Advanced Plus Security CyberDevil's 2021 Security Configuration

Last updated
Dec 8, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Pro
Login security
    • Password-less (PIN, Biometric, Face)
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
None or Don't know
Real-time protection
-> Eset Smart Security
-> AppCheck Anti-Ransomware
-> Portmaster Firewall
Software firewall
Provided by a third-party security vendor. Refer to 'Real-time protection' for details.
Custom RTP, Firewall and OS settings
-> Portmaster Firewall with privacy and ads filters, also forced NextDNS DOT and blocked p2p / direct connection
Malware testing
No malware samples
Periodic security scanners
Emsisoft Emergency Kit
F-Secure Online Scanner
Secure DNS
NetxDNS with
- Threat Intelligence Feeds
- AI-Driven Threat Detection
- OISD
VPN
HMA VPN
Password manager
Bitwarden
Browsers, Search and Addons
-> Vivaldi for study
-> Firefox for others

Search engine: StartPage

uBlock Origin subscriptions:
-> EasyList, EasyList Czech and Slovak, EasyPrivacy
-> AdGuard's Lists (Base, Tracking Protection, Social Media)
-> Web Annoyances Ultralist
-> NoTrack Tracker Blocklist
-> IDN Homograph Attack Protection
-> Dandelion Sprout's Anti-Malware List (for AdGuard)
-> AdGuard URL Tracking filter, Actually Legitimate URL Shortener Tool
Maintenance and Cleaning
Soft Organizer, DriverEasy
Personal Files & Photos backup
OneDrive for documents and external HDD for photos
Personal backup routine
Automatic (scheduled)
Device recovery & backup
Macrium Reflect before big updates
Device backup routine
Manual (maintained by self)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Browsing to unknown sites. 
  4. Emails. 
  5. Shopping. 
  6. Banking. 
  7. Downloading software. 
  8. File sharing and torrents. 
  9. PC and cloud gaming. 
  10. Multimedia. 
  11. App developer. 
Computer specs

MSI GE75 8SG Raider (i7-8750H, RTX 2080, 32 GB, 1TB SSD)

Personal changelog
2021.06.11 - I gave up on Norton and BlackFog, and reinstalled Windows with a fresh official 21h1 image. Now I use FS-Protection Beta (Beta of F-Secure), HitmanPro. Alert and Portmaster Firewall
2021.06.25 - uninstall FS-Protection and HitmanPro.Alert, install Eset IS and Macrium Reflect, switched from quad9 to conrold free dns
2021.06.28 - set UAC to maximum.
2021.10.30 - I installed Bitdefender instead of Eset because I was offered a good discount. I also switched to Windows 11.
2021.12.08 - returned to Eset Smart Security and installled AppCheck Anti-Ransomware
Feedback Response

General feedback

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
Hi guys! I have been testing this configuration for about a week and I am interested in your opinion. The main idea of this config is three levels of network security.
1. Norton provides application-level security by blocking traffic for little-known applications based on its cloud base.
2. NextDNS provides protection at the DNS level, allowing to minimize the chance of connecting to a compromised site.
3. BlackFog Privacy analyzes network traffic at the TCP/IP level and blocks leaks of personal data based on behavior, also, as I understand it, it blocks any direct connections over IP if the IP was not resolved by the DNS server (can someone confirm this?).
In my opinion, this is a very interesting combination of these three security applications and it seems that they do not interfere with each other.
 

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Well-known
Apr 28, 2015
7,907
@CyberDevil:

You may set UAC to Always Notify.

In Login security, even if not sharing Your system, it would be interesting to set up, at least, a Windows PIN.

In Network firewall, are You using a router? Does it have some kind of firewall feature enabled?

In Device recovery & backup, Windows Restore Points usually get corrupted or tends to fail the restoration, You should use here a Full Image System BackUp: Macrium Free or AOMEI BackUpper are reliable and free.

Thanks for sharing :)
 

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
In Login security, even if not sharing Your system, it would be interesting to set up, at least, a Windows PIN.
Oh, I didn't pay attention! Of course, I have a small pin code from a set of favorite numbers. :)I also have two-factor authorization installed for all Microsoft services.

On other points: the router is quite old, so I do not attach importance to its firewall, also I think to install macrium in the near future as soon as I finish setting up and installing all the necessary software and as long as Windows is fresh enough, but I am still too lazy to enable UAC to Always Notify, I rely entirely on Hitman in eliminating zero-day threats with library substitution.:cool:
 
Last edited:

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
After quite long tests of various antiviruses (in terms of usability) I came back to Eset again because of its lightness and interesting settings. All the nuances are in the application form above. :) I also have good impressions of Portmaster, although its usability still needs polishing. )
 

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
i also don’t think you need that much Maintenance Tools.
DriverEasy is the best driver installation tool I have ever tried. In Reg Organizer, I mainly use its two modules Autorun Organizer for autostart control, as well as Soft Organizer for installing and removing all software with tracking. I use Kerish Doctor quite rarely, mainly to delete empty folders and clean up temporary files, when I run out of license, i think I will replace it with free and open BleachBit
As harlan4096 wrote, you should set UAC to maximum.
I'll try
 
  • Like
Reactions: harlan4096
F

ForgottenSeer 85179

DriverEasy is the best driver installation tool I have ever tried.
Did you use it that often? Normally you only need watching OEM and graphic driver and even both aren’t updated much
In Reg Organizer, I mainly use its two modules Autorun Organizer for autostart control
take a look at Autoruns from Microsoft
as well as Soft Organizer for installing and removing all software with tracking.
Don’t understand. Why installing such software than before?
I use Kerish Doctor quite rarely, mainly to delete empty folders and clean up temporary files, when I run out of license, i think I will replace it with free and open BleachBit
deleting empty folder doesn’t improve anything but can break stuff if the folder is important. Temporarily stuff can be deleted with Windows internal Storage tool.
 
Last edited by a moderator:

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
Did you use it that often? Normally you only need watching OEM and graphic driver and even both aren’t updated much
For example, sound drivers are updated almost every month. If I'm not mistaken, a vulnerability was recently found in Realtek. It seems to me that updating drivers is no less important than updating any other software. Of course, as long as the compatibility remains. At least I haven't had any problems with the new drivers so far.
take a look at Autorund from Microsoft
Autorun Organizer is able to block the return of programs to auto-upload. It is enough to block a program once and even after the update, it will not be able to register itself in the startup again. For example, browsers with their updates like to return there periodically.

Don’t understand. Why installing such software than before?
I didn't understand what you didn't understand. :D I don't like to use backups too often, I think it's not very useful for SSD, but at the same time I sometimes try different software like a new antivirus or recently vmware instead of virtual box, such programs leave a lot of garbage in the system, programs like Reh Organizer, Revo Uninstaller or HiBit Uninstaller help to avoid the accumulation of this garbage. Often, standard uninstallers do not even remove drivers from the system folder after themselves.
deleting empty folder doesn’t improve anything but can break stuff if the folder is important. Temporarily stuff can be deleted with Windows internal Storage tool.
There's a fairly safe algorithm that removes empty folders only in Users and Temp, unless you change the setting specially. Although I agree that this is absolutely not necessary. I just like when there is nothing unnecessary in the system.
 

Zorro

Level 8
Well-known
Jun 11, 2019
365
Are there any problems with the firewall portmaster? There have been no updates to this program for a long time, and for some reason they do not go into beta testing for a long time.
 

SecureKongo

Level 28
Verified
Top poster
Well-known
Feb 25, 2017
1,718
Are there any problems with the firewall portmaster? There have been no updates to this program for a long time, and for some reason they do not go into beta testing for a long time.
In case you didn't notice yet:


Now it’s actually in beta stage 👍
 

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
Bitdefender still feels like something too cumbersome and inflexible, I went back to Eset, but after watching its new tests, I realized that it has big problems, which is well solved by AppCheck installed nearby. :)

Add: Oh, also, I'm back on Firefox since I need to sync my phone and PC, and the android version of Brave is still more like a cryptocurrency wallet than a browser. :D
 
Last edited:

SecureKongo

Level 28
Verified
Top poster
Well-known
Feb 25, 2017
1,718
NextDNS + ESET web protection + ESETs strong signatures would be sufficent protection against common entry points of Malware including Ransomware. You can even harden the Ransomware protection of ESET by adding additional HIPS rules and Firewall rules that were often mentioned before. I don't think that you actually need AppCheck if you are cautious online.

1. [KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)

2. [KB6132] Configure firewall rules for ESET Endpoint Security to protect against ransomware (7.3 – 9.x)

No need for another software that consumes more computer resources.
 

CyberDevil

Level 3
Thread author
Well-known
Apr 4, 2021
143
I don't think that you actually need AppCheck if you are cautious online.
Shadowra's latest test showed that Eset could easily miss modifying the MBR, which would create a huge headache. I'm not sure if HIPS rules will solve this weakness in Eset.

Screenshot 2021-12-09 000737.jpg


Meanwhile, AppCheck only takes up 18 megabytes of RAM and does not create a load.

Screenshot 2021-12-09 001241.jpg
 

SeriousHoax

Level 41
Verified
Top poster
Well-known
Mar 16, 2019
3,091
Yes, I have an Android. I use Fennec installed from F-Droid as a stable version of Firefox without telemetry, but with full support for extensions (requires importing your collection through the developer menu) - it is very convenient.
Yeah, that feature to add any extension using that method is great. But for the PlayStore version as you know, it requires Firefox Nightly.
But does the Fennec version have syncing feature?
 

SecureKongo

Level 28
Verified
Top poster
Well-known
Feb 25, 2017
1,718
Shadowra's latest test showed that Eset could easily miss modifying the MBR, which would create a huge headache. I'm not sure if HIPS rules will solve this weakness in Eset.

View attachment 262689

Meanwhile, AppCheck only takes up 18 megabytes of RAM and does not create a load.

View attachment 262690
No offence to @Shadowra as I am a big fan of his tests too, but the chance of getting this exact type of malware on your system is pretty low. The demonstrations of Shadowra show what would happen if you bomb a computer with thousands of samples and dozens of malicious links, but even the most incautious surfer wouldn't face such a big bunch of malware at once. Most malware is blocked before even reaching the antivirus layer as you are using NextDNS with great attack surface reduction protections, that will stop a big number of malware before it even reaches the next security layer of your system. In addition to NextDNS you even have the web-protection of ESET which is also pretty decent. But if you don't have any conflicts or performance issues then I don't see any reason not to use it.
Well, there is one... Bigger attack surface ;)
 
Last edited:
  • Applause
Reactions: oldschool