Post your security setup

Discussion in 'Security and Anti-Virus Software' started by Hungry Man, May 18, 2011.

Thread Status:
Not open for further replies.
  1. Jarhead

    Jarhead 恋の♡アカサタナ

    Reputations:
    4,990
    Messages:
    12,178
    Likes Received:
    2,981
    Trophy Points:
    581
    Nah, I just bank online ;)
     
  2. Baserk

    Baserk Notebook user

    Reputations:
    2,503
    Messages:
    1,794
    Likes Received:
    1
    Trophy Points:
    56
    So you run an admin account with UAC off? And nothing else implemented but common sense?
     
  3. Jarhead

    Jarhead 恋の♡アカサタナ

    Reputations:
    4,990
    Messages:
    12,178
    Likes Received:
    2,981
    Trophy Points:
    581
    I'd be comfortable with that, except I'd add some sort of AV just to be sure.
     
  4. zakazak

    zakazak www.whymacsucks.com

    Reputations:
    106
    Messages:
    1,299
    Likes Received:
    24
    Trophy Points:
    56
    yep.. seems like you dont know that much about security? Even if you only use the "save" files that you once install on your computer and NEVER install aynthing else and even if you only browse very known and big sites, there still is a chance to get you infected. Not to mention malware that spreads via usb,local network, sharing programs , p2p programs, messengers,....

    Generally UAC at max settings offer a very good protection already. Still it won't protect you against everything.. and in case you run a setup.exe you will have to give it admin rights (in 99% of those installers) and then have you ever thought that even with the windows-inbuild iexpress.exe you can bind some random setup.exe with a malware.exe (and even checking the md5 hash of that file doesn't make it secure). So without some security product you will never find out that this setup.exe is infected. If it is some backdoor you might find its process / open internet connection and are able to block & remove it. If its some run-once information-stealer than you are already screwed. You simply need to click on the wrong link and you are already infected (drive-bys). Or a well known site gets exploited and infected.

    I would understand if u tell me that Mbam pro is unnecessary but then I would just show you malware tests that I did so you would see that Mbam Pro is quite a nice addition to CIS (especiall the web filter). I have the main protection CIS (AV on stateful, fw & d+ as HIPS.. with auto sandbox enabled) and Mbam Pro which filters some web-sites already (pretty much like NortonDNS) and has a very great detection rate for malware. I could remove the AV from CIS but it doesn't really use any resources at all. EMET is a hardening program that you only run once. It offers great protection (you might want to search the thread here in the forum). Applocker & UAC are windows built-in security solutions.
     
  5. tonymontanaflows

    tonymontanaflows Notebook Enthusiast

    Reputations:
    2
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    5
    my preferred setup

    symantec endpoint protection - win2k-7 64bit. only downside is 64bit version has no rightclick scan for virus option and if standalone hard to define vpn firewall policies with network threat protection option

    UAC, Windows Firewall, Defender OFF

    spywareblaster
    spybot immunize and ie resident no tea-timer
    firefox +adblock plus default browser
    latest Java JRE installed with any nasty prior bits removed prior with JavaRA

    that's it. clean quick and light. avoiding IE, having a fresh Java install of only 1.6 10 that finally updates correctly in most cases should eliminate most nastys. for my users who persist to use IE i use IE7Pro addon
     
  6. MAA83

    MAA83 Notebook Evangelist

    Reputations:
    794
    Messages:
    604
    Likes Received:
    3
    Trophy Points:
    31
    no UAC/Defender or Security senter service or firewall.

    I keep MBAM on demand.
    Avast! Free and Comodo Firewall and Defense+.
    63char POP/HDD/Supervisor/Windows passwords, TC encrypted system drive
    Keep all IO ports except USB shutoff, disable boot from USB.

    Anonymousspeech for anonymous emails, and iVPN for any internet connection, home or away.

    No IE. necessary adblock and noscript extensions and others for FF.

    I find common sense (running questionable things in VM or sandbox mode) and a mix of these products good enough to add enough layers of security to make me feel my data is safe. Too bad it's all for naught, with out UAC I'll never be secure! :rolleyes:
     
  7. zakazak

    zakazak www.whymacsucks.com

    Reputations:
    106
    Messages:
    1,299
    Likes Received:
    24
    Trophy Points:
    56
    very nice setup ! I would still add UAC at max protection for even more protection :)
     
  8. MAA83

    MAA83 Notebook Evangelist

    Reputations:
    794
    Messages:
    604
    Likes Received:
    3
    Trophy Points:
    31
    Just poking fun:D

    On laptops I set up for others, I usually leave it on. I had had it on default settings on my laptop as well until I put on defense+. I just felt there was some overlap.
     
  9. zakazak

    zakazak www.whymacsucks.com

    Reputations:
    106
    Messages:
    1,299
    Likes Received:
    24
    Trophy Points:
    56
    Malware is able to bypass/deactive UAC when its set to the default level. Thats why I always recommend it at max level or not at all :p

    Actually D+ & UAC are somehow overlapping.. still Comodo D+ could get killed/bypassed by malware and then you would have UAC to protect you. Since it also is a windows built-in security feature I doubt that it would give any performance boost when disabling it.
     
  10. Hungry Man

    Hungry Man Notebook Virtuoso

    Reputations:
    661
    Messages:
    2,357
    Likes Received:
    0
    Trophy Points:
    55
    UAC does more than just stop malware from elevating. Turning it off removes features and changes the entire token system.
     
Loading...
Thread Status:
Not open for further replies.

Share This Page