Advanced Security Divine Barakah's PC Security Config 2024

Last updated
Sep 5, 2024
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
On
Network firewall
Enabled
About WiFi router
I am using ISP-provided router. I connected a TP-Link Access Point.
Real-time security
Webroot Internet Security Plus
Firewall security
Microsoft Defender Firewall
About custom security
DefenderUI Pro Recommended with WDAC enabled
Periodic malware scanners
EEK
Malware sample testing
I do not participate in malware testing
Environment for malware testing
I do not participate in malware testing
Browser(s) and extensions
Vivaldi with multiple profiles

Dashlane, Webroot and Floccus
Secure DNS
NextDNS using Windows 11 DNS over HTTPS manual template
NextDNS with Private DNS setting in Vivaldi
Desktop VPN
BulletVPN is not working in Egypt
I have changed to Windscribe. It works flawlessly using Stealth option.
Password manager
Dashlane
Sticky Password (as backup) and Enpass (synced to Koofr)

NEVER PUT ALL YOUR EGGS IN ONE BASKET
Maintenance tools
Kerish Doctor
Smarty Uninstaller
File and Photo backup
Ente Photos
Koofr
External HDD
Subscriptions
    • None
System recovery
AOMEI BAckupper Pro
Risk factors
    • Browsing to popular websites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Lenovo Legion 5

-AMD Ryzen 5 4600H
- 16 GB Ram
- WD Blue SN500 500GB
-1TB WD Black
- Nividia GTX 1650 TI
What I'm looking for?

Looking for maximum feedback.

oldschool

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,577
SeriousHoax said:
You would probably still need to set your DNS manually on your Chromium browser because it has an issue of not recognizing Windows's native DoH. Different yet similar issue was present in Firefox also until their latest version, 129.
Click to expand...
I'm not so sure, at least not the way I configured it in Windows. I used the instructions on the website and it shows my device using NextDNS as "All good!". BTW, I used both IPv6 and IPv4 (with Linked IP).
 
  • Like
Reactions: Nevi, cryogent, SeriousHoax and 1 other person
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
oldschool said:
I'm not so sure, at least not the way I configured it in Windows. I used the instructions on the website and it shows my device using NextDNS as "All good!". BTW, I used both IPv6 and IPv4 (with Linked IP).
Click to expand...
Yes I am using NextDNS with the built-in Windows 11 settings. No issues. I was talking about NextDNS app which caused Mr issues.
 
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,861
oldschool said:
I'm not so sure, at least not the way I configured it in Windows. I used the instructions on the website and it shows my device using NextDNS as "All good!". BTW, I used both IPv6 and IPv4 (with Linked IP).
Click to expand...
That's plain DNS, right? Not DNS Over HTTPS. If DoH is configured i Windows the way I mentioned in my previous comment, then Chromium browsers (Edge in my case) don't recognize it and use my router DNS instead. There was a DNS related chrome://flag that needed to be disabled for it to work. That flag was later deleted (haven't checked since then). I should find it if I search online since that's how I learned about this issue back then.
Anyway, I'm using AdGuard DNS at the moment for browsers (NextDNS for Windows) since it's giving me slightly better ping and I can also add Hagezi Threat Intelligence which NextDNS hasn't added.
Also, there is the Yogadns app that one can use which just works and you can even use DNS over QUIC which theoretically is slightly faster than DoH including DNS over HTTP/3 which is based on QUIC protocol.
 
  • Like
Reactions: Divine_Barakah and Jan Willy
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
SeriousHoax said:
That's plain DNS, right? Not DNS Over HTTPS. If DoH is configured i Windows the way I mentioned in my previous comment, then Chromium browsers (Edge in my case) don't recognize it and use my router DNS instead. There was a DNS related chrome://flag that needed to be disabled for it to work. That flag was later deleted (haven't checked since then). I should find it if I search online since that's how I learned about this issue back then.
Anyway, I'm using AdGuard DNS at the moment for browsers (NextDNS for Windows) since it's giving me slightly better ping and I can also add Hagezi Threat Intelligence which NextDNS hasn't added.
Also, there is the Yogadns app that one can use which just works and you can even use DNS over QUIC which theoretically is slightly faster than DoH including DNS over HTTP/3 which is based on QUIC protocol.
Click to expand...
Yes I have it configure as DoH in Windows settings. I also added NextDNS in each browser with the name of the browser at the end of the custom link so that I can see the logs for each browser on my NextDNS dashboard.


Everything is running flawlessly.
 

Attachments

  • Screenshot (17).png
    Screenshot (17).png
    169.4 KB · Views: 55
  • Like
Reactions: Nevi, SeriousHoax and oldschool
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
I was installing BulletVPN and Emsisoft's BB blocked the installation. On Emsisoft Security Dashboard, it showed that BulletVPN setup file was signed with an invalid digital signature!
 

Attachments

  • Bulletvpn emsisoft.png
    Bulletvpn emsisoft.png
    40 KB · Views: 46
  • Wow
Reactions: Dave Russo
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
I have not experienced any major issues while using MB Premium for quite a long time. I changed to Emsisoftt for the sake of change.

What I like about Emsisoft:

1- Clean interface
2- No bloatware
3- I keep my laptop running most of the time and Emsisoft's Online Dashboard keeps me updated all the time.
4- Support. Emsisoft's support is very fast and helpful. Probably one of the best out there.
5- Files can be manually added to Emsisoft's quarantine and you can rescan the added files after signature updates.
6- Very fast scans
7- Scan levels can be adjusted.
8- Detailed logs of security incidents
9- Privacy. Emsisoft is one of the few privacy-respecting companies.

What I dislike

1- High ram consumption (ranging from 600 to 900 MBs)
2- Very high FPs rates, but their cloud whitelist helps with that. I rarely install anything without getting prompts from Emsisoft's BB
3- Pricing. Emsisoft is not cheap as other products especially if you want to cover the whole household devices.
4- It slows down file copying and file explorer.
 
  • Like
Reactions: Dave Russo, Moonhorse and oldschool
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
After I installed Webroot, I tested it with AMTSO tests and everything was blocked. One thing that caught my eyes was the fact that Webroot did not scan the system after the detections. Did that change in Webroot? I remember when Webroot detected anything, it ran a system scan, but not anymore?
 
  • Like
Reactions: Nevi, Dave Russo and Moonhorse
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
root. said:
Give this a shot, GitHub - intika/Librefox: Librefox: Firefox with privacy enhancements.

I recommend you remove all the overhead from system-wide and browser private DNS, and killswitch your BulletVPN with NextDNS upstream.
Click to expand...
I am now in Egypt and I cannot connect to any VPN. All VPN providers are blocked, Opera browser is blocked, Avast is blocked. I am in contact with BulletVPN support and they provided me with an obfuscated Wireguard profile, but still it did not work. I have provided them with logs and they are looking for a solution.

I am also experiencing issues in connecting to Signal servers.
 
  • Wow
  • Sad
Reactions: SeriousHoax, Dave Russo and root.
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
- Restored a clean system image.
- Installed BDTS 90-day trial

I let BD run system assessment scan and allowed it to update itself. I ran a full system scan and rebooted the system. The system is snappy and everything is working as expected.

I noticed one issue. When I ran the phishing page (AMTSO), BD did not block the page (in Vivaldi). I had to install BD Trafficlight extension. BD managed to block all the other AMTSO tests.
 
  • Like
Reactions: Nevi, SeriousHoax, Moonhorse and 3 others

Similar threads

DJ Stylbator
    • Like
Basic Security DJ Stylbator Security Config 2024
Replies
7
Views
679
PC Setup Configuration Help & Showcase
harlan4096
harlan4096
Alexandre Ravelli
    • Like
Advanced Plus Security Alexandre RAVELLI - Security Config 2024
Replies
1
Views
844
PC Setup Configuration Help & Showcase
Ink
I
Moonhorse
    • Like
Advanced Plus Security Moonhorse 2024 windows config
Replies
69
Views
5,258
PC Setup Configuration Help & Showcase
Moonhorse
Moonhorse

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top