Advanced Plus Security TairikuOkami's Configuration 2021

Last updated
May 29, 2021
How it's used?
For home and private use
Operating system
Other operating system
Live OS: Kubuntu 20.10 / Linux Mint 20.1
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Panda Cloud Free AV
Secure Boot Enabled
Firewall security
Microsoft Defender Firewall
About custom security
Defender Disable
Windows Setup 1
Windows Setup 2
Windows Tweaks
Periodic malware scanners
Windows Repair Toolbox (Malware removal): Autoruns + HitmanPro + NPE + RogueKiller
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge with Smartscreen
AdGuard AdBlocker (blocks cookie notices, trackers)
Bitwarden (a secure and free password manager for all of your devices)
Checker Plus for Gmail (Windows notifications, read or delete emails without opening Gmail)
Cookie AutoDelete (cleans cache, cookies, indexedDB, localstorage, plugindata, service workers)
Enhancer for YouTube (autoplays HD and removes ADs)
Feedly Notifier (reading news from RSS aggregator Feedly)
Selection Search (use the right-click menu to search for selected text in any search engines)
Disabled #heavy-ad-privacy-mitigations
Disabled #edge-omnibox-ui-hide-steady-state-url-scheme
Disabled #edge-omnibox-ui-hide-steady-state-url-trivial-subdomains
Disabled #enable-quic
Disabled #edge-show-feature-recommendations
Enabled #block-insecure-private-network-requests
Enabled #disallow-doc-written-script-loads
Secure DNS
Quad9 System (DoH)
NextDNS Browser (DoH)
Desktop VPN
TOR Browser (occasionally)
Password manager
Bitwarden (browser extension)
Maintenance tools
Driver Easy
Driver Store Explorer
HiBit Uninstaller
NirLauncher (within WRT)
Patch My PC
Process Hacker Nightly
Windows Cleanup
Windows Repair Toolbox
Wise Disk Cleaner
Wise Registry Cleaner
File and Photo backup
AUV310, IceDrive, OneDrive
System recovery
EaseUS Todo Backup Free
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
malwaretips.com

PC Specs - TairikuOkami's AMD only PC

AMD only CPU, GPU, chipset, it is non-negotiable, besides they play nicely together.
malwaretips.com malwaretips.com
Notable changes
31-Dec-20 Replaced Yandex with Edge
03-Jan-21 Reinstated CleanBrowsing
16-Jan-21 Google/Microsoft allowed
23-Jan-21 Microsoft Edge sent to hell
23-Jan-21 Google Chrome/Search comes
31-Jan-21 Removed POPPeeper/MailoJunk
10-Feb-21 Cleanbrowsing went nuts (political)
21-Feb-21 Installed 21H1 Dev to finally get DoH
08-Apr-21 Switched from Chrome to Brave
22-Apr-21 Back to Edge (last man standing)
26-May-21 NextDNS (adult content & malware)
26-May-21 Malwarebytes Windows Firewall Control
29-May-21 Lesson learnt (the evil has spread here too)
What I'm looking for?

Looking for medium feedback.

TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
Unfortunately, it still takes about 5 secs when opening a custom image or a random webpage. I can not move it easily to ramdisk, like I did with Yandex. :cautious:

d4ffeac100cc8f8ed66794890a525a3f.gif
 
  • Wow
  • Like
  • Sad
Reactions: Nevi, Gandalf_The_Grey, Venustus and 4 others
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
I have decided to use double DNS as before. While Quad9 is unbeatable in blocking malicious content, well that is about it. Edge uses SmartScreen, so it should go well along with Cleanbrowsing, which acts almost as Adguard DNS, but without broken webpages. Energized filter was causing issues anyway and it was even not blocking everything.
 
  • Like
Reactions: Nevi, Thales, Gandalf_The_Grey and 5 others
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
OK. Edge 88 did it, it made me to regret, that I have decided to trust MS once more. Never again. Fool me once, shame on you. Fool me twice, shame on me. Webpages, new tabs and even extension settings, open for 5 secs and more, that is beyond ridiculous. It is probably due some settings, but that the fact remains, that Edge can not handle it. So I have chosen Chrome. I abandoned it because of all the paranoia, but after going around in circles, just to avoid anything from Google, I have sold my soul to the devils (FB, MS, Google). Lets gloat. 😒
 
  • Wow
  • Like
  • Sad
Reactions: Venustus, Protomartyr, Nevi and 3 others
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
I use Brave on Android, but since everything is Umbrella now (DARPA, etc), I mean Google, lol, it does not matter anyway.
Besides Youtube seems much cleaner, not to mention a clean context search menu unlike in Edge with about 20 entries.

capture_01232021_085116.jpg
 
  • Like
Reactions: Venustus, Protomartyr and Nevi
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
TairikuOkami said:
No, I click on the link and the imaginary countdown starts 5-4-3-2-1 and then the webpage actually starts loading. Edge 87 loaded them instantly, just like any other browser.
Click to expand...
Ah. Strange.
I just updated Edge to 88 and don't experience any difference in delay with page loading. Might just be one of those anomalous issues that crops up one day and disappears at some random point in the future.
 
  • Like
Reactions: Venustus, Protomartyr and ForgottenSeer 85179
eonline

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,083
Quad9 at the System Level
CleanBrowsing Adult (DoH)
Click to expand...

what is the advantage of having some dns in the router and others in the system. Or do you have them in the browsers? This part of your configuration I did not understand.
 
  • Like
Reactions: Protomartyr
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
Noche said:
what is the advantage of having some dns in the router and others in the system.
Click to expand...
Cleanbrowsing is not very good in blocking malware lately. I use mostly for content filtering. Still, it is pretty restrictive, so it could block downloads from gaming servers and etc. Forticlient actually blocked youtube in steam browser, strangely not within Windows, so I could not watch gaming guides while playing. Quad9 has a great malware filter, so it fits perfectly for Windows and apps. It can even block known C&C botnets and malware, that relies on DNS. Known IPs gets blocked fast, so some ransomware relies on DNS as well. 🙃
 
  • Like
Reactions: Protomartyr and ForgottenSeer 85179
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
Noche said:
what is the advantage of having some dns in the router and others in the system.
Click to expand...
Changing your router's DNS forces all devices not using a third-party DNS to use the one specified by the router.
Changing your system's (device's) DNS allows you to bypass the router's specified DNS and use a different DNS service.
 
  • Like
Reactions: Protomartyr, ForgottenSeer 85179 and TairikuOkami
F

ForgottenSeer 85179

Arequire said:
Changing your router's DNS forces all devices not using a third-party DNS to use the one specified by the router.
Click to expand...
That's not completely true. Devices/ Apps on devices can still use own DNS service if not blocked.
And even then, they still can use direct IP connections to circumvent restrictions.

If I'm not wrong, Google and/or Amazon smart-home devices do this in the past or even still.
 
  • Like
  • Thanks
Reactions: Protomartyr, Arequire, TairikuOkami and 1 other person
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
SomeRandomCat said:
Dunno if you tried it yet or not, but since installing Brave Browser, I have become a huge fan.
Click to expand...
You were right, Brave is worth it. Default settings are much more privacy friendly. I like CNAME and WebRTC blocking, though a custom new tab would be nice.
I was considering Edge again, but once store was damaged, it refused to run with buffer overflow errors and Google Chrome is just too much Google for me lately.
 
Last edited:
  • Like
Reactions: SomeRandomCat
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
2284e193c2ccb0f1c8f5dfe4ec95677068095c98.jpeg

OK after an initial enthusiasms, I am back to Edge. Brave Shield causes problems almost on every webpage, disabling all settings will not disable it, but I have managed to run it without it (--disable-brave-extension) and it was lighting fast compared to the default config. Still Brave Rewards is an annoying feature, even when it is not enabled, it gets triggered on every webpage. Also Brave, just like Chrome, does not allow to customize the start page, the only viable option is to let Brave display ADs unless I want to stare on a dull colorful page. There is also the silly downloads bar, I had to use an extra extension AutoHideDownloadsBar just for that. And as it all of this were not enough, you can not download bat/exe files without confirming every single one (twice!), so I actually had to open Downloads tab to confirm them, so about 6 more needless clicks and wasted several minutes a day. Edge "just" works. (y)
 

Attachments

  • capture_04222021_132806.jpg
    capture_04222021_132806.jpg
    116.4 KB · Views: 272
  • Like
  • Wow
  • Applause
Reactions: ForgottenSeer 85179, Kongo, WhiteMouse and 2 others
WhiteMouse

WhiteMouse

Level 5
Verified
Well-known
Apr 19, 2017
249
What do you use to track all IPs address that a program connect to create firewall rules?
 
TairikuOkami

TairikuOkami

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,685
Nirsoft tools: TCP UDP Watch + IP Info (on Android NoRoot Firewall + IP info Detective, it even shows there blacklisted IPs with the type of vulnerability, it is being used for).
If there is no network, it usually means it is blocked, I can verify in Process Hacker (Default Outbound), then I check to whom the IP range belongs to, like MS and CDN servers.
 

Attachments

  • capture_04222021_145358.jpg
    capture_04222021_145358.jpg
    306.3 KB · Views: 261
  • capture_04222021_145250.jpg
    capture_04222021_145250.jpg
    368.3 KB · Views: 268
  • Like
  • Thanks
Reactions: The_King, ForgottenSeer 85179, silversurfer and 2 others
You must log in or register to reply here.

Similar threads

TairikuOkami
    • Like
    • Applause
    • +Reputation
Advanced Security TairikuOkami's Configuration 202x
Replies
32
Views
8,792
PC Setup Configuration Help & Showcase
TairikuOkami
TairikuOkami
TairikuOkami
    • Like
    • +Reputation
    • Applause
Basic Security TairikuOkami's Configuration 2020
Replies
26
Views
9,053
CSC Archive
TairikuOkami
TairikuOkami
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
965
ChromeOS & Linux
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top