- Feb 25, 2017
- 2,585
Nope, didn't notice any weird behaviour so far. Running as smooth as beforeEither
Kongo's Computer Security Config 2024
- Thread starter Kongo
- Start date
- Last updated
- Jul 17, 2024
- How it's used?
- For home and private use
- Operating system
- macOS 15 Sequoia
- On-device encryption
- BitLocker Device Encryption for Windows
- Log-in security
-
- Hardware security key
- Security updates
- Allow security updates and latest features
- Update channels
- Allow stable updates only
- User Access Control
- Always notify
- Smart App Control
- Off
- Network firewall
- Enabled
- About WiFi router
-
- Speedport Smart 4
- Firewalla Blue +
- Real-time security
-
Deep Instinct Endpoint Protection
WhitelistCloud
- Firewall security
- Microsoft Defender Firewall with Advanced Security
- About custom security
-
Hardening tools:
- Firewall Hardening (blocking outbound connections of LOLBins)
- Run by SmartScreen (forces SmartScreen to scan files of choice)
- STOP/DJVU Ransomware Vaccine (immunizes system against this type of ransomware)
- O&O ShutUp10 (recommended settings)
- O&O AppBuster (removed unecessary Windows 11 apps)
- Windows Sandbox
System settings:
- Microsoft Defender running in sandbox (inactive)
- Reputation Based Protections (all modules enabled)
- Smart App Control enabled
- Data Execution Prevention set to AlwaysOn
- Core Isolation: Memory Integrity enabled
- Kernel-mode Hardware-enforced Stack Protection enabled
- Secure Boot enabled
- Drives encrypted via TPM (BitLocker)
- Windows Update Delivery Optimization disabled
- AutoPlay disabled
- Network Discovery disabled (Public Firewall profile)
- PowerShell --> Constrained Language Mode
- Hide extensions for known file types --> disabled
- Show hidden files --> enabled
- Virtualization enabled (allows Application Sandboxing)
- Custom Exploit Protection Settings for Firefox:
Code:Block low integrity images - ON Block remote images - ON Block untrusted fonts - ON Control flow guard (CFG) - ON Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED Disable extension points - ON Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED Randomize memory allocations (Bottom-up ASLR) - ON Validate exception chains (SEHOP) - ON Validate handle usage - ON Validate heap integrity - ON Validate image dependency integrity - ON
Thanks to @oldschool for sharing!
ㅤㅤㅤHardware Firewall (Firewalla Blue Plus):
- Active Protect (Strict)
- Ad Block (Strict)
- OISD blocklist enabled in Firewalla
- New Device Quarantine (restricted internet access for newly connected devices)
- Geo-IP Filtering (blocking connections from and to Russian + Chinese IPs)
- Unbound DNS enabled for all devices
ㅤ
- Periodic malware scanners
-
Norton Power Eraser, X-Sec and AdwCleaner
- Malware sample testing
- I do participate in malware testing. See details about my testing environment below.
- Environment for malware testing
-
ㅤㅤㅤ
VMware Workstation Player + Mullvad VPN on host machine while connected to the guest network.
Online Malware Analysis Platforms that I use:
- FileScan.iO
- Intenzer Analyze
- Hybrid Analysis
- VirusTotal
- Sophos Intelix
- ANY.RUN
- Triage
- Kaspersky Threat Intelligence Portal
- Neiki.Dev
- ThreatZone
- UnpacMe
--> Currently I am barely testing
- Browser(s) and extensions
-
ㅤ
Mozilla Firefox v. 132.0.0
Extensions:
- Ghostery
- SafeToOpen
- Bitwarden
Browser privacy and security settings:
- Tracking protection: Strict (enables Total Cookie Protection)
- Enable secure DNS using: Max Protection
- HTTPS-only-mode enabled
- DuckDuckGo set as search engine
- Pocket disabled
- Sending DNT-requests disabled (enabling makes you more identifiable and barely gives any advantage on most sites.)
- Clearing browsing data on exit
- Search suggestions disabled
- Websites overview disabled
- Blocking incoming location, camera and microphone requests
- AutoPlay for audio and video disabled
- Firefox telemetry disabled (also in about:config)
- Blocking pop-ups
- Warn when websites try to install addons enabled
- Protection against fraudulent content and dangerous software enabled
about:config tweaks:
- network.dns.echconfig.enabled = true
- network.dns.use_https_rr_as_altsvc = true
- fission.autostart = true
- pdfjs.enableScripting = false
- network.IDN_show_punycode = true
- security.ssl.require_safe_negotiation = true
- geo.enabled = false
- webgl.disabled = true
- network.trr.mode = 3 (NextDNS)
ㅤㅤ
- Secure DNS
-
ㅤ
- NextDNS with DoH + OISD blocklist (Firefox exclusively)
- Unbound DNS (Network-wide)
ㅤ
- Desktop VPN
-
Proton VPN with Secure Core, NetShield and Permanent Kill Switch
- Password manager
-
ㅤBitwarden Premium
- Maintenance tools
-
PatchMyPC, RuckZuck, UpdateHub, HiBit Uninstaller and Windows built in tools for cleaning and optimization
- File and Photo backup
-
ㅤbackup to external drive when necessary
- Subscriptions
-
- Google One Standard 200GB
- System recovery
-
Aomei Backupper
- Risk factors
-
- Browsing to popular websites
- Browsing to unknown / untrusted / shady sites
- Opening email attachments
- Buying from online stores, entering banks card details
- Downloading software and files from reputable sites
- Gaming
- Streaming audio/video content from shady sites
- Downloading malware samples
- Computer specs
-
GPU: Nvidia Geforce RTX 360 TI
CPU: Intel I5 12600K
RAM: 16 GB DDR4-3200 Crucial
Hard disks: 500 GB Samsung 970 EVO Plus + 1 TB Western Digital Blue
- Notable changes
-
- Updated for year 2024
- What I'm looking for?
-
Looking for minimum feedback.
- Feb 25, 2017
- 2,585
It's fine. I don't like it as much as DuckDuckGo but I think nowadays it seems like the better option for sure.
- Feb 25, 2017
- 2,585
- removed ConfigureDefender, SWH and Firewall Hardening and replaced it with DefenderUI Free, VoodooShield and WhitelistCloud
- Feb 25, 2017
- 2,585
- switched from DefenderUi Recommended profile to Aggressive Profile.
- Apr 24, 2016
- 7,254
- Feb 25, 2017
- 2,585
- Feb 25, 2017
- 2,585
- back to the roots: Trying new CylancePROTECT version + hardening tools by @Andy Ful
Last edited:
- Sep 2, 2021
- 2,586
- Feb 25, 2017
- 2,585
Didn't you tell us it was closed?
It was, but now at least the people that purchased a license before its shutdown get the endpoint protection version of Cylance. So I basically got an upgrade from Cylance Smart Antivirus to CylancePROTECT which is still receiving updates.
- Mar 29, 2018
- 7,609
Is it the whole PROTECT package or only the change in the UI to make it 'look' like P?
- Feb 25, 2017
- 2,585
Thats a good question actually. I think the script and exploit protection only works by post-execution detection, so I can't really test it on my main system. And I don't have a VM set up at the moment. I will ask the support and tell you what their response is.
- Feb 25, 2017
- 2,585
- replaced Cylance Smart Antivirus with Sophos Home
- removed Sophos Scan & Clean
- removed Sophos Scan & Clean
- Feb 25, 2017
- 2,585
- removed Simple Windows Hardening
Such a shame that SRP will be discontinued...
+ added RogueKiller Free to second opinion scanners
Such a shame that SRP will be discontinued...
+ added RogueKiller Free to second opinion scanners
- Mar 29, 2018
- 7,609
Indeed, but we can make do with Windows' other built-in features.
- Feb 25, 2017
- 2,585
Like Smart App Control, that doesn't even enable on my system.
- Feb 25, 2017
- 2,585
- removed Sophos Home (Pages in Firefox couldn't load from time to time)
- removed FirewallHardening (using G DATA Firewall now)
+ added G DATA Internet Security
- removed FirewallHardening (using G DATA Firewall now)
+ added G DATA Internet Security
- Sep 2, 2021
- 2,586
- Feb 25, 2017
- 2,585
Stable software with customizable and solid protection. Maybe I'll give ESET a spin again when my subscription of G Data runs out in a few months.What motivated you to install Gdata?
- Feb 25, 2017
- 2,585
Similar threads
