- Apr 16, 2017
- 1,220
RuckZuck Software Package Manager for Windows
free open source package manager for windows with public software repository
first I've heard of it...
Kongo's Computer Security Config 2023
- Thread starter Kongo
- Start date
- Last updated
- May 20, 2023
- How it's used?
- For home and private use
- OS (desktop)
- Windows 11
- On-device encryption
- Windows BitLocker
- Log-in security
-
- Local password or PIN
- Security updates
- Automatic - allow all updates
- Update channels
- Allow stable updates
- Windows UAC
- Always notify
- Windows 11 SAC
- Turned Off by choice (Note: cannot be re-enabled by the user)
- WiFi network firewall
- Router firewall is On
- About WiFi router
-
- Speedport Smart 4
- Firewalla Blue +
- Real-time security
-
- Firewall security
- Microsoft Defender Firewall
- About custom security
-
Hardening tools:
- Firewall Hardening (blocking outbound connections of LOLBins)
- Run by Smartscreen (forces Smartscreen to scan files of choice)
- STOP/DJVU Ransomware Vaccine (immunizes system against this type of ransomware)
- O&O ShutUp10 (recommended settings)
- O&O AppBuster (removed unecessary Windows 11 apps)
- Windows Sandbox + Sandboxie Plus
System settings:
- Microsoft Defender running in sandbox (inactive)
- Reputation Based Protections (all modules enabled)
- Data Execution Prevention set to AlwaysOn
- Core Isolation: Memory Integrity enabled
- Kernel-mode Hardware-enforced Stack Protection enabled
- Secure Boot enabled
- Drives encrypted via TPM (BitLocker)
- Windows Update Delivery Optimization disabled
- AutoPlay disabled
- Network Discovery disabled (Public Firewall profile)
- PowerShell --> Constrained Language Mode
- Hide extensions for known file types --> disabled
- Show hidden files --> enabled
- Virtualization enabled (allows Application Sandboxing)
- Custom Exploit Protection Settings for Firefox:
Code:Block low integrity images - ON Block remote images - ON Block untrusted fonts - ON Control flow guard (CFG) - ON Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED Disable extension points - ON Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED Randomize memory allocations (Bottom-up ASLR) - ON Validate exception chains (SEHOP) - ON Validate handle usage - ON Validate heap integrity - ON Validate image dependency integrity - ON
Thanks to @oldschool for sharing!
ㅤㅤㅤHardware Firewall (Firewalla Blue Plus):
- Active Protect (Strict)
- Ad Block (Strict)
- OISD blocklist enabled in Firewalla
- New Device Quarantine (restricted internet access for newly connected devices)
- Geo-IP Filtering (blocking connections from and to Russian + Chinese IPs)
- Unbound DNS enabled for all devices
ㅤ
- Periodic malware scanners
-
Norton Power Eraser, RogueKiller and AdwCleaner
- Malware sample testing
- I do participate in malware testing. See details about my testing environment below.
- Environment for malware testing
-
VMware Workstation Player + Mullvad VPN on host machine while connected to the guest network.
--> Currently I am barely testing
- Browser(s) and extensions
-
ㅤ
Mozilla Firefox v. 113.0.2 (Running isolated in Sandboxie Plus)
Extensions:
- AdGuard Extension (AdGuard Base filter + AdGuard Tracking filter)
- Skip Redirect (Skip all redirects except for URLs matching any of the lines in the no-skip-urls-list)
- Bitwarden (2FA enabled)
Browser privacy and security settings:
- Tracking protection: Strict (enables Total Cookie Protection)
- HTTPS-only-mode enabled
- DuckDuckGo set as search engine
- Pocket disabled (also in about:config)
- Sending DNT-requests disabled (enabling makes you more identifiable and barely gives any advantage on most sites.)
- Clearing browsing data on exit
- Search suggestions disabled
- Websites overview disabled
- Blocking incoming location, camera and microphone requests
- AutoPlay for audio and video disabled
- Firefox telemetry disabled (also in about:config)
- Blocking pop-ups
- Warn when websites try to install addons enabled
- Protection against fraudulent content and dangerous software enabled
about:config tweaks:
- network.dns.echconfig.enabled = true
- network.dns.use_https_rr_as_altsvc = true
- fission.autostart = true (enabled by default in Firefox 94+)
- privacy.resistFingerprinting = true
- pdfjs.enableScripting = false
- browser.send_pings = false
- plugin.scan.plid.all = false
- browser.urlbar.speculativeConnect.enabled = false
- dom.event.clipboardevents.enabled = false
- dom.webnotifications.enabled = false
- browser.urlbar.groupLabels.enabled = false
- media.navigator.enabled = false
- media.peerconnection.enabled = false
- network.dns.disablePrefetch = true
- network.prefetch-next = false
- webgl.disabled = true
- browser.sessionstore.privacy_level = 2
- beacon.enabled = false
- browser.safebrowsing.downloads.remote.enabled = false
- network.IDN_show_punycode = true
- geo.enabled = false
- browser.cache.offline.enable = false
- browser.newtabpage.activity-stream.feeds.telemetry = false
- browser.ping-centre.telemetry = false
- browser.tabs.crashReporting.sendReport = false
- toolkit.telemetry.enabled = false
- toolkit.telemetry.server (URL removed)
- toolkit.telemetry.unified = false
- extensions.pocket.enabled = false
- security.ssl.require_safe_negotiation = true
- network.trr.mode = 3 (NextDNS)
ㅤㅤ
- Secure DNS
-
ㅤ
- NextDNS with DoH + OISD blocklist (Firefox exclusively)
- Unbound DNS (Network-wide)
ㅤ
- VPN & Protocol used
-
Mullvad VPN
- Password manager
-
ㅤBitwarden Premium
- Maintenance tools
-
PatchMyPC, RuckZuck, SUMo, HiBit Uninstaller and Windows built in tools for cleaning and optimization
- File and Photo backup
-
ㅤbackup to external drive when necessary
- System recovery
-
Aomei Backupper
- Risk factors
-
- Browsing to popular websites
- Browsing to unknown / untrusted / shady sites
- Opening email attachments
- Buying from online stores, entering banks card details
- Downloading software and files from reputable sites
- Sharing and receiving files and torrents
- Gaming
- Streaming audio/video content from shady sites
- Downloading malware samples
- Computer specs
-
GPU: Nvidia Geforce RTX 360 TI
CPU: Intel I5 12600K
RAM: 16 GB DDR4-3200 Crucial
Hard disks: 500 GB Samsung 970 EVO Plus + 1 TB Western Digital Blue
- Notable changes
-
- Updated for year 2023
- What I'm looking for?
-
Looking for minimum feedback.
first I've heard of it...
- Jan 10, 2017
- 1,068
tested and approvedRuckZuck Software Package Manager for Windows
free open source package manager for windows with public software repositoryruckzuck.tools
first I've heard of it...
- Aug 17, 2014
- 8,932
RuckZuck Software Package Manager for Windows
free open source package manager for windows with public software repository
first I've heard of it...
Highly recommended, I am using RuckZuck since two years after @harlan4096 suggested this software to me
Discuss/Update Thread - RuckZuck - Software Package Manager for Windows
Homepage: RuckZuck Software Package Manager for Windows GitHub: GitHub - rzander/ruckzuck: software package manager for windows Version 1.7.3.1 unused references removed update references fix: sponsor URL fix: hanging jobs https://github.com/rzander/ruckzuck/releases/tag/1.7.3.1
malwaretips.com
Watarud
Level 1
- Jun 26, 2022
- 25
Cool configuration, please advise how to buy , or test deepinstinct
- Feb 25, 2017
- 2,153
Thank you. Check out the posts starting from this one:
Advanced Plus Security - Kongo's Computer Security Config 2023
- replaced G DATA with Deep Instinct
malwaretips.com
- Sep 13, 2018
- 1,799
Thank you so much! I was curious about it, so I d/l the portable and it actually found an update to an obscure software used to find bulky useless files. Installed it also, a big plus. And that would be WinDirStat! Good job, RuckZuck!
Sorry Kongo, hope it's OK that I comment on your thread.
- Feb 25, 2017
- 2,153
How dare you commenting on MY thread!
- Feb 25, 2017
- 2,153
+ added .zip and .mov to NextDNS blocked TLDs
Similar threads
