Hard_Configurator - Windows Hardening Configurator

Moonhorse

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Im not sure is this asked before(maybe), but is it possible to have option to run H_C on system startup, since it has minimize option when opened from desktop?

So it kinda helps to see you have such settings enabled as example

hchmmm.png
 
  • Like
Reactions: Deletedmessiah, Andy Ful, Weebarra and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Raiden said:
This is the one thing plus some other PowerShell tweaks that I like. Other than that H_C covers everything else. (y)
Click to expand...
AFAIK the recommended settings of H_C already include Constrained language for Powershell, and the settings on the right side have the other tweaks. And in the sponsors list, you can block all non-elevated powershell executions. I think that pretty much covers it. Andy can shed more light on the subject.
 
  • Like
Reactions: Deletedmessiah, Weebarra, bribon77 and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
The firewall rules are not required in H_C, because the advanced user can block sponsors via SRP, which is much more comprehensive protection for the home users. Also, in the recommended H_C settings, both blocked sponsors and firewall rules are a kind of overkill, except some special cases.
Yet, firewall rules can be useful for not advanced users in default allow setup (SysHardener, CUP).

It is worth mentioning that firewall rules cannot fully stop PowerShell from downloading the payload (only some methods can be blocked). Also, the firewall 'Block' rule for the application, does not block its child processes. So for example, if the user applies the firewall 'Block' rule for cmd.exe, then the 'ping' command from the CMD Console (or command line) still can connect to the Internet.
 
Last edited:
  • Like
Reactions: ForgottenSeer 85179, Deletedmessiah, paulderdash and 8 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Moonhorse said:
Im not sure is this asked before(maybe), but is it possible to have option to run H_C on system startup, since it has minimize option when opened from desktop?

So it kinda helps to see you have such settings enabled as example

View attachment 206560
Click to expand...
After installing H_C, the 'Switch Default Deny' shortcut is created on the desktop. You can run it to see if the default-deny protection is enabled.
SwitchDefaultDeny.png


It is possible to make the simple application that could start with Windows (minimized in the system tray), and read from the Registry if default-deny SRP is activated. I did not do it, because H_C was intended to avoid adding the additional processes in the system.
 
Last edited:
  • Like
Reactions: ForgottenSeer 85179, harlan4096, Moonhorse and 3 others
oldschool

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,595
Andy Ful said:
After installing H_C, the 'Switch Default Deny' shortcut is created on the desktop. You can run it to see if the default-deny protection is enabled. ...I did not do it, because H_C was intended to avoid adding the additional processes in the system.
Click to expand...

Please keep it as is. (y)

@Moonhorse - you should not normally need to change configuration often, unless you simply wish to do so.
 
  • Like
Reactions: Andy Ful, Gandalf_The_Grey, Moonhorse and 1 other person
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,233
Andy Ful said:
I have got the message from @askalan, that he wants to support the Hard_Configurator project by creating the dedicated domain and web page. So, the domain hard-configurator.com will be directed to the dedicated webpage with some important information about Hard_Configurator. The web page will be finished soon. At this moment the domain hard-configurator.com is connected to the GitHUB webpage.
The photos:
View attachment 204904

View attachment 204905
Thanks @askalan. Good work.(y)(y)(y)
Click to expand...
Any updates on the website hard-configurator.com?
 
  • Like
Reactions: Andy Ful, oldschool, bribon77 and 1 other person
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Andy Ful said:
The same as escaping Wine and infecting the Linux.
Click to expand...
Could you comment on the risk of escaping Wine? I mean, is that a theoretical possibility, or something that once happened, or something that commonly happens, or...
I am asking because I never heard much about it, other than that the possibility exists.
 
  • Like
Reactions: harlan4096
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
shmu26 said:
Could you comment on the risk of escaping Wine? I mean, is that a theoretical possibility, or something that once happened, or something that commonly happens, or...
I am asking because I never heard much about it, other than that the possibility exists.
Click to expand...
There were uncovered some vulnerabilities which could allow to infect the particular Linux distributions via Wine. But, I did not hear about such malware in the wild. Many Windows malware files cannot run properly in Wine. Some can infect Wine and the mounted drives, but are not aware of Linux.
In theory, the attacker can use Wine to infect Linux. But generally, it is rather improbable in the wild, because it is not profitable for the malc0ders. Yet, you have to find the AV that works well in Wine to fight the malware that can run in Wine.
 
  • Like
Reactions: oldschool and harlan4096
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Andy Ful said:
There were uncovered some vulnerabilities which could allow to infect the particular Linux distributions via Wine. But, I did not hear about such malware in the wild. Many Windows malware files cannot run properly in Wine. Some can infect Wine and the mounted drives, but are not aware of Linux.
In theory, the attacker can use Wine to infect Linux. But generally, it is rather improbable in the wild, because it is not profitable for the malc0ders. Yet, you have to find the AV that works well in Wine to fight the malware that can run in Wine.
Click to expand...
Thanks. I had the idea to delete typical lol bins such as cmd.exe etc from the Windows directory in Wine, since MS Office apps don't really need them for normal usage.
 
  • Like
Reactions: oldschool
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
paulderdash said:
And an ETA for new version of H_C? Apologies if it's already been mentioned here.

I want to try H_C but thought I'd wait for the new version if it is imminent.
Click to expand...
The new version of H_C is usually pushed after the new compilation of Windows 10. I may do it earlier, but there are not any essential new features, except a few cosmetic changes.
 
  • Like
Reactions: oldschool, Sunshine-boy, bribon77 and 5 others

Similar threads

Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
29,418
Hard_Configurator Tools
South Park
South Park
Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
318
Views
34,091
Hard_Configurator Tools
Andy Ful
Andy Ful
SpyNetGirl
    • Like
    • Applause
    • Thanks
Serious Discussion Why do you use obsolete security technologies such as SRP?
Replies
7
Views
1,127
General Security Discussions
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top