By Staff harlan4096 Security Config 2025

Last updated
Jan 22, 2025
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
VeraCrypt
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
ZYXEL EX3301 (ISP router)
Real-time security
  • Kaspersky Endpoint Security 12.8
  • KeyScrambler Free
  • SandBoxie Classic
Firewall security
Other - Internet Security (3rd-party)
About custom security
  • Windows 11 Core Isolation Enabled
  • Host Intrusion Prevention: Trust group for applications that could not be added to existing groups -> UnTrusted
  • Host Intrusion Prevention: Trust group for applications started before Kaspersky Endpoint Security -> UnTrusted
  • Host Intrusion Prevention: Trust digitally signed applications -> Disabled
  • Host Intrusion Prevention: Manage Resources: my C:\User\<account> protected with special strong rights
  • Treat port scanning and network flooding as attacks -> Enabled
  • MAC Spoofing Protection -> Enabled
Periodic malware scanners
  • AdwCleaner
  • NPE
  • EEK
  • HitManPro
  • McAfee Stinger
  • ESET Online Scanner
Malware sample testing
I do participate in malware testing. See details about my testing environment below.
Environment for malware testing
VMWare Pro with 2 virtual machines: Kaspersky Premium, Kaspersky Endpoint Security
Browser(s) and extensions
I have 6 browsers installed: Mozilla FireFox, LibreWolf, Opera, Brave, Chrome and of course Edge (🤢)

But my main daily is Mozilla FireFox (using DuckDuckGo URL as main page for searching), with add-ons:
  • uBlock Origin
  • NetCraft
  • WebRTC Leak Protection
  • DarkReader
  • Simple Translate
  • Language Tool
  • DuckDuckGo Privacy Essentials
In the rest of browsers, I have, at least, uBlock Origin (Lite in Chromium based) add-on installed.
Secure DNS
  • CloudFlare
  • Quad9
Desktop VPN
  • Mega VPN Unlimited
  • WindScribe (10GB monthly)
Password manager
KeePassXC (offline)
Maintenance tools
  • WPD to stop unnecessary Windows services and Telemetry.
  • CrystalDiskInfo
  • CrystalDiskMark
  • HWMonitor
  • QuickCPU
  • FastCopy
  • Free Download Manager
  • AnyDesk (paid subscription, I need it for my working)
File and Photo backup
MegaSync app + Mega Pro Lite (400GB)
Subscriptions
    • None
System recovery
  • Macrium Reflect Home (paid)
  • Hasleo BackUp Suite (free for now)
Weekly cloning both images to external hard drive.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from unknown / untrusted / shady sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
malwaretips.com

Showcase - harlan4096 MINISFORUM new main system

After using for long years my main system with an AMD Athlon II X3 450 + 12GB RAM DDR3 + Crucial MX300 SSD 512GB, I'm changing to this new system :) Anyway, the AMD Athlon II X3 still alive and kicking! And will keep it for testing purposes :) The new system it's a beast, very fast, not so...
malwaretips.com malwaretips.com
Notable changes
  • 22/01/2025: Updated versions of some already installed apps, added Mega VPN.
What I'm looking for?

Looking for medium feedback.

harlan4096

harlan4096

Super Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Forum Veteran
Apr 28, 2015
9,397
1
84,816
8,389
Well, I've radically changed my main security setup, just changed Kaspersky Premium to Kaspersky Endpoint Security, that comes with some additional and interesting security features. A

Although I can't access to all the power of KES, if it is not managed by a console (probably will implement later), still will improve my security compared to KPremium.
 
  • Like
  • +Reputation
  • Applause
Reactions: anirbandutta01, toto_10, Trident and 14 others
Not sure wether I should dare to give recommendations to a mod but I will just do it. (Please don't ban me <3)

You may want to replace RogueKiller with ESET Online Scanner. I'm sure its a better option.

Also you should definitely take a closer look at SafeToOpen. From my experiences it performs better than Netcraft.

And why not just disable WebRTC in about config? You don't need an extension for that.
(y)
 
  • Like
  • Hundred Points
  • +Reputation
Reactions: toto_10, Trident, oldschool and 5 others
Kongo said:
Not sure wether I should dare to give recommendations to a mod but I will just do it. (Please don't ban me <3)

You may want to replace RogueKiller with ESET Online Scanner. I'm sure its a better option.

Also you should definitely take a closer look at SafeToOpen. From my experiences it performs better than Netcraft.

And why not just disable WebRTC in about config? You don't need an extension for that.
(y)
Click to expand...

🤣

I know RogueKiller performing is so so, probably I keep it by inertia... tried also sometimes ESET OS in the past, will give again a try.

About SafeToOpen, looks very interesting, but sometimes it is giving so many big screen and very paranoid warnings for my taste hehe...

About WebRTC, the reason to use this add-on is that in some sites I have to re-enable WebRTC, and this way just with 1 fast and simple click can turn on / off.

Thanks for Your suggestions :)
 
  • Like
  • +Reputation
Reactions: Behold Eck, toto_10, Trident and 7 others
Brahman said:
I used to use this years ago, and then I stopped using it. Let me ask you this, Is it necessary with Kaspersky?
Click to expand...
I think We have already commented this in the forum, Kaspersky home products only offers key encryption (Secure Input feature) when using supported browsers and also during Safe Money sessions, but KES (it's a business product line) does not have Secure Input nor Safe Money features. In Kaspersky there is not a specific module anti-key logging, detection of that suspicious behavior is integrated in System Watcher module. Anyway I feel more secure myself adding a layer with KeyScrambler Free, that works fine while using FireFox, for example.
 
Last edited:
  • Like
  • +Reputation
Reactions: anirbandutta01, toto_10, Trident and 7 others
harlan4096 said:
I think We have already commented this in the forum, Kaspersky home products only offers key encryption (Secure Input feature) when using supported browsers and also during Safe Money sessions, but KES (it's a business product line) does not have Secure Input nor Safe Money features. In Kaspersky there is not a specific module anti-key logging, detection of that suspicious behavior is integrated in System Watcher module. Anyway I feel more secure myself adding a layer with KeyScrambler Free, that works fine while using FireFox, for example.
Click to expand...
You are a happy person! :) I would banish the Secure Input and Safe Money add-ons, as well as the Kaspersky Add-on. I consider them unnecessary for my part. For me, KSOS and Endpoint are much more sympathetic solutions. But they are unnecessary and expensive for 3 machines.
 
  • Like
Reactions: Trident and harlan4096
Yeah, probably overkill in browser add-ons, but currently trying different ones, and I won't keep all... in real-time, yeah -> KeyScrambler Free, but only used for browsers, so not much, and Sandboxie is not resident actually... :)
 
  • Like
  • +Reputation
Reactions: anirbandutta01, Berny, Trident and 4 others
Hum no, but I don't use "Simple Translate" add-on to translate full pages, but to select specific text from a site and get a translation popup, so it's very direct, easy and fast.
 
  • Like
  • Hundred Points
  • +Reputation
Reactions: Berny, Trident, simmerskool and 4 others
  • Like
Reactions: anirbandutta01, Trident, simmerskool and 1 other person
  • Like
  • +Reputation
Reactions: Berny, Trident, rashmi and 1 other person
harlan4096 said:
Well, I've radically changed my main security setup, just changed Kaspersky Premium to Kaspersky Endpoint Security, that comes with some additional and interesting security features. A

Although I can't access to all the power of KES, if it is not managed by a console (probably will implement later), still will improve my security compared to KPremium.
Click to expand...
I thought about it and joined the club.
I like KS and KSOS better than Home Editions.
There is no bullshit and it is more bouncy with KSOS and KES.
 

Attachments

  • Képernyőkép 2024-05-28 124210.png
    Képernyőkép 2024-05-28 124210.png
    244.6 KB · Views: 169
  • Like
Reactions: anirbandutta01, Trident, simmerskool and 1 other person

You may also like...