Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Simple Windows Hardening
Message
<blockquote data-quote="Andy Ful" data-source="post: 980046" data-attributes="member: 32260"><p>Anyway, sometimes it refuses to work on some computers for some reason. It is like eating mushrooms. Most people can eat them all their life without problems, but some die. Furthermore, blocking LOLBins on a home computer (Windows 10) is really not necessary when using properly configured SWH. Of course, there is nothing wrong with blocking some of them if one likes/needs such restrictions. The easiest way is simply using H_C.</p><p></p><p>There is a difference between SWH (H_C) and common configurations of Applocker or MDAC. So the necessity of blocking LOLBins in Applocker and MDAC does not pass to SWH (H_C). For example, in MDAC the scripts are not blocked (like in SWH or H_C) but only restricted. Furthermore, shortcuts are allowed, and this opens a wide road for using LOLBins. When using SWH or H_C, the scripts, shortcuts, and many files with executable content are blocked. The setup is much more restricted. So, the attacker can hardly use LOLBins, except when exploiting something.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 980046, member: 32260"] Anyway, sometimes it refuses to work on some computers for some reason. It is like eating mushrooms. Most people can eat them all their life without problems, but some die. Furthermore, blocking LOLBins on a home computer (Windows 10) is really not necessary when using properly configured SWH. Of course, there is nothing wrong with blocking some of them if one likes/needs such restrictions. The easiest way is simply using H_C. There is a difference between SWH (H_C) and common configurations of Applocker or MDAC. So the necessity of blocking LOLBins in Applocker and MDAC does not pass to SWH (H_C). For example, in MDAC the scripts are not blocked (like in SWH or H_C) but only restricted. Furthermore, shortcuts are allowed, and this opens a wide road for using LOLBins. When using SWH or H_C, the scripts, shortcuts, and many files with executable content are blocked. The setup is much more restricted. So, the attacker can hardly use LOLBins, except when exploiting something. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
