Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 818693" data-attributes="member: 32260"><p>I prepared a simple Help for Firewall Hardening tool. If someone would like to add/change something, then let me know, please.</p><p></p><p>***************************************</p><p>Firewall Hardening tool can apply and manage Outbound Block Rules in Windows Firewall by using Windows policies. The restart of Windows is required to apply the configuration changes.</p><p>The paths of blocked executables are displayed as a list. Each entry can be managed by using the buttons located on the bottom of the application GUI.</p><p><Add Rule> button allows adding the rule for any executable.</p><p><Deactivate Rule> button makes the highlighted rules inactive, but does not remove rules.</p><p><Block Rule> button changes highlighted inactive rules to blocked.</p><p><Remove Rule> button removes highlighted rules from the list (and Windows Firewall settings).</p><p></p><p>The user can add/remove some predefined rules by using the options visible on the right of application GUI.</p><p><LOLBins> button allows adding the rules for many executables from system folders, which are known to be commonly abused by malc0ders.</p><p><MS Office> button allows adding rules for MS Office executables (Word, Excel, PowerPoint, and Equation Editor).</p><p><Adobe Acrobat Reader> button allows adding rules for Adobe Acrobat Reader application.</p><p><Recommended H_C> button allows adding some rules suited for users who applied Hard_Configurator Recommended settings.</p><p></p><p>The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules.</p><p></p><p>The user can enable auditing Windows Firewall with Advanced Security in category "Object Access" and subcategory "Audit Filtering Platform Packet Drop". This can be done by choosing the radio button 'ON', under "Start logging events".</p><p>If auditing is enabled, then the blocked events can be filtered from Windows Event Log by 5152 Event Id. This can be done when pressing <Blocked Events> button, visible under the OFF/ON radio buttons. The Event Log file can store the entries from several hours (usually 12 hours).</p><p>**************************************</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 818693, member: 32260"] I prepared a simple Help for Firewall Hardening tool. If someone would like to add/change something, then let me know, please. *************************************** Firewall Hardening tool can apply and manage Outbound Block Rules in Windows Firewall by using Windows policies. The restart of Windows is required to apply the configuration changes. The paths of blocked executables are displayed as a list. Each entry can be managed by using the buttons located on the bottom of the application GUI. <Add Rule> button allows adding the rule for any executable. <Deactivate Rule> button makes the highlighted rules inactive, but does not remove rules. <Block Rule> button changes highlighted inactive rules to blocked. <Remove Rule> button removes highlighted rules from the list (and Windows Firewall settings). The user can add/remove some predefined rules by using the options visible on the right of application GUI. <LOLBins> button allows adding the rules for many executables from system folders, which are known to be commonly abused by malc0ders. <MS Office> button allows adding rules for MS Office executables (Word, Excel, PowerPoint, and Equation Editor). <Adobe Acrobat Reader> button allows adding rules for Adobe Acrobat Reader application. <Recommended H_C> button allows adding some rules suited for users who applied Hard_Configurator Recommended settings. The applied rules may be also viewed when using Windows Firewall Advanced settings, but can be managed only by Firewall Hardening tool, or by editing the Registry under the key: HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules. The user can enable auditing Windows Firewall with Advanced Security in category "Object Access" and subcategory "Audit Filtering Platform Packet Drop". This can be done by choosing the radio button 'ON', under "Start logging events". If auditing is enabled, then the blocked events can be filtered from Windows Event Log by 5152 Event Id. This can be done when pressing <Blocked Events> button, visible under the OFF/ON radio buttons. The Event Log file can store the entries from several hours (usually 12 hours). ************************************** [/QUOTE]
Insert quotes…
Verification
Post reply
Top
