- Mar 29, 2018
- 7,609
Kongo's Computer Security Config 2024
- Thread starter Kongo
- Start date
- Last updated
- Jul 17, 2024
- How it's used?
- For home and private use
- Operating system
- macOS 15 Sequoia
- On-device encryption
- BitLocker Device Encryption for Windows
- Log-in security
-
- Hardware security key
- Security updates
- Allow security updates and latest features
- Update channels
- Allow stable updates only
- User Access Control
- Always notify
- Smart App Control
- Off
- Network firewall
- Enabled
- About WiFi router
-
- Speedport Smart 4
- Firewalla Blue +
- Real-time security
-
Deep Instinct Endpoint Protection
WhitelistCloud
- Firewall security
- Microsoft Defender Firewall with Advanced Security
- About custom security
-
Hardening tools:
- Firewall Hardening (blocking outbound connections of LOLBins)
- Run by SmartScreen (forces SmartScreen to scan files of choice)
- STOP/DJVU Ransomware Vaccine (immunizes system against this type of ransomware)
- O&O ShutUp10 (recommended settings)
- O&O AppBuster (removed unecessary Windows 11 apps)
- Windows Sandbox
System settings:
- Microsoft Defender running in sandbox (inactive)
- Reputation Based Protections (all modules enabled)
- Smart App Control enabled
- Data Execution Prevention set to AlwaysOn
- Core Isolation: Memory Integrity enabled
- Kernel-mode Hardware-enforced Stack Protection enabled
- Secure Boot enabled
- Drives encrypted via TPM (BitLocker)
- Windows Update Delivery Optimization disabled
- AutoPlay disabled
- Network Discovery disabled (Public Firewall profile)
- PowerShell --> Constrained Language Mode
- Hide extensions for known file types --> disabled
- Show hidden files --> enabled
- Virtualization enabled (allows Application Sandboxing)
- Custom Exploit Protection Settings for Firefox:
Code:Block low integrity images - ON Block remote images - ON Block untrusted fonts - ON Control flow guard (CFG) - ON Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED Disable extension points - ON Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED Randomize memory allocations (Bottom-up ASLR) - ON Validate exception chains (SEHOP) - ON Validate handle usage - ON Validate heap integrity - ON Validate image dependency integrity - ON
Thanks to @oldschool for sharing!
ㅤㅤㅤHardware Firewall (Firewalla Blue Plus):
- Active Protect (Strict)
- Ad Block (Strict)
- OISD blocklist enabled in Firewalla
- New Device Quarantine (restricted internet access for newly connected devices)
- Geo-IP Filtering (blocking connections from and to Russian + Chinese IPs)
- Unbound DNS enabled for all devices
ㅤ
- Periodic malware scanners
-
Norton Power Eraser, X-Sec and AdwCleaner
- Malware sample testing
- I do participate in malware testing. See details about my testing environment below.
- Environment for malware testing
-
ㅤㅤㅤ
VMware Workstation Player + Mullvad VPN on host machine while connected to the guest network.
Online Malware Analysis Platforms that I use:
- FileScan.iO
- Intenzer Analyze
- Hybrid Analysis
- VirusTotal
- Sophos Intelix
- ANY.RUN
- Triage
- Kaspersky Threat Intelligence Portal
- Neiki.Dev
- ThreatZone
- UnpacMe
--> Currently I am barely testing
- Browser(s) and extensions
-
ㅤ
Mozilla Firefox v. 132.0.0
Extensions:
- Ghostery
- SafeToOpen
- Bitwarden
Browser privacy and security settings:
- Tracking protection: Strict (enables Total Cookie Protection)
- Enable secure DNS using: Max Protection
- HTTPS-only-mode enabled
- DuckDuckGo set as search engine
- Pocket disabled
- Sending DNT-requests disabled (enabling makes you more identifiable and barely gives any advantage on most sites.)
- Clearing browsing data on exit
- Search suggestions disabled
- Websites overview disabled
- Blocking incoming location, camera and microphone requests
- AutoPlay for audio and video disabled
- Firefox telemetry disabled (also in about:config)
- Blocking pop-ups
- Warn when websites try to install addons enabled
- Protection against fraudulent content and dangerous software enabled
about:config tweaks:
- network.dns.echconfig.enabled = true
- network.dns.use_https_rr_as_altsvc = true
- fission.autostart = true
- pdfjs.enableScripting = false
- network.IDN_show_punycode = true
- security.ssl.require_safe_negotiation = true
- geo.enabled = false
- webgl.disabled = true
- network.trr.mode = 3 (NextDNS)
ㅤㅤ
- Secure DNS
-
ㅤ
- NextDNS with DoH + OISD blocklist (Firefox exclusively)
- Unbound DNS (Network-wide)
ㅤ
- Desktop VPN
-
Proton VPN with Secure Core, NetShield and Permanent Kill Switch
- Password manager
-
ㅤBitwarden Premium
- Maintenance tools
-
PatchMyPC, RuckZuck, UpdateHub, HiBit Uninstaller and Windows built in tools for cleaning and optimization
- File and Photo backup
-
ㅤbackup to external drive when necessary
- Subscriptions
-
- Google One Standard 200GB
- System recovery
-
Aomei Backupper
- Risk factors
-
- Browsing to popular websites
- Browsing to unknown / untrusted / shady sites
- Opening email attachments
- Buying from online stores, entering banks card details
- Downloading software and files from reputable sites
- Gaming
- Streaming audio/video content from shady sites
- Downloading malware samples
- Computer specs
-
GPU: Nvidia Geforce RTX 360 TI
CPU: Intel I5 12600K
RAM: 16 GB DDR4-3200 Crucial
Hard disks: 500 GB Samsung 970 EVO Plus + 1 TB Western Digital Blue
- Notable changes
-
- Updated for year 2024
- What I'm looking for?
-
Looking for minimum feedback.
- Feb 25, 2017
- 2,585
Give it a try. Definitely worth trying.
- Feb 26, 2021
- 949
Not gonna lie...the new avatar is going to take some getting used to.
- Feb 25, 2017
- 2,585
- Feb 25, 2017
- 2,585
- Apr 1, 2019
- 2,868
Enjoy, it’s a personal favorite of mine.
- Feb 25, 2017
- 2,585
- removed Acronis and OSArmor
+ added Norton Antivirus Plus
+ added Norton Antivirus Plus
- Feb 25, 2017
- 2,585
- replaced Norton with tweaked Microsoft Defender (DefenderUI Pro)
- Mar 16, 2019
- 3,862
What's the advantage of using it over Configure Defender?
- Feb 25, 2017
- 2,585
The Contextual Engine and Dynamic Security Postures included in the Pro version of DefenderUI. So yeah, I prefer it at the moment.
- Mar 16, 2019
- 3,862
Okay, so it's Voodoshield.The Contextual Engine and Dynamic Security Postures included in the Pro version of DefenderUI. So yeah, I prefer it at the moment.
- Mar 29, 2018
- 7,609
- Mar 29, 2018
- 7,609
@Kongo are you experiencing any slowdown or delays with DefenderUI Pro?
- Feb 25, 2017
- 2,585
Nope, not really. It barely uses any CPU on my system.
- Feb 25, 2017
- 2,585
- replaced DefenderUI (Microsoft Defender) with G DATA Internet Security
- enabled Kernel-Mode Hardware-Enforced Stack Protection
- enabled Kernel-Mode Hardware-Enforced Stack Protection
When you restart (not shutdown and reboot) your PC does the Kernel-Mode Hardware-Enforced Stack Protection (aka CET) remains sticky ie. enabled? Are you using a vPRO PC?
Last edited:
- Feb 25, 2017
- 2,585
It is a very stable product without a load of bugs. And because I get bored of AV solutions quite fast.
Yes it remains active after restarting. I am afraid that I don't really know what you mean by vPRO PC...
It is a very stable product without a load of bugs. And because I get bored of AV solutions quite fast.
Yes it remains active after restarting. I am afraid that I don't really know what you mean by vPRO PC...
Is your Win OS build 22621.1635?
vPRO-certified PC is for business use
Last edited:
- Feb 25, 2017
- 2,585
Similar threads
