vman
-
Posts
476 -
Joined
Posts posted by vman
-
-
YES, I am :Just checking
This is what I believe to be one of the best security setups I have seen suggested and not that hard to do .
Mr Bean
Thanks. I hope you find great success with it. Please continue to follow the thread, as more security settings will be played with, in order to further tune the security of computers.
Cheers,
Vman
-
MalwareDefender
How long in learning mode?
Mr Bean
If you follow the link that i've posted, you will see that malware defender will never leave learning mode. This way, you wont get a ton of pop ups like typical HIPS applications do.
However, the rules are still set. So, once something is set to denied, even if its in learning mode, it will be denied.
Best of both worlds.
-
@woz
Next time ;)
-
;53800']Thank you very much!!
Just a quick question.
For Firewall, Comodo seems to have combined Antivirus into it.
Is there still a Standalone firewall for Comodo? or Which Comodo software do you recommend downloading?
They even have Internet Security 2011 now
Cheers.
During the installation, you can chose which add ons (ie antivirus, defense+) you want, so, during this time, you may disable the antivirus, and use just the firewall.
-
of awesomeness. lol
Alright guys, this is what i believe to be one of the best security setups, and if you disagree, well, your entitled to your opinion, as i am.
This setup is more based around the idea of NOT letting anything infect you, instead of having something there to clean up the rest.
*You do NOT have to have an antivirus running with this setup*
I would even encourage you to remove your antivirus, and have a firewall.
The way this setup works, is it prevents anything out of the ordinary from ever executing. While this setup is VERY effective, in the beginning, it can become VERY annoying. Bare in mind, the setup is more for advance users, but, if you follow the general idea of things, you will go far.
*Disclaimer*
While the setup is very powerful, I would advise you to be careful with it. You CAN potentially lock yourself out of your pc. Programs might stop working, but remember, you can always configure it the way YOU like it.
Preview
I always use this security setup, mostly on my pc, because thats the way i like it to be configured. I have yet to be infected by it, and, well, i dont have a heavy a/v running in the background, nor, do i have problems running my regular apps. It takes time. Be patient. The reward is great.
Remember, if it can never execute, you can never can infected. Thats the idea behind this setup, and, it works very, very well.
Start
To begin with, you have the option of removing your antivirus. You can go either way, because ultimately, you will have a bunch of scanners (later on in this tut), but, if in case you feel naked it without one, you may run it along side.
First off, we should clean the pc. Make sure we’re installing this setup from a clean state. You may run your antivirus, or what ever software you use. But, to make life easier, there is a nifty little tool i’ve found, that does the scanning, and checking for you. So you can run this, instead.
Download:http://avertsoftware.com/AVERT/Main/AVERT.zip
Help:http://www.avertsoftware.com/downloads.html
After you’ve scanned and cleaned everything off, we shall begin the setup.
First thing you’ll need is MalwareDefender. Not to be confused with the once rouge malware.
Download: http://dl.360safe.com/md_setup_en.exe
Now, run your computer for a few days (with caution if you’ve removed your a/v) so malware defender can learn your programs. You can also bum rush computer, and load all the programs you use.
The Setup:
http://www.wilderssecurity.com/showthread.php?t=252773
Following this thread, setup malware accordingly, and basically follow its setups. I cannot explain it any better, as the user does it as well as I can.
Now that you have your back bone of your security setup all...well...setup, we can move on to the next step. A firewall.
Now, for this, you can chose what your comfortable with, as long as its a decent firewall, you should be okay.
Here are some links to some:
Comodo: http://personalfirewall.comodo.com/free-download.html
Online Armor: http://www.online-armor.com/
Private Firewall: http://www.privacyware.com/personal_firewall.html
*Note*
Dont forget to run firewall as a trusted program in malware defender, and the same for malware defender for your firewall.
Now that you’ve got your main security setup, its all easy sailings from here.
You can probably scrape a few more security tips from this thread:
http://forums.iobit.com/showthread.php?t=1650
Some may not work, but, I’m very busy at the moment with work, so I dont have as much time as i would like to go through everything. I apologize, but, this is also why this thread took so long to make.
Sandboxie:
Download:http://www.sandboxie.com/
I never leave home without it. I have even purchased the program because I love it so much. Since I’ve bought it, I have configured the app to sandbox the following:
All browsers
All temp files
All history/cookie files
Dropped rights
Scanners:
Now, your probably saying, but, vman, you i’d be protected, why do I need scanners? Well, the software wont execute, and it wont infect you, but the malicious file is still there. Kinda like a carpet stain, its not going to kill you, it just annoys you being there.
You can use the Avert app that i’ve posted, along with your other scanners.
Here is a few:
Iobit:http://iobit.com/is360download.html
MBAM:http://www.malwarebytes.org/mbam-download.php
SAS portable:http://www.superantispyware.com/portablescanner.html
This thread will be updated a few times, I just wanted to get the main part up. Mods/Admins, feel free to contribute.
Also, credits go to the software developers, and arran for his contribution.
Check back for the updates :0) stay safe.
-
These link, along with this thread needs to be updated. I'm sure you can find a copy of the program somewhere, but why not update the thread in its entirety?
-
Beyond off topic, but, your wall paper is kinda cool. xD
-
I should update this thread...but im soooooOOoOooO lazy i cant even begin to explain lol
-
Run what and how in the xxxx do you run it. I'm sorry I'm so stupid. I'm really trying to do this.
By run it, i meant apply it. Which is near the bottom of the program. My fault, i wasn't specific enough.
-
Most of those are either addons, or on demand scanners. The main component of this security setup is ThreatFire, which is the behavior blocker, and its custom rules set to add even more protection.
Though this security Setup is somewhat outdated.
-
The scan that firefox does after you downloaded something seems rather useless. It has NEVER found anything, even when i download some of the most common spyware, a simple walk down the wild side.
In any case, if you'd like to remove the scan it does (as it sometimes freezes on big files)
Open up firefox, type in "about:config" without quotes, in the filter search scan
set the option scanwhendone or something like that to false.
No more annoying scans :)
-
*You might be required to remove, updated, or alter some settings. If you do not wish to do so, as you are satisfied with your setup, then just keep your setup as is. This is all based on MY opinion, and should not be judged in any way."
This should be done on a clean PC.
First things first. Update your computer. One simple way to keep your security checked. Update all the drivers, just make sure everything is new.
Install:http://secunia.com/PSISetup.exe
Use these to disable some common ports that malware uses to get in.
Bug off:http://majorgeeks.com/downloadget.php?id=4308&file=11&evp=0097a06a262afd71d30b307cdc5123c6
Secure it: http://sniffem.exaserve.net/Hardenit.exe
Xp antispy: http://www.xp-antispy.org/index.php/lang-en/download?func=selmirror&itemid=3
Disable the following:
Everything under Media player functions
Error reporting
Remotedesktop support
dont sync with internet time
show balloon tips
clear pagefile and shutdown
show last logged on username
autostart cd's
dont report microsoft if sys. was infected
Network crawling
Anonymous network access
avoid automatic links in network neighbourhood
Disable all updates for internet explorer
no error report through IE
Disable all the the things under services
Uninstall microsoft
disable help n support
disable search assistant
Run it, and update all the programs and what not necessary keep you safe from possible vulnerabilities.
Next, stop access to nasty websites (dont worry you can keep your special video sites"
http://www.mvps.org/winhelp2002/hosts.zip
(If your running on vista, you need to right click on the .bat file, and run it as admin.)
If your running IE, drop it. It is one of the WORST browsers available.
Firefox:http://www.mozilla.com/products/download.html?product=firefox-3.0.10&os=win&lang=en-US
Addons:
Noscript: https://addons.mozilla.org/en-US/firefox/downloads/latest/722/addon-722-latest.xpi
WOT:http://www.mywot.com/en/download/&url=ff
Adblock plus:https://addons.mozilla.org/downloads/latest/1865/adblock_plus-1.0.2.xpi
I'm sure you guys all have scanners, where it be MBAM or SAS. But keep these on hand, since the new malware coming out prevent you from running, updating, or even installing MBAM.
Dr. Web: http://www.freedrweb.com/download+cureit/
Virtualize your web browser: (Used just for browsing)
http://www.sandboxie.com/SandboxieInstall.exe
Change the settings to:
Auto delete contents
Dont migrate files larger then 1MB
Under Restrictions drop all rights
Threatfire:(Behavior blocker)
http://www.threatfire.com/download/
This is the hard part...you have to go to advance and make custom rules. In the process list, trust all security apps you use. ALL. As for the descriptions, ill leave those up to you to word it how you wish. What it effects are in ( )
Enable all the rules already there, and add the following:(copied, and pasted from Threatfire)
(Temp Files)
When any process
tries to write or create or execute|TriggerAccessFlags a file
in C:\Windows\Temporary Internet Files\|TriggerFolders
except when the source process is in the trusted process list
(System32)
When any process
tries to write or delete or create or execute|TriggerAccessFlags a file
in C:\WINDOWS\system32|TriggerFolders
except when the source process is in the trusted process list
(Start ups)
When any process
tries to write to the registry
to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|TriggerKeys
to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|TriggerValues
except when the source process is in the trusted process list
Keyboard encryption:
Keyscrambler Free:http://dw.com.com/redir?edId=3&siteId=4&oId=3000-2144_4-10571274&ontId=2144_4&spi=04fdc1c5564cd51f6d6ad98f58e2d2c9&lop=link&tag=tdw_dltext<ype=dl_dlnow&pid=11015886&mfgId=6285863&merId=6285863&pguid=-Ago2woPjAIAAB1x34AAAAAL&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-2144_4-10571274.html%3Fspi%3D04fdc1c5564cd51f6d6ad98f58e2d2c9
What this does, is encrypt EVERYTHING you type, preventing keyloggers from getting any information from you.
More coming soon.
-
*Warning*
Vman will soon be posting a new ways to protect your system, most of which are based on custom rules.
Get ready to get down and dirty.
-
Just a warning guys, be careful when using a rootkit scanner. Sometimes they come out false positives, and if you delete something important...you know the rest.
-
Pretty neat stuff...wonder if i should updated my sticky lol
-
Yep. I too have a copy of unhack me, dont know where, but i do! Its a pretty nifty app....I cant believe i just used nifty, i sound so old. =[
-
Hey, thats pretty neat. I wonder if i should update the security thread...there are some new apps out that are amazing.
-shrug-
-
No they will not. Cyberhawk is a HIPS itself, so there is no need for another one. As for paretologic, i suggest ditching it. From my experiences, it doesn't do what it says it can do, though its scans are indeed fast. Just stick with MBAM and SAS, and you'll be good.
-
A quick update...the follow apps should be downloaded and installed for another lay of protection. These apps disable even MORE unwanted stuff, making it harder for malware to get in. Also, download Harden-it for another layer. I couldn't upload it, it was a bit too big.
Keep it clean guys.
-
Check out ESET SysInspector. Gives you nice colors and all, showing you everything you need to know about your comp.
32bit: http://download.eset.com/download/sysinspector/32/ENU/SysInspector.exe
64bit: http://download.eset.com/download/sysinspector/64/ENU/SysInspector.exe
-
Can't really think of any other tune ups actually. My brain is fried. Work really sucks. So, maybe ill post a few updates tomorrow.
-
Before i begin, i just want to let you all know this tune up section is going to be junk cleaning and some minor tweaking. Might be hands on, might not not sure, I'm making this up as i go along. By the way, make sure your doing this with a "clean" pc. Its pointless trying to speed up a messed up computer.
Ccleaner/Ncleaner:
Download one or the other to rid of your internet files that you do not need. If you download ccleaner, make sure you get the slim version so there wont be a toolbar.
Toolbars:
Please, remove all unneeded toolbars. I never understood why people have so many, keep only the necessary ones. Please.
Start ups:
Every time i go over to a friends for a check up, i notice hoards of stuff on their start up. Removing these increases both the speed of your computer and its start up time. To edit the start up items do the following:
Start-> run-> msconfig->start up tab.
Services:
Now the list i am going to give you can/might interfere with your computing. Some of you might be able to disable all, some only just a few but either way, that one thing less. Be careful in disabling these. If you do not know what your doing, your better off putting them on manual ( Just in case)
Edit services: Go to start -> right click my computer -> manage -> services and applications
-> services.
Alerter service
Clipbook service
Computer Browser
DNS Client
Fax Service
Indexing Service
Messenger service
Plug and Play
Remote Registry Service
Security Accounts Manager
Smart Card
Smart Card Helper
TCP/IP NetBIOS Helper
Telephony Service
Defragging:
Fragmented files slow down the pc, use IObits smart defrag or JKdefrag.
Registry's:
Cleaning up and removing unneeded registry entries can give you less crashes. Un-removed entries causes lots of problems. One can use AWC for this.
Hibernation:
Most people dont even use this, especially desktop users. Keeping it around is pointless. So, remove it. Start-> control panel-> power options -> hibernate tab and uncheck it.
System Restore:
Dont get me wrong, system restore is an essential, but its also a threat. Malware developers now infect system restore as well, so turn down the amount of space it takes.
Start- right click my computer- properties- system restore- bring it down to 1-3%
Recyle Bin:
Having recycle bin set up to high is useless as well. Right click on it, go to properties, and decrease the amount from the 100 to about 10%. One can use a file recovery is the file is deleted accidentally, so no worries.
Removing removed files:
Well, when you remove a file from recycle bin, its still there. It can be recovered which can be a threat. If you use Ncleaner, all you have to do is remove use the option and it'll remove all the removed files for you, saving you extra MB possibly GB.
Uninstalling:
When you uninstall a program, its remains are still there. Use Revo uninstaller to get rid of everything, a complete, and free uninstaller.
Internet Tune ups:
FIREFOX USERS!
Use this as a quick and easy way to speed up firefox.
1) Open browser
2) In the address bar type in "about:config" without quotes
3)Promise Firefox you'll be careful (new version)
4) In the filter bar type in pipeline
5) Change these to options to TRUE:
network.http.pipelining
network.http.proxy.pipelining
6) Change this "network.http.pipelining.maxrequests" into a number like 15
Basically it increases the connections
7) Clear the filter, click on the screen, Select New -> Integer-> nglayout.initialpaint.delay
as the name and 0 for the value.
This puts delays to zero.
These are just off the top of my head, more coming as well as LINKS!
-
Yup yup. Wow, im totally lagging the tune ups aren't I? lol i keep starting and forgetting... :(
Well, ill try to put it up tomorrow. Later guys.
-
Just a heads up guys, check out AnVir task manager. It shows you all the running process and tells you if they're dangerous or not. Pretty cool and FREE.
The Security Setup Thread
in Other Software Programs
Posted
The link seems to work fine on my end.