Basic Security Moonhorse's config 2018

Moonhorse · Oct 28, 2018

oldschool said:
I don't think so. It's been around for a while. But why would you?

Ransomoff doesnt have and syshardener is just to disable scripts so im missing anti-exploit right? And do windows defender really do anything there?

I can set up OSA wich have anti-exploit section, but how is syshardener even equal to that

Windows file protection, but is that an anti-exploit at all

sorry im so lost right now

Its kinda funny as it blocks process, it marks it as ransomware instead of threat or something

Question 2:
- is this an default deny? And if so how effective

oldschool · Oct 28, 2018

First, are you using ConfigureDefender? It's the only way I would use WD to make the most of its capabilities, in which case you don't need RansomOff. Then I would consider what you are comfortable using along side WD. I prefer Hard_Configurator as it's user-friendly in Defaul-Deny setup the way Andy has it configured. Some prefer SysHardener. MBAE will give you browser and application protection. If you wish to use OSA with SysHardener then go to those threads and seek advice on how to best combine them for your needs.

Moonhorse · Oct 28, 2018

oldschool said:
First, are you using ConfigureDefender? It's the only way I would use WD to make the most of its capabilities, in which case you don't need RansomOff. Then I would consider what you are comfortable using along side WD. I prefer Hard_Configurator as it's user-friendly in Defaul-Deny setup the way Andy has it configured. Some prefer SysHardener. MBAE will give you browser and application protection. If you wish to use OSA with SysHardener then go to those threads and seek advice on how to best combine them for your needs.

I dont use configuredefender.

I have disabled everything in syshardener
I have complete lockout with ransomoff
Anti-exploit from malwarebytes
Windows defender as basic antivirus

Currently it feels its me whos dominating the computer and decide what it will run or not to. Untrusted files it will automatically block so i just add everything i need to trusted files and rest are locked

For me it seems everything is perfect for now, tomorrow maybe not...welll see

Weird thing; had to manually add chrome to MBAE

Deleted Member 3a5v73x · Oct 28, 2018

Moonhorse said:
Weird thing; had to manually add chrome to MBAE

MBAE 1.12.1.124 has removed default Chrome shield.

Chrome decides it wants to remove MB Anti Exploit

Moonhorse · Oct 28, 2018

davisd said:
MBAE 1.12.1.124 has removed default Chrome shield.

Chrome decides it wants to remove MB Anti Exploit

This explains alot, after reboot the MBAE will reset chrome shields that you had added

Moonhorse · Oct 31, 2018

Update:
- removed ransomOFF ( its too complicated, bit buggy. Even in simple mode it will block most installers and its too complicated to create those rules )
- Removed MBAE (redundant)
+ added RE:hips free back ( disabled chrome isolation) + running in learning mode

So my setup is just WD+Syshardener (max) + Re:hips from now.

+ also added brave browser, since they allow extensions from chrome webstore, its probably best chrome alternative and has decent privacy protection aswell

oldschool · Oct 31, 2018

Nice. Thanks for sharing!

Moonhorse · Oct 31, 2018

Actually i just updated my conf:
+ windows defender replaced with forticlient
+ brave is buggy, rather use firefox nightly as privacy browser
+ duckduckgo as searchengine

- removed malwarebytes ( false positives on finnish goverment sites)
- removed bitwarden ( realized i only sign in to MalwareTips

)

LDogg · Oct 31, 2018

Change more software then I change clothes, I like it

~LDogg

oldschool · Oct 31, 2018

LDogg said:
Change more software then I change clothes, I like it

~LDogg

My head is spinning!

I can barely keep up with @Moonhorse!

LDogg · Oct 31, 2018

oldschool said:
My head is spinning! I can barely keep up with @Moonhorse!

I know mate. It's good to see him change though and see what goes well.

~LDogg

Moonhorse · Nov 1, 2018

Update:
- Removed forticlient + free:hips ( probably conflicted)

Added
+Windows defender ( sandbox)
+Syshardener ( max )
+Osa (default+ some ruleblocking)

This is probably the most simple setup

Chrome as mainbrowser
- nano adblocker
- nano defender
- netcraft

Safety first > probably no need to be scared about privacy when using google services

Only thing im wondering is adding bitdefender trafficlight

This is permanent setup for now,

Some pictures:

Only thing i really didnt disable is just hidden files + prefetch service

Nestor · Nov 1, 2018

Moonhorse said:
Update:
- Removed forticlient + free:hips ( probably conflicted)

Added
+Windows defender ( sandbox)
+Syshardener ( max )
+Osa (default+ some ruleblocking)

This is probably the most simple setup

Chrome as mainbrowser
- nano adblocker
- nano defender
- netcraft

Safety first > probably no need to be scared about privacy when using google services

Only thing im wondering is adding bitdefender trafficlight

This is permanent setup for now,

Some pictures:

View attachment 200608 View attachment 200609 View attachment 200610

Only thing i really didnt disable is just hidden files + prefetch service

That's a good config but I would choose instead of WD ,KFA.I don't trust WD, even nowadays, instead KFA seems to be the safest choice.

LDogg · Nov 1, 2018

Sensible changes. Always best to remove things or change settings that conflict.

~LDogg

Moonhorse · Nov 1, 2018

Update: Swapping Windows defender to Kaspersky free antivirus ( cloud probably has bugs fixed but kfa probably more stable choise)

Nestor said:
That's a good config but I would choose instead of WD ,KFA.I don't trust WD, even nowadays, instead KFA seems to be the safest choice.

KFA is probably the best standalone antivirus choise, and the web filter of kaspersky will save me from installing more extensions. On malwarehub its indeed performing best so i think im gonna install it instead of WD as you request. Cruel aswell 'recommends' it

LDogg said:
Sensible changes. Always best to remove things or change settings that conflict.

~LDogg

I think ransomOFF remnants and the uninstalling process caused many problems there aswell. Re:hips is nice, but as umbra said its only worthy over OSA with isolation feature that i dont have when im using google chrome.

oldschool · Nov 1, 2018

Head still spinning...

! Good luck!

Moonhorse · Nov 1, 2018

oldschool said:
Head still spinning... ! Good luck!

Cheers and kaspersky gotremoved and replaced with windows defender

I just remember why did i uninstalled kaspersky before, because of the rootkit scanning thats running all the time
Also the threat removing of false positive took an year. And the brave fp has existed for month it seems

harlan4096 · Nov 1, 2018

You can disable rootkit scanning just with 1 click in Performance settings...

LDogg · Nov 1, 2018

Wonder what the next change is going to be hehe

~LDogg

Moonhorse · Nov 2, 2018

LDogg said:
Wonder what the next change is going to be hehe

~LDogg

This

Not sure would i benefit any of this or just get annoyed

Syshardener = firewall rules, script blocking, disable un-used windows services
OSA = anti-exploit , post protection
Comodo = default deny+ sandbox ^ Cruel said theres no benefit from using OSA along with cf, but CCAV only has browser protection, i dont think theres any problem running OSA with any sw

Basic Security Moonhorse's config 2018

Level 37

Level 82

Level 37

Deleted Member 3a5v73x

Level 37

Level 37

Level 82

Level 37

Level 33

Level 82

Level 33

Level 37

Level 9

Level 33

Level 37

Level 82

Level 37

Moderator

Level 33

Level 37

Similar threads