How-to Guide How to strengthen up your security configuration

Discussion in 'Tutorials & Guides' started by kram7750, Apr 9, 2015.

  1. kram7750

    kram7750 New Member

    Apr 12, 2014
    995
    3,613
    #1 kram7750, Apr 9, 2015
    Last edited: Apr 9, 2015
    Hi everyone,

    With the rate of new security configurations being posted all the time, it is only a good idea for me to make a thread on how someone could go about improving their security configuration.

    Firstly, I recommend you use a good Antivirus/Internet Security product. An Antivirus product does not usually contain a Firewall. If the Antivirus product you decide does not, then I recommend installing a Firewall alongside your Antivirus product.

    I personally recommed either 1 of the 3 Internet Security products. However, this is based on my experience and testing. Everyone has a different opinion, the only person who can decide which product they want to use is YOU. No one else. You should use the trials and test each one to see which one you prefer.

    1). ESET Smart Security - I personally feel that ESET have great signature-based/static-analysis detection. (The HIPS (Host Intrusion Prevention System) can perform better once configured correctly). As well as this they have the LiveGrid (cloud).
    You can obtain ESET Smart Security from the official website, here: http://www.eset.co.uk/Home/Smart-Security

    2). Emsisoft Internet Security - I personally feel that the Emsisoft Behaviour Blocker is good at preventing malware infections and has a good cloud network.
    You can obtain Emsisoft Internet Security from the official website, here: http://www.emsisoft.com/en/software/internetsecurity/

    3). Kaspersky Internet Security - the signature based detection is OK in my opinion, however they have a feature called Application Control which is quite well liked. As well as this they have the KSN (cloud).
    You can obtain Kaspersky Internet Security from the official website, here: http://www.kaspersky.co.uk/internet-security?domain=kaspersky.com

    For the money, I recon Emsisoft Internet Security is the best deal. However, I like all 3 products and all 3 are great in my opinion.

    If you do not want an Internet Security product then I recommend getting an Antivirus product and then a firewall product alongside it. For Antivirus, I recommend the Antivirus version of the products listed below, however I will also mention some free alternative Antivirus products below, for anyone cannot currently purchase an Internet Security suite:

    Paid:
    1). ESET NOD32 (Antivirus)
    Download: http://www.eset.co.uk/Home/NOD32-Antivirus

    2). Emsisoft Anti-Malware
    Download: http://www.emsisoft.com/en/software/antimalware/

    3). Kaspersky Antivirus:
    Download: http://www.kaspersky.co.uk/anti-virus

    Free:
    1). Avast Antivirus - Download: https://www.avast.com/en-gb/index

    I expect someone will mention Qihoo in the comments, so I will mention it here, but not as a recommendation... Qihoo has a lot of users, however I personally do not think it's a fully polished product and I would certainly not trust it. Everyone has their own opinions. It's free; if you want to use it you can, however I do not recommend it and for this reason I will not include it in this thread. The product also seems to be promoted via a lot of adware. It's not always the vendors fault if their product is promoted via adware, however I see them promoted far too often than other vendors. Which is another reason why I have not included them in this thread.

    For Firewall products alongside an Antivirus you could use a product like the free Comodo Firewall, however you can always just use Windows Firewall. If you use Windows Firewall, I recommend adding WFC (Windows Firewall Control) alongside it. There is also a program called "Glasswire" which is compatible with Windows Firewall.

    Comodo Firewall - Download: https://www.comodo.com/home/internet-security/firewall.php
    Windows Firewall Control - Download: http://www.binisoft.org/wfc.php
    Glasswire - Download: https://www.glasswire.com/download/


    Of course if you know of another Antivirus/Internet Security/Firewall product you want to use, you can feel free to use it. Those are just my suggestions for you.

    Before I go off AV/IS and Firewall products, you may like Comodo Internet Security. It also supports "Auto-Sandboxing" with it's Sandbox feature.

    After you have got your Antivirus & Firewall/Internet Security sorted out, you will need something people refer to as "on-demand scanners". An on-demand scanner is an application which scans the system without real-time/behavioural components. As we know an Antivirus product may consist of the Real-Time protection, Web Filter, Behaviour Blocker/HIPS... Only difference is an on-demand scanner is when you use a product to just scan the system. You shouldn't install another Antivirus and just disable the Real-Time etc. You shouldn't do this. So instead, there are products which are just for scanning, allowing you to keep your existing security software for real-time protection.

    For on-demand scanners I recommend you either pick 1 - 3 of the following. If you want to extend to 4 then you can, however I recommend 3 as a maximum:

    ESET Online Scanner
    Malwarebytes Anti-Malware (free, the pro version adds Real-Time protection however this is unnecessary).
    HitmanPro (this does cost money however you get a free trial beforehand)
    Emsisoft Emergency Kit (EEK)

    HerdProtect
    Zemana Anti-Malware

    Of course if you use ESET for real-time, then the Online Scanner would be pointless. Same for if you use Emsisoft as your main security product, the emergency kit would then be unnecessary.

    There is a program called Unchecky. The aim of this program is to help keep potentially unwanted programs off your PC.
    Download: http://unchecky.com/

    Always make sure to have a backup plan. For backup I recommend using either Paragon & Recovery or AOMEI Backupper. As well as using one of these two pieces of software for backup/recovery, you can also try using cloud storage for your personal documents (of course if they are very important that no one else ever manages to get hold of them, don't use cloud storage since it's possible one day the cloud storage may be attacked) or storing them on an external device (external HDD, USB drive, blank DVD).

    I also recommend you keep System Restore points for the future. You never know, even with backup for recovery it can be useful. With this in mind, I also recommend you keep a backup of your Registry. Before cleaning with CCleaner you can do this (if you decide to use CCleaner). If not you can do it manually.

    If you like the thought of anonymity whilst browsing online, you may like the idea of using VPN (Virtual Private Network). I recommend: CyberGhost based on my experience.

    I recommend an Anti-Exploit solution. A product like ESET will already contain Anti-Exploitation techniques, however if your main security solution does not contain such a feature then you may be interested in Malwarebytes Anti-Exploit.

    You can download Malwarebytes Anti-Exploit here: https://www.malwarebytes.org/antiexploit/

    You may be interested in installing HitmanPro.Alert. It contains many features such as: [check the spoiler]

    The system requirements are shown below:

    It's CryptoGuard feature attracted many new users; you can more in-depth about it here: http://www.surfright.nl/en/cryptoguard
    You can find more information about it at the following URL: http://www.surfright.nl/en/alert



    I recommend that if you have an application you are unsure of or is new to you, you run it in a sandbox or another virtualized environment (such as a virtual machine) before your real system.

    For the sandbox, I recommend using Sandboxie: http://www.sandboxie.com/
    For the virtual machine I recommend VMWare, however VirtualBox will do: http://www.vmware.com/uk & https://www.virtualbox.org/

    A suggestion of mine if you want to be extra secure is to install Sandboxie and then run your Browser sandboxed with Sandboxie.

    Please be aware of "Anti-Sandboxing"/"Anti-Virtualization" techniques which may try to trick you.

    If you do not want to do this manually yourself, you can upload an executable for online automated analysis with one of the following services:

    https://www.hybrid-analysis.com (recommended)

    https://malwr.com/
    https://anubis.iseclab.org/

    As well as this, you may wish to upload executables to a online scanning service like VirusTotal to check the score of other Antivirus engines you do not have access to on your main system.

    VirusTotal: https://www.virustotal.com/

    For web browser extensions I recommend using HTTPS Everywhere. It won't work for every website, but it does for a lot. HTTPS encrypts the communication between your webbrowser and the website, which is always good for securtiy. You can read more about HTTPS Everywhere and the supported browsers at the official link: https://www.eff.org/https-everywhere

    I also recommend 3 other extensions:

    LastPass - good for storing passwords. You can read more about it at the offical link:
    https://lastpass.com/ (there is an extension available. If you cannot find it, search on the store for extensions for your browser e.g. for Google Chrome users, you can go here: https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd and for Firefox users you can go here: https://addons.mozilla.org/en-us/firefox/addon/lastpass-password-manager/ ).

    Click&Clean - good for cleaning your browser after your browsing session.
    Download - Google Chrome: https://chrome.google.com/webstore/detail/clickclean/ghgabhipcejejjmhhchfonmamedcbeod?hl=en
    Download - Firefox: https://addons.mozilla.org/en-us/firefox/addon/clickclean/


    WOT (Web Of Trust) - website reputation. NOTE: Please be aware that the reputation results may not always be 100% accurate and true. Take the results from WOT with a grain of salt. However, it's a nice addition and can be helpful in some cases.
    Download: https://www.mywot.com/

    I really recommend using an Adblocker. You may already know, however Advertisements invade your privacy in a way - they can collect information (for example, they can track you). Blocking the advertisements prevents this. For an Adblocker I personally recommend using uBlock (however it isn't available for all browsers, sadly).

    You can download uBlock for Google Chrome here: https://chrome.google.com/webstore/detail/ublock/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
    You can download uBlock for Firefox here: https://addons.mozilla.org/en-us/firefox/addon/ublock/
    You can download uBlock for Opera here: https://addons.opera.com/en/extensions/details/ublock/?display=en

    Since uBlock is not available for Internet Explorer, if you are an Internet Explorer user you can use Adblock Plus. You can download Adblock Plus for Internet Explorer from the following URL: https://adblockplus.org/en/internet-explorer

    If you are not using either of those web browsers but a web browser which does not support a adblocker like uBlock, then you can always resort to using something called the Hosts file. The Hosts file is a file stored in a Windows subdirectories which basically blocks connections to certain hosts. It can be modified to work as an adblocker and/or block websites. Please note that it can be tampered with by other software.

    The file path to the Hosts file is: c:\windows\system32\drivers\etc\hosts
    You may be interested in MVPS Hosts list which can be obtained from here: http://winhelp2002.mvps.org/hosts.htm

    If you are someone who really wants to Lockdown their system and try to prevent malware infections, consider using AppGuard and a lightweight Antivirus for backup to that.

    AppGuard: http://www.blueridge.com/index.php/products/appguard/consumer

    For Privacy/Cleaning software I recommend CCleaner. My experience with CCleaner has been great, and so has most other peoples experience based on the feedback I've seen people give. Compared to other cleaning products which provide "registry cleaning" abilities, I have seen less encounters of "registry issues" when using CCleaner. It can also clear your browser traces in real-time (if the feature is enabled), clean software installed on the system etc.

    CCleaner: https://www.piriform.com/ccleaner/download

    If you are a very advanced user, I recommend PrivaZer. You can download it here: http://privazer.com/download.php
    Just be extra careful and take caution when using it.

    For uninstallations, I personally think that the software uninstaller is usually for the best. The developer knows how to make an uninstaller for the product they made. However, it may still leave traces, so if you hate traces being left behind you can try using Revo Uninstaller. Even with this product, traces may still be left behind. This is where CCleaner may come into place and find them and have them cleaned.

    Revo Uninstaller: http://www.revouninstaller.com/index.html

    Make sure UAC (User Account Control) is enabled. The default settings are good for use. Next time you try to open a program and get a UAC alert on your screen asking if you want to run it as Administrator, make sure you know what the program is before allowng it. The amount of people who complain about UAC not being good because they decided to allow a program to run with Administrative rights which was new to them which then turned out to be malicious software... The security features can only do what they are programmed to do. The user still needs to do his work by doing research on new programs before giving them administrative permission on the system.

    Before you allow a program to run with Administrative rights, check if it's digitally signed. I am not saying to just allow any program which is digitally signed.

    If Microsoft SmartScreen is on your system (for example Windows 8) make sure to keep it enabled.

    No matter what people may tell you, UAC and SmartScreen are GOOD features and they do WORK.

    Make sure to keep all your software up-to-date as much as possible. If you see a update, get it done. Don't think "Later" because by later you may have already been affected by a exploit which was not caught which was pathced up in the update you decided not to install...

    With that in mind, always keep Windows up-to-date. Should you ever have a bad, faulty update (which has happened in the past), you have a backup solution for a reason. It's not just in case of malware infections, but for a case where anything bad goes wrong. You don't have to install "optional" updates, but the security updates I recommend you always install. If you are paranoid about faulty updates, you can have Windows download the updates but not install them, allowing you to wait a few days and wait for any bad news for the updates before allowing them to install.

    On top of everything mentioned above, if you are using a browser which offers security, then make sure it's enabled!

    If you are a very advanced user, then you could use Windows Defender/MSE with Windows Firewall and be fine... Please do not just assume you are an "advanced" user because you know how to do something like show hidden files on your disk or think you know what you are doing. I have seen many people who have thought this and then become infected by something as bad as ransomware, and then lost all their files since they didn't make a backup (because they felt so confident they'd be fine).

    Make sure not to use 2 Antivirus programs at the same time. They can cause system slowdowns, or in the worst cases even detect each other (although whitelisting should fix the detection issue). Multiple Antivirus software is not required, either.

    Just remember, no Antivirus can protect you. It's down to you just as much. Think before you visit a website, think before you download and run a new program... If you are click happy and run anything then you're bound to become infected sooner or later. I know people who haven't used any secuirty products like Antivirus/Internet security for years and haven't ran into any issues.

    Please note that depending on your hardware (RAM for example) may limit what you can use on your system.

    Always remember that any change you make on your system is up-to-you. If you do not want to use something (let's say somebody suggested something), then of course you do not have too. Just remember that we are here to help you!

    You could have the most minimal setup and never become infected. You could have the most minimal setup and become infected. Or you can stay infection-free with the most advanced setup or even become infected with that.


    After reading this this thread, I recommend reading some comments since other members may give their suggestions for you below.

    Cheers. ;)

    EDIT: Added note about WOT, fixed grammar mistake and removed EAM compatibility opinion.
     
  2. Janl92l

    Janl92l New Member

    Nov 7, 2014
    335
    459
    Hmm u post so much quality post. Thats what the Forum realy need! Thank u for all ur work and time doing it! realy appricate it. :)
     
    Behold Eck and kram7750 like this.
  3. Sr. Normal

    Sr. Normal Guest

    Thank You @kram7750 . Many good recommendations. Great job. :)
     
    rockstarrocks, DardiM, Kent and 2 others like this.
  4. Alexstrasza

    Alexstrasza New Member

    Mar 18, 2015
    151
    221
    The only part where I'll disagree with you is the fact that Emsisoft AM can run alongside other AVs and AMs, and there is actually no problem at all. It's one of the favorite AM software in my neck of the woods (alongside Malwarebytes Anti-Malware), and is commonly installed with other AVs and AMs.

    For browser extensions, consider adding HTTPS Everywhere (force encryption of contents) and Ghostery (blocks tracking) if you need privacy.

    Otherwise good work.
     
    DardiM likes this.
  5. kram7750

    kram7750 New Member

    Apr 12, 2014
    995
    3,613
    #5 kram7750, Apr 9, 2015
    Last edited: Jun 17, 2015
    I said it can run alongside, but I don't personally think it's really necessary. But I will edit out the part about using Emsisoft. It's compatible, it was made to be compatible, however it's an opinion as to whether it's a good idea to use it alongside another AV or not (since using EAM means more memory consumption, and some systems it would be a bad idea if they had low memory and a bad CPU (since then if they had real-time enabled on both it would result in more CPU usage for the scanning on file creations, modifications, accesses,...)).

    HTTPS Everywhere was a suggestion in the thread already?

    Cheers. ;)

    EDIT: Edited out the note about Emsisoft.
     
  6. Chromatinfish 123

    May 26, 2014
    1,013
    2,115
    Canada/United States
    Kaspersky
    Thanks @kram7750, you make quality posts like always!
    @Alexstrasza, Ghostery potentially gives away your data when you opt into GhostRank. I would not trust the company with my information.
     
    Tony Cole and kram7750 like this.
  7. Alexstrasza

    Alexstrasza New Member

    Mar 18, 2015
    151
    221
    And it's best to place a warning on Web of Trust that the rating should be taken with a grain of salt, as it is not always accurate.

    Personally I do not use Ghostery as EIS takes care of the tracking.
     
  8. kram7750

    kram7750 New Member

    Apr 12, 2014
    995
    3,613
    I can definitely agree with you on that! I'll have it added now. :)
     
    ZeroDay and Chromatinfish 123 like this.
  9. Chromatinfish 123

    May 26, 2014
    1,013
    2,115
    Canada/United States
    Kaspersky
    That I have to agree on. Technically, a malware-infested site, lets just say hxxp://immalware.end, can just create thousands of bots creating good reviews on the site, when it is bad.
     
    kram7750 likes this.
  10. jackuars

    jackuars Level 21

    Jul 2, 2014
    1,091
    2,144
    If Qihoo's ethics [which differs from one to another] are what is to be judged rather than the product itself, the same goes for Avast with the issues it had in the past about spying by it's extension. Google Chrome is being recommended by many other softwares but that doesn't make it any less trustworthy.

    It's sad to see about people not being optimistic about a product that has achieved its popularity by not having a upgradable payware version, not bundling any kind of adware, extremely good performance by including multi-antivirus engines, and a lot of promotions [I'm not sure how that was a bad thing in the first place], but rather they would like to be pessimistic by thinking that "Something is happening *Under the Hood* that's making it popular and increase it's assets".

    Personally i would prefer and recommend a free antivirus that doesn't bundle adware for the newbies and is *completely freeware*. Very very few free antiviruses does this.
     
  11. Behold Eck

    Behold Eck Level 9

    Jun 22, 2014
    431
    1,033
    Ditto.;)

    Regards Eck:)
     
    kram7750 likes this.
  12. Jemino.x

    Jemino.x Level 1

    Jul 7, 2012
    10
    16
    Network Security Administrator
    Perth
    Thanks for your detailed post, very interesting.
     
    kram7750 likes this.
  13. aola

    aola Level 1

    Apr 30, 2015
    4
    9
    i want a bulk of malware file to check my antivirus .
     
  14. Maxxx58

    Maxxx58 Level 13

    Dec 20, 2014
    617
    1,070
    A great detailed thread! Thank you very much, kram7750
     
    kram7750 likes this.
  15. Spawn

    Spawn Administrator
    Staff Member Content Creator

    Jan 8, 2011
    16,261
    24,195
    Kent and Maxxx58 like this.
  16. WinXPert

    WinXPert Level 23
    Trusted AV Tester

    Jan 9, 2013
    1,298
    4,725
    Graphic Artist
    Manila
    Windows 7
    Emsisoft
    What we have in "common": Malwarebytes Anti-Malware and CCleaner
     
  17. Harish_Shan23

    Harish_Shan23 Level 1

    May 12, 2015
    19
    38
    Software Technician
    United Kingdom
    Adguard is also an alternative to uBlock. It is available for Chrome, Firefox, Safari and Yandex Browser. There is also an Adguard assistant extension which integrates WOT into it. Take a look at it...........:)
     
  18. Yash Khan

    Yash Khan Level 51

    Oct 22, 2012
    4,055
    8,960
    Adguard comparison mention ads blocking limited due to browser capabilities for Adguard extension?
    Whats missing here?

    How does Adguard extension compare to Adblock Plus?
     
  19. Bryan J

    Bryan J New Member

    May 17, 2015
    22
    47
    St Pete, FL
    THIS suggestion is of utmost importance imo. I personally use File Hippo's App Manager. But a lot of people recommened SUMO as well.

    Great info kram7750
     
    DardiM likes this.
  20. russ0408

    russ0408 Level 4

    Jul 28, 2013
    165
    675
    Retired truck driver
    Ontario Canada
    Windows 10
    Avast
    So true jackuars. I'm using Qihoo's Security Essential and Voodooshield and so far it's working great together. You can say what you want about what they did with the testing companies, but I've been looking through all the malware posts you all have been posting and all the ones Qihoo has been included in, the malware has been detected. So you can all say what you want about Qihoo it's a very good antivirus and it's free.
     
Loading...
Similar Threads Forum Date
China to strengthen Internet security after U.S. spying report News Archive Mar 27, 2014
Microsoft strengthening microsoft Edge sandbox Browsers and Extensions Jul 26, 2017
AVG Strengthens Channel With Product Enhancements AVG (Avast) Mar 22, 2016