Advanced Plus Security LDoggs Security Setup

Last updated
Aug 21, 2018
Windows Edition
Pro
Security updates
Allow security updates
User Access Control
Always notify
Real-time security
Comodo Firewall & Netcraft
Firewall security
Periodic malware scanners
CCE w/ Killswitch, Zemana Antimalware, Norton Power Eraser & Emsisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Browser: Opera (latest version) (default browser)
Extensions: Nano Blocker & Defender, SingleClick Cleaner, Cookie Autodelete, Random User-Agent, Privacy Possum, CSS Exfil Protection, Auto History Wipe, Netcraft, Script Defender & i don't care about cookies.

Browser: Comodo Ice Dragon
Extensions: Scriptsafe, uBlock Origin, ClearURLs, Behind The Overlay, Netcraft, Cookie Autodelete, Random User-Agent, Trace, Decentraleyes & CanvasBlocker

Browser: Firefox Quantum (not on current system)
Extensions: NoScript, Decentraleyes, Cookie Auto Delete, Trace, uBlock Origin, IDN Safe, CSS Exfil Protection, ClearURLs, Skip Redirect, Smart Referer, Malwarebytes, BehindTheOverlay, Ghostery, Keyboard Privacy, CanvasBlocker, Netcraft & Random User Agent
Maintenance tools
O&OShutup 10, Defraggler, RevoUninstaller, SysHardener 1.5 (Evjl Rain settings) for additional system security and lockdown, procexp, Windscribe VPN Free 15GB plan, VLC Media Player, OpenOffice, 7zip, Virtual DJ Pro, CDBurnerXP, AOMEI Backupper Standard, Bleachbit, PrivaZer & Wise Care 365
File and Photo backup
AOMEI Backupper Standard
System recovery
AOMEI Backupper Standard

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Sounds good

Well ice dragon might be best alternative for firefox, due comodo security enchanments and constant updates. Its also bit lighter.

Also superior sll certificates are nice feature.

Actually i moved to quantum because you said quantum is nice and few other comments from people...but now im feeling going back to ice dragon because it brings more features over firefox. Im gonna install ice dragon back and have deep insight to see hows performance against firefox
IceDragon is a light light mainly on CPU and RAM usage, plus loads pages a bit faster too as well. Looks like the best version of the FF fork out there.

Only down side is that the normal On protection for VoodooShield doesn't activate with it.

~LDogg
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
IceDragon is a light light mainly on CPU and RAM usage, plus loads pages a bit faster too as well. Looks like the best version of the FF fork out there.

Only down side is that the normal On protection for VoodooShield doesn't activate with it.

~LDogg
Smart does?
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Updated: 31/07/18

Hardened Comodo Ice Dragon, stopped all Telemetry settings using about:config.

Also stopped webgl, GeoLocation, Fingerprinting, TLS domains, media peer connection to false & a lot more.

Hardening links:
- Guide: Hardening Mozilla Firefox For Privacy & Security 2016 | Cyber Security Wiki | Viking VPN Service
- Privacy Tools | Encryption against global mass surveillance

@Gandalf_The_Grey @Moonhorse hope you like my settiings

Edit: removed Netcraft on Comodo Ice Dragon due to update of XSS & Phishing per @HarborFront reply.

Scriptsafe now at LDogg settings (Privacy/Fingerprint/General) screenshots:
 

Attachments

  • ss 1.png
    ss 1.png
    32.8 KB · Views: 364
  • ss 2.png
    ss 2.png
    31.2 KB · Views: 354
  • ss 3.png
    ss 3.png
    27 KB · Views: 290
  • ss 4.png
    ss 4.png
    27.2 KB · Views: 355
  • ss 5.png
    ss 5.png
    29.4 KB · Views: 329
  • ss 6.png
    ss 6.png
    54.9 KB · Views: 369
Last edited:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Updated: 31/07/18

Hardened Comodo Ice Dragon, stopped all Telemetry settings using about:config.

Hardening links:
- Guide: Hardening Mozilla Firefox For Privacy & Security 2016 | Cyber Security Wiki | Viking VPN Service
- Privacy Tools | Encryption against global mass surveillance

@Gandalf_The_Grey @Moonhorse hope you like my settiings

Scriptsafe now at LDogg settings (Privacy/Fingerprint/General) screenshots:
You block a lot. Thank you and @Moonhorse for the screenshots and some ideas/settings to play with (y)
I think i will use @Moonhorse more relaxed settings because I share this computer with other family members.
Also I want to test the combo of AdGuard/uBlock and ScriptSafe against @Evjl's Rain s links for testing the protection of extensions.
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
I block a lot due to testing, the ones I've left unticked failed in tests. I'm glad I could help you out! Also as an additional side note, Scriptsafe hasn't broken any websites for me whatsoever. Only thing that break is if you tick to block <IMG> this breaks Thumbnails for YouTube when testing, so I've left unticked.

My pleasure @Gandalf_The_Grey hope this helps you going forward!

Edit: Also not ticked "Client Rectangles" breaks Facebook when you try to message someone & "Clipboard Interference" stop you copying & pasting from sites when testing.

~LDogg
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
if you have time to tweak every site you visit and manage to build blocked/allowed domains list, you will control/dominate internet for sure ( default mode: block)

if you share computer / browser, it would be smartest to have default mode on allowed...you can still benefit alot from it without affecting in browsing experience at all

Default mode: block; you dont benefit from having decentraleyes if you have that still installed @LDogg , since you dont allow google domains.

Sadly i have seen few sites using captcha, and i cant complete them without enabling few domains from google, but i can allow them just temporary

Isnt it bit overkill to have voodooshield + comodo firewall?

You can run exe.files on virustotal online and comodo has anti-exploit for browser already?

I have installed comodo dragon as my main browser, i give it a go with blocking everything by default and tweaking browser same way as you do
 
Last edited:
  • Like
Reactions: Gandalf_The_Grey

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
if you have time to tweak every site you visit and manage to build blocked/allowed domains list, you will control/dominate internet for sure ( default mode: block)

if you share computer / browser, it would be smartest to have default mode on allowed...you can still benefit alot from it without affecting in browsing experience at all

Default mode: block; you dont benefit from having decentraleyes if you have that still installed @LDogg , since you dont allow google domains.

Sadly i have seen few sites using captcha, and i cant complete them without enabling few domains from google, but i can allow them just temporary

Isnt it bit overkill to have voodooshield + comodo firewall?

You can run exe.files on virustotal online and comodo has anti-exploit for browser already?

You can benefit from Decentraleyes, I made a .txt file that needs to go into uBlock Origins rules section. If you wish to have the .txt file for your ruleset that's fine. It makes Decentraleyes be able to block Unwanted CDN Networks, JQuery from Google Search Libraries and more. Then Enable the "block requests for missing resources" setting inside Decentraleyes.

VDS + CFW isn't overkill. Avast + CFW + OSArmor + VDS would be the very definition of overkill. VDS is a white listing anti-exe, CFW is a self explanatory Firewall w/ sandbox capabilities, both cover various attack surface vectors which is why I have them installed. It's the reason I need no AV, as this setup is light, adding an AV would make my config very much overkill.

On websites that still use jQuery 1.91 it's beneficial to use, when testing Decentraleyes does block Google Hosted Libraries.

~LDogg
 
Last edited:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Works for me just fine:

~LDogg
because decentraleyes is replacing ''ajax.googleapis.com (1)'' , since you have allowed it to run. I deny those domains so i have no need for decentraleyes
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Mainly helps for YouTube, here as well, xat, Decentraleyes would stop the jQuery files being linked. Anything else from Google I block by default such as UTM, googletagmanager, googletagservices etc etc.

Some sites can break if googleapis.com is blocked outright.

~LDogg
 
  • Like
Reactions: Moonhorse

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top