Hard_Configurator - Windows Hardening Configurator

Im not sure is this asked before(maybe), but is it possible to have option to run H_C on system startup, since it has minimize option when opened from desktop?

So it kinda helps to see you have such settings enabled as example

hchmmm.png
 
  • Like
Reactions: Deletedmessiah, Andy Ful, Weebarra and 2 others
Raiden said:
This is the one thing plus some other PowerShell tweaks that I like. Other than that H_C covers everything else. (y)
Click to expand...
AFAIK the recommended settings of H_C already include Constrained language for Powershell, and the settings on the right side have the other tweaks. And in the sponsors list, you can block all non-elevated powershell executions. I think that pretty much covers it. Andy can shed more light on the subject.
 
  • Like
Reactions: Deletedmessiah, Weebarra, bribon77 and 4 others
The firewall rules are not required in H_C, because the advanced user can block sponsors via SRP, which is much more comprehensive protection for the home users. Also, in the recommended H_C settings, both blocked sponsors and firewall rules are a kind of overkill, except some special cases.
Yet, firewall rules can be useful for not advanced users in default allow setup (SysHardener, CUP).

It is worth mentioning that firewall rules cannot fully stop PowerShell from downloading the payload (only some methods can be blocked). Also, the firewall 'Block' rule for the application, does not block its child processes. So for example, if the user applies the firewall 'Block' rule for cmd.exe, then the 'ping' command from the CMD Console (or command line) still can connect to the Internet.
 
Last edited:
  • Like
Reactions: ForgottenSeer 85179, Deletedmessiah, paulderdash and 8 others
Moonhorse said:
Im not sure is this asked before(maybe), but is it possible to have option to run H_C on system startup, since it has minimize option when opened from desktop?

So it kinda helps to see you have such settings enabled as example

View attachment 206560
Click to expand...
After installing H_C, the 'Switch Default Deny' shortcut is created on the desktop. You can run it to see if the default-deny protection is enabled.
SwitchDefaultDeny.png


It is possible to make the simple application that could start with Windows (minimized in the system tray), and read from the Registry if default-deny SRP is activated. I did not do it, because H_C was intended to avoid adding the additional processes in the system.
 
Last edited:
  • Like
Reactions: ForgottenSeer 85179, harlan4096, Moonhorse and 3 others
Andy Ful said:
After installing H_C, the 'Switch Default Deny' shortcut is created on the desktop. You can run it to see if the default-deny protection is enabled. ...I did not do it, because H_C was intended to avoid adding the additional processes in the system.
Click to expand...

Please keep it as is. (y)

@Moonhorse - you should not normally need to change configuration often, unless you simply wish to do so.
 
  • Like
Reactions: Andy Ful, Gandalf_The_Grey, Moonhorse and 1 other person
Andy Ful said:
I have got the message from @askalan, that he wants to support the Hard_Configurator project by creating the dedicated domain and web page. So, the domain hard-configurator.com will be directed to the dedicated webpage with some important information about Hard_Configurator. The web page will be finished soon. At this moment the domain hard-configurator.com is connected to the GitHUB webpage.
The photos:
View attachment 204904

View attachment 204905
Thanks @askalan. Good work.(y)(y)(y)
Click to expand...
Any updates on the website hard-configurator.com?
 
  • Like
Reactions: Andy Ful, oldschool, bribon77 and 1 other person
Gandalf_The_Grey said:
Good te hear (y)Just curious, because I didn't hear nothing more from it and it looks like it's gonna be a really nice website
Click to expand...
I think that @askalan will do the best, and some people here will help him, to make it even better.
 
  • Like
Reactions: bribon77, Deletedmessiah, oldschool and 4 others
Andy Ful said:
The same as escaping Wine and infecting the Linux.
Click to expand...
Could you comment on the risk of escaping Wine? I mean, is that a theoretical possibility, or something that once happened, or something that commonly happens, or...
I am asking because I never heard much about it, other than that the possibility exists.
 
  • Like
Reactions: harlan4096
shmu26 said:
Could you comment on the risk of escaping Wine? I mean, is that a theoretical possibility, or something that once happened, or something that commonly happens, or...
I am asking because I never heard much about it, other than that the possibility exists.
Click to expand...
There were uncovered some vulnerabilities which could allow to infect the particular Linux distributions via Wine. But, I did not hear about such malware in the wild. Many Windows malware files cannot run properly in Wine. Some can infect Wine and the mounted drives, but are not aware of Linux.
In theory, the attacker can use Wine to infect Linux. But generally, it is rather improbable in the wild, because it is not profitable for the malc0ders. Yet, you have to find the AV that works well in Wine to fight the malware that can run in Wine.
 
  • Like
Reactions: oldschool and harlan4096
Andy Ful said:
There were uncovered some vulnerabilities which could allow to infect the particular Linux distributions via Wine. But, I did not hear about such malware in the wild. Many Windows malware files cannot run properly in Wine. Some can infect Wine and the mounted drives, but are not aware of Linux.
In theory, the attacker can use Wine to infect Linux. But generally, it is rather improbable in the wild, because it is not profitable for the malc0ders. Yet, you have to find the AV that works well in Wine to fight the malware that can run in Wine.
Click to expand...
Thanks. I had the idea to delete typical lol bins such as cmd.exe etc from the Windows directory in Wine, since MS Office apps don't really need them for normal usage.
 
  • Like
Reactions: oldschool
shmu26 said:
Thanks. I had the idea to delete typical lol bins such as cmd.exe etc from the Windows directory in Wine, since MS Office apps don't really need them for normal usage.
Click to expand...
Do not delete them but simply rename (cmd.exe --> !!!CMD.EXE).:giggle:
 
  • Like
Reactions: oldschool, harlan4096 and shmu26
paulderdash said:
And an ETA for new version of H_C? Apologies if it's already been mentioned here.

I want to try H_C but thought I'd wait for the new version if it is imminent.
Click to expand...
The new version of H_C is usually pushed after the new compilation of Windows 10. I may do it earlier, but there are not any essential new features, except a few cosmetic changes.
 
  • Like
Reactions: oldschool, Sunshine-boy, bribon77 and 5 others

You may also like...