A Definitive Security Setup?

OK, I know the very nature of this premise will generate many "no such thing" arguments, but humor me...

I've used lots of different set ups when it comes to my systems over the years. Everything from standard Windows based security, to all-in-one Norton, to my current setup which is an Avast Pro/Outpost Firewall.

But to quite honest, I'm still not satisfied. Believe me when I tell you I am VERY careful as to what sites are visited on this particular computer (since it's my work station) yet I still get the occasional Virus/Trojan installing itself on my system, no matter how hard I seem to try.

So, if I wanted to keep my system on a virtual state of "lock-down," what Real Time Protection/Firewall for 2010 should I invest in? Money is no object to me when it comes to this area.

I'm sure the Major Geeks staff doesn't run into the types of problems I'm having over the years when it comes to dealing with Mal-ware, so I'm curious as to what setup they actually run/suggestion.

Thanks!

 

what about using Steady State from Microsoft... at reboot the system reverts to the way the computer was the time before...

 

Have you ever tried SpywareBlaster.

 

Do your surfing from a user account with limited privileges. Only use the administrator's account for updates.

Most malware requires admin privilege to install.

Only download from here at MG, and Microsoft, this is what I tell my students. Yes, there are many other safe download sites, but I know these two are safe, the others, not so sure.

 

I agree with brandypeppy in regards to surfing without admin privileges for starters!!! As to a 'definitive security setup' this is what I do, Avast A/V, PCTools FW and SpywareBlaster which was mentioned above. I go all over the place and only got hit once since I can remember, back to 2K2. As it was, it was an attempted hit/download/install and all I had to do was to kill the tab in the browser and the issue went bye-bye.

Oh, you are completely right about the possibility of having a leak proof setup unless you can white list each and every site your job requires you to visit. From the sounds of it, that won't likely happen. Best thing to have is an image of your hard drive as it was when it was clean and then just restore the image when you have to. Don't forget to make a new image whenever there are updates or you make changes. There will always be something that will get you, just plan for the worst and hope for the best.

 

I agree with all of the above. Additionally, WOT is a good add-on for Firefox, Chrome, IE. One can see the reliability of websites and companies.

http://majorgeeks.com/downloads5.html Scroll down to "WOT" for IE and Firefox.

 

Thanks for the tips everyone! Very useful

While moving away from the "definitive" setup, my next step is to figure out what the "last, best hope" setup would be moving forward. I may not be able to build a impenetrable wall, but I sure as hell intend to try

As I said, right now I'm running Outpost Firewall and Avast Pro as my Realtime Protection. I use MalwareBytes, SuperSpyware, Spybody, etc for on-demand scanning. However, my intent is to not try and eliminate security breaches all together (although that would be nice) but to cut them down overall.

So, is there a better Firewall/Realtime combo than my current setup? I am willing to invest up to a couple hunderd dollars a piece for extra security. I feel it's worth my money now to save me time later.

Thanks!

 

Might take a look at Sandboxie.

PC Tools ThreatFire isn't a big favorite but I've been using it, along side Avast, for quite some time to plug those holes that could occasionally crop up out of no where. It normally uses between 8MB-9MB of ram. It's never caused me any problems and it hasn't let anything get a foot hold either. It works as advertised.

A couple of articles about Threatfire at About.com and PCWorld.com. This page has some updated info.

 

I'll check that out. Thanks!

What about the old standards like Malware Bytes? I know it has a real time protection option when you purchase the full version. Is that worth investing in?

Also, what if I go for the all-in-one, like Norton Security. I've used it before and I know it gets a bad rep. But to be honest, I don't seem to have that much extra protection by breaking up my Real Time/Firewall combo separately.

Any thoughts?

 

UPDATE:

Just to further touch on my point above, what about BitDefender Total Security? It rated in the top ten for 2010 (and its antivirus ranked number 1 in many areas). It seems to have a high level of protection in just about every area and seems to have a great all-in-one solution.

Now, I'm not set on an all-in-one solution persay. I'll go for what works best, even if that means breaking them up.

Any thoughts on this?

 

All of the suggestions made by everyone are excellent and each one is piece of the whole pie in your security set up, just as your firewall and AV/AS is.

I believe MalwareByte's paid version is worth the investment and if you choose that route, it would be a bad idea to use Threatfire I think. Personally, I'm not one for an all-in-one security set up. If I had to buy one though, it would probably be either ESET Smart Security 4 or avast! internet security.

The layered method is my preferred approach. That way, what one vender's definition of malware misses the next may well catch. An over lapping of definitions, so to speak. You're reducing or eliminating(if possible) the gaps in coverage. That's one of the reasons I like Threatfire, it's very good at filling those gaps. The trick, from what I can tell, is finding the proper security applications that play well with each other as well as what ever else is installed on the given machine and not put it into crawl mode.

It's been said many times in the threads here by many knowledgeable folks that "what works for one person doesn't necessarily work well for the next." Since your machine seems to be working properly, implementing the suggestions of the others and choosing between MalwareBytes or Threatfire should set you up pretty well.

Lastly, and no offense meant here, the operator is the biggest security risk.

EDIT: Don't know about BitDefender, never tried it. The only way to know which all-in-one app. is best for you, is to install it, try it for a while, un-install that one and try the next for a while and so on. A bit of a chore but necessary.

 

I'm not big on all-in-one either but they seem to be getting the highest reviews from the various online tech sites.

Also, ZONEALARM is the only other all-in-one that scores even higher than Bit-defender.

Here are the comparisons: http://internet-security-suite-review.toptenreviews.com/premium-security-suites/

 

I have ZoneAlarm Internet Security Suite on my personal computer, has a one way vault for encryption too.

 

I don't know. Im still leaning toward Bitdefender Total Security. Any one use it before?

 

Something to check out if you haven't already.

Matousec Firewall Challenge - Introduction

Matousec Firewall Challenge - Results

 

I personally have been using Comodo Internet Security for a few years now, and have never had an issue. It has realtime/resident AV, firewall, "Defense+" which blocks changes to the registry, etc. without your permission, sandbox, etc. The free version more than suits me, but they have a paid version as well. 64 and 32 bit versions are available.

 

One could also look at this issue from a different perspective. Of course the layered approach is to be encouraged but how about.

1. Browsing from a Linux Live cd which resides entirely in the system's ram.
or
2. Using a Virtual Machine to browse.

In both cases you could save data, etc which could either be copied to usb/thumb drive or directly to your existing partitions with Linux and to a shared folder on the host with a VM.

The VM has the advantage that you would run it from within your existing o/s installation.

The principles are very similar to Sandboxie (the prog) ie running any prog within a sandbox.

The prime advantage to both Linux and VM is that everything would be sandboxed and could not spill onto your system and when Linux or the VM are closed any nasties disappear as well.

Good Luck

 

Well, I'm currently running Avast Antivirus protection and I see they have a full Internet Suite: Antivirus, Antispyway, Firewall, Sandbox (which is new to me) and Silent Gaming Mode. Looks like it has everything I would need in a brand I recognize (Avast has been recommend to me by Major Geeks before).

Heres the link to the features for your review http://www.avast.com/internet-security

 

UPDATE:

Unless I can see a good reason, I think Avast Security Suite is going to be the way to go. However, this will cause an issue elswhere.

I'm currently running Outpost Firewall Pro which has a great IE feature. You can set it to create a profile for a certain site so NONE of the ads on that site will load when you visit it (IE: pop-ups, embedded videos, etc).

I'll be loosing that feature since I'm changing apps. Can anyone recommend a good add-on for IE that does the same thing?

Thanks!

 

Not for IE, but Firefox has loads of them, AdBlockPlus and FlashBlock, are 2 that I use.

 

http://www.emsisoft.com/en/
These folks bought Online Armor, the best firewall I have used, and their Anti-Malware A/V is rated up top. I don't pay for protection usually, but would definitely consider this if looking at the market. Would run it on one PC for secure things like banking, and apps that I use on Windows, and browse the web with another PC, or using Linux on a dual boot machine.