Advanced Plus Security KonradPL Security Config 2021

Last updated
Jul 1, 2021
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
MKS VIR Tweaked
Firewall security
About custom security
WINDOWS 11
Periodic malware scanners
MBAM
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge chromium
Secure DNS
Cloudflare set up in router
Desktop VPN
none
Password manager
Sticky Password
Maintenance tools
by windows, MKS VIR
File and Photo backup
Onedrive, WD My Cloud
System recovery
Onedrive, WD My Cloud,SSD
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Aorus B450 Elit v2, Ryzen 3700x, RAM 16GB, 2x 512GB SSD M.2 , Sapphire Radeon 5500xt
What I'm looking for?

Looking for maximum feedback.

Thiagoo

Level 3
May 10, 2021
66
  • Set your system as Windows Insider Preview if you use Windows 11
  • Custom RTP, Firewall and OS settings, you should add something like Simple Windows Hardening atleast, it's a great addition to AV (you should remove WINDOWS11 from there as it's only for custom security settings, and you can add your custom ESET settings there too)
  • on Addons, uBlock Origin would be interesting
 
Last edited:

CyberDevil

Level 6
Verified
Well-known
Apr 4, 2021
252
you should add something like Simple Windows Hardening atleast
Why should he? We don't know exactly how the author set up Eset. If he has already protected important folders, prohibited access to the network for LOLBins, and also limited the ability to execute scripts, then doing something else is completely optional

(you can use a system-wide adblocker too like Adguard)
It seems to me that this is not the best advice. Eset already filters HTTPS by installing its root certificate, if AdGuard gets in there, it can cause both MITM vulnerabilities and simply slowing down the opening of web pages.
 

Thiagoo

Level 3
May 10, 2021
66
Why should he? We don't know exactly how the author set up Eset. If he has already protected important folders, prohibited access to the network for LOLBins, and also limited the ability to execute scripts, then doing something else is completely optional
This is why i asked to see OP ESET settings.
It seems to me that this is not the best advice. Eset already filters HTTPS by installing its root certificate, if AdGuard gets in there, it can cause both MITM vulnerabilities and simply slowing down the opening of web pages.
Just did a quick search and found out that Adguard won't work properly with ESET. I'll edit the post above

source is ESET forums:
adguard.png
 

CyberDevil

Level 6
Verified
Well-known
Apr 4, 2021
252
This is why i asked to see OP ESET settings.
Oh, I'm reading too fast as usual, sry :)

Just did a quick search and found out that Adguard won't work properly with ESET. I'll edit the post above
Quite an expected problem. Although I believe that it can be solved if user completely disable HTTPS filtering in Eset or add an AdGuard certificate to a trusted one, but I would not recommend doing this, I think it's better to just use a filtering DNS, and complex cases leave for the extension in the browser.
 

KonradPL

Level 5
Thread author
Verified
Well-known
May 1, 2018
229
  • Set your system as Windows Insider Preview if you use Windows 11
  • Custom RTP, Firewall and OS settings, you should add something like Simple Windows Hardening atleast, it's a great addition to AV (you should remove WINDOWS11 from there as it's only for custom security settings, and you can add your custom ESET settings there too)
  • on Addons, uBlock Origin would be interesting
is it set as well
i use firewall from eset with interactive mode and rules against ransomware from bizness products
i prefer adguard Premium for windows
 
F

ForgottenSeer 85179

is it set as well
i use firewall from eset with interactive mode and rules against ransomware from bizness products
i prefer adguard
As anupritaisno1 already wrote, a firewall / firewall rule doesn’t protect against ransomware. Don’t know why you are thinking that.
Even trusting on an AV isn’t good nor recommend . Just harden your system that malware can’t start and you’re done.

Windows also provide CFA which you should enable if you want such kind of protection. It’s also compatible with OneDrive (y)
 

KonradPL

Level 5
Thread author
Verified
Well-known
May 1, 2018
229
As anupritaisno1 already wrote, a firewall / firewall rule doesn’t protect against ransomware. Don’t know why you are thinking that.
Even trusting on an AV isn’t good nor recommend . Just harden your system that malware can’t start and you’re done.

Windows also provide CFA which you should enable if you want such kind of protection. It’s also compatible with OneDrive (y)
as i wrote before, i hardened windows by hips rules too. And more have disabled smb, powershell 2.0, internet explorer, remote access
 
F

ForgottenSeer 85179

I don't get it. What do you mean? Millions of insiders are at risk then?
That’s not the point.
Problem with such test builds is they’re not security focused.

so yes, technically they’re at risk. That’s why insider/ test builds generally are never recommend for daily devices
 

Thiagoo

Level 3
May 10, 2021
66
That’s not the point.
Problem with such test builds is they’re not security focused.

so yes, technically they’re at risk. That’s why insider/ test builds generally are never recommend for daily devices
They are not security focused, but i assume the security is the same as a stable build of 10, unless they constantly change the security part of the OS. Honestly I've never seen MS saying Insider builds are not recommended because it's unsafe, only because it's unstable.
 
F

ForgottenSeer 85179

They are not security focused, but i assume the security is the same as a stable build of 10, unless they constantly change the security part of the OS. Honestly I've never seen MS saying Insider builds are not recommended because it's unsafe, only because it's unstable.
Well, Microsoft will never say anything like that but they’re not recommend unstable builds for daily driver
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top