Advanced Plus Security Lightning_Brian's 2021 Security Configuration

Last updated
Dec 31, 2020
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Real-time security
Norton 360 Premium (paid - latest release), VoodooShield Premium (paid - latest release - note: not always 100% on)
Firewall security
About custom security
SONAR set to aggressive

Boot time protection Aggressive

Custom scans set at various times - multiple custom scans

Blocking traffic for malicious applications - set to aggressive
Periodic malware scanners
Emsisoft Emergency Kit (EEK), Malwarebytes Anti-Malware (Paid - real time disabled - using as needed)
Malware sample testing
Browser(s) and extensions
Firefox: HTTPS Everywhere, AdGuard AdBlocker, Windscribe VPN, and NoScript
Secure DNS
None - Will be changing this up in the near future though.
Desktop VPN
Windscribe Pro (paid - latest release - lifetime license)
Avira Phantom VPN (secondary VPN not main VPN at all) – BETA TESTING
Password manager
Sticky Password - Lifetime
RoboForm for Business - Enterprise - RoboForm Everywhere
PassCamp - Enterprise Read more about it here: https://www.passcamp.com/enterprise-password-management/ or https://www.passcamp.com/features/
Maintenance tools
Cleaning Utilities:
  • Glary Utilities PRO (paid and latest release)
  • Windows 10 built in tools
Software Removal Tool:
  • Revo Uninstaller v4 (Pro Portable - Paid - Paid for 2 years of updates!)
Windows Repair (Not Always Using Here Folks – Mainly For Some Minor Repairs Before Clean Install)
File and Photo backup
Backup Software (or similar):
  • AOMEI Backupper Pro (paid - latest release)
    • AOMEI Dynamic Disk Manager Pro Edition (paid - latest stable - lifetime license) – Updating disk information and management
    • AOMEI Parition Assistant Pro Edition (paid - latest stable - lifetime license) – Updating disk information and management
  • Macrium Reflect Free (free - latest release)
    • viBoot from Macrium Reflect (free - latest stable) – Please read more about viBoot here before commenting on it: Macrium viBoot
      • In short (their wording not mine):Macrium viBoot enables you to instantly create, start and manage Microsoft Hyper-V virtual machines using one or more Macrium Reflect image files as the basis of the virtual machine storage sub-system.
      • At a minimum, viBoot enables you to boot into the images you have made using Macrium Reflect, for validation purposes, or to retrieve data from old applications stored on a bootable image. At an enterprise level, you could recover an entire network environment in minutes.
      • Macrium viBoot is now built upon new technology that allows it to instantly present a Macrium Reflect image file as a Microsoft Virtual Disk (.VHDX) file.
  • Acronis True Image 2021 (paid and latest release - perpetual license for v2021)
Yes, I use three different backup tools. No, I do not use all three at the same time, same day, or for exactly the same reason. If you get stung by one backup going bad you will get why I use three. Plus, all three have some very unique and nice features. Check these out! Questions – please read about the tools prior to asking! Thanks!
System recovery
Macrium Reflect Free (free - latest stable), AOMEI Backupper Pro (paid and latest stable), Acronis True Image 2021 (paid and latest release)
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Downloading software and files from reputable sites
    • Working from home
    • Gaming
Computer specs
Custom build!

CPU - Intel i7-8700k CPU @ 3.70 GHz
GPU - NVIDIA GeForce GTX 1080 @ 8 GB GDDR5X
RAM - 64 GB DDR4 - 63.8 GB Usable!
SSD - Samsung 970 EVO 500GB - NVMe PCIe M.2 2280 SSD (MZ-V7E500BW)
HDD - WD Black 2TB Performance Desktop Hard Disk Drive - 7200 RPM SATA 6 Gb/s 64MB Cache 3.5 Inch - WD2003FZEX
AIO liquid CPU cooler
Notable changes
Changes made 12-31-2020

Major Changes:

Changed from Norton Security Premium to Norton 360 Premium

Big change here folks! Time to go into the future with the latest and greatest for 2021.

Upgraded VMware Workstation Pro 15 from v16 to release version 16.1!!

Link: VMware Workstation 16.1.0 Pro Release Notes

Yes, I know I paid a pretty penny on this. I know I will never regret it given my career field and everything that I do.

I can concur that everything is nice and snappy on v16 and the improvements are easily noticeable. I know I recently added RAM, but things are flying in the new version. Some things are eh'. I think those are widely known that I don't need to repeat that stuff here. As noted in the release notes above I am noticing the same thing here:

Performance Improvements
  • Improved file transfer speeds (Drag and Drop, Copy and Paste)
  • Improved virtual machine shutdown time.
  • Improved virtual NVMe storage performance.
Other notable changes:

Upgraded AOMEI Backupper from v6.1 to v6.3

New features/changes of AOMEI Backupper v6.3 can be found here:

Link: Changelog – AOMEI Backupper

Upgraded AOMEI Partition Assistant from v9.0 to v9.1

New features/changes of AOMEI Partition Assistant can be found here:

Link: AOMEI Partition Assistant Changelog

Upgraded Macrium Reflect v7 to the latest edition (free - latest release)

New features/changes of Macrium Reflect v7 can be found here:

Link: Macrium Reflect Patch Details

Upgraded GlassWire ELITE to the latest stable release which is v2.2.268

New features/changes of GlassWire v2.2.268 can be found here:

Link: GlassWire Software Version Changes List

Upgraded Revo Uninstaller Pro Portable from v4.3.8 to v4.4

New features/changes of Revo Uninstaller Pro Portable Pro v4.4 can be found here:

Link: Revo Uninstaller Pro - History

Adguard Premium (paid - latest release - lifetime license) upgraded from v7.5.2 to latest build which is v7.5.3

New features/changes of Adguard Premium v7.5.3 can be found here:

Link: Versions history | AdGuard

Upgraded RoboForm for Windows RoboForm for Business (highly secure and locked down) from v8.9.5 to latest release which is v9.1.0.

New features/changes of RoboForm for Windows RoboForm for Business v9.1.0 can be found here:

Link: RoboForm for Windows Version News

Upgraded Sticky Password for Windows from v8.2.8.6 to latest release which is v8.2.8.7

New features/changes of Sticky Password for Windows v8.2.8.7 can be found here:

Link: Windows release notes | Sticky Password

Acronis True Image 2021 upgraded to Build35860

New features/changes of Acronis True Image Build 35860 can be found here:

Link: Release notes - List of Changes - 42226
What I'm looking for?

Looking for maximum feedback.

Notes by Staff Team

  1. This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of the installed antivirus products.

L

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
743
Handsome Recluse said:
Why do you also have multiple password managers?
Click to expand...

@Handsome Recluse Happy new year friend! Great question!

Answer:

I use different password managers for the following reasons:
  1. Company I have
  2. Personal Use
  3. Backup use
  4. Company I work for
I will not say which one I use for personal use, but I do recommend all of them in their highly locked down and secure state. I encourage you and everyone at MT to research their cool and innovative ways. FYI before someone goes all crazy and says "Brian you should use Bitwarden or LastPass" I will say that I have used those password managers and those are nice as well. I just so happen to like the ones I'm using for my own use cases.

silversurfer said:
Confirmed here on my personal testing recently some days ago:
Cloudflare's "Malware and Adult Content Blocking" blocks almost none URL delivering fresh malware!

Beside NextDNS, Quad9 seems to be the best DNS service to block malware, 3rd place for CleanBrowsing.
Click to expand...

@silversurfer Happy New Year! Great points here. If I had to choose a DNS provider Quad9 would be my go to for usage. However, I think I failed to go deeper into my security setup to say that I use Windscribe on just about everything. My phone, computers, my network gear etc. is all set up to run through Windscribe in multiple hops. No I do not experience any slowdowns nor any issues by doing this. The hop locations are actually very close to me and my speed actually is a little bit better compared to what my ISP provides - yes my network gear helps a bit on this side too. Long story short so no one goes into loopy land the speed is just a few Mbps better not some crazy high number.

Some folks may not be aware they can set up their network gear to run on Windscribe. Here is the link to some setup guides: Windscribe

McMcbrad said:
Norton 360 will be very hard to bypass in real-life situations. It’s possible to bypass it if you are a malware hunter, but under normal circumstances, it provides great protection.
VS might not be so beneficial.
Click to expand...

@McMcbrad You are very correct about this! Highly unlikely that Norton 360 in the out of the box setup can be bypassed in real-life situations much less in my current configuration.

As per my note in my security configuration I don't always have VS turned on 24/7/365; however, in use cases I find it still very beneficial. I worked with Norton to confirm out a few things. @danb I'm sure you know Norton works well with VS. Hats off to your hard work there @danb !

Perhaps you @McMcbrad and others are correct that VS may not be fully needed. However, in use cases I can and do see a great want/need for VS still present on the system. As some would say - to each his own! I do not foresee VS going anywhere any time from my systems.

As you said in one of your postings @danb
danb said:
VS has always been about making application whitelisting user-friendly for the masses.
Click to expand...
I couldn't agree more! VS is very user-friendly for the masses. @danb Keep up the great work you are doing! You are helping the cyber security community and making a big impact too.

My question for all friends of MT:

Given the little more info about my network setup with Windscribe - do I need the DNS settings? I'm not a uber duber expert in all things VPN; however, my IT experence and saying 'no DNS setup isn't needed with Windscribe'. However, could it help??! Thoughts!?

Thanks!
Brian
 
  • Like
Reactions: plat, Cortex, Venustus and 6 others
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,720
McMcbrad said:
Norton 360 will be very hard to bypass in real-life situations. It’s possible to bypass it if you are a malware hunter, but under normal circumstances, it provides great protection.
VS might not be so beneficial.
Click to expand...
I promise you, anyone who has ran VS for a while and has decided to uninstall it for one reason or another, will ultimately find themselves in a situation where they wish their computer was locked when they are about to click on something they are unsure of.

Automatically allowing unknown arbitrary code is foolish.
 
  • Like
Reactions: plat, Dhruv2193, Cortex and 6 others
L

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
743
What's yall' thoughts about uBlock Origin + Adguard for extensions for Firefox? I know the two compete and deal with the same things. Been a long time user of both, but mainly one at a time not together. Does anyone have any thoughts on this?

On the topic of web browser add-ons any other recommendations beyond what I am using today?

What I am using today:

Firefox: HTTPS Everywhere, AdGuard AdBlocker, Windscribe VPN, and NoScript

Thanks in advance for your thoughts!
~Brian
 
  • Like
Reactions: Protomartyr, plat, Cortex and 4 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
First with Firefox HTTPS Everywhere is redundant see HTTPS-Only Mode in Firefox below:

HTTPS-Only Mode in Firefox | Firefox Help

Learn more about HTTPS-Only Mode which forces all connections to websites to use HTTPS.
support.mozilla.org support.mozilla.org

uBlock Origin and AdGuard together is a waste of resources IMO, they both try to do the same (and like you I like them both).

uBlock Origin is lighter on resources and its real plus are the advanced modes, but since you are also using NoScript I don't think the advanced modes add something for you.
About advanced blocking modes: gorhill/uBlock

AdGuard is a good AdBlocker and IMO parses the cosmetic filters a little better, so you have a cleaner filtered webpage. Its plus comes from the stealth mode.
About stealth mode: In-depth features overview: AdGuard Browser extension

So, IMO loose HTTPS Everywhere and turn its functionality on in Firefox. Choose for yourself between AdGuard and uBlock Origin and use one of them together with NoScript.
Or use uBlock Origin in medium mode and you can even loose NoSctipt... it's up to you :D
 
  • Like
  • +Reputation
Reactions: Kongo, SeriousHoax, Protomartyr and 4 others
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
danb said:
I promise you, anyone who has ran VS for a while and has decided to uninstall it for one reason or another, will ultimately find themselves in a situation where they wish their computer was locked when they are about to click on something they are unsure of.

Automatically allowing unknown arbitrary code is foolish.
Click to expand...
With full & total respect to you and your opinions, I have never found myself in that scenario you have described - I found VS a pain in the posterior & don't miss it at all - Maybe I don't click on things I'm unsure of?
 
  • Like
  • +Reputation
Reactions: SeriousHoax, Venustus, Protomartyr and 1 other person
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,720
Cortex said:
With full & total respect to you and your opinions, I have never found myself in that scenario you have described - I found VS a pain in the posterior & don't miss it at all - Maybe I don't click on things I'm unsure of?
Click to expand...
It's cool, thank you for letting me know! How long ago did you try VS? Do you install a lot of new software? Do you change a lot of settings from the default? Do you remember what kind of blocks you were encountering? The vast majority of users (mainly novice and intermediate) do not install a lot of new programs, so they rarely encounter a VS block. The reason I know this is because I still service a lot of endpoints for local clients, most that are running VS, and I like to review the logs to see what was blocked.

If you ever get a chance to try VS again, please let me know what blocks you encounter. There might be a chance that we can further reduce unwanted blocks. Obviously, we want to reduce the unwanted blocks as much as possible, but also ensure the computer is secure by blocking items that need to be blocked.
 
  • Like
Reactions: harlan4096, Venustus and Protomartyr
L

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
743
Gandalf_The_Grey said:
First with Firefox HTTPS Everywhere is redundant see HTTPS-Only Mode in Firefox below:

HTTPS-Only Mode in Firefox | Firefox Help

Learn more about HTTPS-Only Mode which forces all connections to websites to use HTTPS.
support.mozilla.org support.mozilla.org

uBlock Origin and AdGuard together is a waste of resources IMO, they both try to do the same (and like you I like them both).

uBlock Origin is lighter on resources and its real plus are the advanced modes, but since you are also using NoScript I don't think the advanced modes add something for you.
About advanced blocking modes: gorhill/uBlock

AdGuard is a good AdBlocker and IMO parses the cosmetic filters a little better, so you have a cleaner filtered webpage. Its plus comes from the stealth mode.
About stealth mode: In-depth features overview: AdGuard Browser extension

So, IMO loose HTTPS Everywhere and turn its functionality on in Firefox. Choose for yourself between AdGuard and uBlock Origin and use one of them together with NoScript.
Or use uBlock Origin in medium mode and you can even loose NoSctipt... it's up to you :D
Click to expand...

Thanks @Gandalf_The_Grey ! Good recommendations that helped solidify what I was thinking too after playing around with some stuff today!

Any other recommendations for extensions for the world of Firefox and or otherwise?

Thanks again,
Brian
 
  • Like
Reactions: harlan4096, Protomartyr, Gandalf_The_Grey and 1 other person
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
Lightning_Brian said:
Thanks @Gandalf_The_Grey ! Good recommendations that helped solidify what I was thinking too after playing around with some stuff today!

Any other recommendations for extensions for the world of Firefox and or otherwise?

Thanks again,
Brian
Click to expand...
Any time (y)
No not really any other recommendations, I try (but sometimes fail) to keep it simple and light.
Does Norton 360 add an extension to your browsers, and do you use or deinstall them?
IMO and adblocker and a password manager are the most important.
I also use (but in Edge) Microsoft Editor (spelling and grammar check) and the extension installed by the AV I use or if there is none installed Bitdefender TrafficLight.
 
  • Like
Reactions: Venustus, harlan4096 and Protomartyr
L

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
743
Gandalf_The_Grey said:
Any time (y)
No not really any other recommendations, I try (but sometimes fail) to keep it simple and light.
Does Norton 360 add an extension to your browsers, and do you use or deinstall them?
IMO and adblocker and a password manager are the most important.
I also use (but in Edge) Microsoft Editor (spelling and grammar check) and the extension installed by the AV I use or if there is none installed Bitdefender TrafficLight.
Click to expand...
Norton has its 'bloat' that I don't install or use at all. My password managers - I don't even install those for various reasons (call me paranoid). I use the secure copy and erase from clipboard functionalities.

Any other recommendations that you'd like to recommend?

Anyone have any other thoughts for my setup?

Thanks for all of the help!

~Brian
 
  • Like
Reactions: Venustus, harlan4096, Protomartyr and 1 other person
You must log in or register to reply here.

Similar threads

Nautilus
    • Like
    • Applause
Advanced Plus Security Nautilus Security Config 2024
Replies
0
Views
211
PC Setup Configuration Help & Showcase
Nautilus
Nautilus
RRlight
    • Like
Advanced Security RRlight gaming laptop config 2024
Replies
4
Views
218
PC Setup Configuration Help & Showcase
RRlight
RRlight
lokamoka820
    • Like
    • Wow
    • HaHa
New Update Microsoft Will Charge You $30 To Stay on Windows 10
Replies
6
Views
362
Windows 10
7Oz-64
7Oz-64

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top