By Staff harlan4096 Security Config 2024

Last updated
May 26, 2024
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
Linux Mint in VMWare Pro :)
On-device encryption
VeraCrypt
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
ZYXEL EX3301 (ISP router)
Real-time security
  • Kaspersky Endpoint Security 12.5
  • KeyScrambler Free
  • SandBoxie Classic
Firewall security
Other - Internet Security (3rd-party)
About custom security
  • Windows 11 Core Isolation disabled: using AMD Hardware Virtualization enabled in VMWare
  • Host Intrusion Prevention: Trust group for applications that could not be added to existing groups -> UnTrusted
  • Host Intrusion Prevention: Trust group for applications started before Kaspersky Endpoint Security -> UnTrusted
  • Host Intrusion Prevention: Trust digitally signed applications -> Disabled
  • Host Intrusion Prevention: Manage Resources: my C:\User\<account> protected with special strong rights
  • Treat port scanning and network flooding as attacks -> Enabled
  • MAC Spoofing Protection -> Enabled
Periodic malware scanners
  • AdwCleaner
  • NPE
  • EEK
  • HitManPro
  • McAfee Stinger
  • ESET Online Scanner
Malware sample testing
I do participate in malware testing. See details about my testing environment below.
Environment for malware testing
VMWare Pro with 3 virtual machines: Kaspersky Premium 21.17, Kaspersky Endpoint Security 12.5, Linux Mint
Browser(s) and extensions
I have 6 browsers installed: Mozilla FireFox, LibreWolf, Opera, Brave, Chrome and of course Edge (🤢)

But my main daily is Mozilla FireFox (using DuckDuckGo URL as main page for searching), with add-ons:
  • uBlock Origin
  • NetCraft
  • WebRTC Leak Protection
  • DarkReader
  • Simple Translate
  • Language Tool

Temporally trying:
  • DuckDuckGo Privacy Essentials
  • JShelter
In the rest of browsers, I have, at least, uBlock Origin add-on installed.
Secure DNS
DNS over HTTPS ciphered Mullvad DNS IP4/IP6
Desktop VPN
  • Kaspersky VPN Unlimited
  • WindScribe (10GB monthly)
Password manager
KeePassXC (offline)
Maintenance tools
  • WPD to stop unnecessary Windows services and Telemetry.
  • CrystalDiskInfo
  • CrystalDiskMark
  • HWMonitor
  • QuickCPU
  • FastCopy
  • Free Download Manager
  • AnyDesk (paid subscription, I need it for my working)
File and Photo backup
MegaSync app + Mega Pro Lite (400GB)
Subscriptions
    • None
System recovery
  • Macrium Reflect Home (paid)
  • Hasleo backUp Suite (free for now)
Weekly cloning both images to external hard drive.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from unknown / untrusted / shady sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Notable changes
  • 27/05/2024: Removed RogueKiller in Periodic scanners, added ESET Online Scanner
  • 27/05/2024: Removed 9.9.9.9 in Secure DNS, added DNS0.EU
  • 31/05/2024: Added DuckDuckGo as main seeker in all browsers, also added DDG Essentials add-on
  • 01/06/2024: Changed Windows 11 Secure DNS and DNSoHTTPS to ciphered Mullvad DNS IP4/IP6
What I'm looking for?

Looking for medium feedback.

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,794
Well, I've radically changed my main security setup, just changed Kaspersky Premium to Kaspersky Endpoint Security, that comes with some additional and interesting security features. A

Although I can't access to all the power of KES, if it is not managed by a console (probably will implement later), still will improve my security compared to KPremium.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,566
Not sure wether I should dare to give recommendations to a mod but I will just do it. (Please don't ban me <3)

You may want to replace RogueKiller with ESET Online Scanner. I'm sure its a better option.

Also you should definitely take a closer look at SafeToOpen. From my experiences it performs better than Netcraft.

And why not just disable WebRTC in about config? You don't need an extension for that.
(y)
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,794
Not sure wether I should dare to give recommendations to a mod but I will just do it. (Please don't ban me <3)

You may want to replace RogueKiller with ESET Online Scanner. I'm sure its a better option.

Also you should definitely take a closer look at SafeToOpen. From my experiences it performs better than Netcraft.

And why not just disable WebRTC in about config? You don't need an extension for that.
(y)

🤣

I know RogueKiller performing is so so, probably I keep it by inertia... tried also sometimes ESET OS in the past, will give again a try.

About SafeToOpen, looks very interesting, but sometimes it is giving so many big screen and very paranoid warnings for my taste hehe...

About WebRTC, the reason to use this add-on is that in some sites I have to re-enable WebRTC, and this way just with 1 fast and simple click can turn on / off.

Thanks for Your suggestions :)
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,794
I used to use this years ago, and then I stopped using it. Let me ask you this, Is it necessary with Kaspersky?
I think We have already commented this in the forum, Kaspersky home products only offers key encryption (Secure Input feature) when using supported browsers and also during Safe Money sessions, but KES (it's a business product line) does not have Secure Input nor Safe Money features. In Kaspersky there is not a specific module anti-key logging, detection of that suspicious behavior is integrated in System Watcher module. Anyway I feel more secure myself adding a layer with KeyScrambler Free, that works fine while using FireFox, for example.
 
Last edited:

Szellem

Level 7
Verified
Well-known
Apr 15, 2020
323
I think We have already commented this in the forum, Kaspersky home products only offers key encryption (Secure Input feature) when using supported browsers and also during Safe Money sessions, but KES (it's a business product line) does not have Secure Input nor Safe Money features. In Kaspersky there is not a specific module anti-key logging, detection of that suspicious behavior is integrated in System Watcher module. Anyway I feel more secure myself adding a layer with KeyScrambler Free, that works fine while using FireFox, for example.
You are a happy person! :) I would banish the Secure Input and Safe Money add-ons, as well as the Kaspersky Add-on. I consider them unnecessary for my part. For me, KSOS and Endpoint are much more sympathetic solutions. But they are unnecessary and expensive for 3 machines.
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,794
Yeah, probably overkill in browser add-ons, but currently trying different ones, and I won't keep all... in real-time, yeah -> KeyScrambler Free, but only used for browsers, so not much, and Sandboxie is not resident actually... :)
 

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,794

Szellem

Level 7
Verified
Well-known
Apr 15, 2020
323
Well, I've radically changed my main security setup, just changed Kaspersky Premium to Kaspersky Endpoint Security, that comes with some additional and interesting security features. A

Although I can't access to all the power of KES, if it is not managed by a console (probably will implement later), still will improve my security compared to KPremium.
I thought about it and joined the club.
I like KS and KSOS better than Home Editions.
There is no bullshit and it is more bouncy with KSOS and KES.
 

Attachments

  • Képernyőkép 2024-05-28 124210.png
    Képernyőkép 2024-05-28 124210.png
    244.6 KB · Views: 37

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top