Hard_Configurator - Windows Hardening Configurator

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
@Andy Ful Can u do something about it?
I have sent the email to Symantec

Could you please, send-back the final information about this submission? Usually, I had such information in two days (I submitted the files over two weeks ago).
There is also another problem. The customers report that the digital certificate of Hard_Configurator executables is wrongly recognized as invalid (see the attachment).
Thank you.
H_C_invalidCS.PNG
 

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
Yes, its kind of a ask all firewall, i does not care if its signed etc and theres no learning mode, because of its unmaged client firewall.
Tried to assoc .hta -> to open notepad. It works, but if you do command prompt mshta c:\temp\malware.hta it runs and makes an outbound connection and SEP firewall alerted it.
NVT Registry Guard seems to be pretty good infact, i've protected wscript registry key and some autorun entries that Spyshelter Free HIPS does not.

Regards,
-sepi
 
  • Like
Reactions: Andy Ful

Chri.Mi

Level 7
Well-known
Apr 30, 2020
337
I have sent the email to Symantec

Could you please, send-back the final information about this submission? Usually, I had such information in two days (I submitted the files over two weeks ago).
There is also another problem. The customers report that the digital certificate of Hard_Configurator executables is wrongly recognized as invalid (see the attachment).
Thank you.
View attachment 241405
Is not Symantec, is Mcafee
 
  • Like
Reactions: Andy Ful

Chri.Mi

Level 7
Well-known
Apr 30, 2020
337
Mcafee Endpoint dont like the beta version, still continue to isolate it. This not happen to stable version. Another thing is dont like the sign of hard configurator and sumatrapdf
I had post about Mcafee, i think i have confused u a bit, i'm sorry for that.
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
...
Tried to assoc .hta -> to open notepad. It works, but if you do command prompt mshta c:\temp\malware.hta it runs and makes an outbound connection and SEP firewall alerted it.
NVT Registry Guard seems to be pretty good infact, i've protected wscript registry key and some autorun entries that Spyshelter Free HIPS does not.

Regards,
-sepi
You can simply block mshta via the H_C <Block Sponsors> option. Please note, that this will prevent whitelisting HTA files.
Anyway, it is not necessary when you use the H_C Recommended Settings, because these settings will prevent the command-lines like "mshta c:\temp\malware.hta".
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
@Andy Ful
Andy i have a suggestion about hard configurator. I see almost all zones are covered. Do u think is possible after hard configurator, firewall hardening, configure defender and exploit protection, make a new step: hardening browsers (edge:flags)?
I could do it If there was good documentation of these flags. Edge Chromium probably uses many of these flags (see the Default setting) and there is no information about how most flags can impact the browsing performance.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
But do you think that it would be something that you would want to spend your time on Andy? Would it be worthwhile?
Yes, I think so. But, it is possible that Microsoft already uses those flags that increase security without much performance impact.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
browser flags are a moving target ... is ridiculous you will have to keep track of all the flags across multiple browsers in preview builds all that work for virtual zero security gain
Yes, that is the danger of using flags without knowing how they exactly work and how they can impact the performance. Anyway, some of them can be probably useful.
 
Last edited:

Tiny

Level 3
Verified
Well-known
Dec 29, 2016
131

PotentialUser

Level 1
May 28, 2020
35
The questions I was talking about in my other thread here: Q&A - Windows Defender w/ Hitman Pro Alert?

1. Does H_C have an in-built updater or do we need to manually install new versions by downloading the new EXEs? If manual, do you need to uninstall the old H_C program before installing the new version or just run the new EXE and it will update the old H_C program?

2. The Windows_10_Basic_Recommended_Settings is one of the pre-built modes or a button you need to click in the GUI? I’m not necessarily an advanced user but I’m not new either. I love going into my AV settings and configuring all the details. I spent quite some time training my old AV’s (ESET) HIPs, opening firewall ports I needed open, etc. Basically, I’m not afraid to get my hands dirty; I just like having a guide to get me started.

3. Is H_C and all components (Configure Defender, Firewall Hardening, etc) completely open-source or partially?

Thank you in advance!

@Andy Ful
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
1. Does H_C have an in-built updater or do we need to manually install new versions by downloading the new EXEs?
Yes, for stable versions. No, for beta versions.
If manual, do you need to uninstall the old H_C program before installing the new version or just run the new EXE and it will update the old H_C program?
Install over the old version. Read the update info, follow update instructions.
2. The Windows_10_Basic_Recommended_Settings is one of the pre-built modes ...
Use <Load Profile> button to load the prebuild setting profile.
3. Is H_C and all components (Configure Defender, Firewall Hardening, etc) completely open-source or partially?
It is opensource.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top