Advanced Security Morro Security Config 2024

Last updated
Feb 26, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
On
Network firewall
Disabled
Real-time security
Microsoft Defender
Firewall security
Microsoft Defender Firewall
About custom security
Periodic malware scanners
* On demand scanners: MS Safety Scanner - Norton Power Eraser - EEK.
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Brave - Main
Waterfox: Secondary

- uBlock Origin in Medium Mode
- SafeToOpen Online Security
- Bitwarden
- Popup Blocker (Strict)
- Dark Reader

Exploit settings:

Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

about:config tweaks (Some were already set.)

- network.dns.echconfig.enabled = true
- network.dns.use_https_rr_as_altsvc = true
- pdfjs.enableScripting = false
- browser.send_pings = false (Was already set to false?)
- plugin.scan.plid.all = false
- browser.urlbar.speculativeConnect.enabled = false
- dom.event.clipboardevents.enabled = false
- dom.webnotifications.enabled = false
- browser.urlbar.groupLabels.enabled = false
- media.navigator.enabled = false
- media.peerconnection.enabled = false
- network.prefetch-next = false
- beacon.enabled = false
- network.IDN_show_punycode = true
- geo.enabled = false
- browser.cache.offline.enable = false
- browser.newtabpage.activity-stream.feeds.telemetry = false
- browser.ping-centre.telemetry = false
- browser.tabs.crashReporting.sendReport = false
- toolkit.telemetry.enabled = false
- toolkit.telemetry.server (URL removed)
- toolkit.telemetry.unified = false
- extensions.pocket.enabled = false
- security.ssl.require_safe_negotiation = true
Secure DNS
Cloudflare WARP.
Desktop VPN
None
Password manager
Brave: Bitwarden
Waterfox: Bitwarden
Maintenance tools
* Windows own tools.
* Wise Diskcleaner.
* WingetUI
File and Photo backup
OneDrive.
Active subscriptions
    • None
System recovery
* Aomei Backupper Pro.
* External Hard Drive.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Downloading software and files from reputable sites
    • Gaming
Computer specs
* Operating System: Windows 11 Pro
* Motherboard: B560 ATX Wi-Fi / 1200 Socket (ATX)
* Processor: Intel i9 11900K - 8 cores - 16 threads - 3,5 GHz (Turbo 5,3 GHz)
* CPU Cooler: Master Liquid 240mm RGB(Active.) Air Cooling. (Passive.)
* SSD: 1TB M2.0 NVMe (Read: 3500MB/s, Write: 2700MB/s)
* External 5 TB WD Elements 25A3 USB Device
* RAM: RGB 32GB DDR4-3200 MHz (2x 16GB)
* Graphics card: Nvidia RTX 4060 8GB
* AOC Q27G2S - QHD IPS 165Hz Gaming Monitor - 27 Inch
* Outer casing: Sharkoon REV100
* Power: 750Watt - 80Plus GOLD
* Lan: Realtek 2.5 Gbps
* Sound: Realtek ALC892
* USB: 11 ports (Of different kinds.)
What I'm looking for?

Looking for medium feedback.

Morro

Level 16
Thread author
Verified
Well-known
Jul 8, 2012
788
Changed backup program from Hasleo backup Free back to Aomei Backupper Pro. Not because Hasleo is a bad piece of software, because it is absolutely not. (y) But actually for very simple reasons. One of those reasons is that NPE kept showing me a warning about Hasleo, and since NPE does not allow me to exclude files/programs, it was a bit annoying. Combined with the fact that I just got my PC back a short while ago, and Hasleo had not made that many backups yet, it was in my opinion not so bad to go back to Aomei Backupper Pro. :D

Everything else of my security setup is still the same.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top