Hard_Configurator - Windows Hardening Configurator

P

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Lovely. I can delete the previous H_C Master from downloads folder now? I just use the Firewall Hardening Tool and was pleased to find it quickly and easily. Had it re-write the rules and everything, and it's set, I checked it.

The only issue and it's a minor one for me: I'm having a little problem dragging the interface around. It will drag but as soon as you release the mouse and then try to grab it again, it doesn't grab. It seems you only get one chance to drag it, two if you're lucky. My mouse is a very basic, cheap one, but I have no issues dragging other windows around. Anyone else?

Edit: There is actually a spot where you can drag the UI consistently but it's just within the frame in the upper left-hand side of the UI. lol! Here, I marked it. Hold the mouse pointer right on the orange border within the area of the two black arrows. Maybe it works this way for everyone? :D

hac2.png

Edit #2: HitmanPro has also cleared Hard_Configurator and Switch DefaultDeny .exes via its cloud. (y) Is it possible, then, that Sophos would also have no problems with these?
 
Last edited:
  • Like
Reactions: Andy Ful, harlan4096, silversurfer and 5 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,633
Andy Ful said:
computer restart is required to apply the new rules
Click to expand...
Oh that's the reason I guess. I didn't restart the computer.
Andy Ful said:
But, I noticed for the first time that some blocked connections are not logged, if they do not try to send packets.
Click to expand...
Interesting. Is it something that can be fixed?
Andy Ful said:
Thanks. The code was copied from H_C and adjusted to FirewallHardening. I did not notice it.:(
Click to expand...
Haha, it's nice that I noticed and hopefully it's going to be fixed in the next beta :)
 
  • Like
Reactions: Venustus, Protomartyr, Andy Ful and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,123
SeriousHoax said:
...
Interesting. Is it something that can be fixed?
... :)
Click to expand...
FirewallNoname.png

There are some events logged in the Security Log without the information about the file. They are pretty much useless to FireWall Hardening Log, which is focused on blocking applications. These events can happen if the application does not connect directly but uses other system resources. A similar thing happens when bitsadmin triggers file downloading. In fact, svchost is seen by the firewall and not bitsadmin.
 

Attachments

  • 1583660075421.png
    1583660075421.png
    123.1 KB · Views: 151
  • Like
Reactions: Venustus, Protomartyr, harlan4096 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,123
Andy Ful said:
The added rules work for me (computer restart is required to apply the new rules). The rules are added first at the end of the list, but after restarting the computer and running FirewallHardening, the rules are visible in alphabetical order:
View attachment 234544
But, I noticed for the first time that some blocked connections are not logged, if they do not try to send packets.
For example, I added the rules for three email clients (Claws-mail, eM Client, and Postbox). The blocked events for two email clients were added to the Log. But, not for eM Client which was blocked too (I tried to download an attachment without success).
Click to expand...
These blocked connections were not related to FirewallHardening. I repeated the test today and when eM Client tried to connect directly it was blocked by FireWallHardening rule.
emclientlog.png
 
  • Like
Reactions: Venustus, Protomartyr, harlan4096 and 1 other person
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,585
@Andy Ful Many thanks for your hard work on beta version 5.0.0.1 and it's manual. (y)
I have installed it with the recommended settings.
ConfigureDefender on High + Controlled Folder Access on.
FirewallHardening at Recomended H_C.
DocumentsAntiExploit MS Office at ON2.
Anything I missed or configured wrong?
Because Bandizip now has advertisements in the free version I switched to Explzh (also keeps MOTW).
Can you add that program to Harden Archivers?
 
  • Like
Reactions: Venustus, Protomartyr, shmu26 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,123
Gandalf_The_Grey said:
@Andy Ful Many thanks for your hard work on beta version 5.0.0.1 and it's manual. (y)
I have installed it with the recommended settings.
ConfigureDefender on High + Controlled Folder Access on.
FirewallHardening at Recomended H_C.
DocumentsAntiExploit MS Office at ON2.
Anything I missed or configured wrong?
Because Bandizip now has advertisements in the free version I switched to Explzh (also keeps MOTW).
Can you add that program to Harden Archivers?
Click to expand...
I will look at this app.:)
 
  • Like
  • Thanks
Reactions: Venustus, Protomartyr, shmu26 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,123
There are some good PDF Readers in Microsoft Store:
PDF viewers (all use Appcontainer):
Adobe Reader Touch
Foxit MobilePDF
PDF Viewer Plus, from GSnathan
PDF Reader from Kdan Mobile
Perfect PDF Reader, from soft Xpansion
Xodo PDF Reader & Editor (very fast with big documents)

PDF Reader plugins in web browsers are far more vulnerable to attacks and can help to exploit the web browser.
 
  • Like
  • Thanks
  • Applause
Reactions: Venustus, South Park, Protomartyr and 9 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,633
Andy Ful said:
There are some good PDF Readers in Microsoft Store:
PDF viewers (all use Appcontainer):
Adobe Reader Touch
Foxit MobilePDF
PDF Viewer Plus, from GSnathan
PDF Reader from Kdan Mobile
Perfect PDF Reader, from soft Xpansion
Xodo PDF Reader & Editor (very fast with big documents)

PDF Reader plugins in web browsers are far more vulnerable to attacks and can help to exploit the web browser.
Click to expand...
Which one do you personally use?
 
  • Like
Reactions: Venustus, Andy Ful, Protomartyr and 3 others
Sampei Nihira

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
If your priority is security, also check the history of security vulnerabilities before choosing:

Krzysztof Kowalczyk Sumatrapdf : CVE security vulnerabilities, versions and detailed reports

Krzysztof Kowalczyk Sumatrapdf security vulnerabilities, exploits, metasploit modules, vulnerability statistics and list of versions
www.cvedetails.com

Foxitsoftware Foxit Reader : CVE security vulnerabilities, versions and detailed reports

Foxitsoftware Foxit Reader security vulnerabilities, exploits, metasploit modules, vulnerability statistics and list of versions
www.cvedetails.com
 
  • Like
Reactions: Venustus, Protomartyr, DDE_Server and 5 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,123
SeriousHoax said:
Which one do you personally use?
Click to expand...
I used them all and finally chose the simplest one, which is Adobe Reader Touch. It is not actively developed. It is fast, but not fast as Xodo PDF Reader. I also block the Internet connection to PDF Readers via FirewallHardening tool (desktop applications) or Windows Firewall (UWP apps).

Edit.
Blocking the Internet Access to PRD Reader does not prevent it to open the web browser. This can be prevented by using Exploit Protection to block child processes.
 
Last edited:
  • Like
  • Sad
Reactions: Venustus, harlan4096, Protomartyr and 6 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,585
  • Like
Reactions: Venustus, harlan4096, Andy Ful and 2 others

Similar threads

Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
253
Views
16,921
Hard_Configurator Tools
Digmor Crusher
Digmor Crusher
Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
21,934
Hard_Configurator Tools
South Park
South Park
SpyNetGirl
    • Like
    • Applause
    • Thanks
Serious Discussion Why do you use obsolete security technologies such as SRP?
Replies
7
Views
459
General Security Discussions
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top