Basic Security plat1098's setup

[plat1098]

Hello, everyone . A tiny C: drive (117 gb for Windows) means limited installations of third party software, including browsers and security products/optimizers. Machine is configured for maximum efficiency with absolute minimum hassles, nags and slowdowns. I know--Internet Explorer--but for me, it's fast and usually problem-free and Adblock Plus does the job. No reckless clickity-click browsing/downloading. Data backups are straight to external storage and kept offline. No storage HDD. Open to all suggestions and appreciate each and every one. Thanks, and hi from Brooklyn, NY.

 

[Exterminator]

I would consider adding a system imaging backup solution.There a good free products available.
Apart from that a secure Windows 10 config! Thanks for sharing it with us

 

[LukeLovesSecurity]

Its uncommon that people use Windows Defender and Internet Explorer. However, it is clear you are aiming for a 0 day protection approach, which I like. I don't quite get how someone can use internet explorer, from my experience it has been very buggy and covered in ads. It isn't a must, but if I were to change something, I would get you to use Firefox or Chrome with Ublock Origin. Adding a paid VPN wont hurt either. Good, simple config!

 

[ForgottenSeer 65219]

I think you must use Password manager .
I have 75 usernames and passwords ( all long ,random and complex ).
So if you are a genius or just use simple passwords memory is best place.

 

[Deleted member 178]

System Backups are useful. I recommend you to do at least one.

 

[plat1098]

Thank you for the reassurance.

@Exterminator @Umbra: Understood about system backups but I found Windows repair-install to be easy and effective. Tried Acronis free once, and that was it. When I get a larger drive (eesh, expensive), I will revisit this.

@Siavash : Yes, I'm a genius. No, just kidding. Please see above.

Adding a paid VPN wont hurt either. Good, simple config!

ISP offers this but it's a bit high, also have to research the performance and compare other paid VPNs, Thank you, an excellent suggestion.

 

[brod56]

Follow recommendations about backups.
Internet Explorer is definitely not the best option, I suggest you to try Edge which is very nice.

 

[JM Safe]

I would use another browser, like Chrome or Edge.

Replace Adblock with uBlock Origin.

Add HTTPS Everywhere.

Follow suggestions about backups.

Thanks for sharing.

 

[plat1098]

Thanks, everyone. It's a bit involved for me (I'm a novice to imaging) due to a tiny C drive and a disconnected (by choice) HDD, but got some expert advice and now have a really decent plan. This thread got me motivated and it's appreciated. Stuff can happen out of the blue, right?

 

[plat1098]

OK, after some (OK, a LOT of) beginner's issues, I have a good and verified image. Haven't done a differential yet but that's for another time. The image is on an enclosed hard drive as, by choice, there are no spinning drives internally in machine. Boot media is on USB. The original thread description was edited accordingly.

Many thanks to MalwareTips members for the motivation, cuz I sure ain't had none.

 

[plat1098]

To main computer, added:

KeePass v. 1.34
Sandboxie v. 5.20 (1 yr sub). It was time.

 

[tim one]

To main computer, added:

KeePass v. 1.34
Sandboxie v. 5.20 (1 yr sub). It was time.

Sandboxie is referred as freeware because the unregistered version allows you to use almost all the features found in the full version.
The paid version doesn't have the nag screen and you can use multiple sandboxes at the same time, and if I well remember you have the function "Forced folders" and "Forced programs" (to open or run automatically in the sandbox folders, and applications).

It is good to support the developers, but after this paid year you can consider using the free version, absolutely valid for a normal and safe use

 

[bribon77]

I know it's hard to change your browser because you get used to it, but I advise you to change it.

 

[plat1098]

Yes, understood. IE is bad in certain key ways, right? The tiny drives are the obstacles. I have to make do with little third party until I can afford replacement NVMe and SSD w/larger capacity. This will cost over $400 USD combined. Ouch!

Of course, there are portable browsers, I'll look into those some time.

 

[frogboy]

A bit late to the party but a nice config.

Thanks for sharing.

 

[plat1098]

Well, your setup can be rather fluid right? A few little changes with some more significant ones coming up. After some fight scenes with a death-ray hassle involving my new SSD/Fall CU and some whack-o settings/and another Lenovo chipset driver version, things can now expand a bit.

Default browser: Google Chrome**. Extensions: uBO-Scope, uBlock Origin Any other worthwhile ones?
Removed: VoodooShield, KeePass
Disabled: ipv6 as per @TairikuOkami/Wilders Security. Many thanks!
Enabled: Block Potentially Obfuscated Scripts/Network Protection/Block JavaScript and VBScript to load exe via PS 5.0. Credits.

*This thread piqued interest and it was time to move away from only Microsoft browsers. Had to turn on ClearType in Control Panel/Fonts as this was making everything look like you-know-what with every third party browser. Chrome won it with speed and resource efficiency but it was a close one. Firefox deserves a second shot down the road.

 

[boredog]

I use Edge an their is an add-on for Ublock Origin. Also you could use Shadow Defender.
one of the easiest programs to use and if that was all you used you would be fine if you included an anti-key logger.
Just curious as to why you got rid of Voodoo Like you do shield?

 

[plat1098]

Hey, @boredog. Edge is a third choice, Chrome is default now. I run much of everything (except Chrome) in sandbox. I will have to take a look at Shadow Defender and its details/merits because I have no experience with it. HitmanPro Alert has a keystroke encryption module--I know, pretty important to have something like that. Right now, I'm looking to harden the OS in general, without adding more third party software. Please check your PMs.

 

[boredog]

Hey, @boredog. Edge is a third choice, Chrome is default now. I run much of everything (except Chrome) in sandbox. I will have to take a look at Shadow Defender and its details/merits because I have no experience with it. HitmanPro Alert has a keystroke encryption module--I know, pretty important to have something like that. Right now, I'm looking to harden the OS in general, without adding more third party software. Please check your PMs.

cruelsister did a video on Shadow Defender and only advised a anti key logger. She was actually impressed at how after rebooting the Peta was gone..
It protects your partitions period. I do test malware and what I do is put my main system in shadow mode, then open up an Virtual box VM with whatever software I am testing just to make sure.

 

[Deleted member 178]

Shadow Defender is one of the best security apps ever, it failed once long time ago and was fixed right away. It is the supreme leader on its field.