What security setup do you have?

[ccatlett1984]

I run symantec end point protection on my win7 boxes, but i also have an "IP-COP" firewall protecting my network from the outside and my wifi network is segregated from the wired one. All traffic on the wifi passes through the firewall as if it was from the internet.

 

[DJG]

LMFAO...eset says the comodo leak test is a trojan... how the hell did you even able to download it? (unless you're not using eset =D) oh god you're in big trouble with your current protection LMFAO.

basically comodo leak test is a virus simulator that test if the OS can be infected with the different methods a virus uses...

but eset doesnt even allow it to land on my hard drive =D so I guess I get 340/340? LOL

so yea eset FTW...

Can you please explain to me what kind of trojan the Comodo leak test is, and how it's a threat? AFAIK it doesn't simulate any viruses, at least the one I downloaded. Thanks!

 

[Mercurial]

okay well as long as you're LYFAO it shouldn't matter
yup weaker,due to patchguard it makes a world of difference to anything which heavily depended on kernel patching.
read up instead of rofling:sarc:

huh what? patch guard ? did I miss something? Please elaborate =)...

and oh I'm just a happy person... and you make me laugh... so yea

LMFAO ROFL LOFL. :roflmao:

@ DJG
I mean the test itself is how a (trojan)virus attacks your OS... but the leak test is not a real (trojan)virus... it just runs like one and it will check if the malicious functions it did were successful then deducts your overall score...and because of that code in it, eset detected it.... theres nothing to worry about... and I downloaded the 5 test thing from here Firewall Test for Computer Security is a Free Personal Firewall Test

its not a threat but its good that you're anti-virus doesn't even let it in your doors... or else other threats will go in the same way =)

 

[AllMac]

Avira AntiVir Personal - Free Antivirus
Windows Firewall
Windows Defender
UAC OFF

 

[darkassain]

Can you please explain to me what kind of trojan the Comodo leak test is, and how it's a threat? AFAIK it doesn't simulate any viruses, at least the one I downloaded. Thanks!

from what i can see it detected it with heuristics (meaning that by using a very educated guess it thinks its something bad)...

huh what? patch guard ? did I miss something? Please elaborate =)...

Windows Vista Security : An Introduction to Kernel Patch Protection
that good read...

and oh I'm just a happy person... and you make me laugh... so yea

LMFAO ROFL LOFL. :roflmao:

:roflmao:
as am i...

@ DJG
I mean the test itself is how a (trojan)virus attacks your OS... but the leak test is not a real (trojan)virus... it just runs like one and it will check if the malicious functions it did were successful then deducts your overall score...and because of that code in it, eset detected it.... theres nothing to worry about... and I downloaded the 5 test thing from here Firewall Test for Computer Security is a Free Personal Firewall Test

its not a threat but its good that you're anti-virus doesn't even let it in your doors... or else other threats will go in the same way =)

the thing is we are not testing your antivir but your firewall...
its good that ESET detected it but what if one virus does slip thorough...(trust me all of them trip up once in a while)
that is where your firewall comes in....
and if your firewall is not setup correctly the it will let pther malware get in...
this is good example (this was one of the first leaktest software created)
and one of first "Intrusion Protection" packages to block it...

I have two problems with this: First, any good firewall will prevent external intrusion. PERIOD. So why would there be a successful external intrusion attempt that was able to reach some software running in your computer in the first place? The truth is, if you don't allow a Trojan to get into your machine then even a PC *without* a firewall is completely safe against external attacks. It's not as if any computer can somehow be "penetrated" by aiming a sharp pointy Internet packet at it unless you have a firewall. That's just not the case. In my opinion, the threat from "internal extrusion" of personal and private information (something inside connecting outside) is actually much greater than from "external intrusion". Sure, PCs on the Internet are being scanned all the time, but so what? There's no way for them to get in — even without any firewall on a properly configured machine. Being "Stealth" is cool, but *any* firewall does that for you.

 

[MadMax]

well acording to what i know there are api's which make it able to secure the kernel without such patching (and as you with every bug there is a possibility of exploit)...
it might be weaker protection but it is better than nothing...
to me kernel patching is bad thing (coming at this from the a security and stability standpoint) because your are messing with the core of windows itself and any bug in their kernel drivers can cause massive consequences...
sophos was even quoted saying

Symantec and McAfee 'should have prepared better' for Vista - V3.co.uk - formerly vnunet.com

and the corporate edition of symantec's antivirus has not been using KPP for some time now (which i used to use for some time now, when i was in HS and for a while in college)...

okay I didn't really get the first part but I' guessing you're reffering to the APIs MS put out for security products? or was it something else? omg....
anywho problem is that patchgurd can be bypassed by any malware author,irony is that a legit company can't do that.not the biggest of deals unless you're only dependant on HIPS alone.
I'm not taking any stand on kernel patching but almost every(if not all) anti malware products used it,specially HIPS applications,well HIPS kinda need it since they stop threats at runtime,so just imagine if something hooks the kernel the security product can't do shii bout it cuz its locked out of the kernel.so there is a bit of an issue there.
lol yeah read that before.haven't used symantec in 6 or moar years

 

[Dinesh]

Well as far as my experience, MSE is still a work in progress, norton is dumb, avg sucks, trend micro is a failure, avast doesn't have a complete 64bit mode, eset smart security firewall blocks my internet and file sharing many times and never tried panda and f-secure AV.

Whereas, Kaspersky is a good product, mcafee is just ok, Eset NOD32 4 AV is a solid protection. I guess i will go with ESET NOD32 FTW.

 

[darkassain]

okay I didn't really get the first part but I' guessing you're reffering to the APIs MS put out for security products? or was it something else? omg....

sorry wrote in the wrong section...
here is like it should have been..

well acording to what i know there are api's which make it able to secure the kernel without such patching
it might be weaker protection but it is better than nothing...
to me kernel patching is bad thing (coming at this from the a security and stability standpoint) because your are messing with the core of windows itself and any bug in their kernel drivers can cause massive consequences (and as you with every bug there is a possibility of exploit)......

anywho problem is that patchgurd can be bypassed by any malware author,irony is that a legit company can't do that.not the biggest of deals unless you're only dependant on HIPS alone.

yes that is true (there is a well laid out article on the code project that i really like..)
but this is the first step (it seems) of locking the kernel down and preventing access from anyone unauthorized to do so...
patchguard feels to me more like a bandaid (blocking the good guys from patching, while the bad guys can still get in)

my prediction is that we will end up with some sort of hypervisor protection scheme (which will no doubt have its bugs too) which is that we need, something above the kernel enforcing protection upon it (that cant be too easily accessed)...
and of course using no security thorough obscurity (but i doubt that will happen...

I'm not taking any stand on kernel patching but almost every(if not all) anti malware products used it,specially HIPS applications,well HIPS kinda need it since they stop threats at runtime

yes and i have heard accounts from a number of people having bsod's and amoung other things because of this (eventually their code matures and is more stable but you still see bsod's by AV's kernel drivers happening in xp...)
i mean Microsoft isnt perfect either but at least they know this way when they need to patch the kernel they know that none of the av vendors are in there hooking the kernel and if they patch something it will not break or BSOD because something is not patching the kernel (unless of course malware is there but then again you should have a hips or a heuristics to counter such things)...

and i do remember the times when KPP was not around (as i used to a very secure hips/firewall called core force which i used before comodo's early betas...) they also use KP and with that style of protection and with enough knowledge (which is what you really need with such a advance product as this one) nothing and i mean nothing should should get into your computer and execute without your approval (it was also incredibly flexible, i kinda actually wished UAC would have a more simpler version of this (im pretty sure it would have been seen better if was more flexible...))

so just imagine if something hooks the kernel the security product can't do shii bout it cuz its locked out of the kernel.so there is a bit of an issue there.

yes and like i said this is just a step (as i think of it) to a more robust solution like hypervisor protection

lol yeah read that before.haven't used symantec in 6 or moar years

i really do like their corporate products but recently (with a Endpoint protection feature not compatible with vista, forgot which one though) i changed to using more "the user in control" approach (as of now, using noscript and carefully checking whether to allow scripting or not, and adblock plus and nothing else apart from UAC and the Winfirewall, i have not been exploited by malware[expecpt that firefox heap bug, which i initiated downloading from millw0rm and executing the script, but then again no payload was there...] out there in the web)

 

[m4ss]

--> Router (with all defensive rules activate, ex. DDOS, Portscan, etc...) Admin account only, AVIRA, Spybot (host immunized), Comodo Firewall (free vers.), "my brain"... and Chrome !!!!

 

[jong84]

mine :
nod32 anti-virus ver 4, comodo [firewall only], threatfire....

the best for me so far.. gives me peace of mind...

 

[chev65]

None at all. To me, most of the so called anti virus anti malware programs are worse than the programs they are trying to stop.

Once my system has been infected I just back up and reinstall the Op system. I don't trust anything to remove viruses because you never really know if you got them all.

I keep a running back up handy on one of my other machines and can do a complete restore with all my files back in less than an hour. Avoiding malware and viruses has more to do with knowing where not to go than anything else. Using your brain when browsing prevents more infections than any anti virus program.

 

[Mercurial]

the thing is we are not testing your antivir but your firewall...
its good that ESET detected it but what if one virus does slip thorough...(trust me all of them trip up once in a while)
that is where your firewall comes in....
and if your firewall is not setup correctly the it will let other malware get in...
this is good example (this was one of the first leaktest software created)
and one of first "Intrusion Protection" packages to block it...

well its been like 2 or 3 months since using RTM no virus yet with eset =)...

also I don't really believe the idea" virus slips once in awhile"( you haven't used eset or kapersky yet? nothing slips lol) since they make nasty registry entries once they run so yea(prevent is better than cure)... eset ftw...

as I said of previous post if you're anti-virus even lets you download such a thing with ugly codes in it... then you're in big trouble... forget the firewall test lmao.


I only rely firewall for unwanted pings,dos,telnet(disabled on vista and 7 by default) and such =) coming from outside... I rely on my AV so nothing can get inside =) so yea meh =)

if you want to test your antivirus in action in reallife situations visit this site

Watch - A Cinderella Story - Streaming Google Chrome has a bad protection tsk tsk tsk... it allows that java script to infect you're system... without eset I'm doomed D=;
eset strikes again.!

 

[darkassain]

well its been like 2 or 3 months since using RTM no virus yet with eset =)...

also I don't really believe the idea" virus slips once in awhile"( you haven't used eset or kapersky yet? nothing slips lol) since they make nasty registry entries once they run so yea(prevent is better than cure)... eset ftw...

as I said of previous post if you're anti-virus even lets you download such a thing with ugly codes in it... then you're in big trouble... forget the firewall test lmao.

there is a reason they call a antivirus reactive security instead of proactive (heuristics covers that but is still limited as encryption can somewhat render that useless, some of the av vendors just block most with such encryption techniques, even ones that valid and non-malware...)
there will always be 0 day exploits and malware that will exploit them in the wild that even heuristics will not catch...

I only rely firewall for unwanted pings,dos,telnet(disabled on vista and 7 by default) and such =) coming from outside... I rely on my AV so nothing can get inside =) so yea meh =)

i see so what if it does not work (the firewall)?
what is the point of testing your firewall if you are testing your AV with a firewall leaktest?
also if you have residential broadband you should have a router and that router should have nat enabled...
back in the old days when nat was not as wide spread i can see a firewall as the primary vector for this kind of defense but unless you opened a bunch of ports i dont see how pings and anything else gets outside....
leaktests are for outbound protection where you choose which apps to connect to the internet (and you clearly dont have a need for that...)

if you want to test your antivirus in action in reallife situations visit this site

Watch - A Cinderella Story - Streaming Google Chrome has a bad protection tsk tsk tsk... it allows that java script to infect you're system... without eset I'm doomed D=;
eset strikes again.!

and noscript to the rescue again...
there is a difference between malware and a javascript ad...
there is always choice, you can choose a av vendor and products or you can choose to use safe practices (you can even do both if you wish) in the end though your security is as strong as your weakest link, which is right now is the person with no knowledge of safe practices (of course i am not referring at you but at the masses that click on random websites)...

also please refrain from using links to infected websites (since you said it was infected) if you do please make it so the parser does not identify it as website...
h t t p : / / w w w.tvokay.c o m /movie/a-cinderella-story.htm


back OT
im am testing the server aspects of FCS...

 

[MadMax]

sorry wrote in the wrong section...
here is like it should have been..



yes that is true (there is a well laid out article on the code project that i really like..)
but this is the first step (it seems) of locking the kernel down and preventing access from anyone unauthorized to do so...
patchguard feels to me more like a bandaid (blocking the good guys from patching, while the bad guys can still get in)

yup,fully agreed.

my prediction is that we will end up with some sort of hypervisor protection scheme (which will no doubt have its bugs too) which is that we need, something above the kernel enforcing protection upon it (that cant be too easily accessed)...

hopefully with windows 10

and of course using no security thorough obscurity (but i doubt that will happen...

didn't happen yet so,i guess fat chance:/

yes and i have heard accounts from a number of people having bsod's and amoung other things because of this (eventually their code matures and is more stable but you still see bsod's by AV's kernel drivers happening in xp...)
i mean Microsoft isnt perfect either but at least they know this way when they need to patch the kernel they know that none of the av vendors are in there hooking the kernel and if they patch something it will not break or BSOD because something is not patching the kernel (unless of course malware is there but then again you should have a hips or a heuristics to counter such things)...

xp didn't need an av to patch the kernel to BSOD itself:sarc: lol i just had to say it

and i do remember the times when KPP was not around (as i used to a very secure hips/firewall called core force which i used before comodo's early betas...) they also use KP and with that style of protection and with enough knowledge (which is what you really need with such a advance product as this one) nothing and i mean nothing should should get into your computer and execute without your approval (it was also incredibly flexible, i kinda actually wished UAC would have a more simpler version of this (im pretty sure it would have been seen better if was more flexible...))

tell me bout it,patching the kernel might leat to stability issues[eventhough they wont be very obvious most of the time],but it worked so darn well when it came to dealing with malware

yes and like i said this is just a step (as i think of it) to a more robust solution like hypervisor protection

hopefully with windows 10 at the earliest lol

i really do like their corporate products but recently (with a Endpoint protection feature not compatible with vista, forgot which one though) i changed to using more "the user in control" approach (as of now, using noscript and carefully checking whether to allow scripting or not, and adblock plus and nothing else apart from UAC and the Winfirewall, i have not been exploited by malware[expecpt that firefox heap bug, which i initiated downloading from millw0rm and executing the script, but then again no payload was there...] out there in the web)

i'm currently thinking of this approach,but then again sandboxing on a x64 windows machine still has the same issue as with other security products.sadly though x64 systems still remain to be on the bleeding edge *sigh*

***didn't get any sleep for more than a day so do excuse my rather short reply.not like that i had anything to add to it anyway apart from BSODs on xp lol

 

[Mercurial]

and noscript to the rescue again...
there is a difference between malware and a javascript ad...

yes there is but the common thing is you don't want them in your system lol...
so yea just saying my current protection is awesome =)

also please refrain from using links to infected websites (since you said it was infected) if you do please make it so the parser does not identify it as website...
h t t p : / / w w w.tvokay.c o m /movie/a-cinderella-story.htm

lmfao IDFC everyones on their own ;P (its a test how you really trust you're protection setup, so much chit chat but does it really protect you?)
well see how PRO you are

and this has been a fun discussion =)

 

[Zahl]

Router
Symantec NIS 2009
SuperAntiSpywarePro

This combo kept me safe on Vista and I am glad its doing the same on windows 7

 

[Dinesh]

im trying avast 5 beta for now.

 

[rEnEeK]

Kaspersky Internet Security 2010

 

[wildbilly]

using Microsoft forefront (member on tech net) Works good.....seems to anyway, Win 7 indicates everything is A OK.

 

[Sassa]

Testing avast 5 beta