Status
Not open for further replies.

ozone

Level 3
I am multibooting Ubuntu 16.04, Windows 10 and Windows 7
My main OS for work is Windows 10, Ubuntu is for university, and Windows 7 is for testing.
I am using Firefox (stable, portable) Sandboxie with for work.
Cent (portable) with Sandboxie with container folder in ramdisk is for web browsing.
Firefox Nightly (portable) is for testing new functions.
ReHIPS isolates other apps (MS Office, PDF, ...
Extensions are tweaked to work well together.

Updates are automatic, but they are delayed for 1-3 days to avoid problems.
I am using mainly portable apps and I have USB "toolbox" which contains additional program/tools like scanners, archivers, editors, browsers, ...
thanks to this I can quickly restore backup "image" without using backup software.

Tools in USB "toolbox" won't be in config, only programs I have in PC are there.
Windows 7 Home Premium
Operating System: Windows 7 SP1
OS Edition: Home
OS Build:
OS Architecture:
64-bit
User Access Control: Always Notify
Firewall: Windows Firewall
OS Security Updates: Automatic Updates
OS File Reputation: Turned off
Type of User Account: Local Account
Recent Malware Attacks: No
Testing AV's with Malware Samples: No
Real-time Malware Protection:
On-demand Scanners:
Security Product Settings: Custom
Browsers and Extensions:
Preferred Search Engine: StartPage/DuckDuckGo
Password Manager: my mind
Content Blocker (Ads, Scripts, Trackers):
Simple DnsCrypt (Block and Blacklist)
Cent (Portable): uBlock Origin, uMatrix
Firefox (Portable): uBlock Origin, uMatrix, NoScript​
Frequently used System Utilities:
Frequency of Data Backups: Custom Backups
Frequency of System Image Backups: Manual / On-demand Backups
System Image Backup Software: Macrium Reflect Free
Windows 7 Tweaks:
Avast – Hardened mode
ReHIPS – Standard, lockdown mode – Without GUI only
WFC – Medium filtering, secure boot
DNS only via DNSCrypt or VPN
Cent browser can connect only via VPN (firewall rule)
Disabled IPv6
Disabled AutoPlay/Autorun
Disabled Remote Assistance
Disabled Remote Registry Access
Disabled Elevation for a unsigned applications
Removed Internet Explorer and other legacy components
Blocked/Monitored Processes: cscript.exe, wscript.exe, powershell.exe, powershell_ise.exe, vssadmin.exe

Ubuntu 16.04 (currently unavailable – HDD corrupted)
Operating System: Linux
OS Edition: Home
OS Build: Ubuntu 16.04
OS Architecture: 64-bit
User Access Control: Not Available on OS
Firewall: Linux Firewall
OS Security Updates: Manual Updates
OS File Reputation: Disabled
Type of User Account: Local Account
Recent Malware Attacks: No
Testing AV's with Malware Samples: No
Real-time Malware Protection:
UFW (GUFW)
Firejail​
On-demand Scanners:
ClamTK (ClamAV)​
Security Product Settings: Default
Browsers and Extensions:
Firefox: uBlock Origin, uMatrix, noscript, Decentraleyes, Smart Referer, No Resource URI Leak
Chrome: uBlock Origin, uBlock Origin Extra, uMatrix, ScriptSafe​
Preferred Search Engine: DuckDuckGo
Password Manager: my mind
Content Blocker (Ads, Scripts, Trackers):
Firefox: uBlock Origin, uMatrix, noscript
Chrome: uBlock Origin, uMatrix​
Frequently used System Utilities:
BleachBit
Frequency of Data Backups: Custom Backups
Frequency of System Image Backups: No Backups
 
Last edited:

ozone

Level 3
Added:
Shadow Defender
Simple DnsCrypt
Stealth Mode extension

tweaked Chrome and extensions to increase compatibility, protection and privacy
trying Stealth Mode
 
  • Like
Reactions: ZeroDay

ozone

Level 3
Removed:
Stealth mode extension
Added:
Glasswire (free)
VS (free)
SoftEther VPN (VPN Gate)
Updated:
Chrome
Tweaks:
Replaced programs with portable ones
Organised filters in uMatrix and uBO, removed redundant filters
UAC set to default



Trying VS

Stealth mode – almost every functions are same or better in uMatrix/uBO or ScriptSafe.

Glasswire is on demand, only for network monitoring; autostart for services is disabled.
 

ozone

Level 3
Removed:
VS (free)
Added:
Chrome (portable)
Updated:
Firefox
Tweaks:
Changed search engine to DuckDuckGo

Trying Chrome portable.
VS is delaying launching some programs even if whitelisted or VS is disabled.
Same problem with updating Chrome.
 
  • Like
Reactions: Parsh

ozone

Level 3
Removed:
Chrome
Added:
/
Updated:
/
Tweaks:
Disabled unnecessary system services and components
Disabled unnecessary network components and protocols
Added firewall rules (IPv6)
Added filters from https://www.abuse.ch/ to uMatrix/uBO
UAC set to Always notify
Tweaked Chrome (portable):
chrome://flags/#disable-hyperlink-auditing
chrome://flags/#enable-appcontainer
chrome://flags/#enable-tab-audio-muting
chrome://flags/#prefer-html-over-flash


btw
should't "User Access Control: Always Notfiy" be "Always Notify" :)
 
Last edited:
  • Like
Reactions: Parsh

Parsh

Level 24
Verified
Trusted
Malware Hunter
Removed:
VS (free)
Added:
Chrome (portable)
Updated:
Firefox
Tweaks:
Changed search engine to DuckDuckGo

Trying Chrome portable.
VS is delaying launching some programs even if whitelisted or VS is disabled.
Same problem with updating Chrome.
Why not try Crystal Security as a mild replacement for VooDooShield?
It has monitoring options for
  1. Running processes
  2. files opened
  3. files saved
  4. scan on exploring
with multi-engine results, cloud analysis, heuristics and ofcourse blacklisting. You can select options based on what level of supplementary security you want.
 

ozone

Level 3
Why not try Crystal Security as a mild replacement for VooDooShield?
It has monitoring options for
  1. Running processes
  2. files opened
  3. files saved
  4. scan on exploring
with multi-engine results, cloud analysis, heuristics and ofcourse blacklisting. You can select options based on what level of supplementary security you want.
Thanks I will try it later, for now I think I have all important layers covered
so I am currently focusing on performance
 
  • Like
Reactions: Parsh

Parsh

Level 24
Verified
Trusted
Malware Hunter
Thanks I will try it later, for now I think I have all important layers covered
so I am currently focusing on performance
You've a good amount of stuff already, not heavy though :D
Is it Avast hardened mode? BTW new Avast beta has come, if at all you're interested to test.
 
  • Like
Reactions: Sunshine-boy

sudo -i

Level 4
WFC / GlassWire
ReHIPS / Sandboxie
HMP.A / EMET
Are these 3 pairs not redundant? You could choose one from each pair.
 

ozone

Level 3
WFC / GlassWire
ReHIPS / Sandboxie
HMP.A / EMET
Are these 3 pairs not redundant? You could choose one from each pair.
WFC – GUI for windows firewall
GlassWire – on demand, network monitor
ReHIPS – light anti-exe, sandbox for office and firefox
Sandboxie - only Chrome
HMP.A – anti-keylogger
EMET - anti-exploit

ReHIPS is free and beta – I cannot use it for chrome, and there is no auto-delete option
HMP.A also free – no antiexploit module
 
  • Like
Reactions: Handsome Recluse

ozone

Level 3
You've a good amount of stuff already, not heavy though :D
Is it Avast hardened mode? BTW new Avast beta has come, if at all you're interested to test.
yes hardened mode
I know it has beta, but I've read it has some annoyances so I will wait for stable or RC
 
  • Like
Reactions: Parsh

ozone

Level 3
Added:
Crystal Security
Decentraleyes extension (Firefox)
PrivaZer (portable)
Removed:
Crystal Security
Updated:
/
Tweaks:
/

Tried Crystal Security, not bad, but sometimes it freeze. I will use it as on-demand scanner; moved it to USB toolbox.

I think I will move from Chrome (portable) to Firefox (portable) or other non-chromium browser, because in chrome/chromium 57 there will be no control over plugins (DRM and NaCl). You can control only PDF and Flash.
 
Status
Not open for further replies.