Danger Sampei Nihira Security Config WinXP (POS Ready2009) 2020

Status
Not open for further replies.
Last updated
Dec 26, 2019
Windows Edition
Home
Operating system
Other
Log-in security
Security updates
Block all updates
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
  • Windows Firewall
  • Firewall Hardware on router
  • 1° AdGuard DNS / 2° CloudFlare DNS
  • MBAE Premium - Custom Setting
  • OSA - Custom Setting
  • Black Viper's List - Some services Disabled/Manual
Firewall security
Microsoft Defender Firewall
About custom security
  • Trick POS Ready 2009 + KB4500331.
  • PsExec - Run browsers + email client with limited rights - Exceptions (OSA) for Interlink Mail News and New Moon.
  • DEP Always ON
  • SMB Protocol Disabled
  • No NET Framework Installed
  • I.E.8 No Flash + Trick 1803 (Block the downloadable executable files) + Disable script (F12 - on/off) + block execution I.E.8.
Periodic malware scanners
Hitman Pro,McAfee Stinger,HijackThis Portable,Adwcleaner v.6.0.4.7
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
New Moon 28 - (Pale Moon fork for Windows XP) Custom Setting about:config

  • Noscript
  • U.B.O.Legacy
  • Decentraleyes
  • No Resource URI Leak
  • Canvas Blocker Legacy 0.2 - Only to pass the ClientRects Fingerprint test
Maintenance tools
  • CCleaner - Many custom rules created by me
  • RegSekeer
  • Process Explorer
  • SigcheckGUI
  • Dependency Walker
  • CFF Explorer
  • Currports
  • WWDC
  • IobitUnistaller Portable
  • Speedyfox -Custom Rule for Interlink Mail News
  • SUMo Portable
  • JKDefragGUI
File and Photo backup
Pen Drive
System recovery
Acer System Backup
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Working from home
Computer specs
Acer Intel Celeron M380 1.60 GHz 1GB RAM
Notable changes
  1. Added some custom rules in OSA for Mimikatz Dump Lsass.exe mitigation.
  2. Added "sc" command rule block in OSA.
  3. Added rule to block execution of I.E.8 in OSA.
  4. Added rule to block msbuild.exe in OSA and the same rule on the Registry Key.
  5. Blocking rule in host file for CCleaner.
Notes by Staff Team
  1. This setup configuration may put you and your device at risk!
    We do not recommend that other members use this setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

  2. This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers to remain protected from the latest threats.

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
This Zero-Day almost certainly also affects I.E.8:


I entered a rule for the total block of I.E.8.
 

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
Now that I have some free time I have done a test to check the CVE-2020-0674 vulnerability in my I.E.8.
I found the test file thanks to 0Patch:


To make the test after the creation of the HTML file I had to make 2 changes:

500a.JPG

500c.JPG

but the result is unexceptionable:

500.JPG

I.E.8 is vulnerable.
I did well to take the countermeasures already mentioned .(y):)

P.S.

I would like to advise users who have multiple browsers installed to check which is the default browser that opens the HTLM and HTM files and possibly change this setting with the browser they consider more secure.
 
Last edited:

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
Home users doesn't need IE anyway, better remove it.

There are those who say that the removal of I.E.8 is possible in Windows XP.
I believe it is inadvisable to remove I.E.8.
Why Trident in Windows XP is used in multiple software.
And this is easy to avoid, just don't use them.
But it is also used:

..... in Windows XP it is also used for the User Accounts Control Panel, which is an HTML Application ......


And this cannot be ignored.


Indeed, since the command below is configured as an HTML application, I placed it under anti-exploit protection

Control.exe nusrmgr.cpl

 

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
:D

With my XP, however, I don't have to worry about new forms of attack that are increasingly incisive:


I would say an attack on several fronts which, in my opinion, could bypass some of the security configurations included in this sub-forum.

:giggle:

P.S. Precautionarily I added a rule for blocking MSBuild. *
 
Last edited:
  • Like
Reactions: DDE_Server

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
CCleaner ver. v5.64.7613, release today, no longer supports Windows XP (and Windows Vista).
There is a special version of CCleaner 5.64.7577 which can be downloaded on the page below:


This version will only ever receive critical security updates.
 

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
Today some free time.
I entered my customizations in ccleaner ver 5.64.
I insert some pictures:

Start:
700.JPG

New Moon 28 which is recognized as Firefox (I don't have Firefox installed), note the custom rules marked with *
700a1.JPG

Interlink Mail New + Potplayer +MBAE:
700a.JPG
 
Last edited:

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,485
You can use a $300 smartphone, but cannot replace an insecure OS for a cheap and secure Chromebook, or Low-End Windows 10 S device.

Microsoft Surface Go is sub-$400.
Chromebooks are as low as $200.

This thread is a joke and an embarrassment.

All opinions are my own.
 
Last edited:
  • HaHa
Reactions: oldschool

Sampei Nihira

Level 6
Thread author
Verified
Well-known
Dec 26, 2019
287
You can use a $300 smartphone, but cannot replace an insecure OS for a cheap and secure Chromebook, or Low-End Windows 10 S device.

Microsoft Surface Go is sub-$400.
Chromebooks are as low as $200.

This thread is a joke and an embarrassment.

All opinions are my own.

I can't replace it because besides the pc with W.XP we also have another pc with W.10.
I wrote it several times.
It was enough to read.
So your replacement advice is as useless as your comments.
 
  • Like
Reactions: DDE_Server

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,485
I can't replace it because besides the pc with W.XP we also have another pc with W.10.
I wrote it several times.
It was enough to read.
So your replacement advice is as useless as your comments.
You have 2 PCs. You deliberately chose to share a controversial topic.

There are 10 pages of nonsense. No one is going to read a dead product thread.

Windows XP is no longer supported by Microsoft.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Usage of IE 8 should ring some alarm bells and shouldn't be used at all, regardless of what you're doing. Same for XP, again unless you're a company, hospital, or an organisation with critical infrastructure, there's no need to be using Win XP.

When upgrading to Win 7 (optional, not forcing you), backup everything or the essential stuff.

~LDogg
 
  • Like
Reactions: Gandalf_The_Grey
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top