Basic Security Der.Reisende Security Config (Q1/2021)

Last updated
Feb 27, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
N/A
Real-time security
Huorong Internet Security v5.0.58.1 or later (heavily tweaked)
Firewall security
About custom security
Action on threat detection: clean (instead of ask)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also o
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
Source:
C:\Windows\WinSxS\amd64_microsoft-windows-powershell-exe_31bf3856ad364e35_10.0.19041.1_none_1f070c37a19029ff\powershell.exe
C:\Windows\WinSxS\amd64_microsoft-windows-gpowershell-exe_31bf3856ad364e35_10.0.19041.1_none_ee822d264112a470\powershell_ise.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
Target:
File rules: *.ps1 --- Create / Read / Modify / Delete --- all set to "Deny" as default verdict

Note that without that Powershell tweak, #Netwalker would trash the system easily, not getting even noticed by Huorong. You could create protected folders via HIPS, but I experienced them to not always be protected by HIPS.
Periodic malware scanners
Norton Power Eraser (free by default)
HitmanPro (free)
Microsoft SysInternals AutoRuns and TCPView (free by default)
Mister Group System Explorer (free by default)
Malware sample testing
Browser(s) and extensions
Brave Browser x64 (always latest stable), Edge Browser x64 (always latest stable).
Extensions:
Bitwarden (Password Manager, free version)
AdGuard (Adblocker, free version)
Google Translate
Bitdefender TrafficLight
Secure DNS
ISP DNS
Desktop VPN
F-Secure FreeDome v2.40.6717.0 or later
Password manager
Bitwarden (Chrome Extension for Brave Browser), Auto-Lock after 15 minutes inactivity / instantly after browser is closed
Maintenance tools
None, all by hand.
File and Photo backup
Personal files are backupped to external HDDs, in case of infection / system failure, the system is freshly installed
System recovery
See above.
Risk factors
    • Browsing to popular websites
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
    • Downloading malware samples
What I'm looking for?

Looking for maximum feedback.

Der.Reisende

Level 45
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment.
Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,592
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment.
Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
DNS: "?"

Do you mean that you are using the DNS of your ISP or that you don't know which one you're using?
 

Der.Reisende

Level 45
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Nice and solid config, Thanks for share!

btw. are you using Adguard Adblocker with filters by default or do you have tweaked?
Thank you :)
Happy you like it!
It worked out fine over time, so I kept it, I’m for sure paranoid in terms of security, but I want lightweightness also ;)

Default ones, works fine so far, almost nothing went trough so far, Brave also brings it’s own.
I did block some notification on MT (cookies IDK) manually via AdGuard, which used to reappear every new Browser session (mine is set to clear everything on closure).

DNS: "?"

Do you mean that you are using the DNS of your ISP or that you don't know which one you're using?
I wasn‘t sure technically ;)
My internet connection is provided by a mobile hotspot from my iPhone, no extra VPN on it.
As streaming (apart from YT) is not deducted from monthly data, there was no reason to pay for a local WiFi.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top