SecurityDolphin New Security 2017

securitydolphin

Level 1
Thread author
Verified
Jul 22, 2016
16
My new configuration focused on being lightweight while not compromising on protection. Webroot with whitelisting on stops most malware in its tracks, UAC as well, Anti-Exploit stops payloads from even hitting, and DNSCrypt secures DNS. Acrylic DNS and uBlock gets rid of all advertisements that lead to malware, and a strict popup blocker to prevent popunders. Syncthing syncs with a central server at home running a hardened Arch Linux box. Bitlocker acts as endpoint protection. No system imaging is used.

Note; I used pruned EasyList and EasyPrivacy lists here (without the whitelisting). They are all separated into modules giving me the ability to pick and choose. GitHub - easylist/easylist: EasyList filter subscription
 
Last edited by a moderator:

securitydolphin

Level 1
Thread author
Verified
Jul 22, 2016
16
I leave SmartScreen disabled as Webroot's file reputation system is much better than SmartScreen, and I don't need the redundancy. Especially when SmartScreen is one of the less robust file reputation defenses, since anything that is signed bypasses it quite easily. I don't use on-demand scanners since my preventative measures stop all malware in its tracks before I can click yes/no.

And, I do have a backup system in place with Syncthing, I just sync it on another PC periodically.
 
L

Lucent Warrior

Especially when SmartScreen is one of the less robust file reputation defenses, since anything that is signed bypasses it quite easily.

Please take a look at this post, in the "Dynamic spoiler" sample #3, look not only in the file indicators, but also in the 1st screen shot of execution, I think you will see a signed file flagged by Smartscreen. It is very seldom I see samples bypass Smartscreen and or UAC.

24-08-2016 #9
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top