Advanced Security M4RT1NE2 Security Configuration 2024

Last updated
Feb 20, 2023
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
On
Network firewall
Enabled
Real-time security
Microsoft Defender + WHHL
Firewall security
Microsoft Defender Firewall
About custom security
Auto playback - disabled
O&O shut up 11 (recommended settings)
O&O App Buster ((system slimmed down)
Periodic malware scanners
Scan once a month using the following scanners:
  • EMSISOFT
  • Malwarebytes Anti-Malware
  • NPE
  • KVRT
Malware sample testing
I do not participate in malware testing
Environment for malware testing
None
Browser(s) and extensions
Google Chrome with
  • Ublock Origin
  • AVG Online Security
Secure DNS
Quad9 DNS
Desktop VPN
Windscribe VPN
Password manager
KeePass 2.x
Maintenance tools
HiBit Uninstaller
BleachBit
CCleaner
File and Photo backup
Hasleo Backup Suite
AOMEI Backupper Standard
Subscriptions
    • None
System recovery
Once every fortnight, the entire system partition is copied to an external drive.
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
ACER AN515-54-551F
What I'm looking for?

Looking for medium feedback.

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
652
Simple system hardening requires configuration? Or does it just install and forget?

I was disappointed with Aomei Backupper yesterday. I had the one year version from a promotion. I could not run the program - it ended up with a blue screen.

I removed it and installed Macrium Reflect Free
 
Last edited:

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
Proste utwardzanie systemu wymaga konfiguracji?. A może po prostu zainstaluj i zapomnij?

Wczoraj byłem rozczarowany Aomei Backupperem. Miałem roczną wersję z promocji. Nie mogłem uruchomić programu - skończyło się niebieskim ekranem.

Usunąłem go i zainstalowałem Macrium Reflect Free
Install and sometimes check it.

I am using it together with Bitdefender Total Security, rock solid combination.

 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,256
Wouldn't adding simple windows hardening to my security kit be paranoia on my part already ?

Voodoo Shield free helps to protect in similar way like OS hardening but offers more "features" as real-time protection.
Simple Windows Hardening does work with tweaks only to harden Windows 10/11
Both together it's what we call "overkill" but in my view slightly overkill :D

Yes.
Simple System Hardening requires some special setup ?. Or just install and forget?
Just turn on SRP. You can may change a few details on Windows Hardening.

SWH.png
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.
 

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
652
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.

I will leave two for now - VS and SWH. I'll keep watching. I do not use MS Office
 

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
652
As of today, I already have everything I need to work safely on my laptop.
Since I'm with you on the forum, my software has changed completely. I don't mean just laptop security anymore, but also other programs - replacements for the original ones.
Thanks to your advice I managed to make an interesting set
I am pleased with this fact
 

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
652
I set it up but I don't know if it will be a good move - if the pages will work properly. So far so good

Something else to change ?
 

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
652
I used this procedure to disable telemetry in Firefox
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.updatePing.enabled = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false
browser.ping-centre.telemetry = false
toolkit.telemetry.bhrPing.enabled = false
toolkit.telemetry.enabled = false
toolkit.telemetry.firstShutdownPing.enabled = false
toolkit.telemetry.hybridContent.enabled = false
toolkit.telemetry.newProfilePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.shutdownPingSender.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.updatePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.unified = false
toolkit.telemetry.archive.enabled = false
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.bhrPing.enabled = false
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top