Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Setup
PC Setup Configuration Help & Showcase
M4RT1NE2 Security Configuration 2024
Message
<blockquote data-quote="Gandalf_The_Grey" data-source="post: 984365" data-attributes="member: 52096"><p>I agree with [USER=26718]@silversurfer[/USER] it's a little bit overkill and it depends on what you want.</p><p></p><p>Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.</p><p>From Andy's GitHub page:</p><p>[SPOILER="Quick configuration"]</p><ol> <li data-xf-list-type="ol">Run SWH - the restrictions are automatically configured.</li> <li data-xf-list-type="ol">Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.</li> <li data-xf-list-type="ol">If MS Office is installed, then it is recommendable to make some additional hardening:<ul> <li data-xf-list-type="ul">open Excel and block macros without notification (do it on each user account),</li> <li data-xf-list-type="ul">apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).</li> <li data-xf-list-type="ul">This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: <a href="https://github.com/AndyFul/ConfigureDefender/tree/master/H_C_HardeningTools" target="_blank">ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender</a></li> </ul></li> <li data-xf-list-type="ol">If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).</li> </ol><p>Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.</p><p>[URL unfurl="true"]https://github.com/AndyFul/Hard_Configurator/tree/master/Simple%20Windows%20Hardening[/URL][/SPOILER]</p><p>VoodooShield is active protection and will inform you when something gets blocked.</p><p></p><p>I would choose one or the other.</p></blockquote><p></p>
[QUOTE="Gandalf_The_Grey, post: 984365, member: 52096"] I agree with [USER=26718]@silversurfer[/USER] it's a little bit overkill and it depends on what you want. Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs. From Andy's GitHub page: [SPOILER="Quick configuration"] [LIST=1] [*]Run SWH - the restrictions are automatically configured. [*]Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH. [*]If MS Office is installed, then it is recommendable to make some additional hardening: [LIST] [*]open Excel and block macros without notification (do it on each user account), [*]apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions). [*]This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: [URL='https://github.com/AndyFul/ConfigureDefender/tree/master/H_C_HardeningTools']ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender[/URL] [/LIST] [*]If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit). [/LIST] Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it. [URL unfurl="true"]https://github.com/AndyFul/Hard_Configurator/tree/master/Simple%20Windows%20Hardening[/URL][/SPOILER] VoodooShield is active protection and will inform you when something gets blocked. I would choose one or the other. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
