Rishi's Security config

[Rishi]

Login Password : Yes
System restore: ON
restore points: 1 (Latest: before Windows update)
Plugin/Browser/System updates : Qualys Browser check, Software updates: Sumo Pro
Virtualization : Shadow Defender (Main)
Sandbox: ReHIPS(Main)
Backup programs: AOMEI backupper Pro(System), fbackup(files) , PaleMoon Backup Tool
Online storage: 50 GB Mediafire + 50 GB MEGA
Secure DNS: DNSJumper(portable)
PDF/Office: Foxit Reader(Safe read mode,file net access blocked)/ Softmaker Office Free
Mediaplayer: LightAlloy(setup using MT guide)
Disaster management: Multi boot 32 Gb thumb drive with Windows, AOMEI boot media rescue disk, Hiren's bootCD.500 GB External HD
Malware Testing : Oracle VirtualBox 5.xx setup using MT guides under EMET protection on an old desktop.(Secondary)
Miscellaneous:
Safety Hygiene: Daily: WOT enabled browsing,Shadow mode Weekly: system optimization, Fortnightly: OS and browser update check, malware scans, Monthly: system backup/file backups(online storage),updating system restore points, Quarterly: change passwords.

 

[frogboy]

Make sure the backups are up to date.

 

[Deleted member 178]

Approved by Staff

Thinking about having Rollback RX and one sandbox application?

Good idea, but be careful with RX.

you have a strong config, Spybot is unnecessary, i suggest to remove it unless you love it ^^

 

[Rishi]

Spybot is basically for using IE on 2-3 outdated websites with unsigned and mixed content, but I guess the need would be eliminated if I used sandbox or something like Shadow defender/Timefreeze.

 

[DracusNarcrym]

Sandbox software (e.g. Sandboxie or the Auto-Sandbox module which is part of COMODO Antivirus/COMODO Firewall/COMODO Internet Security) are nowadays essential as very secure and usually lightweight layers of security, which also provide almost complete protection against zero-day threats and exploits, when it comes to file system protection.

System snapshot software such as Rollback Rx are generally easier and faster to use than system imaging software (see below) however they are mostly recommended for more advanced computer users, due to certain inevitable system stability issues that might arise from their misuse.

Then there's the full system virtualization software (the best of which in my opinion is Shadow Defender), which function like sandbox apps do but they virtualize your entire system, not individual applications. These are also a useful and powerful extra security layer, however if you do not expect to gain much from them (if you don't browse recklessly to malware websites or if you do not try new software all the time) then you can do without such software.

Of course, none of these security layers can compare to a full backup system image, which allows you to restore your system to the exact state it was in, at the time you created the backup. The only drawback to these obviously is that you cannot keep updating or re-creating them every hour, since they essentially "copy" your entire system every time, which might take quite some time and at the same time they require more storage space than simple system snapshots.


There are many free system imaging applications out there, but here are some notable ones:

• AOMEI Backupper Standard
• Macrium Reflect Free
• DriveImage XML (which you are already using)

And my personal favorite commercial (non-free) system imaging software:

• Acronis True Image

Sandbox software are a (theoretically) completely non-conflicting combination with any system imaging software you want to use, free or not. The same applies to full system virtualization software which, while being a great addition to your security layers, they may not show their full potential unless you are tampering with malware or performing any other tasks which would otherwise harm your computer.
However, whether you have a sandbox application or not, having a backup image of your system in a clean state is always and at all times recommended, and essential.
Lastly, when it comes to system snapshot software, although more flexible and versatile than full backup images there is generally great possibility that they may cause mild to severe issues, since most of them tamper with the system's master boot record.

I hope we here in MalwareTips can help you in maximizing your security to an overall well-rounded and efficient setup which offers solid and powerful security layers, and at the same time uses as few system resources as possible.

This text turned out way longer than I initially intended...

 

[Soulbound]

Would advise to remove Ghostery. Adblock is good enough.
As for WOT, its a community based opinion extension, wouldn't fully trust it either.

Aside from that, as mentioned already in another post, Spybot becomes irrelevant in your config. Keep it simple and you will be fine.

 

[Exterminator]

Some good suggestions already submitted.
Good config! Thanks for sharing it

 

[Rishi]

Would advise to remove Ghostery. Adblock is good enough.
As for WOT, its a community based opinion extension, wouldn't fully trust it either.

Aside from that, as mentioned already in another post, Spybot becomes irrelevant in your config. Keep it simple and you will be fine.

Actually Pale Moon being a fork and developed independently of FF is not compatible with the latest ABP , however, they have made their own extension Adblock Latitude for the same reason. I have tried Adblock Latitude,it loads slowly on my system upon browser start, hence my preference for ublock and ghostery.

 

[Rishi]

This text turned out way longer than I initially intended...

Thank you Dracus, your words are appreciated. Having read that, I am thinking of just a simple in-house compatible sandbox app now which will fit my needs. I do have a few on my mind which I have not seen here before. Time to head to the war room or request review forum?

 

[Soulbound]

Actually Pale Moon being a fork and developed independently of FF is not compatible with the latest ABP , however, they have made their own extension Adblock Latitude for the same reason. I have tried Adblock Latitude,it loads slowly on my system upon browser start, hence my preference for ublock and ghostery.

When I said Adblock, I meant the extension in general, not the specific name of addon.

In your case, uBlock on its own is more than enough.

Ghostery is basically redundant in your config or in any config for that matter. Google a bit and you will understand how it works and how it becomes irrelevant.

 

[Rishi]

When I said Adblock, I meant the extension in general, not the specific name of addon.

In your case, uBlock on its own is more than enough.

Ghostery is basically redundant in your config or in any config for that matter. Google a bit and you will understand how it works and how it becomes irrelevant.

My bad then.. sorry for misinterpreting
ublock also has inbuilt anti-tracking lists (FanBoy,EasyList) but some of them did interfere with web page rendering before I had to turn them off.
And yes you are right, I was not aware of this,or this thanks for bringing it up.

I could turn on the ublock updated lists and see if they cause same problems or use disconnect.me as an alternative? I was using disconnect.me also but it seemed like an overkill.

As of now, Spybot and Ghostery have been removed.

 

[jamescv7]

Very good configuration.

To add my input regarding to your question, that combination is actually good but rather paranoid and impractical.

Actually for safety in case of any problems occur, use RX Rollback as you can revert any changes without any complications. You may create your own copy of snapshots to your external HDD so that you can handle them well.

Sandbox is fine like Sandboxie which primarily design to test certain programs or use the browser in isolated. No need to mess any certain configuration per default.

 

[DracusNarcrym]

Thank you Dracus, your words are appreciated. Having read that, I am thinking of just a simple in-house compatible sandbox app now which will fit my needs. I do have a few on my mind which I have not seen here before. Time to head to the war room or request review forum?

No need, really. If you really want reviews just head over to YouTube - you'll actually find more tests on the software you want on YT than reviews, which is a good thing, really, as you'll get to see what each product is all about and how effective it is.

Now on to the main thing... If you'd only want a sandbox, and a pure sandbox, for intricate software installations and for functions/tasks which are more complex than regular everyday tasks, or at least more than just malware isolation, then I'd definitely recommend Sandboxie. It's just way more advanced and powerful than any other sandboxing apps (not considering the full file system virtualization software like Shadow Defender of course - we are talking about "partial" file system virtualization/sandbox software).
The other best option is the COMODO Sandbox/Auto-Sandbox which is built in to pretty much every COMODO mainline security product, by which I mean the COMODO Firewall, COMODO Internet Security, and COMODO Antivirus (and the upcoming COMODO Cloud Antivirus). This sandbox is exactly the same as Sandboxie in terms of security, however, unlike Sandboxie, COMODO Sandbox may not be able handle more complex software installations, and the like. Yet bear in mind that if it's a more complete security package that you're going for, you might want to consider the COMODO Sandbox, since it usually comes with other sweet nifty security modules, such as the magnificent HIPS (behavior blocker/host intrustion prevention system) provided by COMODO's "Defense+" component.

To sum up, if I were you I wouldn't look too far - I'd mostly consider these 2 options: Sandboxie or COMODO Sandbox (some say you can run both together, but requires medium-heavy tweaking for both of the applications. They're both equal in the level of security they provide, however the first does better with virtualizing more complex system functions, while the second comes with other powerful security modules which you may like.

That'd be all, it's up to you now if you want to ask around a little bit more in MalwareTips, in other forums, look up some more information on the web or head straight to download and try out one of these 2 applications (or others which you may find on the way).

Hope you find a suitable sandbox which you may like using.

 

[DracusNarcrym]

My bad then.. sorry for misinterpreting
ublock also has inbuilt anti-tracking lists (FanBoy,EasyList) but some of them did interfere with web page rendering before I had to turn them off.
And yes you are right, I was not aware of this,or this thanks for bringing it up.

I could turn on the ublock updated lists and see if they cause same problems or use disconnect.me as an alternative? I was using disconnect.me also but it seemed like an overkill.

As of now, Spybot and Ghostery have been removed.

Good job removing some mostly obsolete apps/add-ons there.
Ghostery, in particular, apart from the fact that its function is equally substituted by uBlock which you have installed, has been acquired by an advertising company and as such the background and the reputation of this add-on is now a matter of controversy. It's best if people stay away from it or use some caution when using it. The whole situation with Ghostery is not too serious, but then again, a privacy protection add-on developed and published by an advertising company does sound suspicious, merely based on the irony of this case.

 

[Rishi]

No need, really. If you really want reviews just head over to YouTube - you'll actually find more tests on the software you want on YT than reviews, which is a good thing, really, as you'll get to see what each product is all about and how effective it is.

Now on to the main thing... If you'd only want a sandbox, and a pure sandbox, for intricate software installations and for functions/tasks which are more complex than regular everyday tasks, or at least more than just malware isolation, then I'd definitely recommend Sandboxie. It's just way more advanced and powerful than any other sandboxing apps (not considering the full file system virtualization software like Shadow Defender of course - we are talking about "partial" file system virtualization/sandbox software).
The other best option is the COMODO Sandbox/Auto-Sandbox which is built in to pretty much every COMODO mainline security product, by which I mean the COMODO Firewall, COMODO Internet Security, and COMODO Antivirus (and the upcoming COMODO Cloud Antivirus). This sandbox is exactly the same as Sandboxie in terms of security, however, unlike Sandboxie, COMODO Sandbox may not be able handle more complex software installations, and the like. Yet bear in mind that if it's a more complete security package that you're going for, you might want to consider the COMODO Sandbox, since it usually comes with other sweet nifty security modules, such as the magnificent HIPS (behavior blocker/host intrustion prevention system) provided by COMODO's "Defense+" component.

To sum up, if I were you I wouldn't look too far - I'd mostly consider these 2 options: Sandboxie or COMODO Sandbox (some say you can run both together, but requires medium-heavy tweaking for both of the applications. They're both equal in the level of security they provide, however the first does better with virtualizing more complex system functions, while the second comes with other powerful security modules which you may like.

That'd be all, it's up to you now if you want to ask around a little bit more in MalwareTips, in other forums, look up some more information on the web or head straight to download and try out one of these 2 applications (or others which you may find on the way).

Hope you find a suitable sandbox which you may like using.

Thanks for the invaluable input,Sandboxie remains outright favourite for many I see, although this time you might have been a little too late.. heh you are welcome to participate in the discussion here,it's solely to explore other goodies and also help someone out there to redirect their cha-ching $$ to a worthy product.

 

[omidomi]

Good config

 

[Rishi]

Added:
Malwarebyte Anti-Exploit Premium, Shadow defender, Palemoon Backup Tool, iMacros extension.

Replaced: DriveImage with AOMEI backupper, disconnect extension with ublock origin(with disconnect filters), Sumatra pdf with Foxit reader.

 

[frogboy]

Some very nice changes you have made.

 

[Rishi]

Some very nice changes you have made.

Thank you. I will be making a detailed config later, the time isnt there for now, good to hear from you again.

 

[Rishi]

Added : Zemana Anti-Logger Premium