Emlock's security

Windows Edition
Pro
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Sophos endpoint security and control
Periodic malware scanners
malwarebytes, zemana antimalware, hitman pro, emsisoft emergency kit
Malware sample testing
Browser(s) and extensions
adguard, ghostery, fireshot screen capture and blur and sticky passwords in test
Maintenance tools
ghostery, adguard
emlock

emlock

Level 1
Thread author
Verified
Feb 13, 2016
18
51
32
italy
I visit malware samples sites and test them in a secure virtual lab composed with vmware esxi 6 in a physical server in a separate vlan from my private stuffs. I'm an happy user of sophos utm home which protects all my network include a virtual one installed on ESXI, and form my home pc i use the endpoint of the firewall that is in my opinion very light and responsive to new malwares. Last sample i downloaded was a teslacrypt to test its spread ability to my virtual network and test shares.
In these days i've been searching information about dnscrypt and the best dns to use with my utm and for now my setup is:
  • level 3 dns with dnssec validation enabled
  • https inspection / deep packet inspection
i'm wondering if is convenient to set up a new pool of dnscrypt server as dns forwarders. Anyone has suggestions?
 
Last edited:
  • Like
Reactions: Logethica, 8-Bit Ghetto, shukla44 and 3 others
Sophos Endpoint Protection is way more than enough so just turn UAC to at least default.
 
  • Like
Reactions: kev216
For password manager Keepass or Lastpass depending what you need.
UAC and similar software have their use but it might be covered by Sophos in your case. I am not familiar with the product. Other that it seems like a solid setup.
@Tornado UAC at default is the same as disabling it. Very easy to bypass.
 
  • Like
Reactions: Logethica, 8-Bit Ghetto, shukla44 and 1 other person
thanks for all the comment's here, glad my setup liked... for the UAC i think is kinda annoying even if it protects from executables programs, and for the password manager i'll think about those softwares.
Thanks everybody and if you have other tips for my security config please let me know
 
  • Like
Reactions: Logethica, Rishi and kev216
Wont both type 1 and type 2 hypervisor come into conflict with each other? Are you using paid version of Adobe Reader DC? If you're using free version, consider other alternatives such as foxit,sumatra, xpdf etc. Enable UAC. Overall very good config.
 
  • Like
Reactions: Logethica
Huracan said:
Could you explain?

I am not familiar with enterprise/endpoint software.
Click to expand...
Endpoint or Enterprise protection is what the majority of schools, businesses and other large firms. I know my school uses Sophos Endpoint Protection. The big difference is that Endpoint protection offers maximum security, HIPS, firewall, web filter and much more. That is why they are used commercially. The main known ones are Symantec Endpoint Protection, Malwarebytes Endpoint Protection and Sophos Endpoint Protection.
 
Interesting to see UK based Antivirus company like Sophos as already been in the circulation to be use by some users, their performance are quite convincing especially its heuristics/behavior where in Virustotal commonly flags on that specific name of threats.

Other than that, its already a good configuration.
 
If you do not have an exploit solution try Malwarebytes Anti-Exploit. Other than that UAC should be default and maybe adding Zemana Anti-Malware.
 
  • Like
Reactions: emlock
i have tryed zemana anti-malware as an on demand scanner in my organization but it was used only as a second opinion after a malwarebytes scanner. If in the future the time comes i will use zemana first of all and then see if it's effective. there's also a portable version right?
 
  • Like
Reactions: Logethica, safe1st and DJ Panda
You must log in or register to reply here.

You may also like...