What is a Basic Security Setup?

[Kate_L]

Hello, after talking with some friends that also work in computer security, I wanna ask you guys what do you think about the "basic security", in past you only needed a decent AV now I feel like you need more then just an antivirus. I feel like now you need: AV, Adblocker, sandbox or something similar (shadow defender, toolwiz time freeze). What are your thoughts ?

 

[OneDay]

When I was a little bit inexperienced in the beggining, I thought too that an AV would protect me, not 100%, but it would do the job. Now that I've grown up I think, all this has changed. In my opinion (and more advanced users than me, like Umbra and hjlbx, would agree) that a basic security setup should consist of anti-executable/application whitelisting software, an anti-exploit solution and a good firewall. That's all. Maybe light virtualization would also do, but I don't really think that it'd be a good idea for regular users.

 

[sonylxn]

err.. i don't think sandbox and virtualization count as basic
i'm a pretty basic user and i don't need that

 

[Exterminator]

When I was a little bit inexperienced in the beggining, I thought too that an AV would protect me, not 100%, but it would do the job. Now that I've grown up I think, all this has changed. In my opinion (and more advanced users than me, like Umbra and hjlbx, would agree) that a basic security setup should consist of anti-executable/application whitelisting software, an anti-exploit solution and a good firewall. That's all. Maybe light virtualization would also do, but I don't really think that it'd be a good idea for regular users.

I would have to agree with this also although I still like to have an AV program also.I think @illumination would be another member to consult on this topic as he is constantly testing new and different configurations.
Basic configuration with a sandbox and or virtualization would require the user to be a more advanced user.

 

[sinu]

When it comes to protection it is not the detection rate of AV but how the AV keeps your PC without infection at this point Comodo internet security does the job i can tell you that Comodo's detection rate is very low but it will not allow any infection to enter into your PC because of it's sandbox and Defence+ features.
if you are testing on malware it is better to have CIS it's a great choice.

 

[Enju]

The only thing you actually need is Brain version 2.0 and a up to date system. Most of the infections basic users catch are either adware (because they install everything and don't read the installers) or trojans/rootkits through opening every e-Mail attachment they receive. The chances of getting anything via exploits are very slim for your average user since nobody would waste a zero day exploit for a few randoms without knowing what they would get in exchange.

 

[illumination]

It really depends on your uses and habits as to what level of security you should have.. I consider Basic Security needed for those that only surf a couple sites daily, check their emails ect.. This would consist of a decent AV, an Ad blocker, and a couple different forms of back up of system and personal files... The chances of getting hit with an infection just lightly surfing are very slim, and the back ups would be your fail safe should the AV not be able to catch anything you may encounter. This type of set up should be recommended to novices as a bare minimum.

Now if you use your system to test in a VM, or you game, visit dodgy sites, constantly research in unknown territory, then you may want to consider layering that systems security. I have been testing the combo of anti executable software with a decent AV as well as a custom set ad blocker. I game and use Team Speak, and research almost non stop when online in unknown areas and every once in a while use a VM for testing applications and malware.. Because it is a gaming machine, i want to keep my config as light as possible, with the least amount of intrusive pop ups from the security, while maintaining a hardened system at the same time. This form of set up im testing for myself i would consider Moderate Security, and is indeed still backed up by system and personal external backups..

Anything more then this, i would consider Extreme Security, and only needed in a business environment, corporation's ect, where the chances are you would be more seriously targeted.

 

[frogboy]

@illumination makes a good point about having some system backups handy.

And maybe some virtualization software as well.

 

[Ink]

You have to start from scratch, there's no point in having an Antivirus if, for example;
- you're using a vulnerable OS (ie. no security patches, open to exploits, non-supported XP)
- your Router is vulnerable (ie. old firmware and firewall disabled)
- other devices are not protected (ie. Antivirus for Android, rooted iPhone)

IMO, all the basics need to be covered, before setting up a Basic Security Setup.

 

[Deleted member 2913]

For me basic security is for novices/average users... decent/good security... none to near none input from users.

So for me basic security/realtime security ---
Windows Firewall
Antivirus
Adblocker
Unchecky

 

[Tani]

To me the most basic security setup can be windows defender, windows firewall & an adblocker in your browser.

 

[hjlbx]

No.

Basic Setup should be: Anti-Executable + Light Virtualization + Outbound Firewall Notifications.

The only security soft that currently offers this basic functionality in one unified package = Comodo.

User can cobble together effective basic setup using:

• AppGuard or NoVirusThanks Exe Radar Pro or VooDooShield
• Shadow Defender or Sandboxie
• BiniSoft Windows Firewall Control

 

[LahiruRajinda]

If I want basic protection, I would choose a light weight AV & Windows Firewall Controller.
Adblock is a must.

 

[JakeXPMan]

I voted NO, but for me its pretty close to yes.

The AV with an Adblock is Basic first step security, more then that goes into the Medium security level.
A sandbox adds a whole extra layer of defense, which is better then basic IMHO.

 

[hjlbx]

My experience with Windows Defender has not been so good. On one W8.1 system when it detected a malicious file the removal process got hung up and never did quarantine the file.

Windows Defender, like all other security softs, can be buggy on some systems.

In W10 - since it has added functionality and protections - it is probably sufficient for those users that are safe web surfers...

 

[ExploitBlocker10]

Instead of a sandbox I would implement a exploit blocker. Honestly I consider a sandbox more of a paranoia security measure as long as you know what your clicking on the web. Now if your a unexpereienced user that goes to weird sites and downloads a lot of crap then maybe you do need a sandbox it all depends on the user.

 

[hjlbx]

Instead of a sandbox I would implement a exploit blocker. Honestly I consider a sandbox more of a paranoia security measure as long as you know what your clicking on the web. Now if your a unexpereienced user that goes to weird sites and downloads a lot of crap then maybe you do need a sandbox it all depends on the user.

You are partially correct about virtualization... typically it is most valuable during high-risk computing. But what about the unexpected that happens during surfing - like malware delivered via CDN servers and drive-by downloads ?

Virtualization is not so paranoid even for quite safe user...

 

[Chromatinfish 123]

This is what I would put on my moms computer: the simplest of the simple:

-Anti-Exploit
-Adblock
-A regular AV (ESET is installed for her)

This is what I use on mine:

-A regular AV (ESET)
-AdGuard (also blocks executable files from downloading enabled)
-MalwareBytes
-Sandboxie
-VirtualBox (only for using Ubuntu applications)
-Anti-Exploit
- Open safe files after downloading turned OFF.

 

[ExploitBlocker10]

This is what I would put on my moms computer: the simplest of the simple:

-Anti-Exploit
-Adblock
-A regular AV (ESET is installed for her)

This is what I use on mine:

-A regular AV (ESET)
-AdGuard (also blocks executable files from downloading enabled)
-MalwareBytes
-Sandboxie
-VirtualBox (only for using Ubuntu applications)
-Anti-Exploit
- Open safe files after downloading turned OFF.

Set any plugins to click to play as well

 

[Chromatinfish 123]

Set any plugins to click to play as well

Yes I do that actually