Hard_Configurator - Windows Hardening Configurator

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,897
Hello !

what is this "turn ON advanced SRP logging" ?
if I enable, whats happen ? Windows 11 stay usable easily ?

Thanks

View attachment 279246

You can find the info about TOOLS options in the Hard_Configurator manual:
Hard_Configurator - Manual.pdf ---> TROUBLESHOOTING >> Using TOOLS

The option "Turn ON Advanced SRP logging" is rarely needed. You can keep it turned off - it turns on some additional event logging (uses more resources).
 
Last edited:

Xeno1234

Level 13
Jun 12, 2023
642
This tool seems interesting to harden security on my PC. I currently using Kaspersky and wonder if I should switch to using this.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,897
This tool seems interesting to harden security on my PC. I currently using Kaspersky and wonder if I should switch to using this.
Yes, it does not depend much on the concrete AV. With Kaspersky, you must skip the ConfigureDefender option which is for Microsoft Defender.
Use recommended settings for some weeks to see how H_C works.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,897
I also utilize Kaspersky Default Deny, or @harlan4096 configuration. Would there be any benefit alongside that?
I rater thought about Kaspersky free. If you can apply the @harlan4096 settings, then you can skip H_C.
In theory, you could use H_C to block SMB protocols, remote features, scripting engines, and some LOLBins to mitigate the fileless attack vectors started by exploits. But, I do not think that you need such type of security.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,897
@Andy Ful Any idea why Firewall Hardener blocks network access to .cmd scripts even after making it inactive.
FirewallHardening does not block Internet access to .cmd scripts. It can block the outbound connections of executables. If the .cmd script runs an executable that is on the BlockList, the connection will be blocked. You must look at the FirewallHardening Log to see what has happened:

1700748421411.png
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,223
FirewallHardening does not block Internet access to .cmd scripts. It can block the outbound connections of executables. If the .cmd script runs an executable that is on the BlockList, the connection will be blocked. You must look at the FirewallHardening Log to see what has happened:

View attachment 279853

It seems powershell was being blocked. Had to deactivate the rules in System32 and SysWOW64 and a reboot to get it working.
 
F

ForgottenSeer 103564

Anytime. I have much respect for your ability to be humble, given your level of knowledge and your approach to users at all times. It literally sets a standard all developers should strive for. The fact you do not even charge money to use your product which means all your time is voluntary speaks tremendous volumes as well.

You should be thanked more often.
 

Gandalf_The_Grey

Level 75
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,446
Is there any way for me to disable the .exe default deny in HC? I have it set up through Kaspersky.
You can, please read the manual:
Basic_Recommended_Settings on Windows 8+".
This is a predefined setting profile that allows EXE (TMP) and MSI files globally. The scripts, shortcuts and other files with unsafe extensions are still blocked by default in UserSpace. On the contrary to the Recommended Settings, shortcuts are allowed in the Startup folder. This profile can harden Windows 8+ while maintaining maximum functionality and compatibility. It could be probably called Recommended Settings for cautious users.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,897
Is there any way for me to disable the .exe default deny in HC? I have it set up through Kaspersky.

Yes, If you have in mind allowing all EXE files in H_C:

1706297775342.png


If you want to allow all EXE and MSI files, then additionally use "Allow MSI" option.

You can also load one of predefined profiles:
A predefined settings profile "Windows_10_Avast_Hardened_Mode_Aggressive.hdc" allows EXE files in H_C and keeps other recommended settings.
A predefined settings profile "Windows_10_Basic_Recommended_Settings.hdc" allows EXE + MSI files in H_C and keeps other recommended settings.
 
Last edited:

skiper

Level 1
Apr 6, 2021
14
Hello, I am currently testing Hard_Configurator without Windows Defender. And it will probably stay that way.

I saw this method without AV and I would like to try it on a laptop. I didn't see it add anything from Firewall Hardening, it only uses Hard_Configurator Recommended Settings and only Install By SmartScreen (maybe I'll optionally use VirusTotal if it's something more insecure).

For a system without AV is Hard_Configurator Recommended Settings enough? Or maybe something needs to be added from Firewall Hardening? Or maybe just a more Enhanced/Strict Profile?
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=dword:00000001
After restarting Windows, you should get WD turned off.
This is how I shut down Windows Defender. Is it enough?
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top