Hard_Configurator - Windows Hardening Configurator

shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Andy Ful said:
New H_C ver. 6.0.0.0 beta 1:
This beta version can be installed over the previous version (5.1.1.2). It has been whitelisted by Microsoft, Avast, Norton, and Bitdefender.

Changelog:
  1. Introduced two color-changing buttons. When the restrictions are OFF, the buttons <Switch OFF/ON SRP> and <Switch OFF/ON Restrictions> change the background color from green to blue.
  2. Fixed some minor bugs.
  3. Added finger.exe to blocked sponsors and also to the H_C Enhanced profiles.
  4. Added some EXE files to FirewallHardening LOLBin Blocklist: csc, cvtres, CasPol, finger, ilasm, jsc, Microsoft.Workflow.Compiler, mscorsvw, ngen, ngentask, vbc.
  5. Added SLK file extension to the default protected extensions.
  6. Added a switch -p to run H_C and SwitchDefaultDeny with SRP enforcement to block all users (including Administrators) - it can be used especially on the older Windows versions to improve post-exploitation protection on default Admin account. This switch should be used only by very experienced users.
  7. New version of ConfigureDefender:
    - Added some useful information to the Help and manual.
    - Added "Send All" setting to Automatic Sample Submission.
    - Updated ASR rules (1 new rule added).
    - Added the Warn mode to ASR rules.
    - Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
    - Added the <Info> button next to the Protection Levels buttons. It displays information about which settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
    - Redesigned slightly the layout of the Exploit Guard section.
  8. Added support for Windows 11.

Be safe.(y)
Click to expand...
Thanks Andy!
What's the new ASR rule?
What added support was needed for Win11?
 
  • Like
  • Thanks
Reactions: Mercenary, cryogent, Nevi and 4 others
F

ForgottenSeer 85179

shmu26 said:
What's the new ASR rule?
Click to expand...
malwaretips.com

Hard_Configurator - Windows Hardening Configurator

Hi Andy, an update on my last post: I rebooted the computer for the firewall rule changes to take effect and now I get a firewall log event like so: Something blocks outbound connections of spoolsv.exe (but not H_C or FirewallHardening). This executable is related to printing. This block can be...
malwaretips.com malwaretips.com

shmu26 said:
What added support was needed for Win11?
Click to expand...
malwaretips.com

Hard_Configurator - Windows Hardening Configurator

In HardeningKitty i found the following Firewall rules, which aren't in your FirewallHardening tool: ID Name Type Rule applies to Protocol Local ports IP addresses Profile Action 2307 HardeningKitty-Block-calc-x64 Custom Rule %SystemRoot%\System32\calc.exe Any Any Any Block All 2308...
malwaretips.com malwaretips.com
 
  • Like
  • Thanks
Reactions: Mercenary, Nevi, plat and 4 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
SecurityNightmares said:
malwaretips.com

Hard_Configurator - Windows Hardening Configurator

Hi Andy, an update on my last post: I rebooted the computer for the firewall rule changes to take effect and now I get a firewall log event like so: Something blocks outbound connections of spoolsv.exe (but not H_C or FirewallHardening). This executable is related to printing. This block can be...
malwaretips.com malwaretips.com


malwaretips.com

Hard_Configurator - Windows Hardening Configurator

In HardeningKitty i found the following Firewall rules, which aren't in your FirewallHardening tool: ID Name Type Rule applies to Protocol Local ports IP addresses Profile Action 2307 HardeningKitty-Block-calc-x64 Custom Rule %SystemRoot%\System32\calc.exe Any Any Any Block All 2308...
malwaretips.com malwaretips.com
Click to expand...
Thanks.
I didn't know about that new ASR rule. Good info.
I did know about that particular Win11 issue, as I reported it. Just wondering whether Andy found others.
 
  • Like
Reactions: Nevi, Andy Ful, ForgottenSeer 85179 and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,478
@shmu26,
ConfigureDefender and FirewallHardening Logs have not been displayed correctly on Windows 11. One of the issues was a bug in Windows 11 while using the wevtutil.exe system tool with /f:text switch to retrieve the text output of the Windows Events Log. I had to change the code and use another way to filter events.

Post edited.
 
Last edited:
  • Like
  • Thanks
Reactions: Mercenary, Nevi, plat and 4 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Andy Ful said:
@shmu26,
ConfigureDefender and FirewallHardening Logs have not been displayed correctly on Windows 11. One of the issues was a bug in Windows 11 while using the wevtutil.exe system tool with /text switch to retrieve the text output of the Windows Events Log. I had to change the code and use another way to filter events.
Click to expand...
Thanks. I think I experienced that logging bug, but I wasn't sure what happened.
 
  • Like
Reactions: Mercenary, Nevi, plat and 3 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,478
Some screenshots:

ConfigureDefender:

1626687975943.png

1626688002094.png



Hard_Configurator:

1626688083462.png



1626688115465.png
 
  • Like
  • +Reputation
  • Thanks
Reactions: Mercenary, cryogent, Nevi and 9 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,231
Andy Ful said:
New H_C ver. 6.0.0.0 beta 1:
This beta version can be installed over the previous version (5.1.1.2). It has been whitelisted by Microsoft, Avast, Norton, and Bitdefender.

Changelog:
  1. Introduced two color-changing buttons. When the restrictions are OFF, the buttons <Switch OFF/ON SRP> and <Switch OFF/ON Restrictions> change the background color from green to blue.
  2. Fixed some minor bugs.
  3. Added finger.exe to blocked sponsors and also to the H_C Enhanced profiles.
  4. Added some EXE files to FirewallHardening LOLBin Blocklist: csc, cvtres, CasPol, finger, ilasm, jsc, Microsoft.Workflow.Compiler, mscorsvw, ngen, ngentask, vbc.
  5. Added SLK file extension to the default protected extensions.
  6. Added a switch -p to run H_C and SwitchDefaultDeny with SRP enforcement to block all users (including Administrators) - it can be used especially on the older Windows versions to improve post-exploitation protection on default Admin account. This switch should be used only by very experienced users.
  7. New version of ConfigureDefender:
    - Added some useful information to the Help and manual.
    - Added "Send All" setting to Automatic Sample Submission.
    - Updated ASR rules (1 new rule added).
    - Added the Warn mode to ASR rules.
    - Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
    - Added the <Info> button next to the Protection Levels buttons. It displays information about which settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
    - Redesigned slightly the layout of the Exploit Guard section.
  8. Added support for Windows 11.

Be safe.(y)
Click to expand...
Great work and thanks for keeping those tools up to date (y)
Will there be a standalone (beta) version of the new ConfigureDefender?
 
  • Like
  • +Reputation
Reactions: Mercenary, jerzy601, Nevi and 7 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,231
Posted the news on the other site and got a special thanks for @Andy Ful
www.wilderssecurity.com

Hard_Configurator - GUI to Manage Software Restriction Policies and harden Windows Home OS

Started using this and recommended settings is probably safe to use? I also added recommended H_C in firewall hardening.
www.wilderssecurity.com www.wilderssecurity.com
Thanks @Gandalf_The_Grey - And special Thanks to AndyFul.
Click to expand...
www.wilderssecurity.com

Hard_Configurator - GUI to Manage Software Restriction Policies and harden Windows Home OS

Started using this and recommended settings is probably safe to use? I also added recommended H_C in firewall hardening.
www.wilderssecurity.com www.wilderssecurity.com
 
  • Like
  • +Reputation
Reactions: Mercenary, cryogent, Nevi and 8 others

Similar threads

Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
29,412
Hard_Configurator Tools
South Park
South Park
Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
318
Views
34,073
Hard_Configurator Tools
Andy Ful
Andy Ful
SpyNetGirl
    • Like
    • Applause
    • Thanks
Serious Discussion Why do you use obsolete security technologies such as SRP?
Replies
7
Views
1,127
General Security Discussions
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top