Advanced Plus Security mkoundo laptop Security Config 2019

Last updated
Dec 25, 2019
Windows Edition
Home
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Emsisoft Antimalware
Hard_Configurator [OS & firewall hardening]
Firewall security
Microsoft Defender Firewall
About custom security
Emsisoft [default]
Hard_Configurator [@Andy Ful recommended enhanced & recommended firewall hardening ]
Periodic malware scanners
On demand scanners:
  • malwarebytes antimalware free
  • Hitman Pro free
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Hardened Chrome
  • ublock origin in medium mode
chrome://flags

- Anonymize local IPs exposed by WebRTC.
- Extension Content Verification - Enforce Strict
- Reduce default 'referer' header granularity.
- Block scripts loaded via document.write
- TLS 1.3 hardening for local anchors
- Enable GPU AppContainer Lockdown.
- Treat risky downloads over insecure connections as active mixed content
- Strict-Origin-Isolation
- Show Safety Tip UI when visiting low-reputation websites
- Secure DNS lookups
- Password Leak Detection
Maintenance tools
  • gpg encryption
  • bandizip archiver
  • notepad++
File and Photo backup
  • macrium reflect free
System recovery
macrium reflect free
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
Dell xps 13 9380
i5-8265U
UHD Graphics 620
8GB DDR3
256GB SSD

my phone:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
...
p.s. the current H_C configuration disables microsoft office macros. What should I do to temporarily enable macros to run in my spreadsheets?

thanks again
Thanks.:giggle:
You can enable macros by setting <Documents Anti-Exploit> to "Adobe" or "OFF". The first setting will harden only Adobe Reader (XI or DC). Next, use SwitchDefaultDeny tool to run "Documents Anti-Exploit" and set <MS Office> to ON1.
Finally, run Excel and allow macros with notification via:
Trust Center > Trust Center Settings > Macro Settings > Disable all macros with notification.

The above config will still harden the MS Office applications except for Excel macros.
The ON1 settings in "Documents Anti-Exploit" works for the particular User Account. If you want to harden another account, then the procedure must be repeated from it.(y)
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Unless you know W/Firewall well, I would suggest an additional piece of software called Tinywall, under 2MB to download, easy learning curve, plenty of YouTube video to watch and stop the various threat below:

  1. Ransomware: Some ransomware must contact the C&C server before any encryption can take place. So, you get an outbound connection alert when ransomware runs. Block it and it won't be able to harm your data.
  2. Keyloggers: They can log almost anything. Problem occurs when the recorded data is transmitted to the cyber criminals who can misuse it. Damage can be prevented if you stop any malicious connection to happen from your end.
  3. Remote Access Trojan (RAT): Some RATs will operate by injecting directly into a legitimate Windows process like svchost, using this to connect out instead of some other executable that can be grossly apparent. Firewalls will not only block the hollowed process from connecting out, but they do it silently with any user input.
The rest looks simple and efficient!

~LDogg
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
beta tested the v3, i wasnt super fond of it, what you think about it? (i still prefer the ex-binisoft/Malwarebytes Windows Firewall Control, more granular to me)
MWFC is a great piece of software but if it blocks something the user doesn't understand, it can be a complete nightmare. I think for ease of use and minute amount of memory being used, I've always (now) suggested Tinywall.

~LDogg
 

mkoundo

Level 8
Thread author
Verified
Well-known
Jul 21, 2017
358
Removed
  • Avast free antivirus
  • Aomei Backupper (liking macrium very much....system restore in under 3 min!)
  • Zemana (started flagging foobar2k which I've been using for nearly 20 years....no thanks)
Added
  • Emsisoft Antimalware (default settings) - @Umbra & @oldschool convinced me....so far it's running very smoothly
Tweaked
  • H_C changed to profile "windows 10 recommended enhanced"
(y)(y):emoji_beer:
 

mkoundo

Level 8
Thread author
Verified
Well-known
Jul 21, 2017
358
Removed
  • Adguard browser extension
Added
  • Ublock origin - medium mode
1577256985643.png
1577257005692.png
1577257024650.png

1577294906169.png
Tweaked
  • Hardened Chrome
chrome://flags

- Anonymize local IPs exposed by WebRTC.
- Extension Content Verification - Enforce Strict
- Reduce default 'referer' header granularity.
- Block scripts loaded via document.write
- TLS 1.3 hardening for local anchors
- Enable GPU AppContainer Lockdown.
- Treat risky downloads over insecure connections as active mixed content
- Strict-Origin-Isolation
- Show Safety Tip UI when visiting low-reputation websites
- Secure DNS lookups
- Password Leak Detection
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top