Advanced Plus Security CyberDevil's 2021 Security Configuration

Last updated
Dec 8, 2021
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
N/A
Real-time security
-> Eset Smart Security
-> AppCheck Anti-Ransomware
-> Portmaster Firewall
Firewall security
About custom security
-> Portmaster Firewall with privacy and ads filters, also forced NextDNS DOT and blocked p2p / direct connection
Periodic malware scanners
Emsisoft Emergency Kit
F-Secure Online Scanner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
-> Vivaldi for study
-> Firefox for others

Search engine: StartPage

uBlock Origin subscriptions:
-> EasyList, EasyList Czech and Slovak, EasyPrivacy
-> AdGuard's Lists (Base, Tracking Protection, Social Media)
-> Web Annoyances Ultralist
-> NoTrack Tracker Blocklist
-> IDN Homograph Attack Protection
-> Dandelion Sprout's Anti-Malware List (for AdGuard)
-> AdGuard URL Tracking filter, Actually Legitimate URL Shortener Tool
Secure DNS
NetxDNS with
- Threat Intelligence Feeds
- AI-Driven Threat Detection
- OISD
Desktop VPN
HMA VPN
Password manager
Bitwarden
Maintenance tools
Soft Organizer, DriverEasy
File and Photo backup
OneDrive for documents and external HDD for photos
System recovery
Macrium Reflect before big updates
Risk factors
    • Working from home
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Coding and development
Computer specs

MSI GE75 8SG Raider (i7-8750H, RTX 2080, 32 GB, 1TB SSD)

Notable changes
2021.06.11 - I gave up on Norton and BlackFog, and reinstalled Windows with a fresh official 21h1 image. Now I use FS-Protection Beta (Beta of F-Secure), HitmanPro. Alert and Portmaster Firewall
2021.06.25 - uninstall FS-Protection and HitmanPro.Alert, install Eset IS and Macrium Reflect, switched from quad9 to conrold free dns
2021.06.28 - set UAC to maximum.
2021.10.30 - I installed Bitdefender instead of Eset because I was offered a good discount. I also switched to Windows 11.
2021.12.08 - returned to Eset Smart Security and installled AppCheck Anti-Ransomware
What I'm looking for?

Looking for medium feedback.

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
Hi guys! I have been testing this configuration for about a week and I am interested in your opinion. The main idea of this config is three levels of network security.
1. Norton provides application-level security by blocking traffic for little-known applications based on its cloud base.
2. NextDNS provides protection at the DNS level, allowing to minimize the chance of connecting to a compromised site.
3. BlackFog Privacy analyzes network traffic at the TCP/IP level and blocks leaks of personal data based on behavior, also, as I understand it, it blocks any direct connections over IP if the IP was not resolved by the DNS server (can someone confirm this?).
In my opinion, this is a very interesting combination of these three security applications and it seems that they do not interfere with each other.
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
@CyberDevil:

You may set UAC to Always Notify.

In Login security, even if not sharing Your system, it would be interesting to set up, at least, a Windows PIN.

In Network firewall, are You using a router? Does it have some kind of firewall feature enabled?

In Device recovery & backup, Windows Restore Points usually get corrupted or tends to fail the restoration, You should use here a Full Image System BackUp: Macrium Free or AOMEI BackUpper are reliable and free.

Thanks for sharing :)
 

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
In Login security, even if not sharing Your system, it would be interesting to set up, at least, a Windows PIN.
Oh, I didn't pay attention! Of course, I have a small pin code from a set of favorite numbers. :)I also have two-factor authorization installed for all Microsoft services.

On other points: the router is quite old, so I do not attach importance to its firewall, also I think to install macrium in the near future as soon as I finish setting up and installing all the necessary software and as long as Windows is fresh enough, but I am still too lazy to enable UAC to Always Notify, I rely entirely on Hitman in eliminating zero-day threats with library substitution.:cool:
 
Last edited:

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
After quite long tests of various antiviruses (in terms of usability) I came back to Eset again because of its lightness and interesting settings. All the nuances are in the application form above. :) I also have good impressions of Portmaster, although its usability still needs polishing. )
 

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
i also don’t think you need that much Maintenance Tools.
DriverEasy is the best driver installation tool I have ever tried. In Reg Organizer, I mainly use its two modules Autorun Organizer for autostart control, as well as Soft Organizer for installing and removing all software with tracking. I use Kerish Doctor quite rarely, mainly to delete empty folders and clean up temporary files, when I run out of license, i think I will replace it with free and open BleachBit
As harlan4096 wrote, you should set UAC to maximum.
I'll try
 
  • Like
Reactions: harlan4096
F

ForgottenSeer 85179

DriverEasy is the best driver installation tool I have ever tried.
Did you use it that often? Normally you only need watching OEM and graphic driver and even both aren’t updated much
In Reg Organizer, I mainly use its two modules Autorun Organizer for autostart control
take a look at Autoruns from Microsoft
as well as Soft Organizer for installing and removing all software with tracking.
Don’t understand. Why installing such software than before?
I use Kerish Doctor quite rarely, mainly to delete empty folders and clean up temporary files, when I run out of license, i think I will replace it with free and open BleachBit
deleting empty folder doesn’t improve anything but can break stuff if the folder is important. Temporarily stuff can be deleted with Windows internal Storage tool.
 
Last edited by a moderator:

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
Did you use it that often? Normally you only need watching OEM and graphic driver and even both aren’t updated much
For example, sound drivers are updated almost every month. If I'm not mistaken, a vulnerability was recently found in Realtek. It seems to me that updating drivers is no less important than updating any other software. Of course, as long as the compatibility remains. At least I haven't had any problems with the new drivers so far.
take a look at Autorund from Microsoft
Autorun Organizer is able to block the return of programs to auto-upload. It is enough to block a program once and even after the update, it will not be able to register itself in the startup again. For example, browsers with their updates like to return there periodically.

Don’t understand. Why installing such software than before?
I didn't understand what you didn't understand. :D I don't like to use backups too often, I think it's not very useful for SSD, but at the same time I sometimes try different software like a new antivirus or recently vmware instead of virtual box, such programs leave a lot of garbage in the system, programs like Reh Organizer, Revo Uninstaller or HiBit Uninstaller help to avoid the accumulation of this garbage. Often, standard uninstallers do not even remove drivers from the system folder after themselves.
deleting empty folder doesn’t improve anything but can break stuff if the folder is important. Temporarily stuff can be deleted with Windows internal Storage tool.
There's a fairly safe algorithm that removes empty folders only in Users and Temp, unless you change the setting specially. Although I agree that this is absolutely not necessary. I just like when there is nothing unnecessary in the system.
 

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
404
Are there any problems with the firewall portmaster? There have been no updates to this program for a long time, and for some reason they do not go into beta testing for a long time.
 
  • Like
Reactions: oldschool and Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,481
Are there any problems with the firewall portmaster? There have been no updates to this program for a long time, and for some reason they do not go into beta testing for a long time.
In case you didn't notice yet:


Now it’s actually in beta stage 👍
 

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
Bitdefender still feels like something too cumbersome and inflexible, I went back to Eset, but after watching its new tests, I realized that it has big problems, which is well solved by AppCheck installed nearby. :)

Add: Oh, also, I'm back on Firefox since I need to sync my phone and PC, and the android version of Brave is still more like a cryptocurrency wallet than a browser. :D
 
Last edited:

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,481
NextDNS + ESET web protection + ESETs strong signatures would be sufficent protection against common entry points of Malware including Ransomware. You can even harden the Ransomware protection of ESET by adding additional HIPS rules and Firewall rules that were often mentioned before. I don't think that you actually need AppCheck if you are cautious online.

1. [KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)

2. [KB6132] Configure firewall rules for ESET Endpoint Security to protect against ransomware (7.3 – 9.x)

No need for another software that consumes more computer resources.
 

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
252
I don't think that you actually need AppCheck if you are cautious online.
Shadowra's latest test showed that Eset could easily miss modifying the MBR, which would create a huge headache. I'm not sure if HIPS rules will solve this weakness in Eset.

Screenshot 2021-12-09 000737.jpg


Meanwhile, AppCheck only takes up 18 megabytes of RAM and does not create a load.

Screenshot 2021-12-09 001241.jpg
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Yes, I have an Android. I use Fennec installed from F-Droid as a stable version of Firefox without telemetry, but with full support for extensions (requires importing your collection through the developer menu) - it is very convenient.
Yeah, that feature to add any extension using that method is great. But for the PlayStore version as you know, it requires Firefox Nightly.
But does the Fennec version have syncing feature?
 
  • Like
Reactions: oldschool and Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,481
Shadowra's latest test showed that Eset could easily miss modifying the MBR, which would create a huge headache. I'm not sure if HIPS rules will solve this weakness in Eset.

View attachment 262689

Meanwhile, AppCheck only takes up 18 megabytes of RAM and does not create a load.

View attachment 262690
No offence to @Shadowra as I am a big fan of his tests too, but the chance of getting this exact type of malware on your system is pretty low. The demonstrations of Shadowra show what would happen if you bomb a computer with thousands of samples and dozens of malicious links, but even the most incautious surfer wouldn't face such a big bunch of malware at once. Most malware is blocked before even reaching the antivirus layer as you are using NextDNS with great attack surface reduction protections, that will stop a big number of malware before it even reaches the next security layer of your system. In addition to NextDNS you even have the web-protection of ESET which is also pretty decent. But if you don't have any conflicts or performance issues then I don't see any reason not to use it.
Well, there is one... Bigger attack surface ;)
 
Last edited:
  • Applause
Reactions: oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top