Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 826829" data-attributes="member: 32260"><p><span style="font-size: 18px"><strong>Hard_Configurator beta ver. 4.1.1.1</strong></span></p><p></p><p><span style="font-size: 15px">For Windows 64-bit: <a href="https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x64)_beta_4.1.1.1.exe" target="_blank">AndyFul/Hard_Configurator</a></span></p><p><span style="font-size: 15px">For Windows 32-bit: <a href="https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x86)_beta_4.1.1.1.exe" target="_blank">AndyFul/Hard_Configurator</a></span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">This beta version was created to strengthen the Allow-Exe setup. I added three security features:</span></p><ol> <li data-xf-list-type="ol"><span style="font-size: 15px">FirewallHardening tool.</span></li> <li data-xf-list-type="ol"><span style="font-size: 15px"><ValidateAdminCodeSignatures> option (available on Windows 8+).</span></li> <li data-xf-list-type="ol"><span style="font-size: 15px"><Paranoid Extensions> option (over 250 protected file extensions).</span></li> </ol><p>Hard_Configurator's Allow-Exe setup is functionally similar to SysHardener settings but more comprehensive and more configurable because it allows whitelisting the blocked entries, which is impossible in SysHardener. The user can also check if the restrictions do not block silently something important. Still, the SysHardener application will be OK for many users, because its default settings usually do not require user attention.</p><p>The example of the Allow-Exe profile is <strong><span style="color: rgb(0, 168, 133)">WIndows_10_MT_Windows_Security_hardening</span>, </strong>which was discussed here: <a href="https://malwaretips.com/threads/using-hard_configurator-in-hardenedmode-with-configuredefender-in-highest-protection-on-windows10.92678/post-823293" target="_blank">Windows Defender - Using Hard_Configurator in HARDENEDmode with ConfigureDefender in HIGHEST protection on Windows10</a></p><p></p><p>The full changelog:</p><p>Version 4.1.1.1</p><ol> <li data-xf-list-type="ol">Added, "Paranoid Extensions" (259 potentially dangerous file type extensions).</li> <li data-xf-list-type="ol">Added FirewallHardening tool, which blocks by Windows Firewall many LOLBins and allows the user to block any application.</li> <li data-xf-list-type="ol">Removed explorer.exe paths from FirewallHardening LOLBins on Windows 8 and 8.1., for compatibility with SmartScreen.</li> <li data-xf-list-type="ol">Two buttons <Recommended SRP> and <Recommended Restrictions> are replaced by one green button <Recommended Settings>.</li> <li data-xf-list-type="ol">Reorganization of buttons: the violet buttons <Firewall Hardening> and <ConfigureDefender> are now located in the upper part of the main window.<br /> The button <No Removable Disks Exec.> was replaced by the new option button <Validate Admin Code Signatures> (see point 7).</li> <li data-xf-list-type="ol">If Default Deny Protection is turned OFF by 'Switch Default Deny' tool, then "Run By SmartScreen" option is automatically enabled in Explorer context menu. It can be used for installing safely the applications both on Administrator and Standard User type of accounts.</li> <li data-xf-list-type="ol">Added the option <Validate Admin Code Signatures> which changes the UAC settings to enforce cryptographic signatures on any interactive application that requests elevation of privilege. This setting will prevent the user to run from Explorer the applications which require Administrative rights but are not digitally signed.</li> <li data-xf-list-type="ol">Added the profile "Windows_10_MT_Windows_Security_hardening.hdc" which uses the new option <Validate Admin Code Signatures>.</li> <li data-xf-list-type="ol">The option <Restore Windows Defaults> does restore also Windows Defender defaults and removes FirewallHardening Outbound block rules.</li> <li data-xf-list-type="ol">All Hard-Configurator native executables are digitally signed by SHA256 certificate (Certum Code Signing CA SHA2).</li> </ol></blockquote><p></p>
[QUOTE="Andy Ful, post: 826829, member: 32260"] [SIZE=5][B]Hard_Configurator beta ver. 4.1.1.1[/B][/SIZE] [SIZE=4]For Windows 64-bit: [URL='https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x64)_beta_4.1.1.1.exe']AndyFul/Hard_Configurator[/URL] For Windows 32-bit: [URL='https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x86)_beta_4.1.1.1.exe']AndyFul/Hard_Configurator[/URL] This beta version was created to strengthen the Allow-Exe setup. I added three security features:[/SIZE] [LIST=1] [*][SIZE=4]FirewallHardening tool.[/SIZE] [*][SIZE=4]<ValidateAdminCodeSignatures> option (available on Windows 8+).[/SIZE] [*][SIZE=4]<Paranoid Extensions> option (over 250 protected file extensions).[/SIZE] [/LIST] Hard_Configurator's Allow-Exe setup is functionally similar to SysHardener settings but more comprehensive and more configurable because it allows whitelisting the blocked entries, which is impossible in SysHardener. The user can also check if the restrictions do not block silently something important. Still, the SysHardener application will be OK for many users, because its default settings usually do not require user attention. The example of the Allow-Exe profile is [B][COLOR=rgb(0, 168, 133)]WIndows_10_MT_Windows_Security_hardening[/COLOR], [/B]which was discussed here: [URL="https://malwaretips.com/threads/using-hard_configurator-in-hardenedmode-with-configuredefender-in-highest-protection-on-windows10.92678/post-823293"]Windows Defender - Using Hard_Configurator in HARDENEDmode with ConfigureDefender in HIGHEST protection on Windows10[/URL] The full changelog: Version 4.1.1.1 [LIST=1] [*]Added, "Paranoid Extensions" (259 potentially dangerous file type extensions). [*]Added FirewallHardening tool, which blocks by Windows Firewall many LOLBins and allows the user to block any application. [*]Removed explorer.exe paths from FirewallHardening LOLBins on Windows 8 and 8.1., for compatibility with SmartScreen. [*]Two buttons <Recommended SRP> and <Recommended Restrictions> are replaced by one green button <Recommended Settings>. [*]Reorganization of buttons: the violet buttons <Firewall Hardening> and <ConfigureDefender> are now located in the upper part of the main window. The button <No Removable Disks Exec.> was replaced by the new option button <Validate Admin Code Signatures> (see point 7). [*]If Default Deny Protection is turned OFF by 'Switch Default Deny' tool, then "Run By SmartScreen" option is automatically enabled in Explorer context menu. It can be used for installing safely the applications both on Administrator and Standard User type of accounts. [*]Added the option <Validate Admin Code Signatures> which changes the UAC settings to enforce cryptographic signatures on any interactive application that requests elevation of privilege. This setting will prevent the user to run from Explorer the applications which require Administrative rights but are not digitally signed. [*]Added the profile "Windows_10_MT_Windows_Security_hardening.hdc" which uses the new option <Validate Admin Code Signatures>. [*]The option <Restore Windows Defaults> does restore also Windows Defender defaults and removes FirewallHardening Outbound block rules. [*]All Hard-Configurator native executables are digitally signed by SHA256 certificate (Certum Code Signing CA SHA2). [/LIST] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
