How-to Guide How to strengthen up your security configuration

Discussion in 'Tutorials & Guides' started by kram7750, Apr 9, 2015.

  1. WinXPert

    WinXPert Level 23
    Trusted AV Tester

    Jan 9, 2013
    1,298
    4,725
    Graphic Artist
    Manila
    Windows 7
    Emsisoft
    I don't use LastPass but I use Password Hasher

    plus I have this Secutiry Settings in Firefox

    [​IMG]
     
    Sunshine-boy, frogboy, DardiM and 2 others like this.
  2. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,702
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Behold Eck, DardiM, jamescv7 and 4 others like this.
  3. Bryan J

    Bryan J New Member

    May 17, 2015
    22
    47
    St Pete, FL
    I've been using 1password for awhile now and really like it's feature set, but I might have to give that one a try.
     
    DardiM and WinXPert like this.
  4. GMOOT

    GMOOT New Member

    Jul 6, 2016
    16
    82
    Germany
    This was Very Helpful

    Many thanks
     
    AtlBo and DardiM like this.
  5. ahity

    ahity Level 1

    May 16, 2017
    42
    336
    Indonesia
    Windows 10
    BitDefender
    intereseting post . im using bitdefender and malwarebytes 3 and for years my computer "maybe" clean and also blocking ads and website who force installing extension
     
    AtlBo and Visa like this.
  6. Visa

    Visa Level 1

    May 31, 2017
    42
    264
    Eng
    Windows 10
    Microsoft
    I recommend you checkout this post which was written by a staff member here: Umbra's Concept of Layered Config - its better than this guide IMO and covers more. :)

    I recon you'll be fine using Bitdefender and Malwarebytes 3.0, just make sure you apply good safe practices when using your system too, otherwise nothing will help you! (e.g. be careful on what links you click, check email senders, don't download and run without performing check-ups, etc.). ;)
     
    frogboy and AtlBo like this.
  7. AtlBo

    AtlBo Level 22

    Dec 29, 2014
    1,144
    4,519
    Qihoo 360
    Took me a long time to understand how to cover all of the vulnerable areas of Windows to a satisfactory degree. I give @Umbra's layered config thinking the credit for realizing the protection scope required and for changing my view of matching security software. It's possible to match software to achieve acceptable protection. Moreover, I also feel there is enough good software that a configuration should never come with a sacrifice, performance or security-wise. Layering makes all of this possible. That said, it has become fundamentally clear to me that there is one single invisible baseline of protection for Windows that must be satisfied even to have started to secure a system. Yes, there is more that can be done sometimes, but baseline security should 100% handle normal security circumstances.

    Guess if I had to sum up baseline security in a single program it wouldn't be possible at this point. KIS is probably as close as I could get, but secured backup should be in there too imo. To learn how to improve security, I second @Visa's suggestion to read @Umbra's work and focus on the vectors of attack. Then start with the area of the greatest vulnerability based on your usage. Address that, then move on to the second one (if it wasn't already addressed with the first choice), then the third, and so on. With determined research, shouldn't be a need to overlap protections and sacrifice performance.
     
    Umbra, frogboy and Visa like this.
  8. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,714
    11,893
    AppGuard LLC Virginia, U.S.
    The best foundation for a security config is:

    1. A good quality, secure (properly configured) router from a vendor that issues security patches regularly; and
    2. A good backup strategy

    If you keep nothing on a system which you will regret losing, then the need for 2 is debatable

    Build a layered security configuration on top of the foundation

    At the same time a layered configuration does not have to be 6, 7 or more security programs piled on top of each other
     
  9. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,714
    11,893
    AppGuard LLC Virginia, U.S.
    Protected process can be enforced on lsass.exe via a registry hack in Windows. It is used mostly for pass-the-hash protection in a client-server setup.

    For testing purposes I have created and enabled the key on the system I am using to create this post. It has been enabled for a long time and I have seen no adverse effects. There are reports on the web that enabling the key might cause issues.
     
    Oxygen and Visa like this.
  10. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,702
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    not saying average users don't even need to use this hack , how high are the chances they will be hit by such kernel attacks? almost 0.01%.
    meteors exist , sure, doesn't mean i will get hit by one every day.
     
    Visa likes this.
  11. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,714
    11,893
    AppGuard LLC Virginia, U.S.
    I just put it up there since @Visa has been playing around with code injection into protected processes. On client endpoints and servers, lsass.exe is a protected process.
     
    Visa likes this.
  12. Arin

    Arin Level 3

    Nov 1, 2014
    100
    518
    Very useful topic : THANK YOU :)
     
    Visa likes this.
  13. chris.feng

    chris.feng New Member

    Jul 14, 2017
    3
    3
    Woodbridge, ON
    Thanks for your detailed post, very interesting.
     
  14. frogboy

    frogboy Level 61
    Trusted

    Jun 9, 2013
    6,228
    64,830
    Heavy Duty Mechanic.
    Western Australia
    Windows 10
    Emsisoft
    Yes sadly he is no longer a member here at MT. :(
     
    Coca-Cola likes this.
Loading...
Similar Threads Forum Date
China to strengthen Internet security after U.S. spying report News Archive Mar 27, 2014
Microsoft strengthening microsoft Edge sandbox Browsers and Extensions Jul 26, 2017
AVG Strengthens Channel With Product Enhancements AVG (Avast) Mar 22, 2016