Emlock's security

Windows Edition
Pro
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Sophos endpoint security and control
Periodic malware scanners
malwarebytes, zemana antimalware, hitman pro, emsisoft emergency kit
Malware sample testing
Browser(s) and extensions
adguard, ghostery, fireshot screen capture and blur and sticky passwords in test
Maintenance tools
ghostery, adguard
emlock

emlock

Level 1
Thread author
Verified
Feb 13, 2016
18
I visit malware samples sites and test them in a secure virtual lab composed with vmware esxi 6 in a physical server in a separate vlan from my private stuffs. I'm an happy user of sophos utm home which protects all my network include a virtual one installed on ESXI, and form my home pc i use the endpoint of the firewall that is in my opinion very light and responsive to new malwares. Last sample i downloaded was a teslacrypt to test its spread ability to my virtual network and test shares.
In these days i've been searching information about dnscrypt and the best dns to use with my utm and for now my setup is:
  • level 3 dns with dnssec validation enabled
  • https inspection / deep packet inspection
i'm wondering if is convenient to set up a new pool of dnscrypt server as dns forwarders. Anyone has suggestions?
 
Last edited:
  • Like
Reactions: Logethica, 8-Bit Ghetto, shukla44 and 3 others
D

Deleted Member 333v73x

Sophos Endpoint Protection is way more than enough so just turn UAC to at least default.
 
  • Like
Reactions: kev216
SHvFl

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,350
For password manager Keepass or Lastpass depending what you need.
UAC and similar software have their use but it might be covered by Sophos in your case. I am not familiar with the product. Other that it seems like a solid setup.
@Tornado UAC at default is the same as disabling it. Very easy to bypass.
 
  • Like
Reactions: Logethica, 8-Bit Ghetto, shukla44 and 1 other person
emlock

emlock

Level 1
Thread author
Verified
Feb 13, 2016
18
thanks for all the comment's here, glad my setup liked... for the UAC i think is kinda annoying even if it protects from executables programs, and for the password manager i'll think about those softwares.
Thanks everybody and if you have other tips for my security config please let me know
 
  • Like
Reactions: Logethica, Rishi and kev216
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
Wont both type 1 and type 2 hypervisor come into conflict with each other? Are you using paid version of Adobe Reader DC? If you're using free version, consider other alternatives such as foxit,sumatra, xpdf etc. Enable UAC. Overall very good config.
 
  • Like
Reactions: Logethica
D

Deleted Member 333v73x

Huracan said:
Could you explain?

I am not familiar with enterprise/endpoint software.
Click to expand...
Endpoint or Enterprise protection is what the majority of schools, businesses and other large firms. I know my school uses Sophos Endpoint Protection. The big difference is that Endpoint protection offers maximum security, HIPS, firewall, web filter and much more. That is why they are used commercially. The main known ones are Symantec Endpoint Protection, Malwarebytes Endpoint Protection and Sophos Endpoint Protection.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Interesting to see UK based Antivirus company like Sophos as already been in the circulation to be use by some users, their performance are quite convincing especially its heuristics/behavior where in Virustotal commonly flags on that specific name of threats.

Other than that, its already a good configuration.
 
emlock

emlock

Level 1
Thread author
Verified
Feb 13, 2016
18
Ok, with all those whispers in my ears I have enabled the UAC! now my config is definitly approved? :)
Thanks everybody and if anyone has some other advices they are welcome :)
 
  • Like
Reactions: Logethica, frogboy and Vasudev
DJ Panda

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
If you do not have an exploit solution try Malwarebytes Anti-Exploit. Other than that UAC should be default and maybe adding Zemana Anti-Malware.
 
  • Like
Reactions: emlock
emlock

emlock

Level 1
Thread author
Verified
Feb 13, 2016
18
i have tryed zemana anti-malware as an on demand scanner in my organization but it was used only as a second opinion after a malwarebytes scanner. If in the future the time comes i will use zemana first of all and then see if it's effective. there's also a portable version right?
 
  • Like
Reactions: Logethica, safe1st and DJ Panda
You must log in or register to reply here.

Similar threads

X195
    • Like
Advice Request Help needed with DNS configuration
Replies
15
Views
972
AdGuard
Chuck57
Chuck57
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
Replies
0
Views
1,546
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Security News KeyTrap attack: Internet access disrupted with one DNS packet
Replies
0
Views
1,099
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top