1m3k's Security Config

[TipsEasy]

Wannacry freaked me out, so I installed Win 10 on my little machine - I didn't think it would work, so I really hadn't considered even trying. But I thought, why not try - I don't have anything to lose and I could always go back to 7. It works, much better than I thought! It does take some work-arounds for my machine. Aside from the privacy problems, I really like win 10.

 

[mekelek]

running HMPA alone as Real-time protection is risky, especially the beta version.
HMPA is good against exploits, but their anti-ransomware module is far from being reliable at the moment. (Sophos Home is using HMPA/HMP under the hood, and it was failing miserably in every malware test)
If you're afraid of Ransomwares, get either an anti-ransomware tool, like Kaspersky Anti-Ransomware, CheckMAL AppCheck or get an AV with a good Behavior Blocker, like Kaspersky, Emsisoft, Bitdefender, FSecure SAFE.

 

[frogboy]

If you are worried about privacy give this a try New O&O ShutUp10 Version available

Thanks for sharing.

 

[hd35]

Thank you for sharing our configuration with us.
Real-time Malware Protection :Consider using an antivirus.

 

[Parsh]

You've mentioned Sophos as your AV in profile but your config indicates no AV. HMPA is not an AV and not secure enough, as discussed above.
Consider adding a good AV for real-time protection if you haven't (Free: Avast, BD, 360 TS....)(Paid: Kaspersky, BD, Emsisoft, Norton, Eset....). Zemana antimalware will be a nice addition to your on-demand scanners list.
If you do not want to bother trying 3rd party AVs, Windows Defender (built-in) + HMPA + VoodooShield free can be a good combo to try.
Why is firewall disabled?

 

[BearHug]

Very Nice Config! Nothing to add!

 

[S3cur1ty 3nthu5145t]

Disabled Firewall? Only HMP.Alert as Realtime?

I would highly suggest turning your firewall back on, and adding some sort of Real time along with HMP, if not just enabling Windows Defender.

 

[TipsEasy]

running HMPA alone as Real-time protection is risky, especially the beta version.
HMPA is good against exploits, but their anti-ransomware module is far from being reliable at the moment. (Sophos Home is using HMPA/HMP under the hood, and it was failing miserably in every malware test)
If you're afraid of Ransomwares, get either an anti-ransomware tool, like Kaspersky Anti-Ransomware, CheckMAL AppCheck or get an AV with a good Behavior Blocker, like Kaspersky, Emsisoft, Bitdefender, FSecure SAFE.

mekelek, hd35, parsh, S3cur1ty 3nthu5145t, thank you for your thoughts & comments! I totally agree, but here's the deal, my machine becomes almost unusable running AV & fw. So, I've become very comfortable with full back/restore.
Security softs are useless if they are constantly turned off - this was me! I know HMPA isn't a complete security, & I hate to say this outloud, but after finding HMPA, & how well it works on my machine, it's been over a year of running with HMPA only, w/ out a firewall. (I am planning to upgrade soon, ) In the meantime, I do plan to turn the fw & defender back on.

As I said, I JUST installed W10, & still mucking about with it to be lighter on my machine. And I'm pretty good about keeping everything updated.

frogboy, thanks for the suggestion - & I did use Blackbird & O&O ShutUp10. And, guess what? No intentional updates by me, & MS just wiped out all the privacy changes! Pretty frustrating - and invasive.

Thanks for everyone's thoughts - it's so great MT is such a great community!

 

[Deleted member 178]

No FW? you are doomed (unless you have an hardware FW, but i dont believe so)

 

[Exterminator]

Enable Windows Firewall or considered a 3rd party firewall.
Thanks for sharing your config

 

[Windows_Security]

Windows 10 Pro has many improvements to prevent exploits, so I would deinstall HPMA and enable the firewall. I see you have got PRO, so have a look at this thread add software restriction policies Windows Pro owner? Use Software Restriction Policies!

 

[Hector1]

No security without a firewall, enable WF or go to a 3rd party firewall!

 

[hirudora56]

If you are too much worried about system load by an real time AV, then I would suggest Avast free. Yes it is not the best solution but IMO it uses the least amount of RAM & CPU. And turn back on the firewall. It will not cost you performance but may cost your security.

 

[JHomes]

Couple things:

1) Yeah, Firewall.

2) WannaCry was able to infect a lot of disk images, so dunno if Macrium is the best choice without considerations. First being, you would want to protect the drive the images are on with some sort of encryption (256 AES). Secondly, using a snapshot tool with encryption will work (don't know of disk imagers that encrypt). Something like Comodo Time Machine or Rollback Rx will be encrypted.

Aside from that, not bad!

 

[brod56]

You really wanted a risky ticket, didnt you?
If Windows Defender and Windows Firewall were enabled, your config would be secure.

 

[jamescv7]

You can be protected without relying on AV alone however you need to setup it carefully.

Use like Appguard or anti-exe based like Voodoshield.

You can also add Sandboxie for browsing and possible testing of programs, but as much as possible you should have an AV like WD to supplement the protection.