Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this security setup good enough ?


  • Please log in to reply
20 replies to this topic

#1 Daniel_Boringcliffe

Daniel_Boringcliffe

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere deep in the heart of Europe
  • Local time:02:54 AM

Posted 24 June 2017 - 11:47 AM

I am using: 

 

Windows 10 pro x64, UAC max, smartscreen on, win firewall on, updates auto

 

 

real time protection : 

 

 

Avast free antivirus - hardened mode, pup detection, high sensitivity, the rest is default  

 

Zemana antimalware - real time protection on, cloud on

 

malwarebytes anti exploit free

 

 

standalone scanners ( I scan once a week) :

 

 

HitmanPro free version

 

AdwCleaner

 

Malwarebytes anti malware free

 

 

 

As for browsers - I use Edge, smartscreen turned on and mbae is protecting it, I like its interface and smooth animations and I think it is secure enough .. or is it ? :D 

 

Edge add ons : uBlock Origin with a lot of filters and a few hosts files 

 

 

My wifi router has a strong password and wifi is hidden ( SSID streaming  off )  and I am using openDNS with malware and spyware protection

 

​---

 

This is my home computer and I usually use it for gaming

 

I'd like to know if this security setup is good enough and your opinions about it. Should I add something or should I stop using Edge and move to Firefox or Chrome ? Actually I was using Firefox for a long time but I think Mozilla is far behind other browser vendors in security, Firefox doesn't even have full sandboxing implemented and I've also tried Chrome but I didn't like it  much.  

Also, is Edge safe against exploits and other 0-day attacks with this setup? I've researched this a bit but haven't found much except Eset saying it had no exploits in the wild in 2016.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


Edited by Daniel_Boringcliffe, 24 June 2017 - 11:53 AM.


BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:09:54 PM

Posted 24 June 2017 - 12:08 PM

Your setup is, in my opinion, not only "adequate" but "overkill" (but the kind of overkill that, if it makes you feel better, is absolutely fine).

 

If you are not someone who succumbs to "Ooooooh, shiny!!" syndrome when it comes to clicking on unknown pop ups, questionable links, or the like and does not respond to cold calls telling you that there's a problem with your computer and technical support needs to have remote access I cannot imagine an instance where you're likely to get any sort of infection.

 

Whether people want to believe it or not, most infections are invited in by user action.   From what you've described here you've created a very robust "immune system" for your computer and you are unlikely to contract anything against which it will be necessary.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#3 Daniel_Boringcliffe

Daniel_Boringcliffe
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere deep in the heart of Europe
  • Local time:02:54 AM

Posted 24 June 2017 - 12:13 PM

Your setup is, in my opinion, not only "adequate" but "overkill" (but the kind of overkill that, if it makes you feel better, is absolutely fine).

 

If you are not someone who succumbs to "Ooooooh, shiny!!" syndrome when it comes to clicking on unknown pop ups, questionable links, or the like and does not respond to cold calls telling you that there's a problem with your computer and technical support needs to have remote access I cannot imagine an instance where you're likely to get any sort of infection.

 

Whether people want to believe it or not, most infections are invited in by user action.   From what you've described here you've created a very robust "immune system" for your computer and you are unlikely to contract anything against which it will be necessary.

 

Thanks for the answer.

 

I am a bit paranoid in fact, so no clicking on popups, actually no popups are in there at all thanks to many filters in ublock. Also do you know something about Edge's defenses against 0-day exploits ? Because I haven't found much on other forums.  


Edited by Daniel_Boringcliffe, 24 June 2017 - 12:37 PM.


#4 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:09:54 PM

Posted 24 June 2017 - 01:12 PM

No, I don't, specifically.

 

I suggest what has been written on these forums by member quietman7 on zero-day exploits in general.  There's not an awful lot that one can do with regard to these and you won't encounter them at all often.  You just have to hope that your shields know about them before you encounter them.  I've never been hit with one and I've been cruising the web, with only moderate caution [I am not paranoid, but I'm not stupid, either], for over three decades now.

 

It's really a waste of mental energy to get caught up in trying to prevent the remotely possible.  A better way is to focus on avoiding the probable.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#5 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:04:54 AM

Posted 24 June 2017 - 03:30 PM

If you also add to your routine relatively regular back-ups, you'd be pretty much golden in terms of security in just about any case.:thumbup2:

Also...nice nickname...:lmao:

I+prever+him+as+rad+cliff+_864cd7bcb33e0



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:54 PM

Posted 25 June 2017 - 06:49 AM

No single product is 100% foolproof and can prevent, detect and remove all threats at any given time.

Security is all about layers and not depending on any one solution, technology or approach to protect yourself from cyber-criminals. The most important layer is you...the first and last line of defense. Unfortunately, it has been proven time and again that the user is a more substantial factor (weakest link) in security than the architecture of the operating system or installed protection software. Cyber-criminals succeed because they take advantage of human weaknesses...relying heavily on social engineering to exploit the the weakest link in the security chain.

No amount of security software is going to defend against today's sophisticated malware writers for those who do not practice safe computing and stay informed.

Thus, a multi-layered defense using an anti-malware and anti-exploit solution to supplement your anti-virus combined with common sense and following Best Practices for Safe Computing provides the most complete protection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 dantose

dantose

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 27 June 2017 - 07:18 PM

 

 

My wifi router has a strong password and wifi is hidden ( SSID streaming  off )  and I am using openDNS with malware and spyware protection

 

 

Strong password is good, disabling SSID broadcast is a myth. Changing the SSID name is good practice though. 

 

Also, make sure you are using WPA with AES only, and turn off WPS and UPnP.



#8 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 PM

Posted 27 June 2017 - 07:20 PM

See this router security checklist -

 

http://routersecurity.org/checklist.php



#9 Daniel_Boringcliffe

Daniel_Boringcliffe
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere deep in the heart of Europe
  • Local time:02:54 AM

Posted 28 June 2017 - 12:42 AM

Thanks guys, so I changed my SSID name, turned on wpa2 with strong password, disabled ping requests from wan and lan and blocked ports 137,138,139,445 in my windows firewall and disabled universal plug and play

 

Should I change something else or is this enough ? 


Edited by Daniel_Boringcliffe, 28 June 2017 - 12:43 AM.


#10 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 PM

Posted 28 June 2017 - 12:45 AM

Now you might want to test for open ports...

 

Shields UP! -

 

https://grc.com/x/ne.dll?bh0bkyd2

 

 

SG Security Scan -

 

http://www.speedguide.net/scan.php



#11 Daniel_Boringcliffe

Daniel_Boringcliffe
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere deep in the heart of Europe
  • Local time:02:54 AM

Posted 28 June 2017 - 06:44 AM

Now you might want to test for open ports...

 

Shields UP! -

 

https://grc.com/x/ne.dll?bh0bkyd2

 

 

SG Security Scan -

 

http://www.speedguide.net/scan.php

I ran all the tests and it says that all of my ports are stealthed so I assume that  my network is configured correctly. Thanks for the links by the way.


Edited by Daniel_Boringcliffe, 28 June 2017 - 06:44 AM.


#12 AKS96

AKS96

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 28 June 2017 - 07:55 PM

In my opinion, you should remove Zemana as malwarebytes and avast should be good enough for your needs. You also mention that you game, so it would probably speed up your games if you disable / remove it.



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:54 PM

Posted 28 June 2017 - 08:12 PM

OP is using Zemana for real-time protection. Malwarebytes Anti-Malware free is being used as a standalone scanner so it offers no real-time protection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Daniel_Boringcliffe

Daniel_Boringcliffe
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere deep in the heart of Europe
  • Local time:02:54 AM

Posted 06 July 2017 - 10:44 AM

Alright, thanks for your answers guys.

After a few days of digging through the internet, I've changed my setup a bit and added a few things. Here's my current and probably final setup:

 

Win10 x64 auto update, UAC max, smartscreen block, win firewall - on, standard rules with few ports permanently blocked: 137 138 139 445 135 3389 5000 1900 | - these ports are quite useless unless you're using wireless printers and can be exploited badly.

 

RTP: Zemana Antimalware (recommended for newbies), Malwarebytes Anti Exploit (recommended if you do not want your browser and computer to be destroyed by shady hackers),

 

Windows Defender (yup, I know it's quite a poor AV but it is enough if you're not downloading much crap and using antimalware), I've forced Cloud scanning and PUP detection (YES, WD can detect PUPs) http://www.thewindowsclub.com/harden-windows-defender-highest-levels-windows-10 - some simple stuff I modified

 

http://www.amtso.org/feature-settings-check-potentially-unwanted-applications/ - to check if WD is detecting PUPs (assuming you want to enable PUP detection which you should if you're using WD)

 

.. if PUP detection is not working : http://www.winhelponline.com/blog/defender-enable-pua-pup-adware-protection/#method1 | https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus

 

** also add registry key via regedit in this location : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender

 

Value: PUAProtection

Data: 1 enables PUA protection | 0 disables protection

 

..and then restart real-time protection in win defender and reboot computer just to be sure

 

Why do I use this "crappy AV" ? 

https://twitter.com/taviso/status/676799692936581120 - Some of Google's hackers recommend it 

https://twitter.com/taviso/status/647408764505579520 - another post by the same guy 

https://www.bleepingcomputer.com/news/security/former-mozilla-engineer-disable-your-antivirus-software-except-microsofts/

http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html

 

Basically, pretty much all popular AVs except windows defender are opening a lot of new attack vectors because of their poorly written code, bugs, shady practices, etc. Besides, if you're not completely nuts, like responding to emails sent to you by "Nigerian princes", clicking on questionable pop-ups and downloading a lot of crap then you are good to go with windows defender. 11/10 Microsoft employees recommend it as well  :lmao:

 

 

---

standalone scanners : ESET online scanner, Malwarebytes Antimalware, HitmanPro, AdwCleaner

I sometimes check VirusTotal results of my running programs via procexp

I run CCleaner once in a while and I have Cryptoprevent

 

My Windows tweaks : I disabled SMBv1*** - wannacry spread through this, disable it http://www.thewindowsclub.com/disable-smb1-windows, disabled autorun - a good idea if you're inserting foreign USB drives into your computer

 

My browser : Chrome, in chrome://flags I enabled appcontainer.

 

 Chrome extensions : 1. uBlock Origin with approximately 230 000 total filtered domains, sites, IPs and in medium mode (block 3rd party frames (stops  some drive-by downloads))

                                    to verify if you're protected against drive-by downloads / exploits:

 

                                      - http://www.amtso.org/feature-settings-check-drive-by-download/ - this should trigger your AV

 

                                   2.  Scriptsafe with browser spoofing ( sites think I'm using Macintosh with Firefox )  to verify : https://browserleaks.com/webgl

                                                                                                                                     

                                   3.  Stylish (because Google's search page looks too ugly for me)

 

I've disabled 3rd party cookies in Chrome and I've got a nice theme (yes, security related, kitty protects my computer against shady hackers)                                                          https://chrome.google.com/webstore/detail/blackcattheme/niedcneicdfaoonejeaklaplkoenfijp  

                                                                                                                                             

I've also got Cryptoprevent and Sandboxie

 

My router settings : default, except : SSID streaming off, changed wifi SSID, approximately 50 characters long wifi password, 15 characters long settings password, openDNS, disabled ping requests from both wan and lan

 

...Totally not overkill.


Edited by Daniel_Boringcliffe, 06 July 2017 - 03:11 PM.


#15 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:04:54 AM

Posted 06 July 2017 - 10:49 AM

...and in the end you find a random USB flash-drive in the middle of a parking lot. Take it home. Put it in your PC. And it unloads a thousand different viruses onto your computer.:lmao:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users