SECURE: Complete Frekis123's security config

Most recent changes
Jul 26, 2018
Operating System
Windows Edition
Pro
System type
64-bit OS
Security Updates
Automatic with Deferred upgrades - Security updates only
User Access Control
Always Notify - For App installs, Modify system & User settings
Device Firewall
3rd-party App using Windows Filtering Platform (WFP)
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Windows Defender
Voodoo Shield (paid) always on mode (on aggressive or moderate)
Spyshelter (paid)
Windows Firewall Control (medium filtering)
Sys Hardener with recommended settings plus a few more
Security Protection settings
Default - Settings are balanced for security and performance
Virus and Malware Removal Tools
Himan pro (on demand once a week or so)
Emisoft Emergency Kit
Browsers and Extensions
Firefox with Script Safe
Web Privacy
Adguard Stealth mode with nearly all settings on (paid Desktop)
Firefox is sandboxed with sandboxie
Heimdal Pro
Default Web Search
Duckduckgo, startpage
System Utilities collection
O&O Shutup 10
Data Backup
Macrium reflect (daily backup)
Frequency of Data backups
Daily
System Backup
Macrium reflect (daily backup)
Frequency of System backups
Regularly
Joined
Aug 10, 2013
Messages
116
#1
Hi all :)
The files that use my pdf Reader/Office , Music Player or video player are forced with sandboxie.
Firefox is sandboxed with sandboxie (not sure if "allow direct access to firefox profile" activated is a good idea?

My greatest risk would be my webbrowsing habbits if i would have to guess :D
Any downloaded file is scanned on virus total first before any install.

Any tips what i could improve further?

Not installed but owned:
Spy Shelter (incl. Firewall) and apguard 4.4.?? (last lifetime version)
 
Last edited:

LDogg

Level 18
Verified
Joined
May 4, 2018
Messages
850
#5
Fantastic setup, nothing else I need to add apart from extensions. You can see my own setup for that and adjust accordingly.

~LDogg
 
Likes: Freki123

Lightning_Brian

Level 11
Verified
Joined
Sep 1, 2017
Messages
524
OS
Windows 10
Antivirus
Norton
#6
Joined
Aug 10, 2013
Messages
116
#7
Thanks for all the suggestions. I added Emisoft Emergency Kit and will give it a try. If i dont like it next candidate will be Malwarebytes :D
@LDogg Will have a look at your browser extensions and see what i need most.
 
Last edited:
Likes: harlan4096
Joined
Aug 10, 2013
Messages
116
#9
Added spyshelter. atm it's on "auto allow high security" later on "always ask" (missed a hips for my "clicking needs")

I tried using policy control (together with script safe settings on block from the "sniper vs shotgun thread here") but got sometimes problems with adguard (adguard got blocked from policy control). Even after adding it a few websites later it wanted to get the same adguard service added again even when it was added.

Any suggestions for browsing / anti fingerprinting that work well with a permant sandboxed firefox with adguard desktop?
 
Likes: harlan4096
I

illumination

Guest
#10
Illuminations recommendation on Safe surfing Habits...


-Knowledge: This should be the base of any good security configuration. Learning safer habits and utilizing your security as a "just in case" instead of trying to use many layers of applications to make up for lack of understanding.

-This should include the following aspects.


1. Be leery of clicking links especially in email or instant messages. Verify URL's, not only by manually looking at them, but also running them through URL scanners such as the one at Virus Total. If you are unsure still, the best course of action is to not click that link.

Bookmark important sites: A misspelled address could take you to a false site that mirrors the site you intended to go to. A book marked address will take you to the same site every time.

Passwords: In general you would be better off utilizing one of the many password managers, but as it often sometimes is, most average users do not, or can not, so keep this little bit of information in mind if this is the case.

Do not use the same password for all sites, if you are limited on what you can remember then please make sure to be careful and not use the same password for any of the sites you frequent as the ones you use for your email. If the site is to be breached, you would not want them to gain access to your email via same used passwords. Passwords should be strong, hard to guess or crack, password managers all have generators built in for building and storing strong passwords.

2. Updates/Patches:

Run maintenance on your system as you would a vehicle, consider it preventive maintenance. Always make sure to keep your system and applications patched. These patches and updates are for a good reason, they are plugging holes in your surface of attack. While i recommend keeping patched always, i would also state to do your research on certain updates for the OS/drivers/applications before applying, make sure there is not a fresh set of new bugs to contend with that are worse then what they are patching, this happens more often then most realize.

If you limit the amount of 3rd party applications on your system, you also limit the time doing maintenance, you limit the amount of freshly introduced bugs, and you keep your surface of attack smaller, and in the end, your machine will thank you for it by running better and being more enjoyable.

3. Back ups:

This is more important then security. No security out there can achieve 100% protection, if they could, they would already have a monopoly on the market and would have run all others out of business. Prepare for the worst, strive for the best.

Personal items are of the utmost important files on your system, once lost, they can not be replaced. Backing up externally or into the cloud "both recommended by me", so as to ensure you always have a copy of it obtainable. If something were to happen, you lose nothing this way, and can start freshly if needed.

Using images to create snapshots of your system works well for those who neither have the knowledge or time to repair/wipe a system. Windows has a built in option, although there are 3rd party options. It is a good idea also to keep on hand Microsofts media creation tool burnt to a flash drive, updated when needed. With this you can run repairs or wipe the system and build it from a clean install, which after a nasty infection, is always recommended to ensure you have eradicated the issue.

4. Security:

It has always been recommended for users to try applications for themselves. These products all have trials "most of them anyway", for this very reason. Test drive them for a couple weeks, does it fit your uses, is it running ok on your system and resources, are you comfortable with the settings and layout to get around and adjust it as necessary.

Learning the product is recommended here. Most throw them on with default settings and never venture in to settings to realize there is much more then meets the eye. Google search is handy for learning these, as are the manuals most of the products companies produce and are freely accessible. Watching youtube videos of a product will not help you decide what is best for you. You need to experience the product and settings to fully grasp it.

Understand you are a home user, and you are not targeted like corporations and businesses. The chances of you seeing sophisticated attacks and malware on that level are quite slim. There is no need for paranoia when you cover your basics, keep everything patched, backed up, use caution/safe habits when surfing.

Be careful what you divulge to websites "personal information", these as seen in the news are not as secure as they should be, once your information is in someone else's hands, anything can happen to it.

Know that the more security you pile on your system, the chances of incompatibilities/bugs arise and issues may occur. Finding a proper balance of application to knowledge ratio is fully recommended.


~illumination