Advanced Plus Security Michyon's Lockdown config 2018

Last updated
Jul 26, 2018
Windows Edition
Pro
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Bitdefender 2019 TS. Firewall set to Paranoid. OSArmor 1.4, HitmanPRO Alert, VoodooShield.
Firewall security
Periodic malware scanners
ADW Cleaner, EEK
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox (Latest) configured as shown on www.privacytools.io/ Ublock Orgin, Scriptsafe, (with random fingerprint readout) Privacy Badger, Ghostry, Decentraleyes, HTTPS Everywhere, Netcraft
Maintenance tools
CCleaner, O&O Shutup 10
File and Photo backup
Macrium Free, manual userfolder copy to external drive.
System recovery
Macrium Free

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
Ultra lockdown 2019.

Looking to ensure I have armor against state sponsored attacks, and monitoring. I am concerned about exploits and zero day.

I am hoping this is sufficient for security, but I would like advice from some other fellow pros here on an ultimate lockdown (and settings tweaks)
 

AlanOstaszewski

Level 16
Verified
Top Poster
Malware Hunter
Jul 27, 2017
775
Well, this set of real-time protection doesn't look good. These three programmes overlap strongly and would interfere. In addition, with three programs that have all privileges on the system, you offer a very large attack surface as far as bugs are concerned.
---
I would replace OSArmor with Hard_Configurator (then you could use the SmartScreen filter, which is considered very good) and everything else except Bitdefender I would throw out. Otherwise, everything looks okay.
 

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
Hmm, well all programs are set to exclude one another, I haven't had any stability issues or or speed problems on the PC. I will take a look at Hard Configuator. Question, what is wrong with Bitdefender?
 
  • Like
Reactions: oldschool

Ink

Administrator
Verified
Jan 8, 2011
22,490
Well, this set of real-time protection doesn't look good. These three programmes overlap strongly and would interfere.
Once again, Bitdefender Total Security is redundant. ;)

Hmm, well all programs are set to exclude one another, I haven't had any stability issues or or speed problems on the PC. I will take a look at Hard Configuator. Question, what is wrong with Bitdefender?
You treat Bitdefender as the weakest link, most Bitdefender users end up installing overlapping security. It's a common trend.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Add ZAM Free
The real time protection, seems very heavy, I would stick to just either Bitdefender or VoodooShield. All 3 clog up way tooo much.
Extensions: replace Privacy Possum with Privacy Badger others are great! Nothing else I need to add here.

The rest looks great! Thanks for sharing.

~LDogg
 

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
I suggested leaving Bitdefender, installing H_C and throwing out VoodooShield, HMPA and OSArmor. I rather meant that the setup is overkill.

Yes, Agreed it is overkill. My main concern is if one of the tools were to become compromised or bypassed, I have layered defense. So far everything is playing nicely, no problems for a couple of months.

Once again, Bitdefender Total Security is redundant. ;)


You treat Bitdefender as the weakest link, most Bitdefender users end up installing overlapping security. It's a common trend.

Sorry I think I read his post wrong.

By the way I looked into Hard Configuator, great find! I have already used and enabled "recommended settings" it.
 

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
Add ZAM Free
The real time protection, seems very heavy, I would stick to just either Bitdefender or VoodooShield. All 3 clog up way tooo much.
Extensions: replace Privacy Possum with Privacy Badger others are great! Nothing else I need to add here.

The rest looks great! Thanks for sharing.

~LDogg

Awesome thanks, Yes I do have ZAM and run time to time, didn't have it listed as I don't use it realtime. I do want to say I have a XEON 16 core system, so Perhaps is why I don't notice any problems running this config.

So you believe that Bitdefender is Strong enough standalone to use without VooDooShield?
 

lowdetection

Level 7
Verified
Well-known
Jul 1, 2017
317
As stated above, there is the actual risk of overlapping creating problems, pretty sure that full suite will not go hand in hand with HitmanPro.Alert,

As far as you are not privacy concerned, Google will fit, but be aware of alternatives like startpage and other; in some cases I agree with you, Google is better,

I will suggest using CCleaner only if used alongside winapp2ool.exe for downloading and trimming winapp2.ini, and not the latest versions of CCleaner with embedded telemetry,

Opinion: is a good config, if you work out the overlapping security, and choose some more privacy oriented software/services could be better.

:)
 

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
As stated above, there is the actual risk of overlapping creating problems, pretty sure that full suite will not go hand in hand with HitmanPro.Alert,

As far as you are not privacy concerned, Google will fit, but be aware of alternatives like startpage and other; in some cases I agree with you, Google is better,

I will suggest using CCleaner only if used alongside winapp2ool.exe for downloading and trimming winapp2.ini, and not the latest versions of CCleaner with embedded telemetry,

Opinion: is a good config, if you work out the overlapping security, and choose some more privacy oriented software/services could be better.

:)
I will probably be taking out hitman pro sometime soon. Great suggestion on winapp2 tool i forgot about that gem. The telemetry can be disabled in the lastest versons of CCleaner.
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Just go with bitdefender total security if you have long license. You can replace osarmor with syshardener then

ublock is already doing his job over privacy badger/ ghostery, you wont benefit from them.

Go ublock only or ublock + privacy possum

Https everywhere is no needed nowadays since most browsers take care about it

Heres guide for ublock, so adblocker wont be detected
Nano Defender

Huge vouch for scriptsafe that you have already added
 

lowdetection

Level 7
Verified
Well-known
Jul 1, 2017
317
Also, one aspect that you may will to explore, is building your own PiHole, could be a nice device to monitor your traffic, and not only for Windows, I employ it as first screening line, you will see that many apps ignore the fact, and stilly try to do a DNS resolution upstream, :)

Now that I review your config, and I read Firefox, I will disable the ScriptSafe protection for Canvas FingerPrinting and use instead this: kkapsner/CanvasBlocker

btw, you can find the tool here, is faster compared to the old trim.bat,
MoscaDotTo/Winapp2

be aware of this also, [Winapp2ool] False positives with several anti-virus · Issue #199 · MoscaDotTo/Winapp2, some AVs don't like it : P

Regards,
 
Last edited:
I

illumination

Illuminations recommendation on Safe surfing Habits...

-Knowledge: This should be the base of any good security configuration. Learning safer habits and utilizing your security as a "just in case" instead of trying to use many layers of applications to make up for lack of understanding.

-This should include the following aspects.

1. Be leery of clicking links especially in email or instant messages. Verify URL's, not only by manually looking at them, but also running them through URL scanners such as the one at Virus Total. If you are unsure still, the best course of action is to not click that link.

Bookmark important sites: A misspelled address could take you to a false site that mirrors the site you intended to go to. A book marked address will take you to the same site every time.

Passwords: In general you would be better off utilizing one of the many password managers, but as it often sometimes is, most average users do not, or can not, so keep this little bit of information in mind if this is the case.
Do not use the same password for all sites, if you are limited on what you can remember then please make sure to be careful and not use the same password for any of the sites you frequent as the ones you use for your email. If the site is to be breached, you would not want them to gain access to your email via same used passwords. Passwords should be strong, hard to guess or crack, password managers all have generators built in for building and storing strong passwords.

2. Updates/Patches:
Run maintenance on your system as you would a vehicle, consider it preventive maintenance. Always make sure to keep your system and applications patched. These patches and updates are for a good reason, they are plugging holes in your surface of attack. While i recommend keeping patched always, i would also state to do your research on certain updates for the OS/drivers/applications before applying, make sure there is not a fresh set of new bugs to contend with that are worse then what they are patching, this happens more often then most realize.

If you limit the amount of 3rd party applications on your system, you also limit the time doing maintenance, you limit the amount of freshly introduced bugs, and you keep your surface of attack smaller, and in the end, your machine will thank you for it by running better and being more enjoyable.

3. Back ups:
This is more important then security. No security out there can achieve 100% protection, if they could, they would already have a monopoly on the market and would have run all others out of business. Prepare for the worst, strive for the best.

Personal items are of the utmost important files on your system, once lost, they can not be replaced. Backing up externally or into the cloud "both recommended by me", so as to ensure you always have a copy of it obtainable. If something were to happen, you lose nothing this way, and can start freshly if needed.

Using images to create snapshots of your system works well for those who neither have the knowledge or time to repair/wipe a system. Windows has a built in option, although there are 3rd party options. It is a good idea also to keep on hand Microsofts media creation tool burnt to a flash drive, updated when needed. With this you can run repairs or wipe the system and build it from a clean install, which after a nasty infection, is always recommended to ensure you have eradicated the issue.

4. Security:
It has always been recommended for users to try applications for themselves. These products all have trials "most of them anyway", for this very reason. Test drive them for a couple weeks, does it fit your uses, is it running ok on your system and resources, are you comfortable with the settings and layout to get around and adjust it as necessary.

Learning the product is recommended here. Most throw them on with default settings and never venture in to settings to realize there is much more then meets the eye. Google search is handy for learning these, as are the manuals most of the products companies produce and are freely accessible. Watching youtube videos of a product will not help you decide what is best for you. You need to experience the product and settings to fully grasp it.

Understand you are a home user, and you are not targeted like corporations and businesses. The chances of you seeing sophisticated attacks and malware on that level are quite slim. There is no need for paranoia when you cover your basics, keep everything patched, backed up, use caution/safe habits when surfing.

Be careful what you divulge to websites "personal information", these as seen in the news are not as secured as they should be, once your information is in someone else's hands, anything can happen to it.

Know that the more security you pile on your system, the chances of incompatibilities/bugs arise and issues may occur. Finding a proper balance of application to knowledge ratio is fully recommended.

Hope this helps others...

~illumination
 
Last edited by a moderator:

Michyon

Level 2
Thread author
Verified
May 18, 2018
50
I wanted to add guys, HitManProAlert has anti keylogging. That is the primary reason I use it. I have not yet seen great protection with bitdefender in regards to anti keylogging. Would anyone have any suggestions on what would alternatively be effective?
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Awesome thanks, Yes I do have ZAM and run time to time, didn't have it listed as I don't use it realtime. I do want to say I have a XEON 16 core system, so Perhaps is why I don't notice any problems running this config.

So you believe that Bitdefender is Strong enough standalone to use without VooDooShield?

Bitdefender is, but VoodooShield is lot more powerful. Paired with Malwarebytes Browser Extension + uBlock Origin w/ decent filter lists you should be good to go!!

~LDogg
 
  • Like
Reactions: oldschool

slash/

Level 6
Verified
Jun 24, 2018
277
So you believe that Bitdefender is Strong enough standalone to use without VooDooShield?
They will provide different protection. Bitdefender will give you the whole onslaught;
t.JPG


VS is just an anti-executable.
 
  • Like
Reactions: oldschool

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,485
Thanks for sharing mate!
  • I suggest LastPass as a password manager. Take into account the longtitude of the password is only one of the needed parameters for secure passwords. Remember to include symbole, numbers, non-existant words. Random weird passwords :D Lastpass can help you here by generating them and avoiding saving them on the browser, which is strongly not recommended.
  • Stay either with BitDefender and nothing else, or everything else and not BitDefender. If you choose BD, you can freely tweak for maximum protection.
I wanted to add guys, HitManProAlert has anti keylogging. That is the primary reason I use it. I have not yet seen great protection with bitdefender in regards to anti keylogging. Would anyone have any suggestions on what would alternatively be effective?
Do not fear keyloggers :) As long as you have BitDefender you will rarely get infected by a keylogger (malware which I haven't seen in a while). If you fear getting monitored even through BitDefender then you start stacking your resources with software, don't. If you ever get targeted most probably with this antivirus and your browser protection it will be mitigated. And if it was zero-day keylogger, trust me, none of the aforementioned will help you.

Stay safe :)
 

lowdetection

Level 7
Verified
Well-known
Jul 1, 2017
317
I doubt someone deploying a 0day keylogger for people without a reason, but in case happen:

this is a 0day keylogger I use for testing if the module of Hitman.Pro Alert work fine with keystroke encryption, being a tester for years I saw also builds where wasn't working fine. :)

Bad guys, also add the part used for remote upload the keystrokes, screen, to places like pastebin, this one I am pretty sure of what does because I compiled it inside VisualStudio.

hWAeGC7.png


Everything stay local, and at the end is stored into a logfile on my pc only, no network activity.

Remember that the keystroke encryption is offered for browsers, not for Notepad++ for example, in the case you want protect other programs there are better products.

NTpBbq2.png


Basically what you typed inside the browser will be almost unreadable, even if...

IrbQWMw.png


As you can see, keystrokes encryption only, leave a good margin for someone who is studying us to know where we where, this keylogger log also other things, and thinking about what we are doing, but in my opinion is a sufficient protection, maybe in future Hitman.Pro Alert would allow to add a keystroke encryption layer per application basis?

I really hope.

GX6Vg0e.png
 
Last edited:
  • Like
Reactions: harlan4096

harlan4096

Super Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,915
I agree with the most comments before, it seems overkill to have all these products running at the same time:
Bitdefender 2019 TS. Firewall set to Paranoid. OSArmor 1.4, HitmanPRO Alert, VoodooShield
I would stay with BD2019, HitManPro for on demand scanning, and probably OSArmor...

Thanks for sharing :giggle:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top