Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Computer Security Evaluation

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Computer Talk
View previous topic :: View next topic  
Author Message
PUSHEAX_PUSHEAX
Grandmaster Cheater
Reputation: 72

Joined: 13 Apr 2009
Posts: 969

PostPosted: Sat Nov 09, 2013 1:02 pm    Post subject: Computer Security Evaluation Reply with quote

I know some of this some may seem overkill but it's what I want.

Please suggest improvements or any comments are welcome:

-Full disk AES encryption (3-pass)
-VPN used 24/7
-Fake browser User Agent
-Lastpass password manager (google authenticator used for 2-factor)
-JS, Flash diabled by default - Java needs permission to launch
-Comodo Firewall
-MBAM Pro
-Peerblock whenever I torrent
-All email accounts and financials are 2 factor ~ pretty much every other site I can have it on also (when avail.)
-Encrypt firefox keystrokes (Anti-Keylogger)
Back to top
View user's profile Send private message
justa_dude
Grandmaster Cheater
Reputation: 23

Joined: 29 Jun 2010
Posts: 891

PostPosted: Sat Nov 09, 2013 5:00 pm    Post subject: Reply with quote

What, specifically, are you trying to protect against? The best defense against a script-kiddie is going to do you little good against a trenchcoat showing up to seize your machine. And vice-versa.
Back to top
View user's profile Send private message
Gniarf
Grandmaster Cheater Supreme
Reputation: 43

Joined: 12 Mar 2012
Posts: 1285

PostPosted: Sat Nov 09, 2013 5:24 pm    Post subject: Reply with quote

What comes into my mind:
-Tor/onion instead of "just" vpn.

-Toss firefox. Why? Because it's the most popular browser, so you're guaranteed to have a few firefox exploit whenever you buy an exploit toolbox. I suggest you go find a less popular browser, or even better write your own.

-Comodo Firewall: I hope it's set on "block all connections excerpt the ones I explicitly allowed" or whatever comodo calls it.
I was concerned with firewalling at some point so I decided to write a custom firewall driver (that I'm not going to share); the only rule it implemented was "Toss every packet that comes from an IP that I haven't already contacted in the last X minutes", kinda a way to discard every unsollicited traffic. I don't get attacked often enough to say if it was really efficient, but from the various network problems it caused, it sure did what it was told to. Now potaters, do what you want with the idea.

You might also consider hardware firewalls with content filtering.

-Lastpass password manager: if I were paranoid I'd wouldn't like using a password manager. If I only feared attacks from the internet I'd simply keep my passwords on a PAPER sheet. If I feared attacks both from the internet and from physical intrusion, I'd store my passwords on a second computer or password protected device that has no network access.

-Full disk AES encryption: additionally I recommend putting sensitive information on a computer that has no network access. Manually move data via usb drive or RW CD/DVD.

-I'd also suggest using an unpopular OS if you want to viruses' life harder... You're probably going to end up with a security-oriented linux ditro for your browsing computer. Of course it's still fine to have a windows on an offline computer.

-Power switch/lan switch power cord within hand's reach, just in case sh** hits the fan.

_________________
DO NOT PM me if you want help on making/fixing/using a hack.
Back to top
View user's profile Send private message
PUSHEAX_PUSHEAX
Grandmaster Cheater
Reputation: 72

Joined: 13 Apr 2009
Posts: 969

PostPosted: Sat Nov 09, 2013 6:12 pm    Post subject: Reply with quote

Gniarf wrote:
What comes into my mind:
-Tor/onion instead of "just" vpn.
Of course I use Tor occasionally but it's waaaay to slow to use 24/7

-Toss firefox. Why? Because it's the most popular browser, so you're guaranteed to have a few firefox exploit whenever you buy an exploit toolbox. I suggest you go find a less popular browser, or even better write your own.
This is why I changed the user agent, scripts think its Safari and not Firefox, or if they use the Safari exploit it has it obviously won't work because it's not Safari.... They could try all their exploits and maybe one works but then that's when we get to the next level of defense if an attack is successful.

-Comodo Firewall: I hope it's set on "block all connections excerpt the ones I explicitly allowed" or whatever comodo calls it.
I was concerned with firewalling at some point so I decided to write a custom firewall driver (that I'm not going to share); the only rule it implemented was "Toss every packet that comes from an IP that I haven't already contacted in the last X minutes", kinda a way to discard every unsollicited traffic. I don't get attacked often enough to say if it was really efficient, but from the various network problems it caused, it sure did what it was told to. Now potaters, do what you want with the idea.
Not that paranoid, my comodo is set at 'Safe Mode' and that's enough for me. I have other programs to block packets from spam/ad servers.

You might also consider hardware firewalls with content filtering.

-Lastpass password manager: if I were paranoid I'd wouldn't like using a password manager. If I only feared attacks from the internet I'd simply keep my passwords on a PAPER sheet. If I feared attacks both from the internet and from physical intrusion, I'd store my passwords on a second computer or password protected device that has no network access.It uses 2-factor authentication and requires a code on my phone in an app that changes every like 15 seconds to login each time. No one should be able to get their unless they physically take and get my phone password from me.

-Full disk AES encryption: additionally I recommend putting sensitive information on a computer that has no network access. Manually move data via usb drive or RW CD/DVD.
This is so if anyone takes my computer with or without my permission when not in use they get no information from it.

-I'd also suggest using an unpopular OS if you want to viruses' life harder... You're probably going to end up with a security-oriented linux ditro for your browsing computer. Of course it's still fine to have a windows on an offline computer.
I know almost everything I would need to know about viruses and how viruses work and how they are programmed. I know everything to look for. I also need Windows, I just can't do Linux right now, I've considered it many times.

-Power switch/lan switch power cord within hand's reach, just in case sh** hits the fan.
Back to top
View user's profile Send private message
br0l0ck
Cheater
Reputation: 63

Joined: 15 Aug 2007
Posts: 38

PostPosted: Wed Nov 13, 2013 3:09 am    Post subject: Reply with quote

There's back doors in TOR, Windows itself, and even to a hardware level like your CPU in the case of both Intel and AMD.
You could be taking extra steps that are unneeded for simple protection that further leaves you open, it's not always best to just use everything, more steps = more problems, more programs = more vulnerabilities
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Computer Talk All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites