Hard_Configurator - Windows Hardening Configurator

Kerneli

New Member
Apr 28, 2024
1
Is there Windows 11 23H2 support coming? Or what else would be good free alternative besides Hard configurator as cannot use it with my Win11 23H2...
 
A

Azazel

Hello @Andy Ful ,
I have a question.
Is "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" a robust protective rule or are there non-sophisticated ways it can be easily bypassed?
 
  • Like
Reactions: Andy Ful

n8chavez

Level 20
Well-known
Feb 26, 2021
972
Hello @Andy Ful ,
I have a question.
Is "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" a robust protective rule or are there non-sophisticated ways it can be easily bypassed?

I've found that particular option being more trouble then it's worth; in essence creating a lockdown mode where EVERYTHING new-ish needs to be whitelisted in order to run.
 
  • Like
Reactions: Azazel

n8chavez

Level 20
Well-known
Feb 26, 2021
972
Really? Well, curiouser and curiouser. I've had nothing but problems. But I always automate things via scripting and always update my software.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Really? Well, curiouser and curiouser. I've had nothing but problems. But I always automate things via scripting and always update my software.

Yes, It can block new installations/updates with low prevalence. The block disappears after about 2 days. One can use that ASR rule set to Warn to avoid most problems.
Of course, it will be inconvenient when one has many applications that auto-update frequently. That is why it is not included in ConfigureDefender HIGH settings.
 

n8chavez

Level 20
Well-known
Feb 26, 2021
972
Yes, It can block new installations/updates with low prevalence. The block disappears after about 2 days. One can use that ASR rule set to Warn to avoid most problems.
Of course, it will be inconvenient when one has many applications that auto-update frequently. That is why it is not included in ConfigureDefender HIGH settings.

Don't get me wrong; I'm not in any way, shape or form saying that you or Hard Configurator is bad. I just mean that particular ASR option doesn't fit my needs, for reasons you mentioned. My opinion, this or @danb's Configure Defender should be on every system without exception.
 
F

ForgottenSeer 109138

Yes, I know. :)
Anyway, I do not think that you need H_C or ConfigureDefender. For many MT members, any advanced protection is a kind of insurance, learning, or fun.
No way, you didn't just contradict yourself here did you, an advanced application is for fun and learning yet so easy a typical users can use them correct. Its not like they could misconfigure into vulnerability.
 
F

ForgottenSeer 109138

If I understand correctly, Sponsors=LOLBins?

I'm thinking of @oldschool configuration.If Sponsors=LOLBins, FirewallHardening ADD LOLBins can be obtained in this way too?

1. Press <Load Profile> and choose All_OFF.hdc
2. Press <(Re)Install SRP>
3. Press <Block Sponsors> <Select All>
4. Apply changes.

There are 178 in total.

Is one better than the other? It is better to block LOLBins from FirewallHardening or Sponsors this way. LOLBins contain the same number?
Its lack of understanding the operating system and how it works, combined with a lack of understanding of the software that can cause issue Andy, how easy would it be to misconfigure something you don't understand. I can pull posts from this thread all day long demonstrating this if you would like, since you trashed my thread stating otherwise.
 
  • Wow
Reactions: kylprq
F

ForgottenSeer 109138

If you are using this software for fun or learning do become aware of the products disclaimer. Any damage you do to your system or any other issues that may arise are solely the responsibility of the user. The developer that pushes this software as so easy to use, is not responsible once you install his product. If you are not knowledgeable of windows process and procedures or familiar with default deny I would not recommend taking this chance. You are better off using a Security Suit.

Disclaimer of Warranty
THIS SOFTWARE IS DISTRIBUTED "AS IS". NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE IT AT YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS, DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING THIS SOFTWARE.

Distribution
These tools may be freely distributed as long as no modification is made to it.

Andrzej Pluta (@Andy Ful)
 
  • +Reputation
Reactions: Trident

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
No way, you didn't just contradict yourself here did you, an advanced application is for fun and learning yet so easy a typical users can use them correct. Its not like they could misconfigure into vulnerability.

There is no contradiction. The H_C is mainly intended for advanced users to apply Windows built-in restrictions on the computers of inexperienced users (no MT members).
MT members can use H_C on personal computers if they want, but often it is not necessary for security reasons. I guess that they often like to use it as a kind of insurance, learning, or fun.
 
Last edited:
  • Like
Reactions: Jan Willy

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Its lack of understanding the operating system and how it works, combined with a lack of understanding of the software that can cause issue Andy, how easy would it be to misconfigure something you don't understand. I can pull posts from this thread all day long demonstrating this if you would like,

I am not sure what to say. H_C is a tool for advanced users, but there can be users who want to experiment with settings.
Anyway, you are wrong when thinking that such experiments will do something dangerous to the system. Even with the most restricted setup we have:
  1. During the installation, the user is prompted to do a System Restore Point.
  2. SRP restrictions do not restrict local Administrators and processes running with high privileges.
  3. SystemSpace is always whitelisted (%WinDir%, %ProgramFiles%, etc.)
  4. H_C can be started even with the most restrictive setup, so the user can always change the setup.
  5. The Recommended Settings can be restored with one click.
By the way, I am sorry that your thread has been closed. I did not ask the staff for that (and did not report anything), even when your posts became too personal.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
If you are using this software for fun or learning do become aware of the products disclaimer. Any damage you do to your system or any other issues that may arise are solely the responsibility of the user. The developer that pushes this software as so easy to use, is not responsible once you install his product. If you are not knowledgeable of windows process and procedures or familiar with default deny I would not recommend taking this chance. You are better off using a Security Suit.

You know that this is a standard disclaimer for open-source & free software. This disclaimer is displayed during installation, so users are informed without your warning. As you can see the disclaimer intends to discourage inexperienced users. I already explained it to you in another thread. It seems that you start trolling this thread.
Hard_Configurator has been here for several years and does not produce much trouble.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top