- Jun 24, 2016
- 636
Logethica's Free Security Configuration;
SECURITY SOFTWARE SETTINGS-
★ ZoneAlarm Free Firewall ▼
List Of Microsoft Services (& Other) "Killed" through ZoneAlarm Application Control
UPDATED ON 30/10/2016 ▼
★ VoodooShield Pro BETA ▼
★ SpyShelter Premium ▼
★ Avast! Free Antivirus ▼
★ Crystal Security▼
★ Sandboxie: The Malwarebytes Anti-Exploit Template ▼
uBLOCK ORIGIN CUSTOM FILTERS: (UPDATED ON 13 Nov 2016);
★ Click On The "Spoiler" Below For Links To 58 Of My uBlock Origin Custom Filters ▼
My Security Configuration could be considered to be quite "Heavy" ...
...But I do not suffer any problems with this despite having a machine with just 2GB RAM.
This is because I have removed all M$ "Bloatware" & killed numerous Unneeded M$ Services.
Some MT members get pleasure from Testing AVs / Analyzing Malware / Refreshing their Security Software....
I get pleasure from building a Configuration and making each product work alongside others without either conflict,or a negative effect on system performance.
SECURITY SOFTWARE SETTINGS-
★ ZoneAlarm Free Firewall ▼
◉ Basic Firewall Settings-
Public Zone Security = High
Trusted Zone Security = High
Advanced Settings-
GENERAL
✔ Block All Fragments
✔ Enable ARP Protection
✔ Lock Hosts File
NETWORK
✔ Ask Which Zone to Place New Networks in Upon Detection
✖ IPv6 Networking
ZONES BLOCKED
URL: bing.com
+ Custom blocking of all others on the same network.
◉ Application Control-
SETTINGS
Network Firewall = Max
DefenseNet = Auto
OS FIREWALL SETTINGS
Change Internet Explorer Search Page = Ask
Install ActiveX = Ask
Change Which Programs Load at StartUp = Ask
Change the Hosts File = Ask
Public Zone Security = High
Trusted Zone Security = High
Advanced Settings-
GENERAL
✔ Block All Fragments
✔ Enable ARP Protection
✔ Lock Hosts File
NETWORK
✔ Ask Which Zone to Place New Networks in Upon Detection
✖ IPv6 Networking
ZONES BLOCKED
URL: bing.com
+ Custom blocking of all others on the same network.
◉ Application Control-
SETTINGS
Network Firewall = Max
DefenseNet = Auto
OS FIREWALL SETTINGS
Change Internet Explorer Search Page = Ask
Install ActiveX = Ask
Change Which Programs Load at StartUp = Ask
Change the Hosts File = Ask
UPDATED ON 30/10/2016 ▼
- Data Exchange Host
- Data Sharing Maintenance Driver
- Device Census
- Disk Defragmenter Module
- Disk Space CleanUp Manager for Windows
- IE Per-User Initialization Utility
- Microsoft Compatibility Telemetry
- Microsoft Feedback SIUF Deployment Manager Client
- Microsoft OneDrive
- Microsoft Sync Center
- Search and Cortana Application
- Windows Modules Installer
- Windows Modules Installer Worker
- Windows Update
- Google Analytics Sender
- Avast Offer Installation Tool
- 64.4.54.253 (Microsoft Feedback SIUF Deployment Manager Client
- Bing.com (I recommend blocking this if you do not use Bing,as it tries to send data back to M$ frequently...O&O ShutUp10 does not block this so t has to be done manually)
- co4.telecommand.telemetry.microsoft.com.akadns.net. (same as above)
I have chosen to not list every setting,only those that I think may be of Interest-
Whitelisting Mode: Always ON
◉ Basic Settings-
✔ Deny by Default
✖ Temporarily Allow by Publisher / Digital Signature Until Reactivation
VoodooAi Sensitivity = 120%
◉ Advanced Settings-
✖ Automatically Deactivate
✖ Automatically Allow by Parent Process
✔ Automatically Quarantine Files with "3" or more Positive Detections
Whitelisting Mode: Always ON
◉ Basic Settings-
✔ Deny by Default
✖ Temporarily Allow by Publisher / Digital Signature Until Reactivation
VoodooAi Sensitivity = 120%
◉ Advanced Settings-
✖ Automatically Deactivate
✖ Automatically Allow by Parent Process
✔ Automatically Quarantine Files with "3" or more Positive Detections
I have chosen to not list every setting,only those that I think may be of Interest-
Keystroke Encryption-
ADVANCED
Hooks Guard: Better Compatibility Mode
Settings-
GENERAL
✔ Launch the Program from the Service (Early Start)
SECURITY
Certified Applications = Auto allow -High Security Level
✔ Auto-block Suspicious Behaviour
✖ Decrease Self-defense to Improve Compatibility with Third-Party Software
ADVANCED
Terminating of Process:
✔ Terminating Child Process
✔ Terminate All Instances
✔ Block Registering of Non Exist Driver
Keystroke Encryption-
ADVANCED
Hooks Guard: Better Compatibility Mode
Settings-
GENERAL
✔ Launch the Program from the Service (Early Start)
SECURITY
Certified Applications = Auto allow -High Security Level
✔ Auto-block Suspicious Behaviour
✖ Decrease Self-defense to Improve Compatibility with Third-Party Software
ADVANCED
Terminating of Process:
✔ Terminating Child Process
✔ Terminate All Instances
✔ Block Registering of Non Exist Driver
I have chosen to not list every setting,only those that I think may be of Interest-
I have only Installed the "File System Shield" & "Home Network Security" Components:
◉ Settings-
GENERAL
✔ Enable CyberCapture;
Always Block Suspicious Files
✔ Enable Hardened Mode;
Aggressive
✔ Scan for PUPs
◉ Components-
FILE SYSTEM SHIELD
Sensitivity;
Heuristics = High
✔ Scan for PUPs
HIPS = Maximum Sensitivity
ADVANCED SETTINGS
✔ Automatically Quarantine Detected Items
✔ Enable Self-Protection Module
✔ Enable Early Start
✔ Reduce Priority of Scans to Improve Multitasking
I have only Installed the "File System Shield" & "Home Network Security" Components:
◉ Settings-
GENERAL
✔ Enable CyberCapture;
Always Block Suspicious Files
✔ Enable Hardened Mode;
Aggressive
✔ Scan for PUPs
◉ Components-
FILE SYSTEM SHIELD
Sensitivity;
Heuristics = High
✔ Scan for PUPs
HIPS = Maximum Sensitivity
ADVANCED SETTINGS
✔ Automatically Quarantine Detected Items
✔ Enable Self-Protection Module
✔ Enable Early Start
✔ Reduce Priority of Scans to Improve Multitasking
I have chosen to not list every setting,only those that I think may be of Interest-
GENERAL
✔ Auto Decision
✔ Self-Protection
PROTECTION
✔ Upload Unknown Files
✖ Trust Applications With Digital Signature
GENERAL
✔ Auto Decision
✔ Self-Protection
PROTECTION
✔ Upload Unknown Files
✖ Trust Applications With Digital Signature
HOW TO EMPLOY THE MBAE TEMPLATE-
Go to Sandboxie control ➤Configure ➤ Edit configuration,
Copy and paste the MBAE template in the space below Global settings. After saving the file, close Sandboxie control. Open it again and Reload the configuration file in
Configure ➤ Reload configuration.
PLEASE NOTE-
If you aren't on XP feel free to delete: OpenIpcPath=$:mbae-svc.exe
If you aren't on a 32 bit system feel free to delete: InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
If you aren't on a 64 bit system feel free to delete both the following lines:
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll
Take notice of the last three lines which are set to the 'default' installation directory of MBAE, if it was customized at install, the path will need to be updated to reflect your real installation path.
The above information was sourced from forums.sandboxie.com
COPY EVERYTHING BELOW (Including [Template_MBAE]) ▼
[Template_MBAE]
Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
OpenIpcPath=$:mbae-svc.exe
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll
Go to Sandboxie control ➤Configure ➤ Edit configuration,
Copy and paste the MBAE template in the space below Global settings. After saving the file, close Sandboxie control. Open it again and Reload the configuration file in
Configure ➤ Reload configuration.
PLEASE NOTE-
If you aren't on XP feel free to delete: OpenIpcPath=$:mbae-svc.exe
If you aren't on a 32 bit system feel free to delete: InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
If you aren't on a 64 bit system feel free to delete both the following lines:
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll
Take notice of the last three lines which are set to the 'default' installation directory of MBAE, if it was customized at install, the path will need to be updated to reflect your real installation path.
The above information was sourced from forums.sandboxie.com
COPY EVERYTHING BELOW (Including [Template_MBAE]) ▼
[Template_MBAE]
Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
OpenIpcPath=$:mbae-svc.exe
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll
uBLOCK ORIGIN CUSTOM FILTERS: (UPDATED ON 13 Nov 2016);
★ Click On The "Spoiler" Below For Links To 58 Of My uBlock Origin Custom Filters ▼
UPDATED ON 13/11/2016- New Links are in Green
Below are links to 58 uBlock Origin "Custom Filters" .
Please Note that adding numerous extra filters should be done with a degree of caution.
I suggest to add maybe 2 or 3 of those that interest you at a time and check for any issues such as "Browser Slow-Down", "Web-Page Breakage", "Specific Site-Access Denial"..etc.All of our surfing habits differ,so just add the filters that you consider beneficial to you.
To add these Filters to uBlock Origin-
Go to uBlock Origin's Settings --> 3rd-Party Filters --> Scroll down to the bottom of the page and "Paste" the URL of the desired filter into the box provided --> Then Click on the "Parse" button --> Then click the "Apply Changes" button that will appear on the right side of the screen.
The "Click Here" Buttons below will take you to each respective Filter-List page.
Some of the pages may take a few seconds to load due to their size.
This will allow you to "Copy & Paste" the URL into uBlock Origin should you wish to.
Many of the Filters below are available on Filterlists.com, which has many more lists including language/region specific.
(PLEASE NOTE: Not all of these lists are updated "Automatically" through uBlock,so it is best to periodically empty the Cache and update manually)
Adguard Annoyances Filter -Click Here
Adguard English Filter -Click Here
Adguard Mobile Ads Filter -Click Here
Adguard Social Media Filter -Click Here
Adguard Spyware Filter -Click Here
Adversity -Click Here
Adversity: Extreme Measures -Click Here
AndlsH Blocklist -Click Here
BBcan177 -Click Here
Block-EU-Cookie-#####-List -Click Here
Btgregory: Gnuzilla Blacklist (Working Mirror Of "Block all Well known Privacy Trackers",which is Offline) -Click Here
Btgregory: uBlock Supplementary Blocklist -Click Here
Byaka: uBlock Antiskimming List -Click Here (Details at -Github.com )
Dawsey21- Main Blacklist -Click Here
Desbma/referer-spam-domains/blacklist - (Fork of Piwik referer spam) -Click Here
Fanboy's Anti-thirdparty Fonts -Click Here
Fanboy's Cookiemonster List -Click Here
Genediazjr Nopelist -Click Here
Hexxium Creations Threat List -Click Here
hpHosts/Ads & Trackers -Click Here
hpHosts/emd -(Malware) -Click Here
hpHosts/exp -(Exploits) -Click Here
hpHosts/fsa -(Fraud) -Click Here
hpHosts/grm -(Spam) -Click Here
hpHosts/hjk -(Hijacking) -Click Here
hpHosts/hphosts-partial -(Added to hpHosts AFTER the last full release) -Click Here
hpHosts/mmt -(Misleading Marketing) -Click Here
hpHosts/pha -(Illegal Pharmacy Sites) -Click Here
hpHosts/psh -(Phishing) -Click Here
hpHosts/wrz -(Piracy) -Click Here
Hosts.herndl.org/hosts.txt -(Adblocking) -Click Here
Hostsfile.org/Downloads/hosts -(Securemecca) -Click Here
I don't care about cookies -(kiboke-studio) -Click Here
Jmdugan/blocklists/master/corporations/facebook -Click Here
Jmdugan/blocklists/master/corporations/microsoft -Click Here
Joewein - (Spam) -Click Here
Kurobeats: Phishing Hosts -Click Here (Details at Github.com)
Ligyxy Blocklist -Click Here
Malekal.com/HOSTS_filtre/HOSTS -Click Here
MOxFIVE Personal Blocklist -Click Here
Nabble/semalt-blocker/master/domains -Click Here
Openphish.com/feed -Click Here
Osint.bambenekconsulting.com/feeds/c2-dommasterlist -Click Here
Phishing.mailscanner.info/phishing.bad.sites (Phishtank) -Click Here
Piperun's iplogger filter -Click Here
Piwik/referer-spam-domains/blacklist -Click Here
Quidsup/notrack/master/trackers -Click Here
Ransomwaretracker.abuse.ch/downloads/RW_DOMBL -Click Here
Ransomwaretracker.abuse.ch/downloads/RW_URLBL -Click Here
Rickrolldb.com/ricklist -Click Here
Security-research.dyndns.org/ponmocup-infected-domains Click Here-
StevenBlack/hosts/master/hosts -Click Here
Threatcrowd.org/feeds/domains -Click Here
Toshiya44: "Almost Stable" Filters -Click Here
Vxvault.net//URL_List -Click Here
Youtube: Pure Video Experience -Click Here
Zant95/hosts/master/hosts -(Blocks Download Sites) -Click Here
ZPacman: Blockzilla (Blocks Ads & Trackers) -Click Here (Details @ ZPacman.Github.io/Blockzilla)
Below are links to 58 uBlock Origin "Custom Filters" .
Please Note that adding numerous extra filters should be done with a degree of caution.
I suggest to add maybe 2 or 3 of those that interest you at a time and check for any issues such as "Browser Slow-Down", "Web-Page Breakage", "Specific Site-Access Denial"..etc.All of our surfing habits differ,so just add the filters that you consider beneficial to you.
To add these Filters to uBlock Origin-
Go to uBlock Origin's Settings --> 3rd-Party Filters --> Scroll down to the bottom of the page and "Paste" the URL of the desired filter into the box provided --> Then Click on the "Parse" button --> Then click the "Apply Changes" button that will appear on the right side of the screen.
The "Click Here" Buttons below will take you to each respective Filter-List page.
Some of the pages may take a few seconds to load due to their size.
This will allow you to "Copy & Paste" the URL into uBlock Origin should you wish to.
Many of the Filters below are available on Filterlists.com, which has many more lists including language/region specific.
(PLEASE NOTE: Not all of these lists are updated "Automatically" through uBlock,so it is best to periodically empty the Cache and update manually)
Adguard Annoyances Filter -Click Here
Adguard English Filter -Click Here
Adguard Mobile Ads Filter -Click Here
Adguard Social Media Filter -Click Here
Adguard Spyware Filter -Click Here
Adversity -Click Here
Adversity: Extreme Measures -Click Here
AndlsH Blocklist -Click Here
BBcan177 -Click Here
Block-EU-Cookie-#####-List -Click Here
Btgregory: Gnuzilla Blacklist (Working Mirror Of "Block all Well known Privacy Trackers",which is Offline) -Click Here
Btgregory: uBlock Supplementary Blocklist -Click Here
Byaka: uBlock Antiskimming List -Click Here (Details at -Github.com )
Dawsey21- Main Blacklist -Click Here
Desbma/referer-spam-domains/blacklist - (Fork of Piwik referer spam) -Click Here
Fanboy's Anti-thirdparty Fonts -Click Here
Fanboy's Cookiemonster List -Click Here
Genediazjr Nopelist -Click Here
Hexxium Creations Threat List -Click Here
hpHosts/Ads & Trackers -Click Here
hpHosts/emd -(Malware) -Click Here
hpHosts/exp -(Exploits) -Click Here
hpHosts/fsa -(Fraud) -Click Here
hpHosts/grm -(Spam) -Click Here
hpHosts/hjk -(Hijacking) -Click Here
hpHosts/hphosts-partial -(Added to hpHosts AFTER the last full release) -Click Here
hpHosts/mmt -(Misleading Marketing) -Click Here
hpHosts/pha -(Illegal Pharmacy Sites) -Click Here
hpHosts/psh -(Phishing) -Click Here
hpHosts/wrz -(Piracy) -Click Here
Hosts.herndl.org/hosts.txt -(Adblocking) -Click Here
Hostsfile.org/Downloads/hosts -(Securemecca) -Click Here
I don't care about cookies -(kiboke-studio) -Click Here
Jmdugan/blocklists/master/corporations/facebook -Click Here
Jmdugan/blocklists/master/corporations/microsoft -Click Here
Joewein - (Spam) -Click Here
Kurobeats: Phishing Hosts -Click Here (Details at Github.com)
Ligyxy Blocklist -Click Here
Malekal.com/HOSTS_filtre/HOSTS -Click Here
MOxFIVE Personal Blocklist -Click Here
Nabble/semalt-blocker/master/domains -Click Here
Openphish.com/feed -Click Here
Osint.bambenekconsulting.com/feeds/c2-dommasterlist -Click Here
Phishing.mailscanner.info/phishing.bad.sites (Phishtank) -Click Here
Piperun's iplogger filter -Click Here
Piwik/referer-spam-domains/blacklist -Click Here
Quidsup/notrack/master/trackers -Click Here
Ransomwaretracker.abuse.ch/downloads/RW_DOMBL -Click Here
Ransomwaretracker.abuse.ch/downloads/RW_URLBL -Click Here
Rickrolldb.com/ricklist -Click Here
Security-research.dyndns.org/ponmocup-infected-domains Click Here-
StevenBlack/hosts/master/hosts -Click Here
Threatcrowd.org/feeds/domains -Click Here
Toshiya44: "Almost Stable" Filters -Click Here
Vxvault.net//URL_List -Click Here
Youtube: Pure Video Experience -Click Here
Zant95/hosts/master/hosts -(Blocks Download Sites) -Click Here
ZPacman: Blockzilla (Blocks Ads & Trackers) -Click Here (Details @ ZPacman.Github.io/Blockzilla)
My Security Configuration could be considered to be quite "Heavy" ...
...But I do not suffer any problems with this despite having a machine with just 2GB RAM.
This is because I have removed all M$ "Bloatware" & killed numerous Unneeded M$ Services.
Some MT members get pleasure from Testing AVs / Analyzing Malware / Refreshing their Security Software....
I get pleasure from building a Configuration and making each product work alongside others without either conflict,or a negative effect on system performance.
Last edited: