Basic Security Chri.Mi Security Config 2020

Last updated
May 2, 2020
How it's used?
For home and private use
Operating system
Linux
Log-in security
Security updates
Check for updates and Notify
User Access Control
Real-time security
Is Linux!
Firewall security
About custom security
Hardening Chromium
Periodic malware scanners
N/A
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chromium
Maintenance tools
Pacman
Pamac
Manjaro Settings Manager
File and Photo backup
N/A
System recovery
Timeshift
Risk factors
    • Gaming
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
Computer specs
N/A
Chri.Mi

Chri.Mi

Level 7
Thread author
Well-known
Apr 30, 2020
337
imuade said:
Yes, it's my top choice every time I remove FortiClient to try another AV. But FortiClient is very light and stable and I haven't found any viable alternative yet (not that I have to find one actually ;) )
Click to expand...
Forticlient is nice... but dont like them strategy to give old version free. Had more sense if them could make a free version (with less features of course).
I think a good combo can be windows defender MAX setting (block any unrecognized PE, thk @Andy Ful for nice explanation), comodo firewall for autocontainment (vs doc, script, etc) and blocksi for internet surf (block all dangerous+unrated). In this way i think have more chance to block 0 days. Is like a preventive threat setup, then protective threat setup. And in my experience prevention is always better the remediation.
 
  • Like
Reactions: amico81, Protomartyr, bayasdev and 1 other person
Vitali Ortzi

Vitali Ortzi

Level 25
Verified
Top Poster
Well-known
Dec 12, 2016
1,404
Chri.Mi said:
Forticlient is nice... but dont like them strategy to give old version free. Had more sense if them could make a free version (with less features of course).
I think a good combo can be windows defender MAX setting (block any unrecognized PE, thk @Andy Ful for nice explanation), comodo firewall for autocontainment (vs doc, script, etc) and blocksi for internet surf (block all dangerous+unrated). In this way i think have more chance to block 0 days. Is like a preventive threat setup, then protective threat setup. And in my experience prevention is always better the remediation.
Click to expand...
I agree with you on Forticlient
but I don't think blocksi and two default deny suites is a good idea .
Use only Andy H_C or CF cruel.
About blocksi I have no experience with it so I can't tell if it's good or not.
But since it has unrated I gotta test it .
 
  • Like
Reactions: Protomartyr and bayasdev
Chri.Mi

Chri.Mi

Level 7
Thread author
Well-known
Apr 30, 2020
337
Vitali Ortzi said:
I agree with you on Forticlient
but I don't think blocksi and two default deny suites is a good idea .
Use only Andy H_C or CF cruel.
About blocksi I have no experience with it so I can't tell if it's good or not.
But since it has unrated I gotta test it .
Click to expand...
Is good enough

If i should chosen will go with H_C for sure, but thinking if can make a combo (some security config have this combo). Have to see what are the pros and the cons, and balance them.

imuade said:
Yes, it's my top choice every time I remove FortiClient to try another AV. But FortiClient is very light and stable and I haven't found any viable alternative yet (not that I have to find one actually ;) )
Click to expand...
In some way Blocksi is better, if u use warn unrated, and 1 of your favorite site is unrated u can allow it. On forticlient i could not do with unrated (dunno if was my fault)
 
  • Like
Reactions: Protomartyr, bayasdev and Vitali Ortzi
N

Nagisa

Level 7
Verified
Jul 19, 2018
342
Chri.Mi said:
Forticlient is nice... but dont like them strategy to give old version free. Had more sense if them could make a free version (with less features of course).
I think a good combo can be windows defender MAX setting (block any unrecognized PE, thk @Andy Ful for nice explanation), comodo firewall for autocontainment (vs doc, script, etc) and blocksi for internet surf (block all dangerous+unrated). In this way i think have more chance to block 0 days. Is like a preventive threat setup, then protective threat setup. And in my experience prevention is always better the remediation.
Click to expand...

I think that it's more probable that windows defender got affected from zero days, as it is the default antivirus software on all Windows PCs. Once a malware exploits Windows Defender (I mean specific malwares that capable of exploit security softwares) it doesn't matter whether you block unknown executables or not, am I wrong?

Such an incident ever happened before?
 
Vitali Ortzi

Vitali Ortzi

Level 25
Verified
Top Poster
Well-known
Dec 12, 2016
1,404
Chri.Mi said:
If i should chosen will go with H_C for sure, but thinking if can make a combo (some security config have this combo). Have to see what are the pros and the cons, and balance them.
Click to expand...
Con of CF is clearly the attack surface , flagging malware is trusted, possible to get a certificate to bypass Comodo cheaply mostly because of stupid contractors.
H_C is a SRP comparable to group policy.
 
  • Like
Reactions: Protomartyr and bayasdev
Chri.Mi

Chri.Mi

Level 7
Thread author
Well-known
Apr 30, 2020
337
Nagisa said:
I think that it's more probable that windows defender got affected from zero days, as it is the default antivirus software on all Windows PCs. Once a malware exploits Windows Defender it doesn't matter whether you block unknown executables or not, am I wrong?

Such an incident ever happened before?
Click to expand...
Y but there is difference between default windows and MAX settings with hard configurator. This dont means is invulnerable, but how u can see in malware sample test is not easy to bypass.
 
  • Like
Reactions: Protomartyr, bayasdev and Nagisa
N

Nagisa

Level 7
Verified
Jul 19, 2018
342
Chri.Mi said:
Y but there is difference between default windows and MAX settings with hard configurator. This dont means is invulnerable, but how u can see in malware sample test is not easy to bypass.
Click to expand...

Sure, it's very hard to bypass while using default deny method. But just wait for a specific malware that is capable of exploiting the default security software installed on most computers (Windows Defender).

I don't know how it works but does it also protect you from unknown scripts or fileless malware?
 
  • Like
Reactions: bayasdev and Vitali Ortzi
Vitali Ortzi

Vitali Ortzi

Level 25
Verified
Top Poster
Well-known
Dec 12, 2016
1,404
Nagisa said:
I think that it's more probable that windows defender got affected from zero days, as it is the default antivirus software on all Windows PCs. Once a malware exploits Windows Defender (I mean specific malwares that capable of exploit security softwares) it doesn't matter whether you block unknown executables or not, am I wrong?

Such an incident ever happened before?
Click to expand...
It's actually more hardened then many AV software.
But you can bypass the max Defender settings with a script .
But you can technically block the script it self via a SRP.
 
  • Like
Reactions: Protomartyr, bayasdev and Nagisa
imuade

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
Chri.Mi said:
In some way Blocksi is better, if u use warn unrated, and 1 of your favorite site is unrated u can allow it. On forticlient i could not do with unrated (dunno if was my fault)
Click to expand...
You can also set FortiClient to warn instead of blocking.
The main difference between Blocksi and FortiClient is that the former is browser-limited while the latter is system-wide (it can prevent any app to reach a bad website)
 
  • Like
Reactions: Protomartyr, bayasdev and Vitali Ortzi
Vitali Ortzi

Vitali Ortzi

Level 25
Verified
Top Poster
Well-known
Dec 12, 2016
1,404
Chri.Mi said:
Installed Voodooshield and Sandboxie. Replaced Bitdefender traffic light, netcraft, fair adblocker, blocksi with adguard. Hardened edge chromium with some flags. Applied custom settings on Windows Defender
Click to expand...
Great lower attack surface!
 
Chri.Mi

Chri.Mi

Level 7
Thread author
Well-known
Apr 30, 2020
337
Removed sandboxie. Removed ghostery, popup blocker and smart https. Now i am using adguard, redirector, and skip redirect

Adguard -> enabled almost all filters except the obsolate ones and languages ones (only 2 italians using).
Redirector -> made rules for redirect http to https
 
  • Like
Reactions: Protomartyr, CyberTech, Brahman and 3 others
Vitali Ortzi

Vitali Ortzi

Level 25
Verified
Top Poster
Well-known
Dec 12, 2016
1,404
Chri.Mi said:
Removed sandboxie. Removed ghostery, popup blocker and smart https. Now i am using adguard, redirector, and skip redirect

Adguard -> enabled almost all filters except the obsolate ones and languages ones (only 2 italians using).
Redirector -> made rules for redirect http to https
Click to expand...
You can use built in flags / policies as an alternative to Redirector .
 
  • Like
Reactions: Protomartyr, Brahman and harlan4096
You must log in or register to reply here.

Similar threads

Divine_Barakah
    • Like
    • Applause
Advanced Security Divine Barakah's PC Security Config 2024
Replies
97
Views
4,183
PC Setup Configuration Help & Showcase
Divine_Barakah
Divine_Barakah
Nautilus
    • Like
    • Applause
Advanced Plus Security Nautilus Security Config 2024
Replies
0
Views
211
PC Setup Configuration Help & Showcase
Nautilus
Nautilus
Amnesia
    • Like
    • +Reputation
Advanced Security Amnesia laptop security config 2024
Replies
7
Views
875
PC Setup Configuration Help & Showcase
Berny
Berny

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top