Advanced Plus Security Lenny_FoX Desktop Config 2021

Last updated
Dec 11, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
  1. Microsoft Defender Attack Surface Reduction rules and Anti-Exploit
  2. Kaspersky Cloud Free (no HTTPS scanning)
Firewall security
Microsoft Defender Firewall
About custom security
1. UAC - deny elevation of unsigned binaries
2. Software Restriction Policy (similar to SimpleWindowsHardening)
3. Microsoft Defender ASR rules & Exploit protection hardening
4. Kaspersky Cloud Free (https scanning disabled)
5. Using Quad9 (DNS), Trend Micro Smart Home (router), browser (Smartscreen/Safe Browsing)
Periodic malware scanners
windows malicious software removal tool, Autoruns64, ProcessExplorer
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge browser for daily browsing
  • for searching & surfing: strict mode, with @BeerIsGood Edge list
  • for booking & buying: default mode with no-extensions.
Chrome browser with BulletVPN and uMatrix as webrequest firewall
Maintenance tools
ProcessExploreer and Autoruns64
File and Photo backup
Syncback Free and Windows Backup (yes 2x backup)
System recovery
Syncback adhoc, usually three to five times per day, Windows Backup monthly, Syncback to USB offline HD also once a month
Risk factors
    • Browsing to popular websites
    • Logging into my bank account
    • Working from home
    • Streaming audio/video content from shady sites
Computer specs
Intel I7 950 with 8 GB Ram, 2 SSD drives and 2 HDD drives (1TB and 2TB)
Notable changes
Replaced router

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
:eek::eek::eek::eek::eek::eek::eek::eek::eek::eek::eek: Well that was a short trial, "OS Armor : what I fine mess you got me into again" 🤣🤣🤣🤣🤣🤣🤣🤣

OS Armor never again for me: it is, not only ill maintained, but also half baked protection

1597845371536.png
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
:eek::eek::eek::eek::eek::eek::eek::eek::eek::eek::eek: Well that was a short trial, "OS Armor : what I fine mess you got me into again" 🤣🤣🤣🤣🤣🤣🤣🤣

OS Armor never again for me: it is, not only ill maintained, but also half baked protection

View attachment 245376
You can try to use the below:
  • Advanced >> Block Scripts Execution >> Block execution of .msi installer scripts
  • Advanced >> Block Scripts Execution >> Block execution of .msc scripts outside the System folder
Next try to :
  1. Run the MSI file signed by the allowed signer.
  2. Run the MSI file signed by not allowed signer.
  3. Run an unsigned MSI file.
  4. If works well, then repeat for MSC files.
:)(y)

Edit.
The problem With OSA is that is very complex and does not have documentation. So, any setup should be tested carefully.
 
Last edited:

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
It's good to try different things out. I know I'll be tempted to try out the new version of Comodo when it comes out which wa meant to be the other week but got postponed but in reality, i know I'll return to WD H_C setup which is just as secure really :D
 

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
When you scroll down this website, you will find how to code this policies, e.g.
AllowCrossOriginAuthPrompt = Microsoft Edge Browser Policy Documentation

Scroll down and look for the WINDOWS REGISTRY part , which looks like
1597903993974.png


REG_DWORD is always a digital value, when they use 0 and 1, zero often means OFF and 1 means ON. So when the value is zero, ALLOW CROSS ORIGIN AUTHORISATION PROMPTS is set to OFF

You can create these values manually using reg editor (REGEDIT.EXE)
1597904083547.png


Above values can also be set using Notepad and creating a text with .REG extension. For above settings this looks like

1597904217037.png


I have attached this reg file as edge.txt (save as edge.reg and click to run) to get you going,

WARNING: Editing the registry can brick your system, so it is not for the faint hearted
 

Attachments

  • edge.txt
    480 bytes · Views: 490
Last edited:

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Combining NextDns combo's with Chrome extensions ported to Edge.

I was surprised Youtube for Adblock now also is available from Edge, so removed Chrome version for Edge version.

1598378998624.png


Also took the chance to add Privacy badger (I noticed it for the first time) and disable native Edge tracking protection. I always tweak softeare so I run Privacy badger with: Show domains which dont appear to be following you, so I can manually block advertsing and tracking networks when I recognize them.

AdBlock for Youtube currently only runs on Yotube, uMatrix only runs on Volkskrant.nl (block 1st party scripts to circumvent paywall)

At the momennt these are the blocklist I have enabled in NextDns (rest of NextDNS setup is copied from @security123)

1598379506132.png
 

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Please don't use it. It makes you unique
:) Thanks, the guy does not know how digital marketing works obviously. Most websites use advertising and tracking services from the top players.

See for instance this website Datanyze on market share of Alexa Top 1 Million. Facebook is missing because it has its own platform, (same applies for Apple and Amazon), but Google, Facebook, Microsoft, Apple, Amazon are the big earners in this game. The internet is starting to divide in a Western web and Eastern web (headed by the big Chinese players), but they all want the same: COLLECT OUR DATA

1598391095884.png
 
F

ForgottenSeer 85179

:) Thanks, the guy does not know how digital marketing works obviously. Most websites use advertising and tracking services from the top players.

See for instance this website Datanyze on market share of Alexa Top 1 Million. Facebook is missing because it has its own platform, (same applies for Apple and Amazon), but Google, Facebook, Microsoft, Apple, Amazon are the big earners in this game. The internet is starting to divide in a Western web and Eastern web (headed by the big Chinese players), but they all want the same: COLLECT OUR DATA

View attachment 245535
Well he is not the only guy who say that.
See GrapheneOS dev:
 

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
@security123

Well I generally agree that extensions should not mess with CSP (Content Security Policy) settings of webpages. I also think webbrowsers will be restricting what extensions are allowed to do, because it does not make sense to build a sandboxed browsers and allow extensions to escape it.

I am also surprised how far Firefox is behind Chrome from security perspective and still has got that many users. Looks like people in the 60-ties smoking cigarettes because they thought it was good for their health.

Okay back to NextDNS plus Edge tracking protection on strict again, lets hope Microsoft, Google and Facebook don't talk to each other much, because those three know a lot about me. What bugs me is that they only spy on me, why don't they do something useful in return like Google filling in my annual tax declaration and Microsoft my health insurance return bills and facebook ordering my weekly groceries on line or something :eek:
 
Last edited:

Soulbound

Level 29
Verified
Well-known
Jan 14, 2015
1,761
@security123

Okay back to NextDNS plus Edge tracking protection on strict again, lets hope Microsoft, Google and Facebook don't talk to each other much, because those three know a lot about me. What bugs me is that they only spy on me

Aint this taking paranoid to a new level?
I mean if you really are that paranoid, switch from Microsoft to Linux, switch to chromium browser in Linux, use DuckDuckGo search engine, avoid social media.
 

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Edit on previous setup change:

After discovering that OS Armor does not block MSI based on signatures, I immediately returned to ConfigureDefender on MAX with SimpleWindowsHardening


Latest change

Due to changes in ad distribution of websites I often visit (and EOL of uMatrix), I changed browser settings and extensions again:
- Default profile for Banking & Buying, all Edge settings on default, no extensions

- Strict profile for Searching & Surfing, most site permissions on block with following changes
a) Allow extension Blank New Tab on NTP
b) Replaced uMatrix and Edge Anti-Tracking with uBlockOrigin with Kees1958 top500 only (and some ABP rules in My Rules for websites I visit a lot to block ads).
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top