- #1
S
snowbird
Bekanntes Mitglied
Themenersteller
- Dabei seit
- 22.08.2002
- Beiträge
- 693
- Reaktionspunkte
- 0
Vielleicht auch ein Weg: A light best of freeware breed HIPS do it yourself setup, wo beschrieben wird wie man mit einfachen mitteln seinen Pc sicher machen könnte, ok aber alles in English, wer sich mit beiden kommponten sehr gut auskennen tut, könnte sich diesen Leidfaden mal anschauen....:
Well, I had said to 3xist to try the new CIS, so I saved my image (with paragon) and data (syncback on external harddrive) and gave it a test ride.
But because Melih's thinks that developing a AV is quite easy (just provide a cure for all the malwares you know), I reconned that CIS alone would be a to weak AV to use by itself.
I have used ThreatFire before to reduce the pop-ups of Defense+ (simply untick all the common intrusions and let TF deal with it), so TF would be my candidate to reinforce the AV module of CIS.
Because nothing beats LUA + SRP and next best soluton (best when running admin) is a policy HIPS like DefenseWall or GeSWall, I decided to give EdgeGuard (also freeware) a spin. To be honest I tried with GeSWall, but CFP starts to read an awfull lot of data, which CFP does not do with EdgeGuard.
To compensate for the lesser features I decided to add Chromium as daily browser (has an internal sandbox). Chrome (the Chromium open source version) has the advantage that it can be started with -incognito parameter. This -incognito truly makes leaves no tracks as I had read from a security bulletin somewhere. With some TF custom rules I can harden Chrome (no data access outside download directory and no registry access to HKU, EdgeGuard protects the HKLM hive). No worries I will add them in these post, just give me some time for the screen prints. I have set it up for XP SP3, Vista users can omit EdgeGuard Solo, when they add Norton's UAC tool (browser starts with minimal rights, Norton's UAC tool intercepts the elevation requests).
At home we use IE7 for shopping and banking (simply because some music websites have only implemented full compatibility with IE). So Chrome for daily browsing IE for Windows update and banking. To strengthen IE, I added the beautifull KeyScrambler free.
So lets start. (for impatience members, see http://www.wilderssecurity.com/showpost.php?p=1413356&postcount=28 for an visual explanation)
Ohh: to make this work properly, you should have an C: partition on which your programs reside. And a D (Data) aprtition on which you keep your data. Advantage of having seperate Programs and Data partition, is that your data is not lost when your ssystem crashes fatally. When you do not how to do it, this setup is not good for you (and playing with malware neither).
After having two partitions, move your documents to D (see image) and change the system variables for Temp and tmp (system properties, advanced, see right). Also move your Outlook express folders (open OE, click extra, choose options, click on maintenance tab and click on the Archive Map button) the reason we want our download directory and this data on D is that it will be more restrictive in execution rights.
...
PS: Es wird dort mir Bildern beschrieben, das ganze.
Quelle: http://www.wilderssecurity.com/showthread.php?t=234443
PSS: Es wird auch weiter dort drüber disskutiert...
PSSS: Vielleicht auch was für, Nein @ Schrauber ?
snowbird
*Ersten Link korrigiert*
Well, I had said to 3xist to try the new CIS, so I saved my image (with paragon) and data (syncback on external harddrive) and gave it a test ride.
But because Melih's thinks that developing a AV is quite easy (just provide a cure for all the malwares you know), I reconned that CIS alone would be a to weak AV to use by itself.
I have used ThreatFire before to reduce the pop-ups of Defense+ (simply untick all the common intrusions and let TF deal with it), so TF would be my candidate to reinforce the AV module of CIS.
Because nothing beats LUA + SRP and next best soluton (best when running admin) is a policy HIPS like DefenseWall or GeSWall, I decided to give EdgeGuard (also freeware) a spin. To be honest I tried with GeSWall, but CFP starts to read an awfull lot of data, which CFP does not do with EdgeGuard.
To compensate for the lesser features I decided to add Chromium as daily browser (has an internal sandbox). Chrome (the Chromium open source version) has the advantage that it can be started with -incognito parameter. This -incognito truly makes leaves no tracks as I had read from a security bulletin somewhere. With some TF custom rules I can harden Chrome (no data access outside download directory and no registry access to HKU, EdgeGuard protects the HKLM hive). No worries I will add them in these post, just give me some time for the screen prints. I have set it up for XP SP3, Vista users can omit EdgeGuard Solo, when they add Norton's UAC tool (browser starts with minimal rights, Norton's UAC tool intercepts the elevation requests).
At home we use IE7 for shopping and banking (simply because some music websites have only implemented full compatibility with IE). So Chrome for daily browsing IE for Windows update and banking. To strengthen IE, I added the beautifull KeyScrambler free.
So lets start. (for impatience members, see http://www.wilderssecurity.com/showpost.php?p=1413356&postcount=28 for an visual explanation)
Ohh: to make this work properly, you should have an C: partition on which your programs reside. And a D (Data) aprtition on which you keep your data. Advantage of having seperate Programs and Data partition, is that your data is not lost when your ssystem crashes fatally. When you do not how to do it, this setup is not good for you (and playing with malware neither).
After having two partitions, move your documents to D (see image) and change the system variables for Temp and tmp (system properties, advanced, see right). Also move your Outlook express folders (open OE, click extra, choose options, click on maintenance tab and click on the Archive Map button) the reason we want our download directory and this data on D is that it will be more restrictive in execution rights.
...
PS: Es wird dort mir Bildern beschrieben, das ganze.
Quelle: http://www.wilderssecurity.com/showthread.php?t=234443
PSS: Es wird auch weiter dort drüber disskutiert...
PSSS: Vielleicht auch was für, Nein @ Schrauber ?
snowbird
*Ersten Link korrigiert*
