trusted sites mattered - any site can be infected these days and can be made to serve malware.

One more thing, MSE (AKA Windows Defender on Windows 8 ) is nothing but crap. If, if an malware manages to inter the system folder and delete couple of non-system files, MSE instantly stops working - it says it's working, but doesn't find or scan or catch anything whatsoever. I'm saying this cause I've found the hole myself and I'm sure MS is yet to fix it.

And I simply don't trust Windows firewall to give me sufficient protection, and even if it does, not sufficiently easy control and customization.

As for Chrome, it's sandbox has been hacked time and again - gives false sense of security.

I for one didn't pay for any security (and still got everything legitimate). :P

[niharjhatn]

It bothers me that so many people kick down Microsoft all the time and I just wonder why all those negative Windows users keep on using Windows. I would say, if MS is that bad, switch to Mac or whatever. It's the same with cars, if I had bad experiences with a certain brand, I would never drive that brand again. I'm sure Windows has some options that don't operate 100%, but so does Mac etc. So......please stop moaning about Windows or switch to something else to give yourself and many others peace of mind.

It's the same with security products, they all have some flaw, but posting all that shit every day won't make your PC more secure. If you don't like a product, switch to another. All software has trials, so time enough to make sure if it meets your needs. Same here, stop bashing everything and especially if you're not paying for it.

Hope this helps banning all negative posts every day.

One reason - VIDYA games.

If all my video games were native linux I would have switched ages ago.

[DKT27]

It bothers me that so many people kick down Microsoft all the time and I just wonder why all those negative Windows users keep on using Windows. I would say, if MS is that bad, switch to Mac or whatever. It's the same with cars, if I had bad experiences with a certain brand, I would never drive that brand again. I'm sure Windows has some options that don't operate 100%, but so does Mac etc. So......please stop moaning about Windows or switch to something else to give yourself and many others peace of mind.

It's the same with security products, they all have some flaw, but posting all that shit every day won't make your PC more secure. If you don't like a product, switch to another. All software has trials, so time enough to make sure if it meets your needs. Same here, stop bashing everything and especially if you're not paying for it.

Hope this helps banning all negative posts every day.

Ben

Where did I say I hate Windows? ;) Why should I switch to world's most sh*tty OS series (Mac) if I can enjoy the world's greatest one? While I am Windows user and lover, I should have no right to speak against what isn't right or correct with Windows or Microsoft?

Why do Microsoft backers (and fanboys) always think that bashing few things about Microsoft or it's products makes us MS / Windows haters or less of it's product users / likers than them?

Negative criticism is still a type of feedback and is asking for a requirement of change, the faster everyone understands this, the better.

About security, yes, linux has better security and is less targeted than Windows, but that doesn't mean I feel a need to leave Windows.

[TheAslan]

avast! Premier + Comodo SecureDNS.

[LazyPotato]

• Eset Smart Security (settings changed)

Panda Cloud Scanner

MBAM pro

SAS pro

Comdo Cleaning Essentials

AVG & Kaspersky Rescue Disk (in my USB,ofc)