Basic Security Der.Reisende Security Config (Q1/2021)

Last updated
Feb 27, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS edition
Home
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Local account
Primary user
Admin user - Full permissions
Other users
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
None or Don't know
Real-time protection
Huorong Internet Security v5.0.58.1 or later (heavily tweaked)
Software firewall
Provided by a third-party security vendor. Refer to 'Real-time protection' for details.
Custom RTP, Firewall and OS settings
Action on threat detection: clean (instead of ask)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also o
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
Source:
C:\Windows\WinSxS\amd64_microsoft-windows-powershell-exe_31bf3856ad364e35_10.0.19041.1_none_1f070c37a19029ff\powershell.exe
C:\Windows\WinSxS\amd64_microsoft-windows-gpowershell-exe_31bf3856ad364e35_10.0.19041.1_none_ee822d264112a470\powershell_ise.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
Target:
File rules: *.ps1 --- Create / Read / Modify / Delete --- all set to "Deny" as default verdict

Note that without that Powershell tweak, #Netwalker would trash the system easily, not getting even noticed by Huorong. You could create protected folders via HIPS, but I experienced them to not always be protected by HIPS.
Malware testing
Periodic security scanners
Norton Power Eraser (free by default)
HitmanPro (free)
Microsoft SysInternals AutoRuns and TCPView (free by default)
Mister Group System Explorer (free by default)
Secure DNS
ISP DNS
VPN
F-Secure FreeDome v2.40.6717.0 or later
Password manager
Bitwarden (Chrome Extension for Brave Browser), Auto-Lock after 15 minutes inactivity / instantly after browser is closed
Browsers, Search and Addons
Brave Browser x64 (always latest stable), Edge Browser x64 (always latest stable).
Extensions:
Bitwarden (Password Manager, free version)
AdGuard (Adblocker, free version)
Google Translate
Bitdefender TrafficLight
Maintenance and Cleaning
None, all by hand.
Personal Files & Photos backup
Personal files are backupped to external HDDs, in case of infection / system failure, the system is freshly installed
Personal backup routine
Manual (maintained by self)
Device recovery & backup
See above.
Device backup routine
Manual (maintained by self)
PC activity
  1. Browsing the web. 
  2. Shopping. 
  3. Banking. 
  4. PC and cloud gaming. 
  5. Multimedia. 
  6. Streaming. 
  7. Malware samples. 
Feedback Response

Most critical feedback

Der.Reisende

Level 44
Thread author
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Dec 27, 2014
3,388
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment.
Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
 

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,826
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment.
Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
DNS: "?"

Do you mean that you are using the DNS of your ISP or that you don't know which one you're using?
 

Der.Reisende

Level 44
Thread author
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Dec 27, 2014
3,388
Nice and solid config, Thanks for share!

btw. are you using Adguard Adblocker with filters by default or do you have tweaked?
Thank you :)
Happy you like it!
It worked out fine over time, so I kept it, I’m for sure paranoid in terms of security, but I want lightweightness also ;)

Default ones, works fine so far, almost nothing went trough so far, Brave also brings it’s own.
I did block some notification on MT (cookies IDK) manually via AdGuard, which used to reappear every new Browser session (mine is set to clear everything on closure).

DNS: "?"

Do you mean that you are using the DNS of your ISP or that you don't know which one you're using?
I wasn‘t sure technically ;)
My internet connection is provided by a mobile hotspot from my iPhone, no extra VPN on it.
As streaming (apart from YT) is not deducted from monthly data, there was no reason to pay for a local WiFi.