Status
Not open for further replies.
Latest changes
Dec 26, 2019
Operating system
Not listed
System type
32-bit operating system; x86-based processor
Update and Security
No security updates
User Access Control
Notify me only when programs try to make changes to my computer
Firewall and Network protection
Microsoft Defender Firewall is active
User permissions
Administrator account
User account
Local account only
Sign-in options
  • Account Password
  • Malware exposure
    No malware samples are downloaded
    Real-time Malware protection
    • Windows Firewall
    • Firewall Hardware on router
    • 1° AdGuard DNS / 2° CloudFlare DNS
    • MBAE Premium - Custom Setting
    • OSA - Custom Setting
    • Black Viper's List - Some services Disabled/Manual
    Modified security settings
    • Trick POS Ready 2009 + KB4500331.
    • PsExec - Run browsers + email client with limited rights - Exceptions (OSA) for Interlink Mail News and New Moon.
    • DEP Always ON
    • SMB Protocol Disabled
    • No NET Framework Installed
    • I.E.8 No Flash + Trick 1803 (Block the downloadable executable files) + Disable script (F12 - on/off) + block execution I.E.8.
    Periodic scanners
    Hitman Pro,McAfee Stinger,HijackThis Portable,Adwcleaner v.6.0.4.7
    Browser and Extensions
    New Moon 28 - (Pale Moon fork for Windows XP) Custom Setting about:config

    • Noscript
    • U.B.O.Legacy
    • Decentraleyes
    • No Resource URI Leak
    • Canvas Blocker Legacy 0.2 - Only to pass the ClientRects Fingerprint test
    Privacy tools and VPN
    • 1° AdGuard DNS / 2° CloudFlare DNS
    • W.M.P. off
    • O.E. off
    • New Moon Home page = DuckDuckGO - Custom settings saved via URL no cookies
    Password manager
    My Memory
    Search engine
    DuckDuckGo
    Maintenance tools
    • CCleaner - Many custom rules created by me
    • RegSekeer
    • Process Explorer
    • SigcheckGUI
    • Dependency Walker
    • CFF Explorer
    • Currports
    • WWDC
    • IobitUnistaller Portable
    • Speedyfox -Custom Rule for Interlink Mail News
    • SUMo Portable
    • JKDefragGUI
    Photos and Files backup
    Pen Drive
    File Backup schedule
    Once or multiple times per month
    Backup and Restore
    Acer System Backup
    Backup schedule
    Once or more per year
    Computer Activity
  • Online banking
  • Browsing the web and checking emails
  • Office and other work-related software (Work from Home)
  • Learning computer languages or creating apps
  • Computer Specifications
    Acer Intel Celeron M380 1.60 GHz 1GB RAM
    Your changelog
    1. Added some custom rules in OSA for Mimikatz Dump Lsass.exe mitigation.
    2. Added "sc" command rule block in OSA.
    3. Added rule to block execution of I.E.8 in OSA.
    4. Added rule to block msbuild.exe in OSA and the same rule on the Registry Key.
    5. Blocking rule in host file for CCleaner.
    Staff notes

    This setup configuration may put your device at risk .
    We don't recommend that other members use this security setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

    This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers.

    F

    ForgottenSeer 823865

    I think it's a matter of justice.
    But if I have to be honest I don't know it well.
    It is as if something is not in the right place.
    I have read of Security Configurations that use W.10 which may be more at risk than mine.
    You still don't understand the purpose of security config section.
    Its purpose isn't a contest with other members about who has the safest coolest config.
    It is about sharing a setup to other members, especially beginners who may need some example/inspirations/recommendations.
    1- Ask yourself, will you recommend XP to a beginner?
    2- Will you tell him to reproduce the multiple tweaks you had to do to secure XP?
    I bet you will say no in both cases, so you know why your config will never be tagged as "secured" because (using an analogy), you use a boat with many known holes, and fix the said holes with your personal sklills, which is out of reach for an average user.

    About Mimikatz, focus on blocking in-memory attack vectors, it is where Mimikatz is best used.
    Blocking only LOLbins wont help much.
    the safest combo is and always will be : a true anti-exploit + a default-deny application.

    "Amateurs built the Ark and it was the professionals that built the Titanic" ;)
    I see. I feel the same way.
    The titanic was solid, unfortunately, he was not made to hit a giant iceberg. like a car isn't designed to survive a direct hit against a concrete wall...
    Btw, the Titanic was real, the Ark, not so much. Me too i can pretend i build an UFO and say it fly better than a plane...LOL
     
    Last edited by a moderator:

    Sampei Nihira

    Level 6
    Verified
    You still don't understand the purpose of security config section.
    Its purpose isn't a contest with other members about who has the safest coolest config.
    It is about sharing a setup to other members, especially beginners who may need some example/inspirations/recommendations.
    1- Ask yourself, will you recommend XP to a beginner?
    2- Will you tell him to reproduce the multiple tweaks you had to do to secure XP?
    I bet you will say no in both cases, so you know why your config will never be tagged as "secured" because (using an analogy), you use a boat with many known holes, and fix the said holes with your personal sklills, which is out of reach for an average user.

    About Mimikatz, focus on blocking in-memory attack vectors, it is where Mimikatz is best used.
    Blocking only LOLbins wont help much.
    the safest combo is and always will be : a true anti-exploit + a default-deny application.
    You're right, I would never recommend a beginner to use W.XP.
    But it doesn't seem to me that the majority of the members of this forum are beginners.
    Quite right?

    You're still right I wouldn't recommend others to play multiple tweaks in an OS W.XP.
    But I think it would be an excellent starting point to make these changes in their OS W. Vista, 7,8.1.

    Copernicus knew perfectly well the geocentric system of Ptolemy.
    But something was not in the right direction, these are the conditions that lead to a constructive change.;););)

    Don't you think it would be an excellent example?

    Furthermore, the staff of security has already included the warning notes in my safety configuration, which would already be a warning for real beginners.

    Furthermore, it seems to me that you have already written to me twice:

    .....true anti-exploit .....
    and I have it (MBAE Premium) plus configured with non-default settings, you already know OSA.
     
    F

    ForgottenSeer 823865

    MT isn't Wilders, with the same 3 guys debating over and over about the new vulnerability discovered and what to use to block it.

    MT is more popular and friendly to beginners. Most members here don't have much technical knowledge, many just used to play with products and know well their pros and cons.

    Most members register here to ask about A vs B, nothing more.
     
    Last edited by a moderator:

    Fuzzfas

    Level 3
    Verified
    Still on board on my XP as the support of Kerio FW Free 2.1.5...yess...I'm using firewall from 2004 so...could I feel like dinosaur? :) As already mentioned - there still to get a few firewalls from the past e.g. Kerio, Sygate, Sunbelt, NetVeda SN, Filseclab, Outpost, PCTools, Prvatefirewall or even the last free Online Armor from Tall Emu but nowadyas we have nice firewall that is Free also - SpyShelter Free v.12. It' s for sure worth of attention.
    Aaaawwwwww! Kerio 2!!! :love: The memories!!! XP! The golden era of firewalls! Sygate too with its fabulous monitor display and the huge hole when using proxy! Ah, i miss those times! Nowdays the firewalls just suck! They were my favourite toy! I had used Kerio2, Sygate, Ashampoo Firewall, Kerio 4, PCTools, Filseclab, Ghost Firewall (boy, was that light and fun!!!), Outpost, Comodo, Rising, Zone Alarm (while it was still king), Online Armor. Nowdays it's so sad... Kerio 2 with BlitzenZeus rules! :love:

    Spyshelter free now has firewall? Wow, this is news to me! Last time i knew, the free version was killed! I will have to try that sooner or later, thanks!
     

    Andy Ful

    Level 59
    Verified
    Trusted
    Content Creator
    Windows XP will never get similar security level as Windows 7, 8, 8.1 and 10. This will be true, even when the user will install MBAE, OSA, and will harden the system. Anyway, it is possible to apply an unusual setup to make Win XP the security by obscurity. So, if the user knows the consequences of using it and understands its limitations, then the chances of being infected by malware in the wild are minimal. It may be that @Sampei Nihira can be in practice pretty much safe when using it.

    Yet, as Umbra noted, such a setup is too specific. In my opinion, it also relies on faith too much. The 3rd party applications like MBAE and OSA, are not well tested against the real modern threats on Windows XP (some tests suggest that they can be very useful). Also, the web browser is not properly tested, and we do not know if all security Windows Updates (from Windows Server 2003) work properly on Windows XP.

    I have some practice in protecting the computers on Windows XP. Generally, they are not worth bothering - the effort is too much, except if you are the XP enthusiast.

    I totally agree with the MT note:

    "This setup configuration may put your device at risk .
    We don't recommend that other members use this setup. We cannot not be held responsible for problems that may occur to your device by using this security setup.
    This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers."

    Edit.
    I noticed a typing error.(y)
     

    Sampei Nihira

    Level 6
    Verified
    Windows XP will never get similar security level as Windows 7, 8, 8.1 and 10. This will be true, even when the user will install MBAE, OSA, and will harden the system. Anyway, it is possible to apply an unusual setup to make Win XP the security by obscurity. So, if the user knows the consequences of using it and understands its limitations, then the chances of being infected by malware in the wild are minimal. It may be that @Sampei Nihira can be in practice pretty much safe when using it.

    Yet, as Umbra noted, such a setup is too specific. In my opinion, it also relies on faith too much. The 3rd party applications like MBAE and OSA, are not well tested against the real modern threats on Windows XP (some tests suggest that they can be very useful). Also, the web browser is not properly tested, and we do not know if all security Windows Updates (from Windows Server 2003) work properly on Windows XP.

    I have some practice in protecting the computers on Windows XP. Generally, they are not worth bothering - the effort is too much, except if you are the XP enthusiast.

    I totally agree with the MT note:

    "This setup configuration may put your device at risk .
    We don't recommend that other members use this setup. We cannot not be held responsible for problems that may occur to your device by using this security setup.
    This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers."

    Edit.
    I noticed a typing error.(y)
    You recommended Maxthon, a browser, it seems to me, that can also use Trident .............(n)
    The updates until March (sorry) April 2019 that I installed are those for Windows XP embedded (Not Windows Server 2003).
    I show you an image not taken from my PC:

    161.jpg

    P.S. It's not faith ...... trust me.;):)
     
    Last edited:

    RKRN3

    Level 3
    Verified
    P.S. It's not faith ...... trust me.;):)
    Well, no one can, right now, move to XP unless they pirate it, which defeats the purpose of security. i know you are much more knowledgeable, but this MT section isn't about competition but a guide for newcomers like me to learn some stuff. I learnt many things in this post but one thing is certain, I won't move to XP, so will not the others here.
     

    Andy Ful

    Level 59
    Verified
    Trusted
    Content Creator
    You recommended Maxthon, a browser, it seems to me, that can also use Trident .............(n)
    I did not. I do not recommend any web browser on Windows XP.

    The updates until March 2019 that I installed are those for Windows XP embedded (Not Windows Server 2003).
    ...
    Yes, that is my fault. I forgot that the updates for Windows XP were available from Windows XP Embedded (not from Windows Server 2003). Anyway, my conclusion is the same. Both systems are very close cousins, but they are not the same - some components are modified and simplified in the Embedded version. Although I did not hear that there were problems with such updates, there is also no proof (test) that these updates should cover all vulnerabilities in Windows XP (most of them should).
    P.S. It's not faith ...... trust me.;):)
    If I would trust you, then this would be the act of pure faith.:)(y)
    Anyway, If someone had to use Windows XP, then your setup would be much safer than most XP setups (still risky for most users).(y)
     

    Sampei Nihira

    Level 6
    Verified
    I replaced the files of 7z subfolder of Bandizip 5.23 with the 7zip files of the alpha version 2020-02-06:

    200.JPG

    200a.JPG

    Weekly update also of browser (New Moon 28) and e-mail client (Interlink Mail New).
    New update also of Potplayer v.200206 - 2020-02-06.
     
    Last edited:

    Sampei Nihira

    Level 6
    Verified
    Here in the comments above already mentioned Spyshelter Free. By the way, it supports Win XP. Therefore, it could be a good help in the config.
    You say?:)
    And what more protection would I have from installing this software?

    Please keep in mind my amount of RAM, and the fact that the swap in my HD of a pc over ten years old is rather slow.;)
     

    SFox

    Level 4
    Verified
    Please keep in mind my amount of RAM, and the fact that the swap in my HD of a pc over ten years old is rather slow.;)
    I don’t know how much RAM the free version consumes, but the paid one consumes an average of 5.5 MB. It's a lot? What can this program give? Yes, at least a normal firewall.
     

    SFox

    Level 4
    Verified
    You say a firewall with monitoring also outgoing?
    SpyShelter Firewall provides incoming and outgoing network requests detection, allowing you control every inbound and outbound connection that is being established. This feature locks out hackers from connecting to your PC, and stops undesired applications from connecting to the internet.
     

    Sampei Nihira

    Level 6
    Verified
    The XP firewall is also OK for incoming connections.
    What unwanted applications?
    I don't have unwanted applications in my PC.................

    P.S.

    The only application that tries to connect to the internet is MBAE because it is looking for the most updated version.
    But I blocked it with an ad hoc rule in the Host file.
     
    Last edited:

    ichito

    Level 9
    Verified
    Content Creator
    The XP firewall is also OK for incoming connections.
    What unwanted applications?
    I don't have unwanted applications in my PC.................
    I think he mean not a particular apps but its action and "willing" to call outside to some unwanted...uknown...serwes. Do you perhaps remember CCleaner/Avast affair or allother kinds of telemetry? Do you know thet some user...me also...apdate apps manualy not autmaticaly? Yes...I think this are the examples of matter of controlling both direction.
     

    Sampei Nihira

    Level 6
    Verified
    I think he mean not a particular apps but its action and "willing" to call outside to some unwanted...uknown...serwes. Do you perhaps remember CCleaner/Avast affair or allother kinds of telemetry? Do you know thet some user...me also...apdate apps manualy not autmaticaly? Yes...I think this are the examples of matter of controlling both direction.
    Thanks for the explanation Ichito.;)
    But I stay away from these applications.
    And then I repeat there is always the HOST file.

    For example, my MBAE rule not only prevents the application from calling home, but avoids an annoying pop-up of updating the app which then automatically updates automatically.

    P.S.

    Forget about the malware that calls home to progress in the infection.
    If malware already has the ability to take this action, you must thoroughly review the "prevention zone" of your Security Configuration.
     
    Last edited:

    Outpost

    Level 5
    Verified
    Forget about the malware that calls home to progress in the infection.
    If malware already has the ability to take this action, you must thoroughly review the "prevention zone" of your Security Configuration.
    Indeed. When you're at that point it's already late.
    It is a "theory" that I have supported for "centuries"!
    Why can't you give "likes" as consecutive?

    ;)
     
    Status
    Not open for further replies.
    Top