New Update Simple Windows Hardening

ErzCrz

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,157
Last edited:
  • Like
  • +Reputation
Reactions: bayasdev, Protomartyr, ColonelMal and 3 others
Overkill

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128
Can I run these 2 without any issues?
2020-11-30_105115.png

Why I ask, watch the very short video...
sendvid.com

Video 2020 11 30 104839

Upload and share videos instantly. It's free and simple. No signup required.
sendvid.com sendvid.com
 
  • Like
Reactions: Andy Ful and harlan4096
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Overkill said:
Can I run these 2 without any issues?
View attachment 250069
Why I ask, watch the very short video...
sendvid.com

Video 2020 11 30 104839

Upload and share videos instantly. It's free and simple. No signup required.
sendvid.com sendvid.com
Click to expand...
You cannot and you should not. The first (SWH) was created for people who do not want to use the second (H_C). If you like the second, then the first is useless. If you like to use the Documents Anti-Exploit tool, then it is available as a standalone application:
Download (github.com)

Be safe.(y)

Edit.
One can correct the behavior of SWH spoiled by SwitchDefaultDeny by choosing :
<Settings> <Apply Basic Recommended Settings>
 
  • Like
  • +Reputation
  • HaHa
Reactions: Protomartyr, SeriousHoax, oldschool and 5 others
Overkill

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128
Andy Ful said:
You cannot and you should not. The first (SWH) was created for people who do not want to use the second (H_C). If you like the second, then the first is useless. If you like to use the Documents Anti-Exploit tool, then it is available as a standalone application:
Download (github.com)

Be safe.(y)

Edit.
One can correct the behavior of SWH spoiled by SwitchDefaultDeny by choosing :
<Settings> <Apply Basic Recommended Settings>
Click to expand...
Is there any overlap with SwitchDefaultDeny since I have VS Pro?
 
ErzCrz

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,157
Overkill said:
Is there any overlap with SwitchDefaultDeny since I have VS Pro?
Click to expand...
That default deny switch temporarily turns off SRP for when you have issues with installing software with H_C installed with recommended settings. (see below help) that pops up when you click on the button. There's full help files and manuals in H_C and SH.

1606758650256.png
rules to
 
Last edited:
  • Like
  • +Reputation
Reactions: Protomartyr, ForgottenSeer 85179, Andy Ful and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,233
Overkill said:
Is there any overlap with SwitchDefaultDeny since I have VS Pro?
Click to expand...
@Overkill can you update your security config, so that we can discuss this there?

A very simplified explanation of both tools is:
The tools from @Andy Ful HardConfigurator and Simple Windows Hardening use Windows internal options to strengthen/harden the system.
Normally you don't need SwitchDefaultDeny unless something is not working in your system and you don't have time to research how to whitelist it.
VoodooShield is IMO more an addon to your current AV solution.
Please don't kill me @danb for saying this :eek:

Like @ErzCrz mentioned there is a lot of help available in Andy's tools and in the manuals (y)
 
  • Like
Reactions: Protomartyr, ForgottenSeer 85179, SeriousHoax and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Overkill said:
Is there any overlap with SwitchDefaultDeny since I have VS Pro?
Click to expand...
SwitchDefaultDeny is a part of Hard_Configurator. Do you use both H_C and VS? There is no need to use both H_C and VS (two default deny applications). Just use VS if you like it, or use SWH instead. SWH is a simplified version of H_C which was intended for semi-advanced users (EXE and MSI files are not blocked).

H_C is more complex and has several setting profiles that are more restrictive than SWH. But it is intended rather for protecting the computers of inexperienced users who can accidentally run EXE or MSI files embedded in spam attachments or can ignore SmartScreen Application Reputation alerts. So you could use H_C to protect the computers of your family members. H_C has got also ConfigureDefender and FirewallHardening integrated into one GUI. (y)
 
  • Like
  • +Reputation
Reactions: Protomartyr, ForgottenSeer 85179, ErzCrz and 4 others
Overkill

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128
Andy Ful said:
SwitchDefaultDeny is a part of Hard_Configurator. Do you use both H_C and VS? There is no need to use both H_C and VS (two default deny applications). Just use VS if you like it, or use SWH instead. SWH is a simplified version of H_C which was intended for semi-advanced users (EXE and MSI files are not blocked).

H_C is more complex and has several setting profiles that are more restrictive than SWH. But it is intended rather for protecting the computers of inexperienced users who can accidentally run EXE or MSI files embedded in spam attachments or can ignore SmartScreen Application Reputation alerts. So you could use H_C to protect the computers of your family members. H_C has got also ConfigureDefender and FirewallHardening integrated into one GUI. (y)
Click to expand...
I have Hard_Configurator mainly for ConfigureDefender, so I can just ignore SwitchDefaultDeny? If I do use SwitchDefaultDeny, it's not really hurting my system since it's based on SRP and VS works differently correct?
 
Overkill

Overkill

Level 31
Verified
Honorary Member
Feb 15, 2012
2,128
Andy Ful said:
You cannot and you should not. The first (SWH) was created for people who do not want to use the second (H_C). If you like the second, then the first is useless. If you like to use the Documents Anti-Exploit tool, then it is available as a standalone application:
Download (github.com)

Be safe.(y)

Edit.
One can correct the behavior of SWH spoiled by SwitchDefaultDeny by choosing :
<Settings> <Apply Basic Recommended Settings>
Click to expand...
Okay, I downloaded the zip of stand-alone tools and clicked on Documents Anti-Exploit tool and nothing opened :unsure:
I read about it and saw the gui so I am guessing if the 2 apps aren't installed it just won't do anything?
I just was curious about it and wanted to check it out.
 
Last edited:
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,233
Overkill said:
I have Hard_Configurator mainly for ConfigureDefender, so I can just ignore SwitchDefaultDeny? If I do use SwitchDefaultDeny, it's not really hurting my system since it's based on SRP and VS works differently correct?
Click to expand...
In that case uninstall Hard_Configurator and use the standalone ConfigureDefender :
github.com

GitHub - AndyFul/ConfigureDefender: Utility for configuring Windows 10 built-in Defender antivirus settings.

Utility for configuring Windows 10 built-in Defender antivirus settings. - AndyFul/ConfigureDefender
github.com github.com
I think SwitchDefaultDeny does nothing in your system when SRP is not configured and VS works differently.
 
  • Like
Reactions: Protomartyr, Andy Ful, harlan4096 and 1 other person
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,233
Overkill said:
Okay, I downloaded the zip of stand-alone tools and clicked on Documents Anti-Exploit tool and nothing opened :unsure:
I read about it and saw the gui so I am guessing if the 2 apps aren't installed it just won't do anything?
I just was curious about it and wanted to check it out.
Click to expand...
Did you extract it?
 
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Overkill said:
Okay, I downloaded the zip of stand-alone tools and clicked on Documents Anti-Exploit tool and nothing opened :unsure:
I read about it and saw the gui so I am guessing if the 2 apps aren't installed it just won't do anything?
I just was curious about it and wanted to check it out.
Click to expand...
It is probably blocked by something (a common issue in overkill setup).
 
  • HaHa
  • Like
Reactions: Protomartyr, vaccineboy, Overkill and 2 others

Similar threads

Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
29,430
Hard_Configurator Tools
South Park
South Park
Gandalf_The_Grey
    • Like
    • Hundred Points
New Update Patch Tuesday update (KB5041571) hits Copilot+ PCs running Windows 11 24H2
Replies
0
Views
293
Windows 11
Gandalf_The_Grey
Gandalf_The_Grey
Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
318
Views
34,111
Hard_Configurator Tools
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top