Gnosis's UPDATED (11-29-13) CONFIGURATION

[Gnosis]

PC Environment: Private
Security Awareness: Advanced
Exposure to Malware: Low
Anti-Malware Testing: No
Operating System: Windows XP 2002 Service Pack 3 32bit
Architecture: 32-bit
Real-time Protection: WSA Cloud AV; Comodo Internet Security Premium 6 (Geek Buddy, and Killswitch not utilized); Threatfire BB Level 5 (radically customized); Sandboxie Free Edition (drop administrator rights; delete contents of sandbox upon closing; quick recovery)
On-Demand Tools: MBAM, HitMan Pro
Web Browsers: Mozilla Firefox
Virtual Comodo Dragon

Browser Addons: Adblock, Better Privacy, Ghostery, Google Translator for Firefox, Self-Destructing Cookies, Dr. Web Link Checker
OTHER TOOLS: CCleaner, Wireless Network Watcher, HiJack This, Autoruns, Treesize, Process Hacker II, PCHunter, MBAR, Avast anti-rootkit (mbr fix), F-Secure Blacklight


Just installed WSA. Startup times are as good as ever and zero sluggishness while operating PC. Some might view my overlapping, and sometimes redundant security as overkill, but my system is as smooth as silk, so it is all good.

 

[Jack]

RE: ZOU'S CONFIGURATION

Real-time protection:
Avast is a solid product but Windows XP Firewall isn't that great.Have you tried any 3rd party firewall or ?

Additional browser plugins:

LastPass (Free) - link
LastPass is an online password manager and form filler that makes web browsing easier and more secure.

VTzilla (Free) - link
VTzilla is a Mozilla Firefox browser plugin that simplifies the process of scanning Internet resources with VirusTotal. It allows you to download files directly with VirusTotal's web application prior to storing them in your PC. Moreover, it will not only scan files, but also URLs.
The scanning options are embedded in Firefox's context menu and download dialog, making the analysis process as easy as clicking a single button.

Extra protection (Optional):
EMET 2 (Enhanced Mitigation Experience Toolkit) (Free) - link
EMET provides users with the ability to deploy security features built into Windows to arbitrary applications. This helps prevent vulnerabilities in those applications from successfully being exploited. DEP, SEHOP and ASLR are such security features, if you want to learn more about what they do, you can watch this video from Microsoft TechCenter. To configure EMET you should follow this guide by rationallyPARANOID

 

[Gnosis]

RE: Gnosis's CONFIGURATION

I don't even use XP firewall. I have found that a good firewall is a tedious one and the ones that you don't have to fool with are ineffective, so I don't utilize firewalls. I rely heavily on Sandboxie.

 

[Eiso]

RE: ZOU'S CONFIGURATION

You really need a firewall mate Sandboxie can only do so much. Many would suggest Comodo Firewall, and apparently it works great alongside avast.

 

[McLovin]

RE: ZOU'S CONFIGURATION

You really need a firewall mate Sandboxie can only do so much. Many would suggest Comodo Firewall, and apparently it works great alongside avast.

Correct it does work well next to Avast. That is what I currently use Avast Free and Comodo Firewall and I have had no problems so far.

 

[Littlebits]

RE: ZOU'S CONFIGURATION

I don't even use XP firewall. I have found that a good firewall is a tedious one and the ones that you don't have to fool with are ineffective, so I don't utilize firewalls. I rely heavily on Sandboxie.

I will have to agree to a point, true stand-alone firewalls are easy to configure and are very effective at blocking connections in and out.

The the term firewall now usually means more than just a program used to control connections to ports. Adding extra protection features like HIPS makes them difficult to configure and drains down system resources and speed. Plus require too much maintenance to keep them configured and updated.

If you would just like a simple firewall to control network connections only, then I recommend to give ZoneAlam Free a try. The free new version now has the ZoneAlam cloud technology (provided by Kaspersky) that auto blocks known bad connections and auto allows good connections. It is one of the few stand-alone firewalls with a program control that will not block safe processes and will provide excellent network control.

Thanks.

 

[ocsi]

RE: ZOU'S CONFIGURATION

Add Privatefirewall and you have a good security setup.
Eventually you can use Shadow Defender or Wondershare Time Freeze.

 

[jamescv7]

RE: ZOU'S CONFIGURATION

Another firewall that its more easy to use and not so complicated. Popups were simply easy to use and its like a pure firewall there. (PC Tools Firewall Plus however that program isn't always updated)

 

[Plexx]

RE: ZOU'S CONFIGURATION

I noticed you have not mentioned any backup utility. If you do not have any you can use one of the free ones:

*Paragon Backup & Recovery 2011 Free;
*EaseUS Todo Backup Free 3.5;
*Macrium Reflect Free.
Note that Paragon cannot make a WINPE boot disk unlike EaseUS Todo; but it is still fine. I personally prefer Paragon.

Consider adding the following tools:

Additional Real Time Protection:
*Panda URL Filter (google Panda Toolbar, Install Panda Toolbar and then Remove the Panda Toolbar).

Unlocking software for stuck applications:
*Unlocker 1.9.1 (32bit edition).

Password Manager:
*Lastpass.

Registry Defrag:
*Quicksys RegDefrag.

HDD Defrag:
*Auslogics Disk Defrag;
*Puran Defrag;
*Smart Defrag.

Uninstaller:
*Revo Uninstaller Free.

System Utilities:
*Advanced SystemCare 5 Free;
*CCleaner;

That's about all that I can think since at the same time I'm trying to break my neurons on the VirtualBox issue I got...

PS: good config. +1

 

[Gnosis]

RE: ZOU'S CONFIGURATION

I have CCleaner and Smart Defrag. I have used XP firewall for years with no trouble and it is useless, so I cannot justify dealing with a firewall. I have considered Last Pass, but I have yet to try it.

I have Sardu with Kaspersky and Dr. Web on a CD. That trumps a firewall, though it is not preventive.

 

[Ramblin]

RE: ZOU'S CONFIGURATION

Hey Zou, as you probably know, I not only "rely heavily on Sandboxie", I only use Sandboxie for protection but I do have the XP firewall on. I don't understand much how firewalls work and dont want to deal with popups of any kind so I kept the XP firewall instead of using something else.

I think, you should enable your XP firewall.

Bo

 

[Gnosis]

RE: ZOU'S CONFIGURATION

I hear ya.

I have noticed no difference over the years whether XP firewall is on or off.

 

[Ramblin]

RE: ZOU'S CONFIGURATION

I hear ya.

I have noticed no difference over the years whether XP firewall is on or off.

Me neither but the XP firewall got to be doing something as I have never had an infection that can be blamed on it. Because of SBIE, the chances of anything getting thru or getting out are very slim but we should at least have the XP firewall on, it cant hurt.

Bo

 

[Gnosis]

RE: ZOU'S CONFIGURATION

Since I do not use a firewall I have decided to use a HIPS, or behavior blocker (maybe HIDS?), whatever you call it. I use Threatfire AV set at level 5. It is probably more accurate to refer to it as a "Host Intrusion DETECTION System", instead of a "Host Intrusion PREVENTION System". It detects and blocks, yet not necessarily PREVENTS. It is what it is.

 

[Gnosis]

RE: ZOU'S CONFIGURATION

ZOU'S CONFIGURATION
General computer knowledge: Advanced
Level of security risk: Low
Operating system: Windows XP 2002 Service Pack 3 32bit
OS architecture: 32 bit
Non-admin account: No
Real-time protection: Avast Free Edition, Threatfire AV Level 5 (recently implemented, see my last post)
On-demand scanners: MBAM, HitMan Pro
Browser(s): Google Chrome w/adblock
Mozilla Firefox w/adblock
Opera
ALL WITH SANDBOXIE

 

[ZeroDay]

RE: ZOU'S CONFIGURATION

I'd also consider either Norton or Comodo dns and perhaps Mvps host file.

 

[McLovin]

RE: ZOU'S CONFIGURATION

ZOU, you probably already have one, but any backup solution?

 

[Prorootect]

RE: ZOU'S CONFIGURATION

ZOU, it's not good, Avast, then throw it! Lightens your Windows, from bulky things, if you want.

No AV is better.

 

[win7holic]

RE: ZOU'S CONFIGURATION

ZOU, it's not good, Avast, then throw it! Lightens your Windows, from bulky things, if you want.
No AV is better..?

I know it
but you are wrong, Prorootect. Because, many people today are choosing to use AV, rather than cleaning up after an infection on their system.
Point is: Prevention is better than clean malwares infection caused from malwares.
not even a better AV, at least they can protect the system 70% or more. the rest is common sense, how we use computers properly, for example, is clicking the links.

 

[Gnosis]

RE: ZOU'S CONFIGURATION

If Threatfire is truly a "HIPS", I have heard that HIPS are the number one defense against rootkits because they can detect the initial attempts to install one on your PC as well as activity thereafter. Some rootkits are so advanced that if you don't catch the behavior involved in their installation, you will never find them because they are truly STEALTH. Firewalls are easily bypassed by skilled rootkit authors. Everything else is for when you are already infected, for the most part. I don't know exactly how MBAM Pro is vs. HIPS. The answer to that would be enlightening.

As far as my PC goes, Avast is here to stay.

ZOU, you probably already have one, but any backup solution?

Actually I do not. What would be the best way to go about that? Is an external drive the only way?