Advanced Plus Security Numeriku's Security Configuration 2022

Last updated
Aug 9, 2022
Use case
For personal use
Shared with
No one
Desktop OS
Windows 10
Windows OS SKU
Home
Login Unlock
    • Passwordless PIN or Biometrics
Sign-in with
Microsoft account
Primary user
Administrator rights - Full permissions that can perform harmful changes
OS updates
Automatic updates
Windows UAC
Always notify
Network firewall
Always-on protection
Avast Premium Security (Hardened Mode)
ISP - Issued router flashed with dd-wrt with wifi disabled & connected using an ethernet cable to the pc.
Firewall
Third-party App Firewall. (Details shared below)
Custom RT/Firewall security
Firewall Hardening by Andyful (lolbins)
O&O ShutUp10++ - All on recommended set.
Simple Windows Hardening.
Memory Integrity is turned on.
Malware testing
No malware samples
Periodic scanning
Norton Power Eraser
Emsisoft Emergency Kit
Secure DNS
Real Site by Avast
VPN
Avast Secureline VPN
Password manager
Bitwarden
Browsers and Extensions
Chrome with ublock origin.
Search - duckduckgo
Utilities for Maintenance
Hibit Uninstaller Tools to clean pc monthly.
Files & Photos backup
Google Drive
Files & Photos backup routine
Manual
Emergency recovery plan
Create a bi-monthly backup using macrium reflect free uploaded to hetzner storage box so if my machine ever gets infected and unusable, I won't lose everything.
Integrity of recovery plan
Tasks performed
    • Browsing the web
    • Receiving, sending and opening email attachments
    • Buying goods from online stores, entering card details and addresses
    • Logging into personal banking to check statements and payments
    • Downloading software from reputable sites
    • Sharing and receiving files and torrents
    • Watching movies and TV series via subscriptions
    • Streaming audio and videos from sites
Computer specs
  • Acer Predator G3-710
  • Intel Core i7 6700 @ 3.40GHz
  • NVIDIA GeForce GTX 970
  • 32.0GB Dual-Channel DDR4
  • 238GB LITEON CV1-8B256 (SATA (SSD))
    1863GB Seagate ST2000DM008-2FR102 (SATA (SSD))
Notable changes
  1. Added simple windows hardening (thank you securekongo)
  2. Downgraded back to windows 10
  3. Removed winaero tweaker.
  4. Switched to next DNS from cloudflare dns
  5. Added Checkmal's Appcheck
  6. Switched search from google to duckduckgo
  7. Switched back again to cloudflare dns.
  8. Switched back search to google
  9. Removed appcheck anti ransomware.
  10. Added NeuShield Data Sentinel
  11. Replaced NeuShield Data Sentinel with Kaspersky's anti ransomware tool
  12. Removed KART and F-Secure, replaced with Avast Premium Security.
Feedback response

I am partially satisfied. General feedback is greatly appreciated, to make improvements to my overall security / privacy.

Numeriku

Level 2
Thread author
Mar 13, 2022
59
I do agree that NextDNS is a great option. Unfortunately, my ISP provided router does not support changing the DNS. Thus, add NextDNS manually to secure DNS settings in my browsers. The windows client had DNS leak issues for me. Apparently, my ISP is so aggressive against changing DNS.

NextDNS with Osid filter is superb.
Flashing router with dd-wrt, is not an option? Yeah, I have next DNS on my other router with oisd list for phones, smart tv & consoles.
 
  • Like
Reactions: ForgottenSeer 94943
F

ForgottenSeer 94943

Flashing router with dd-wrt, is not an option? Yeah, I have next DNS on my other router with oisd list for phones, smart tv & consoles.
As I mentioned the router is provided by my ISP and apparently they locked it down. I do not have admin privileges, instead they gave me user rights. It is a Kasada router btw. Fortunately, I can always use NextDNS via DNS over HTTPS in my browsers.
 

CyberTech

Level 38
Verified
Top poster
Well-known
Nov 10, 2017
2,740
Unfortunately, only cheap TPlink routers are available in my country. KW5262B is the model number of my router.
It doesn't matter. get it that support it so you need to learn it i guess. have you tried username/password: admin? google it?
 
  • Like
Reactions: Sorrento
Top