Hard_Configurator - Windows Hardening Configurator
- Thread starter Andy Ful
- Start date
I have a question that might seem childish, but is there any benefit for a home user if they apply Microsoft Security Baseline and Update Baseline in addition to Hard_Configurator tweaked recommended settings?
I discussed this with a colleague at work and he is very convinced that it can be useful, I told him that as long as he has an operating system with up to date updates, Hard_Configurator installed, an AV that he likes and doesn't click on all the crap when surfing the web it's good enough and he doesn't have to become paranoid......but.....
I know that Security Baseline is for business environment but some settings I think can be useful to for a home user, so I don't know whether to agree with him or not.
I discussed this with a colleague at work and he is very convinced that it can be useful, I told him that as long as he has an operating system with up to date updates, Hard_Configurator installed, an AV that he likes and doesn't click on all the crap when surfing the web it's good enough and he doesn't have to become paranoid......but.....
I know that Security Baseline is for business environment but some settings I think can be useful to for a home user, so I don't know whether to agree with him or not.
Last edited:
When using Hard_Configurator you have Security Baseline + SRP adjusted to the home environment. You can also use several predefined configurations with a few mouse clicks and easily inspect the blocked events. Hard_Configurator includes the collective knowledge of many members on MalwareTips and some from Wilders Security forums.
Some hardening tweaks from Security Baseline can be useful at home, but some can decrease the default security on Windows Home. So, advanced knowledge is required when applying such hardening at home. Several tweaks are not necessary, because they are applied by default on Windows Home.
The problem is that Security Baseline is for Administrators who should understand the consequences of such hardening and can adjust the configuration to their needs. It is usually applied on computers with a static setup of installed applications.
Security Baseline requires inspecting Windows Event Logs to adjust the configuration and solve possible problems when something is silently blocked.
Generally, such hardening can be too complex for most users at home and often will produce more trouble than it's worth.
Some advanced users could use the adjusted Security Baseline + Hard_Configurator, but this can significantly increase the time needed to maintain such complex hardening. I do not recommend doing it.
Last edited:
It's about Windows Pro, but I think being the Pro version it has more settings enabled than Windows Home and using Security Baseline overlaps more with H_C.
I'll ask him to come here to join and ask questions if he wants more details.
Most settings on Windows Home are the same as on Windows Pro.
Such updating would be necessary if H_C would start with the system and could work in the background. I was thinking about it a few years ago, but I do not like such auto-features. The difference between auto-update and the current updating method in H_C is only one mouse click. So, I do not plan to include in the H_C the auto-update feature.
I plan to add in SimpleWindowsHardening the update button similar to that used in H_C.
I do not like auto-notify features too.
Such applications as DocumentsAntiExploit and FirewallHardening are parts of bigger projects, so they are not updated individually. You cannot use the simple script, because the links to these executables do not exist. They are embedded in the H_C or SWH installation files. It could be possible if I would create another website for standalone versions of DocumentsAntiExploit and FirewallHardening (maybe I will someday), but for now, I am too busy to create and maintain several websites.
Hard_Configurator ver. 6.1.1.1 Stable - support for Windows 22H2.
The ver. 6.0.1.1 Can be updated via the <Update> button on the H_C main window.
No functional changes from the last beta (some code improvements).
Added new digital certificate.
Edit.
The beta version must be updated manually by using the installer of the stable version. No need to uninstall the previous version.
The ver. 6.0.1.1 Can be updated via the <Update> button on the H_C main window.
No functional changes from the last beta (some code improvements).
Added new digital certificate.
Edit.
The beta version must be updated manually by using the installer of the stable version. No need to uninstall the previous version.
Last edited:
There is no need to do so. Some LOLBins (like Bitsadmin) are used only to download files, so blocking them via FirewallHardening is optimal. Some others can be safely blocked by FirewallHardening, but blocking them via H_C would be probably too restrictive (with unpredictable consequences).
Updated to v6.1.1.1 over the top v6.0.1.1. All ok. Win10
@Andy Ful Thank
A
Azazel
i meant if firewall hardening contains all LOLBins, and not to be added to H_C.
@Andy Ful --just wanted to let you know that suspicious site is still up. This one here:
Fortunately it's still blocked by @South Park's Grayware Blocklist, as well as uBO's Badware Risks. Has anyone w/VM tried to see what happens if one actually lands on that site. Is something downloaded in the background?
Gandalf_The_Grey
Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
It is also blocked by F-Secure:@Andy Ful --just wanted to let you know that suspicious site is still up. This one here:
Fortunately it's still blocked by @South Park's Grayware Blocklist, as well as uBO's Badware Risks. Has anyone w/VM tried to see what happens if one actually lands on that site. Is something downloaded in the background?
Yes, although it can be found when searching the "Hard_Configurator" phrase only via Google (Yandex and Bing do not show this malvertising website). Bing can show it when searching "Hard Configurator". SmartScreen and the AdBlock extension in Edge do not block this website.
I tried to open this website - it redirected me to random shopping websites completely unrelated to Hard_Configurator. Some of them are legal (like allegro), but I cannot exclude the possibility that some others can be related to phishing.
Unfortunately, I cannot do anything to get rid of it.
Blocked by uBO default Badware risk filterYes, although it can be found when searching the "Hard_Configurator" phrase only via Google (Yandex and Bing do not show this malvertising website). Bing can show it when searching "Hard Configurator". SmartScreen and the AdBlock extension in Edge do not block this website.
I tried to open this website - it redirected me to random shopping websites completely unrelated to Hard_Configurator. Some of them are legal (like allegro), but I cannot exclude the possibility that some others can be related to phishing.
Unfortunately, I cannot do anything to get rid of it.
I did a test Bitdefender TrafficLight blocked it as Dangerous Page and it was blocked for your protection. Andy don't worry about this, we know you, and you are a professional and trustworthy person, I hope I don't post more about this.
I never suspected that the website about H_C would gain enough popularity, to be abused in this way. When @askalan decided to create this website, we talked about such a possibility. He is a trustworthy person and I do not know why he disappeared suddenly from MT. I lost contact with him during the COVID-19 period (it would be sad if he was a victim of COVID).
I checked the online portals that promote legal software (Softpedia, MajorGeeks, etc.), but currently, they do not include this abused link. Unfortunately, the link is present on several forums (in old posts).
Please post here, If someone knows what can be done to prevent abusing this domain. It was "Expired" for several months (the paid subscription expired). Currently, it is legally taken by the firm that promotes ADs.
I checked the online portals that promote legal software (Softpedia, MajorGeeks, etc.), but currently, they do not include this abused link. Unfortunately, the link is present on several forums (in old posts).
Please post here, If someone knows what can be done to prevent abusing this domain. It was "Expired" for several months (the paid subscription expired). Currently, it is legally taken by the firm that promotes ADs.
Last edited:
You may also like...
-
-
FAI Tells It Like It Is - Microsoft's Wonky Default Deny Roadmaps, Users as Guinea Pigs, "Dilemmas and Paradoxes," and Why SRP Remains King
- Started by ForgottenSeer 114717
- Replies: 44
-
Microsoft testing Windows 11 batch file security improvements- Started by Parkinsond
- Replies: 0
-
CrySome RAT : An Advanced Persistent .NET Remote Access Trojan- Started by Khushal
- Replies: 3
-
