Advanced Plus Security Numeriku's Security Configuration 2023

Last updated
Jun 20, 2023
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
N/A
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Network firewall
Enabled
Real-time security
Bitdefender Total Security
ISP - Issued router flashed with dd-wrt with wifi disabled & connected using an ethernet cable to the pc.
Firewall security
Other - Internet Security (3rd-party)
About custom security
Firewall Hardening by Andyful (lolbins)
O&O ShutUp10++ - All on recommended set.
Simple Windows Hardening.
Memory Integrity is turned on.
Periodic malware scanners
Norton Power Eraser
Emsisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Firefox with Ublock Origin.
Secure DNS
Cloudflare
Desktop VPN
Bitdefender VPN.
Password manager
Bitwarden
Maintenance tools
Hibit Uninstaller Tools to clean pc monthly.
File and Photo backup
Google Drive
System recovery
Create a bi-monthly backup using macrium reflect free uploaded to hetzner storage box so if my machine ever gets infected and unusable, I won't lose everything.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
  • AMD Ryzen 5 5600
  • NVIDIA GeForce RTX 3050
  • 16GB Dual-Channel DDR4
  • 1 TB NVME
Notable changes
  1. Added simple windows hardening (thank you securekongo)
  2. Downgraded back to windows 10
  3. Removed winaero tweaker.
  4. Switched to next DNS from cloudflare dns
  5. Added Checkmal's Appcheck
  6. Switched search from google to duckduckgo
  7. Switched back again to cloudflare dns.
  8. Switched back search to google
  9. Removed appcheck anti ransomware.
  10. Added NeuShield Data Sentinel
  11. Replaced NeuShield Data Sentinel with Kaspersky's anti ransomware tool
  12. Removed KART and F-Secure, replaced with Avast Premium Security.
  13. Replaced Avast Ultimate with Kaspersky Total Security
  14. Replaced ublock origin with Adguard
  15. Replaced old pc with new pc, installed avast premium with hardened mode and using my old security config on the new one, windows 11 sac currently on evaluation mode.
  16. Replaced Avast premium with Bitdefender Total Security
What I'm looking for?

Looking for medium feedback.

Numeriku

Level 2
Thread author
Verified
Mar 13, 2022
65
Consider adding Simple Windows Hardening for additional malicious scrip protection. Also, you chose the wrong option in the category "Software Firewall" :)
Fixed that, i assume that windows defender firewall is the correct option. Thanks.

Yeah, I've been reading about Simple windows hardening, my primary concern is that I have to whitelist programs manually but is that worth it to have in a daily use PC?
 

Numeriku

Level 2
Thread author
Verified
Mar 13, 2022
65
Added Simple Windows Hardening (thanks to @SecureKongo & @Back3 for convincing me)

1660070923435.png
 

Numeriku

Level 2
Thread author
Verified
Mar 13, 2022
65
absolutely not. It won't provide any security and it will make browsing extremely slow as it is huge. You should not use any security filter in block origin.
I tried like you said on ublock and it does slow down browsing, also tried it through nextdns and it's working great with no noticeable slowdown, will keep testing for a couple of days to see if I will keep using it.
 
F

ForgottenSeer 94943

Decided to revert my windows 11 due to the fact my hardware is unsupported, tried it out but saw no major differences, and now back to windows 10.
Good decision. Usually people rush to upgrade because they always want the latest and "greatest". In Windows 11 case, it is not the greatest. Windows 10 is more mature and is capable of doing everything so why upgrade?
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,468
Moved back to Cloudflare DNS, I think with the existing filters in ublock and O&O ShutUp10++, it is just adding redundant layers of blocking.
I mean if you set up NextDNS on your router or system-wide it even blocks ads and trackers within applications. Cloudflare DNS doesn't have that option. Furthermore one of the strenghts of NextDNS are the security filter lists. But if you prefer Cloudflare then that's okay too. Never had any problems with Cloudflare either.
 
F

ForgottenSeer 94943

I mean if you set up NextDNS on your router or system-wide it even blocks ads and trackers within applications. Cloudflare DNS doesn't have that option. Furthermore one of the strenghts of NextDNS are the security filter lists. But if you prefer Cloudflare then that's okay too. Never had any problems with Cloudflare either.
I do agree that NextDNS is a great option. Unfortunately, my ISP provided router does not support changing the DNS. Thus, add NextDNS manually to secure DNS settings in my browsers. The windows client had DNS leak issues for me. Apparently, my ISP is so aggressive against changing DNS.

NextDNS with Osid filter is superb.
 

Numeriku

Level 2
Thread author
Verified
Mar 13, 2022
65
I mean if you set up NextDNS on your router or system-wide it even blocks ads and trackers within applications. Cloudflare DNS doesn't have that option. Furthermore one of the strenghts of NextDNS are the security filter lists. But if you prefer Cloudflare then that's okay too. Never had any problems with Cloudflare either.
Yeah, it is nice to use, but 99.9% of my time is on the browser and DNS-based adblocker doesn't block certain sites that have video ads like youtube, as for security, already have f-secure browser protection and some filters from browser-based AdBlock unlock origin. Didn't really abandon it though, on my other router for phones, smart tv & console, I switched it to next dns as I think it would be better for those kinds of devices.
 
  • Like
Reactions: Back3 and Kongo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top