Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Bob's (updated) Computer Security Guide
New Posts  All Forums:Forum Nav:

Bob's (updated) Computer Security Guide

post #1 of 2
Thread Starter 
Hello Everyone,

Every few months I update my security guide to better reflect what is out there and to help share what I’ve learned in that time. Remember that common sense is the best defense, but having a contingency plan never hurts smile.gif. Not all of these programs are needed for every person. It is for you and you alone to decide what you feel is necessary.

I do believe that one can achieve a more than satisfactory defense through free programs alone, so this guide will mostly be in regards to those. but I will post some great pay for use programs that I feel could help anyone wanting to bolster their defenses. I will not provide every option out there, only the “better” (mostly objective, but sometimes subjective) options for use. Furthermore I will sometimes provide suitable alternatives to the recommended programs.

Alternate version of this guide that includes some recommended freeware can be found here

Breakdown of this Guide:
I. Active Defenses
II. On Demand
III. Browser Security
IV. “Hardening”
V. Maintenance Programs

Legend:
*** = highly recommended
$ = Paid (doesn’t necessarily mean that you must pay for all features)
+ = Free Detection
!!! = advanced users only (please)

BLANKET WARNING
Some of these programs display options to install toolbars, change your homepage, or download browsers during the install process. Please read all the check boxes to ensure you don’t accidentally do this. If you do please know that all changes are easily reversible, or easily uninstalled and are not malicious in any way, just annoying.


I. Active Defense
Active defense programs are the ones that are on the front line. They run in the background making sure that no malicious code is introduced into your computer, or phishing* attempts are made on you.

Antivirus
*** avast!
http://www.avast.com/index
$*** Norton Internet Security 2011
http://us.norton.com/internet-security/
With how great avast! is as a stand alone AV, one should not purchase an AV unless they are looking for a full security suite (firewall, browser security, etc.). In this case I would highly recommend Norton IS 2011. Like avast!, Norton has (in the last 2 years) completely changed the principles behind the way they develop their AV, and it has paid off with a very light but strongly protecting internet security suite.
Avira Anti-Virus
http://www.avira.com/
Microsoft Security Essentials
http://www.microsoft.com/security_essentials/


Firewall
Only use firewalls if you are not purchasing or using an internet security suite that already has one.
*** Comodo Firewall
http://personalfirewall.comodo.com/
Install the firewall only. Comodo has minimal popups, only alterting you when programs are trying to access the internet that the program has rarely seen. To ensure you have the correct firewall settings after install check these settings after right clicking on the tray icon:
Configuration --> COMODO - Firewall Security
Sandbox Security Level --> Disabled
Defense+ Security Level --> Disabled (unless you want a classical HIPS*)
Firewall Security Level --> Safe Mode
Private Firewall
http://www.privacyware.com/personal_firewall.html
$*** Outpost Firewall Pro
http://www.agnitum.com/products/outpost/
$ Online Armor Premium
http://www.online-armor.com/



Behavioral Blockers / “Second Opinion” Heuristic Analysis
Program(s) listed under this category are designed to work alongside your AV to give a second opinion about the status of your computer. They are generally light weight and use minimal resources when running.

$+*** Prevx
http://www.prevx.com/
Prevx works “in the cloud” which means most of the computation comes from their computers as opposed to yours so there are no virus database downloads and almost no system resources used for a scan. If one does not want to pay for this program they allow you to run it and use it for detection for an unlimited time. This is still recommended and invaluable because if it does find something you can usually mark it as a false positive, scan with your active protection antivirus, or use the on demand scanners I will list later to scan your computer and ensure it’s safe. Furthermore, if both your AV and prevx pop up telling you a file is not safe, chances are it really isn’t unless you know for sure otherwise. If one pays for it (which I recommend) they will get great browser protection with safe online and a great cleaning engine.


II. On Demand
Programs listed under this category constitute the programs one runs when cleaning up an attack from a malicious software, or simply every once in a while to make sure their active protection programs are finding everything.

Malware Scanners/Cleaners
*** Malwarebytes Anti-Malware
http://www.malwarebytes.org/mbam.php
*** Emsisoft Anti-Malware 5.1 (used to be called a-squared free)
http://www.emsisoft.com/en/software/download/
$+*** Hitman Pro
http://www.surfright.nl/en/home/
Like prevx, this runs in the cloud so uses minimal resources, but what makes this program great is that it scans your computer with multiple scanners at the same time, leaving virtually nothing behind.


III. Browser Security
When one imagines that most malware comes from the internet, what better thing to protect than the vessel which brings the internet to you?

Browsers
***Firefox
http://www.mozilla.com/en-US/firefox/
***Chrome
http://www.google.com/chrome

Browser Addons
note: these addons are compatible with both recommended browsers
***Web of Trust (WOT)
http://www.mywot.com/
Compiles both user and professional opinions on websites and warns you if the website is considered malicious/annoying.
***XMarks
http://www.xmarks.com/
Stores all of your passwords and bookmarks on their secure servers so they are never lost. What makes this addon great is that you can sync passwords and bookmarks across multiple browsers, and platforms, including mobile phones.

Active Browser Protection
AVG Link Scanner
http://linkscanner.avg.com/index.html
Scans Links/Websites for malicious code or software

DNS servers
The easiest way to explain DNS servers is to say that they change a websites IP into an internet address that you type into your address bar. A good DNS server will do this fast, and furthermore give you advanced abilites to filter out malicious websites and help guard against phising attempts.

*** OpenDNS
http://www.opendns.com/
Once you sign up they give you great instructions on how to install it on either your computer or router, plus their guides to setting up their parental filters or malicious website filters are great too.


IV. Hardening
Programs listed under this category help to prevent or mitigate damage done by malicious code, or simple blunders by well meaning computer “tinkerers” tongue.gif

Intrusion Prevention
!!! GesWall Freeware
http://www.gentlesecurity.com/downloads_geswall.html

Browser/Application Sandbox
!!!$*** Sandboxie
http://www.sandboxie.com/

Environmental Virtualization
These programs “copy” windows when activated so that anything done on that copy, unless specifically stated by you, gets wiped upon a restart of the computer. These programs are great for testing out the safety of software you may find questionable, or the safety of changes you may be making with more advanced security software.

$*** Returnil
http://www.returnilvirtualsystem.com/
The free version allows you to virtualize the system. The paid version allows you to save changes you want to from the virtual system to your regular system.
$*** Shadow Defender
http://www.shadowdefender.com/

Hard Disk Backup
These programs will make compressed copies of your system at the time of use so that if anything goes wrong you can bring that copy back up.
*** Paragon Backup and Recovery 2010 Advanced
http://www.paragon-software.com/home/db-express/
$*** Shadow Protect 4
http://www.storagecraft.com/shadow_protect_desktop.php
There are a number of reasons I consider this a wonderful buy. First, it allows incremental backups, which means that after it does one huge backup, all backups after simply change the files that were changed. Second, it allows you to restore a backup on another computer, so if you want to move your windows install over to another computer you can easily do it. Thirdly, you can actually mount your backup as a virtual drive and look through it in case you want to pick out any files you may have accidentally deleted.
$*** Carbonite
http://www.carbonite.com/
The best online backup. Unlimited storage space, automatic backup, and a very reasonable price.

Encryption
!!!*** TrueCrypt
http://www.truecrypt.org/
Create encrypted containers or encrypt your entire hard drive. Great for Removable Media / Laptops / Netbooks, etc. so that if you lose them no one can get any data about you from it.

Notes:
Although these aren’t programs, to help yourself please:
1) Never disable UAC
2) Have a separate Administrative and Non-Administrative Account. When installing programs you know are safe use the administrative account. For all other times use the non administrative account. This step alone can stop a good percentage of malware.


V. Maintenance Programs
These programs can be used to help maintain top working shape for your computer.
*** CCleaner
http://www.piriform.com/
Only use the registry cleaner and always chose the option to back your registry up.
*** MyDefrag 4.0
http://kessels.com/jkdefrag/
Enhancement of the windows defrag. Because of this there is virtually no chance of causing any long term problems with your computer, which can’t be said for most other defrag programs.
!!!*** autoruns
http://technet.microsoft.com/en-us/sysinternals/bb963902
Chose what starts at windows startup
Good Ol' Bob
(15 items)
 
  
CPUMotherboardGraphicsGraphics
Intel Core i7-950 ASUS P6X58D LGA 1366 EVGA GeForce GTX 470 EVGA GeForce GTX 470 
RAMHard DriveOptical DriveOS
CORSAIR XMS3 6GB (3 x 2GB) 240-Pin DDR3 1600 1TB Western Digital LG DVD-RW Windows 7 x64 Home Premium 
MonitorKeyboardPowerCase
Acer P243W 24" Logitech K200 600W NZXT Tempest 
MouseMouse PadAudio
Logitech g9x X TRAC PADS PRO Senheisser HD555 
  hide details  
Reply
Good Ol' Bob
(15 items)
 
  
CPUMotherboardGraphicsGraphics
Intel Core i7-950 ASUS P6X58D LGA 1366 EVGA GeForce GTX 470 EVGA GeForce GTX 470 
RAMHard DriveOptical DriveOS
CORSAIR XMS3 6GB (3 x 2GB) 240-Pin DDR3 1600 1TB Western Digital LG DVD-RW Windows 7 x64 Home Premium 
MonitorKeyboardPowerCase
Acer P243W 24" Logitech K200 600W NZXT Tempest 
MouseMouse PadAudio
Logitech g9x X TRAC PADS PRO Senheisser HD555 
  hide details  
Reply
post #2 of 2
I learned some more things I will try and hope improves my security. yessir.gif
     
CPUMotherboardGraphicsRAM
Intel i7 3770k @ 4.5ghz GIGABYTE GA-Z77X-UD5H Zotac 1080 gtx Samsung  
Hard DriveOSMonitorPower
Samsung 500gb SSD M$ 10 Asus ROG PG348Q Corsair 
Case
Case Labs 
CPUMotherboardGraphicsRAM
QX9650 EP45-UD3P Gygabyte XFX 5770 4x1gb Gskill  
Hard DriveOSMonitorKeyboard
Raptor Raid 0 Vista 64bit Samsung 2494 G15 v1 
PowerCaseMouse
Corsair Case Labs MX518 
CPUMotherboardRAMHard Drive
Intel i5 3570k Gigabyte H77N-Wifi GSkill 2x2gb Crucial M4 256gb 
Hard DriveOptical DriveCoolingOS
4x2tb raid Blu-ray Corsair H90 W7 Home Premium 
CaseMouseAudioAudio
Case Labs S3 Mercury Logitech MX Performance Audio Engine 5 Dayton Sub-120 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
Intel i7 3770k @ 4.5ghz GIGABYTE GA-Z77X-UD5H Zotac 1080 gtx Samsung  
Hard DriveOSMonitorPower
Samsung 500gb SSD M$ 10 Asus ROG PG348Q Corsair 
Case
Case Labs 
CPUMotherboardGraphicsRAM
QX9650 EP45-UD3P Gygabyte XFX 5770 4x1gb Gskill  
Hard DriveOSMonitorKeyboard
Raptor Raid 0 Vista 64bit Samsung 2494 G15 v1 
PowerCaseMouse
Corsair Case Labs MX518 
CPUMotherboardRAMHard Drive
Intel i5 3570k Gigabyte H77N-Wifi GSkill 2x2gb Crucial M4 256gb 
Hard DriveOptical DriveCoolingOS
4x2tb raid Blu-ray Corsair H90 W7 Home Premium 
CaseMouseAudioAudio
Case Labs S3 Mercury Logitech MX Performance Audio Engine 5 Dayton Sub-120 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Bob's (updated) Computer Security Guide