Advanced Security Morro Security Config 2024

Last updated
Sep 21, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
Real-time security
Microsoft Defender with Configure Defender set to High.
Firewall security
Microsoft Defender Firewall with Advanced Security
About custom security
I also use WHHLight with SWH+Smart screen Block and his Firewall Hardening.
Periodic malware scanners
* On demand scanners: Norton Power Eraser — EEK.
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Brave — Main
Firefox: Secondary

— In Brave I now use uBlock Lite and uBlock Origin in Firefox.
— SafeToOpen Online Security in Brave / F-Secure ext in FF
— KeePassXC
— Popup Blocker (Strict)
— Dark View
— Bonjourr Minimalistic Startpage

Exploit settings:

Block low integrity images — ON
Block remote images — ON
Block untrusted fonts — ON
Control flow guard (CFG) — ON
Data execution prevention (DEP) — ON + Enable thunk emulation — CHECKED
Disable extension points — ON
Force randomization for images (Mandatory ASLR) — ON + Do not allow stripped images — CHECKED
Randomize memory allocations (Bottom-up ASLR) — ON
Validate exception chains (SEHOP) — ON
Validate handle usage — ON
Validate heap integrity — ON
Validate image dependency integrity — ON
Secure DNS
Quad9
Desktop VPN
None
Password manager
Brave: KeePassXC
Firefox: KeePassXC
Maintenance tools
* Windows own tools.
* Wise Diskcleaner.
* Driver Store Explorer
* For software updates, I run this command once a week in Powershell.

winget upgrade --all --include-unknown --accept-package-agreements --accept-source-agreements
File and Photo backup
I started doing this manually to my external HD quit a while ago. And removed OneDrive about a week ago with AppBuster.
Subscriptions
    • None
System recovery
* Hasleo Backup Suite Free.
* External Hard Drive.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Downloading software and files from reputable sites
    • Gaming
Computer specs
* Operating System: Windows 11 Pro
* Motherboard: B560 ATX Wi-Fi / 1200 Socket (ATX)
* Processor: Intel i9 11900K - 8 cores - 16 threads - 3,5 GHz (Turbo 5,3 GHz)
* CPU Cooler: Master Liquid 240mm RGB(Active.) Air Cooling. (Passive.)
* SSD: 1TB M2.0 NVMe (Read: 3500MB/s, Write: 2700MB/s)
* External 5 TB WD Elements 25A3 USB Device
* RAM: RGB 32GB DDR4-3200 MHz (2x 16GB)
* Graphics card: Nvidia RTX 4060 8GB
* AOC Q27G2S - QHD IPS 165Hz Gaming Monitor - 27 Inch
* Outer casing: Sharkoon REV100
* Power: 750Watt - 80Plus GOLD
* Lan: Realtek 2.5 Gbps
* Sound: Realtek ALC892
* USB: 11 ports (Of different kinds.)
What I'm looking for?

Looking for medium feedback.

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
Changed backup program from Hasleo backup Free back to Aomei Backupper Pro. Not because Hasleo is a bad piece of software, because it is absolutely not. (y) But actually for very simple reasons. One of those reasons is that NPE kept showing me a warning about Hasleo, and since NPE does not allow me to exclude files/programs, it was a bit annoying. Combined with the fact that I just got my PC back a short while ago, and Hasleo had not made that many backups yet, it was in my opinion not so bad to go back to Aomei Backupper Pro. :D

Everything else of my security setup is still the same.
 

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
I made a few changes the past few days.

* I had to remove Cloudflare WARP, and replace it with their regular Cloudflare DNS. (Also very fast.) Before the last update from Cloudflare WARP it was working perfectly, but after the latest update I noticed that more and more programs started to become extremely slow to start... or they froze while starting. (Like MSI Center.) Also some websites refused to work properly at times, or did not allow me to register because I used a VPN? After switching to normal Cloudflare DNS (1.1.1.1 for now.) everything works again as it should.

* I stopped using Aomei Backupper Pro, damn it has become so freaking slow for me. Incremental backups took a freaking 1 and a half hours (Or more in some cases.) to finish a incremental backup of 4 to 10 GB. Hasleo Backup Suite Free does the same thing in 2 to 4 minutes.

* I started using Opera One as my Secondary browser. Well secondary for now at least, because I have to admit that it is growing rapidly on me. So who knows, I might make it my main browser in a few days, and then use Brave as backup. (I have not decided yet. :) )

Waterfox is still installed, so that is why I left everything Waterfox related in my security setup.
 

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
For reasons that take too long to explain here, I had to change my security setup. :( It was a pain in the but doing that, and let's just say that March 2025 can not come soon enough. (At that time I can return to using SpyNetGirls Hardening guide again.)

So I had to change my setup until I can change things back as mentioned just above, I am back to using BitDefender Total Security. (After testing a few days of what I could use.) After installing BDTS I noticed that I still had everything from WHHLight activated. But in the Thread for WHHLight LennyFox already that since WHHLight allowed BDTS to install, it would likely allow updates to BDTS. And so far it did indeed update.

But do I actually need all 3 modes active or not? Does it add an extra security layer, or is it partially redundant to have all 3 modes active in WHHLight now?
 

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
Small update I almost forgot to make. :)

As some may already know, I now use Brave Shields in Brave itself.

And I as of today I use Adguard in Opera One. I did try that out already a short while ago, but I saw some things happen on YouTube while visiting channels I follow. They would not load correctly, and today I found out that it actually was Dandelion's Annoyances List causing that to happen? I can not remember ever activating that list, yet it was? Anyway, after I deactivated that list all the YT channels loaded as they should, and as such there was no reason for me not to switch to Adguard. :)

Although I still hope there will be a uBlock Origin version for Mv3 in the near future. :unsure:
 
A

Azazel

Small update I almost forgot to make. :)

As some may already know, I now use Brave Shields in Brave itself.

And I as of today I use Adguard in Opera One. I did try that out already a short while ago, but I saw some things happen on YouTube while visiting channels I follow. They would not load correctly, and today I found out that it actually was Dandelion's Annoyances List causing that to happen? I can not remember ever activating that list, yet it was? Anyway, after I deactivated that list all the YT channels loaded as they should, and as such there was no reason for me not to switch to Adguard. :)

Although I still hope there will be a uBlock Origin version for Mv3 in the near future. :unsure:
The developer said it won't make a fully featured uBlock Origin. He will only support uBlock Origin Lite.
 

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
I found out my modem does have firewall capabilities (Basic I guess, but still.)


So I updated my Security setup to change network firewall to 'enabled'.
 
F

ForgottenSeer 107474

I found out my modem does have firewall capabilities (Basic I guess, but still.)


So I updated my Security setup to change network firewall to 'enabled'.
I downloaded the manual. The firewall has some advanced content filtering (like blocking cookies, java applets and activeX). You could enable IP flood and Port Scan protection, but do NOT block fragmented packets. Fragmented packets are misused like a lot of stuff, but as @TairikuOkami warned it can break a lot of services which send large chunks of data. Fragmented packets are completely normal packets used for splitting traffic in smaller pieces when it exceeds maximum length (compare it with how modern phones send several sms when you type to much text).
 

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
I downloaded the manual. The firewall has some advanced content filtering (like blocking cookies, java applets and activeX). You could enable IP flood and Port Scan protection, but do NOT block fragmented packets. Fragmented packets are misused like a lot of stuff, but as @TairikuOkami warned it can break a lot of services which send large chunks of data. Fragmented packets are completely normal packets used for splitting traffic in smaller pieces when it exceeds maximum length (compare it with how modern phones send several sms when you type to much text).

Thank you for the warning. :D (y)
 
  • Like
Reactions: Gandalf_The_Grey

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
* Switched from BDTS to the new version of Ziggo Safe Online. It is actually F-Secure 19.5, just rebranded for my IP provider. (I have my reasons for the switch, my wife still uses BDTS. :) )

I must say that I am pleasantly surprised about the new look of the GUI, looks excellent right now. And the addition of the ID check and password manager is a really nice touch. Although I am not sure yet if I will use the Password manager, but I will see. :) As for Amazon route through, well that seems to go through a server in Dublin, so I am not that concerned. Besides, I have nothing to hide from them.

* Switched from Cloudflare DNS to DNS0.EU.
* Switched from Opera One to Firefox.
* I also use WHHLight with SWH+Smart screen Block and also his Firewall Hardening.
* A while ago I removed WingetUI and since then, for software updates, I run the command I mention under Maintenance once a week in PowerShell.

* EDIT: Forgot to show the change that for Windows, I only allow Security updates at the moment.
 
Last edited:

Morro

Level 18
Thread author
Verified
Top Poster
Well-known
Jul 8, 2012
890
Well, thankfully I was finally able to return to what I like. (Despite that they do a few things that belong in the category … not so nice.)

* As of today I am back to Microsoft Defender combined with Configure Defender set to High mode. :)
* Switched from AdGuard to uBlock Lite in Brave. The reason is that the new version of AdGuard was not working for me on a lot of websites?
* Deleted my online account for Bitwarden, and then removed the extension for it. (After having made a backup of the vault.)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top