Some notes on the current layered security approach I’m using on my laptop (Win 7) as well as Lavie’s (Win 8.1).
I keep the Microsoft OS’s regularly patched with all available MS updates.
I am using Windows Firewall for ease of administration rather than one of the multitudes of alternative (and more feature packed) firewall solutions. It’s strange as I used to be pretty heavy into the alternative firewall thing around this blog in the past. WF works well enough.
I run Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) just updated to the final public release 5.0 version. I take the defaults (for now). More info below.
- Enhanced Mitigation Experience Toolkit - EMET - TechNet Security
- Announcing EMET 5.0 - Security Research & Defense
- Microsoft's EMET 5.0 blocks vulnerable plugins - Betanews
- Download Enhanced Mitigation Experience Toolkit 5.0 - Microsoft Download Center
I “inoculate” our systems against Crypto-type malware using CryptoPrevent from Foolish IT LLC.
Recently I ponied up the $ for a few lifetime licenses of Malwarebytes Premium anti-malware and Internet security software. The new 2.0 version still needs some polish but performance is great and Lavie gets so exited when her nightly scans come back clean. Not sure why. It plays wonderfully with MSSE.
Malwarebytes recently released a supportive product called Malwarebytes Anti-Exploit
- Malwarebytes Anti-Exploit - Free Zero-Day Exploit Protection
It works by monitoring your system for zero-day exploits attacking your browser and other commonly found software. The free version just protects the web-browsers and Java, while the Premium version protects PDF readers, Microsoft office applications, medial players, and allows for creation of custom shields. It reminded be a bit of an old PCTools product (now retired) called ThreatFire. I’m not linking to it since it is old but you can search if you are curious.
I’ve not yet applied it to our “production” systems, but am running it on a Windows 7 Enterprise VM system that also has EMET 5.0 and AVG Free protection. Early alpha/beta versions did have conflicts with EMET but this public version seems to work fine with it. So far so stable. Once I am comfortable with it, I may try it on our primary laptops.
- Introducing Malwarebytes Anti-Exploit - Malwarebytes Unpacked blog
- Anti-Exploit Product Support - Malwarebytes Forum
- Why not intergrate - News, Questions and Comments - Malwarebytes Forum - basically - maybe sometime.
- Experimental MBAE Builds - Malwarebytes Forum
The HDD is “protected” with the last working version of TrueCrypt. Yes I know all about the drama.
As I have said, my primary concern is data loss from burglary or theft, less so from the multi-letter agencies. When I get around to upgrading to a 1 TB SSD hard drive (prices please drop!) I may plunge in and do an upgrade to Windows 8.whatever at a level that would support Bitlocker so I could get off TrueCrypt. But that’s activity for a different day.
The take away here is that I’m keeping my systems updated and that I’ve layered the defenses. It’s become much more work than most standard users would do, but instead of fishing for a hobby, I sysadmin.
- Malwarebytes Anti-Malware Free scores 100% in AV-TEST removal test! - Malwarebytes Unpacked
- Five Best Desktop Antivirus Applications - Lifehacker
- Windows Security Feature Abused, Blocks Security Software - TrendLabs Security Intelligence blog
- Malware uses Windows security feature to block security software - ZDNet