Advanced Security M4RT1NE2 Security Configuration 2024

Last updated
Feb 20, 2023
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
On
Network firewall
Enabled
Real-time security
Microsoft Defender + WHHL
Firewall security
Microsoft Defender Firewall
About custom security
Auto playback - disabled
O&O shut up 11 (recommended settings)
O&O App Buster ((system slimmed down)
Periodic malware scanners
Scan once a month using the following scanners:
  • EMSISOFT
  • Malwarebytes Anti-Malware
  • NPE
  • KVRT
Malware sample testing
I do not participate in malware testing
Environment for malware testing
None
Browser(s) and extensions
Google Chrome with
  • Ublock Origin
  • AVG Online Security
Secure DNS
Quad9 DNS
Desktop VPN
Windscribe VPN
Password manager
KeePass 2.x
Maintenance tools
HiBit Uninstaller
BleachBit
CCleaner
File and Photo backup
Hasleo Backup Suite
AOMEI Backupper Standard
Subscriptions
    • None
System recovery
Once every fortnight, the entire system partition is copied to an external drive.
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
ACER AN515-54-551F
What I'm looking for?

Looking for medium feedback.

M4RT1NE2

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
650
Simple system hardening requires configuration? Or does it just install and forget?

I was disappointed with Aomei Backupper yesterday. I had the one year version from a promotion. I could not run the program - it ended up with a blue screen.

I removed it and installed Macrium Reflect Free
 
Last edited:
  • Like
  • Applause
Reactions: Sorrento, franz, silversurfer and 1 other person
L0ckJaw

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
Asterixpl said:
Proste utwardzanie systemu wymaga konfiguracji?. A może po prostu zainstaluj i zapomnij?

Wczoraj byłem rozczarowany Aomei Backupperem. Miałem roczną wersję z promocji. Nie mogłem uruchomić programu - skończyło się niebieskim ekranem.

Usunąłem go i zainstalowałem Macrium Reflect Free
Click to expand...
Install and sometimes check it.

I am using it together with Bitdefender Total Security, rock solid combination.

malwaretips.com

New Update - Simple Windows Hardening

Post updated in September 2024. SWH works with Windows 10 and 11 (all versions including 24H2) SWH ver. 2.1.1.1 - July 2023 (added support for Windows 11 ver. 22H2) https://github.com/AndyFul/Hard_Configurator/raw/master/Simple%20Windows%20Hardening/SimpleWindowsHardening_2111.zip SWH ver...
malwaretips.com malwaretips.com
 
  • Like
Reactions: Sorrento, franz, Trooper and 3 others
silversurfer

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,074
Asterixpl said:
Wouldn't adding simple windows hardening to my security kit be paranoia on my part already ?
Click to expand...

Voodoo Shield free helps to protect in similar way like OS hardening but offers more "features" as real-time protection.
Simple Windows Hardening does work with tweaks only to harden Windows 10/11
Both together it's what we call "overkill" but in my view slightly overkill :D

Asterixpl said:
Yes.
Simple System Hardening requires some special setup ?. Or just install and forget?
Click to expand...
Just turn on SRP. You can may change a few details on Windows Hardening.

SWH.png
 
  • Like
  • +Reputation
Reactions: sypqys, Sorrento, plat and 7 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,236
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
github.com

Hard_Configurator/Simple Windows Hardening at master · AndyFul/Hard_Configurator

GUI to Manage Software Restriction Policies and harden Windows Home OS - AndyFul/Hard_Configurator
github.com github.com
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.
 
  • Like
  • +Reputation
  • Applause
Reactions: Sorrento, plat, Back3 and 8 others
M4RT1NE2

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
650
Gandalf_The_Grey said:
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
github.com

Hard_Configurator/Simple Windows Hardening at master · AndyFul/Hard_Configurator

GUI to Manage Software Restriction Policies and harden Windows Home OS - AndyFul/Hard_Configurator
github.com github.com
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.
Click to expand...

I will leave two for now - VS and SWH. I'll keep watching. I do not use MS Office
 
  • Like
Reactions: Sorrento, franz, silversurfer and 3 others
M4RT1NE2

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
650
As of today, I already have everything I need to work safely on my laptop.
Since I'm with you on the forum, my software has changed completely. I don't mean just laptop security anymore, but also other programs - replacements for the original ones.
Thanks to your advice I managed to make an interesting set
I am pleased with this fact
 
  • Like
  • Applause
Reactions: Brahman, Back3, franz and 5 others
M4RT1NE2

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
650
I set it up but I don't know if it will be a good move - if the pages will work properly. So far so good

Something else to change ?
 
  • Like
Reactions: Kongo and harlan4096
M4RT1NE2

M4RT1NE2

Level 14
Thread author
Verified
Top Poster
Well-known
Mar 19, 2022
650
I used this procedure to disable telemetry in Firefox
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.updatePing.enabled = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false
browser.ping-centre.telemetry = false
toolkit.telemetry.bhrPing.enabled = false
toolkit.telemetry.enabled = false
toolkit.telemetry.firstShutdownPing.enabled = false
toolkit.telemetry.hybridContent.enabled = false
toolkit.telemetry.newProfilePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.shutdownPingSender.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.updatePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.unified = false
toolkit.telemetry.archive.enabled = false
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.bhrPing.enabled = false
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
Click to expand...
 
  • Like
Reactions: sypqys, Sorrento, harlan4096 and 1 other person

Similar threads

Divine_Barakah
    • Like
    • Applause
Advanced Security Divine Barakah's PC Security Config 2024
Replies
97
Views
4,040
PC Setup Configuration Help & Showcase
Divine_Barakah
Divine_Barakah
Smoke
    • Like
Advanced Plus Security Smoke's Security Config 2024
Replies
3
Views
340
PC Setup Configuration Help & Showcase
harlan4096
harlan4096
Gandalf_The_Grey
    • Like
    • Thanks
    • Wow
AV-Comparatives Advanced Threat Protection (ATP) Test 2024
Replies
0
Views
316
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top