- Mar 19, 2022
- 652
Wouldn't adding simple windows hardening to my security kit be paranoia on my part already ?
Install and sometimes check it.Proste utwardzanie systemu wymaga konfiguracji?. A może po prostu zainstaluj i zapomnij?
Wczoraj byłem rozczarowany Aomei Backupperem. Miałem roczną wersję z promocji. Nie mogłem uruchomić programu - skończyło się niebieskim ekranem.
Usunąłem go i zainstalowałem Macrium Reflect Free
Wouldn't adding simple windows hardening to my security kit be paranoia on my part already ?
Just turn on SRP. You can may change a few details on Windows Hardening.Yes.
Simple System Hardening requires some special setup ?. Or just install and forget?
I agree with @silversurfer it's a little bit overkill and it depends on what you want.
Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
VoodooShield is active protection and will inform you when something gets blocked.Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
- Run SWH - the restrictions are automatically configured.
- Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
- If MS Office is installed, then it is recommendable to make some additional hardening:
- open Excel and block macros without notification (do it on each user account),
- apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
- This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
- If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Hard_Configurator/Simple Windows Hardening at master · AndyFul/Hard_Configurator
GUI to Manage Software Restriction Policies and harden Windows Home OS - AndyFul/Hard_Configuratorgithub.com
I would choose one or the other.
That's fine.I will leave two for now - VS and SWH. I'll keep watching. I do not use MS Office
I set it up but I don't know if it will be a good move - if the pages will work properly.
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.updatePing.enabled = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false
browser.ping-centre.telemetry = false
toolkit.telemetry.bhrPing.enabled = false
toolkit.telemetry.enabled = false
toolkit.telemetry.firstShutdownPing.enabled = false
toolkit.telemetry.hybridContent.enabled = false
toolkit.telemetry.newProfilePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.shutdownPingSender.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.updatePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.unified = false
toolkit.telemetry.archive.enabled = false
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.bhrPing.enabled = false
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true