Advanced Plus Security ErzCrz Security Config 2019

Last updated
Sep 30, 2019
Windows Edition
Home
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Windows Defender
Firewall security
Microsoft Defender Firewall
About custom security
Andy Ful's Hard_Configurator at Recommended Settings, ConfigureDefender component set to High, Firewall Hardening all default rules enabled
Periodic malware scanners
Emisoft Emergency Kit, HitmanPro, Malwarebytes Adwcleaner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chromium Edge Stable
Maintenance tools
Bleachbit
File and Photo backup
Monthly backup to external HD using Windows Built-in backup and occasional OneDrive manual sync
System recovery
Default Windows App
Risk factors
    • Gaming
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
Computer specs
Intel i3 1.7ghz
GPU Intel 4400 HD
Ram 12 Gig
ErzCrz

ErzCrz

Level 22
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,175
Still getting my head around Hard_configurator. Is there some way of training it? Will turning off default deny whitelist the programs I use? I'll look through the manual but thought I'd pose the question here as well.
 
ErzCrz

ErzCrz

Level 22
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,175
Updated configuration as now running Windows Defender Firewall and AV as protection with system hardening & tweaks using Andy Ful's Hard_Configurator. I was also running OSArmor but probably not needed with Hard_Configurator running with Recommended settings.
 
  • Like
Reactions: oldschool, Gandalf_The_Grey and harlan4096
oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,623
ErzCrz said:
Still getting my head around Hard_configurator. Is there some way of training it? Will turning off default deny whitelist the programs I use? I'll look through the manual but thought I'd pose the question here as well.
Click to expand...

There is nothing to be trained. H_C is not realtime protection but uses Windows' built-in security features. Switch default/deny will not whitelist anything. It is simply an easy way to switch temporarily from Default-Deny to Default-Allow . Depending on the profile you use, RunAsSmartscreen is a simple way to bypass SRP when installing software. Looking through the manual is advised. (y)
 
  • Like
Reactions: Andy Ful, stefanos, Gandalf_The_Grey and 3 others
ErzCrz

ErzCrz

Level 22
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,175
oldschool said:
There is nothing to be trained. H_C is not realtime protection but uses Windows' built-in security features. Switch default/deny will not whitelist anything. It is simply an easy way to switch temporarily from Default-Deny to Default-Allow . Depending on the profile you use, RunAsSmartscreen is a simple way to bypass SRP when installing software. Looking through the manual is advised. (y)
Click to expand...

Thanks mate :)

I've got a bit more of an understanding with H_C now. Just gone with recommended settings and I had to whitelist a start menu folder to get SWTOR to run via the link rather than the launcher.exe. ConfigureDefender element set to High as that seems to be the one for most users and I enabled all the block defaults in FirewallHardening.

Working great now. My laptop feels fast and secure. I'm sure I'll find out about tweaks to protect me even more. It's a big change from running Comodo IS for a long time but I needed the change and glad I did so far. :)
 
  • Like
Reactions: stefanos, oldschool, Gandalf_The_Grey and 2 others
oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,623
ErzCrz said:
Thanks mate :)

I've got a bit more of an understanding with H_C now. Just gone with recommended settings and I had to whitelist a start menu folder to get SWTOR to run via the link rather than the launcher.exe. ConfigureDefender element set to High as that seems to be the one for most users and I enabled all the block defaults in FirewallHardening.

Working great now. My laptop feels fast and secure. I'm sure I'll find out about tweaks to protect me even more. It's a big change from running Comodo IS for a long time but I needed the change and glad I did so far. :)
Click to expand...

High settings are fine with H_C. You need add no more to the mix. I advise Max for those who use other companion softs, or no specific OS hardening.
 
  • Like
Reactions: harlan4096, stefanos and ErzCrz
ErzCrz

ErzCrz

Level 22
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,175
I've got all Firewall Hardening rules added but explorer.exe connecting out to 443 which relates to updates from what I understand and Akamai is content delivery MS uses, Should I keep blocking that (it's one of the LOLBins rules or remove the rule and.or just use Recommended H_C rules?

Local Time: 2019/10/05 21:35:42
ProcessId: 3352
Application: C:\windows\explorer.exe
Direction: Outbound
SourceAddress: 2a02:c7d:3c5a:8d00:f926:b8ab:f32c:ee01
SourcePort: 53267
DestAddress: 2a02:26f0:db:29d::2c1a
DestPort: 443
Protocol: 6
FilterRTID: 4235304
LayerName: %%14611
LayerRTID: 50

**************************************
Local Time: 2019/10/05 21:35:42
ProcessId: 3352
Application: C:\windows\explorer.exe
Direction: Outbound
SourceAddress: 192.168.0.3
SourcePort: 53266
DestAddress: 2.19.153.179
DestPort: 443
Protocol: 6
FilterRTID: 4235303
LayerName: %%14611
LayerRTID: 48
 
  • Like
Reactions: Andy Ful, harlan4096 and oldschool
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
ErzCrz said:
I've got all Firewall Hardening rules added but explorer.exe connecting out to 443 which relates to updates from what I understand and Akamai is content delivery MS uses, Should I keep blocking that (it's one of the LOLBins rules or remove the rule and.or just use Recommended H_C rules?

Local Time: 2019/10/05 21:35:42
ProcessId: 3352
Application: C:\windows\explorer.exe
Direction: Outbound
SourceAddress: 2a02:c7d:3c5a:8d00:f926:b8ab:f32c:ee01
SourcePort: 53267
DestAddress: 2a02:26f0:db:29d::2c1a
DestPort: 443
Protocol: 6
FilterRTID: 4235304
LayerName: %%14611
LayerRTID: 50

**************************************
Local Time: 2019/10/05 21:35:42
ProcessId: 3352
Application: C:\windows\explorer.exe
Direction: Outbound
SourceAddress: 192.168.0.3
SourcePort: 53266
DestAddress: 2.19.153.179
DestPort: 443
Protocol: 6
FilterRTID: 4235303
LayerName: %%14611
LayerRTID: 48
Click to expand...

Both addresses are from Akamai Technologies. The second is related to go.microsoft.com.edgekey.net
 
  • Like
Reactions: ErzCrz, harlan4096 and oldschool
You must log in or register to reply here.

Similar threads

Divine_Barakah
    • Like
    • Applause
Advanced Security Divine Barakah's PC Security Config 2024
Replies
97
Views
4,175
PC Setup Configuration Help & Showcase
Divine_Barakah
Divine_Barakah
Nautilus
    • Like
    • Applause
Advanced Plus Security Nautilus Security Config 2024
Replies
0
Views
211
PC Setup Configuration Help & Showcase
Nautilus
Nautilus
Mindaugas
    • Like
On Sale! Bitdefender Total Security 5 devices 3 Years - $20
Replies
12
Views
910
Discounts and Deals
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top