mattfrog config

[mattfrog]

*************
Here's my free-form version with notes:

Computer knowledge:
- Advanced (System/Network administration, web, desktop and server programming)

Security risk:
- Low (Home)
- Medium (Work): I manage a network with valuable, sensitive data. Risk is due to this value, not necessarily a lack of security practice

Operating System:
- Windows 7 64bit SP1 and Ubuntu 12.04 64bit (Home)
- Windows 7 (64 & 32 bit, SP1), XP(32 bit, SP3), Server 2008, Debian (Work)

Only as admin at work for required tasks. Admin at home all the time (UAC enabled)

--- From now on, I will only discuss security installed at home on Win 7, not work, to minimise risk

Real-time protection:
- ESET Smart Security 5
- Winpatrol Plus
- DEP activated
- Router-based firewall

On-demand:
- HitmanPro trial
- MalwareBytes free
(scanned once per week on average)

Web browser:
- Firefox 13 with Lastpass and NoScript

Suggestions or opinions welcomed!

 

[McLovin]

Seeing that you are advanced you might not need a backup option since you know what you are doing. but do you have any?

 

[Malware Maniac]

What about UAC and back up/imaging? Anything else that you consider contributes to your security. You could add Adblock plus to your Firefox.

 

[Deleted member 178]

Seeing that you are advanced you might not need a backup option since you know what you are doing. but do you have any?

I still thinking he will need one if not already, at least in case of hardware failure.

For the rest, he has the minimum required, maybe add Adblock Plus for Firefox and EMET for hardening his softwares.

 

[mattfrog]

Thanks for the replies!

At home I used a combination for backup - very important files are backed up through Cobian to an external hard-drive at night. Also, everything (including these files) are backed up through Backblaze.

At work, we used Cobian overnight to backup file servers, and Clonezilla to reimage

 

[malbky]

I dont think you need WinPatrol. ESET's HIPS is great but if you want to keep Winpatrol keep it as it very light. Add Trafficlight from bitdefender for web protection. Use BufferZone as a Sandbox.

 

[Jack]

Hello Matt,
Overall your config look great,here is what you can add to improve it:


Virtualization:

Virtualization software will allow you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the Web browser will be completely contained within the virtual enviroment, preventing any damage to your computer.
A sandbox can also be used to run any other applications which you think may be suspect - you can run the program inside the sandbox to determine whether or not it is safe while remaining completely protected against any malicious actions that it may try to carry out.
I strongly advise you to install Sandboxie and use it for when you're browsing the Internet or running shady/unknown programs(not that you should do that but... ) . Alternately you can try BufferZone PRO (Free) , another great virtualization software.
Sandboxie (Free/Paid) - link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.





Browser protection
You should really add a site advisor to your browser as this should help you when you're surfing the internet!
WOT (Free) - link
To help you avoid malicious sites you can use Web of Trust (WOT) a website rating browser plugin. After you add it to your browser make sure you only visit websites rated "Green" by WOT
As an optional and personal recommendation, you can give it a try to Google Chrome as this browser seems to be better against malware (exploits and malicious links) than Firefox or Internet Explorer.

When was the last time you've got a system infection?
What other security products have you tried?

 

[mattfrog]

Thank you very much for the replies, malbky and Jack! Much appreciated.

I have thought about virtualising my browser at least (does Chrome do this automatically? I heard it somewhere), I'll give Sandboxie a spin today!

Does WOT work with DuckDuckGo, as I use it as my main search engine? I'll give it a go anyway, thanks

I've never had an infection at home, at least nothing that has ever been caught! I was a Mac user at home for about 4/5 years, having only just returned to PC land. I believe I used to run Avast free with Kerio for a firewall, on XP.

Recently, I've tried Webroot Anywhere Complete as they kindly gave me a license at the InfoSec conference in London, but I didn't feel it was quite ready for prime time. Maybe another year! Also have a 90 day GDATA trial around somewhere..

I have been considering Emsisoft Antimalware, as the offer on these forums is such a good price. What do you think?

 

[Spirit]

Hi Matt, Nice security setup.
Why you want to switch eset with other av?
Emsisoft is good choice but its rather heavy and you have to use separate firewall with it.

If you are not in hurry to buy av wait for eset 6 stable version release and its review then decide.

Yes why you should add some adblocker like adfender,adblock or adblock plus

 

[Deleted member 178]

I have thought about virtualising my browser at least (does Chrome do this automatically? I heard it somewhere)

Chrome use a policy rule sandbox

I'll give Sandboxie a spin today!

Does WOT work with DuckDuckGo, as I use it as my main search engine? I'll give it a go anyway, thanks

I prefer Webutation, it include WOT and other like Norton safeweb

Recently, I've tried Webroot Anywhere Complete as they kindly gave me a license at the InfoSec conference in London, but I didn't feel it was quite ready for prime time. Maybe another year! Also have a 90 day GDATA trial around somewhere..

I have been considering Emsisoft Antimalware, as the offer on these forums is such a good price. What do you think?

Webroot is the lightest suite ever less than 2-3mb working set, it is not the best AV existing , but tweaked properly it has a decent protection.
Gdata and Emsisoft use both 2 engines, but I highly recommend EAM , i used it alongside Comodo IS and it is quite light (around 15-20mb WS unless during update, actually 9mb on my system) if set properly (check my signature)

if you want try EAM, download and install it from my personnal emsisoft link, you will help me to get a 30 days license extension

http://malwaretips.com/Thread-Reward-Emsisoft-Anti-Malware-referal-reward-program

 

[Plexx]

May I ask for what purposes you use this config?

Depending on the answer, you might want to try Avast and PF, along with EAM/Emergency kit as suggested by umbra.

 

[mattfrog]

Hi Matt, Nice security setup.
Why you want to switch eset with other av?
Emsisoft is good choice but its rather heavy and you have to use separate firewall with it.

If you are not in hurry to buy av wait for eset 6 stable version release and its review then decide.

Yes why you should add some adblocker like adfender,adblock or adblock plus

No real reason, I am more than happy with ESS (looking forward to v6 too!) I just have the "try every product" itch ;-)

I don't tend to block ads - as I like to help support the smaller sites/blogs that I visit. Is there a security benefit to blocking ads? Noscript already blocks flash from auto-loading etc.

@umbrapolaris

Could you expand on Chrome's sandboxing features please? Are you saying it only sandboxes suspicious files, not as standard?

Webroot seemed great in terms of usability, resources and support. The detection capabilities just were not sufficient to keep me calm - though I have little doubt that in a year or so's time, it will have improved tremendously!

I will try out your EMA copy very soon

@biozfear

General browsing, coding, entertainment etc. Nothing special

 

[Spirit]

No real reason, I am more than happy with ESS (looking forward to v6 too!) I just have the "try every product" itch ;-)

I don't tend to block ads - as I like to help support the smaller sites/blogs that I visit. Is there a security benefit to blocking ads? Noscript already blocks flash from auto-loading etc.

ok if you wanna try new product then you can try 30 days trial before buying any one.
Regarding ads yes sometimes they bring attack with them but if you don't want to use adblocker for a cause then its ok

 

[Deleted member 178]

There is a good thread to know how it works (even if a bit old) :

http://www.wilderssecurity.com/showthread.php?t=296413

 

[Plexx]

@biozfear

General browsing, coding, entertainment etc. Nothing special

Then give this combo a try:
Avast Free and Privatefirewall, along with EAM/Emergency kit as suggested by umbra

 

[jamescv7]

WOT works well on DuckDuckGo, actually you can tweak on how the ratings would show but using WOT addon/extension isn't a problem since it covers on the search engine.

 

[mattfrog]

WOT works well on DuckDuckGo, actually you can tweak on how the ratings would show but using WOT addon/extension isn't a problem since it covers on the search engine.

I'm liking WOT so far - and yes, great integration with DDG and others!