Advanced Plus Security Thales Hardened system for 2021

Last updated
Sep 15, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security

WiseVector StopX​

Heuristic Analysis set to High
Ransomware rollback disabled
Enabled document folder protection (MEGA)
Firewall security
Microsoft Defender Firewall
About custom security
Bitlocker Changes (via Group policy)
  • Cypher strenght -> AES XTS 256
  • Disabled new DMA devices when this computer is locked
  • Allowed secure Boot for integrity validation
  • Requires additional authentication at Startup
    • Require TPM
    • Do not allow startup PIN with TPM
    • Do not allow startup key with TPM
    • Do not allow startup key and PIN with TPM

NextDNS
Security
Everything is on
Blocked most abused Top level Domains
Using IPv4 with Linked IP

Privacy
Blocklist
  • NextDNS Ads & Trackers Blocklist
  • UncheckyAds
  • oisd
Native Tracker Protection
  • Xiaomi
  • Huawei
  • Samsung
  • Apple
  • Roku
  • Sonos
Block Disguised Third-Party Trackers

Parental Control
Websites, Apps, Games
  • TikTok
  • Tinder
  • Fortnite
  • Minecraft
  • Tumblr
  • 9GAG
  • VK
  • Roblox
  • WhatsApp
  • Dailymotion
  • Hulu
Categories
  • Dating
  • Piracy
  • Porn
Block Bypass Methods
SafeSearch

Allow list
auth.vodafone.hu
g.api.mega.co.nz
pokercaption.com
qbittorrent.org
eu.static.mega.co.nz
1337x.to
mega.nz
twoplustwo.com
microsoft.com

Settings
Anonymized EDNS Client Subnet
Cache Boost
CNAME Flattening

OSA
Main protection is ON
(LOLBins are also blocked)

Nlock Specific Location
This is crucial, maybe AppData is also should be blocked.
  • Block executionof unsigned processes on root folder
  • Block execution of processes on Public Folder
  • Block Execution of processes on All User Folder
  • Block processes executed from Shared folder
  • Block processes executed from Network Drive
  • Block processes executed from USB
  • Block unknown processes from Windows folder
  • Block execution of unsigned processes on Downloads folder
  • Block execution of unsigned processes on Windows Temp
  • Block execution of unsigned processes on Temp Folder
Potentially unwanted processes
very important one, I don't use any remote management software, so I block everything here
  • Block execution of any processes related to Teamviewer
  • Block execution of any processes related to RealVNC
  • Block execution of any processes related to UltraVNC
  • Block execution of any processes related to NirSoft
  • Block execution of any processes related toLogMeIn
  • Block execution of any processes related to Security/Xploded
  • Block execution of any processes related to Radmin
  • Blck execution of PsTools Suite from Systernals
  • Block processes named like "keygen" or "crack"
Restrict Windows Programs
  • Block Execution of Internet Explorer
  • Block execution of Cortana
  • Block Execution of Windows Registry Editor
  • Bloc execution of UAC control Settings
Smart Powershell & CMD Rules
Maybe I should block more powershell commands. I'm not sure because I'm not familiar with powershell.
  • Block "ExecutionPolicy Bypass" on command-line (powershell)
Block Script Execution
  • Block execution of .ps1 (Powershell) scripts
  • Block ecxecution of .jar scripts
  • Block execution of .msc outside System Folder
  • Block execution of .cpl pplets outside System Folder
Other Useful Block Rules
  • Block any processes executed from mstsc (Remote Dektop)
  • Block any processes executed from runtimebroker.exe
  • Block any processes executed from java.exe
  • Block any processes executed from javaw.exe
  • Block execution of javaw\java.exe
  • Block regedit.exe from silently loading .reg scripts
  • Block reg.exe fro hijacking Registry startup entries
UAC bypass Mitigation Rules
  • Block reg.exe from disabling UAC
  • Block known and possible UAC.bypass attempts
  • Block "tricks" used to run UAC-bypass system processes

Recommended Rules by Firewall hardening
Periodic malware scanners
Hitman Pro Free
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge
  • Adblock plus
  • Enpass
Secure DNS
NextDNS
Desktop VPN
Not at this moment
Password manager
Enpass
Maintenance tools
WiseDiskCleaner Free Automatically runs daily
File and Photo backup
Redundant Backup
(Multiple locations, independent from each other)
System recovery
EasUS todo backup free
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Logging into my bank account
    • Downloading malware samples
Notable changes
2021-06-12 WD, gpedit, syshardener, NextDNS
2021-06-13 NextDNS revamp
2021-06-15 syshardener replaced with SWH, FH, SRP
2021-06-17 Back to Keepass
What I'm looking for?

Looking for maximum feedback.

Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Thales said:
This is my current setup for 2021

Reminder how antiviruses perform on my system. (only performance, not protection)
Sophos = 1/5
Very heavy on my system. I uninstalled and won't use it in the near future.
Heimdal = 5/5
Very fast and responsive program however the protection rate is very bad and for this price there are better alternatives.
Trend Micro = 5/5
It is fast and offers better protection than Heaimdal.
McAfee = 5/5
Fast and the protection rate is also good.
AVG = 4/5
I have mixed feeling about it.
Norton = 5/5
It is crazy fast and responsive. Protection rate is on the top. Must have product. Probably the fastest and most improved complete suit I 've tried. Scanning consume 30-35% CPU which is very good and this way the system remains very usable..
Click to expand...
Sophos 1/5? :oops:
I mean yea it has many processes, but is it actually slowing down your system that much? I have it installed for some days now and I can barely see any CPU usage.

Unbenannt.PNG

When scanning:

Scan.PNG

But as I can see you are totally fine with Norton. :)
 
Last edited by a moderator:
  • Like
Reactions: Venustus, upnorth, ForgottenSeer 89360 and 1 other person
Thales

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
730
SecureKongo said:
Sophos 1/5? :oops:
I mean yea it has many processes, but is it actually slowing down your system that much? I have it installed for some days now and I can barely see any CPU usage.
Click to expand...
Yes, and I was surprised too. It slowed down my system as hell. I couldn't even browsing or use my PC as usual.
I tried to make a quick scan to see how it performs but it used all of my CPU. I liked HMPA that's why I gave it a chance (I know different product but same brand).
Maybe it is my system that Sophos didn't like who knows.
 
  • Like
  • Sad
Reactions: Venustus, upnorth, ForgottenSeer 89360 and 1 other person
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Thales said:
Yes, and I was surprised too. It slowed down my system as hell. I couldn't even browsing or use my PC as usual.
I tried to make a quick scan to see how it performs but it used all of my CPU. I liked HMPA that's why I gave it a chance (I know different product but same brand).
Maybe it is my system that Sophos didn't like who knows.
Click to expand...
What do you use to measure system performance? Do you just browse and open programs, or do you use a benchmark of some sort?
 
  • Like
Reactions: Venustus, Thales and ForgottenSeer 89360
F

ForgottenSeer 89360

@Thales
I agree with your opinion about Trend Micro, it's light, easy to use and intuitive.

Regarding McAfee, I personally would advise you to stay clear, as long as Avast, Kaspersky, Trend and Norton exist.
I tested it few nights ago and I have to say I am not impressed at all.
UI is now very fast and snappy, that's a plus. Programs launch fast, another plus.
But it missed too much malware and even missed a document with macro...Every AV now handles these, only McAfee doesn't.
I would recommend McAfee to people who work with a small set of trusted content, but people looking for protection, better look elsewhere.
 
Last edited by a moderator:
  • Like
Reactions: Venustus, Kongo, Thales and 1 other person
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
The Cog in the Machine said:
In my experience, it is better to install SHP on a newly configured system. It takes days to wind down and cache everything, so if you install it on a system with bunch of installed software, I can imagine how unresponsive the system would be.
Click to expand...
That's what I did actually. Might be the reason why its running so smoothly on my side.
 
  • Like
Reactions: Venustus, ForgottenSeer 89360, Thales and 1 other person
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
The Cog in the Machine said:
In my experience, it is better to install SHP on a newly configured system. It takes days to wind down and cache everything, so if you install it on a system with bunch of installed software, I can imagine how unresponsive the system would be.
Click to expand...
SecureKongo said:
That's what I did actually. Might be the reason why its running so smoothly on my side.
Click to expand...
I had the same experience. After waiting about 48 hours for it to cache things it ran very smooth. But, I know some people have had issues where it never settles in.
 
  • Like
  • +Reputation
Reactions: Venustus, ForgottenSeer 89360, Divine_Barakah and 2 others
Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
blackice said:
I had the same experience. After waiting about 48 hours for it to cache things it ran very smooth. But, I know some people have had issues where it never settles in.
Click to expand...
Exactly. SHP was not for me and I had to look somewhere else, but I saw it working very light on some systems, high-end systems with decent internet speed. The product always slowed down Firefox.
 
  • Like
Reactions: Venustus, Thales, ForgottenSeer 89360 and 1 other person
Dex4Sure

Dex4Sure

Level 3
Verified
Well-known
May 14, 2019
116
SecureKongo said:
Not doing too bad
Click to expand...

Test again on Android ;) Big difference. On Windows 10 FF does pretty well I agree. Still behind Chrome. And over time it still gets slower until you reinstall it while I've noticed while Chrome doesn't seem to. I just used 2 months Firefox straight cause I was fed up with Google, but nah I realized just can't do it any longer. The moment I tried Chrome again, everything just seemed to work faster and in some cases just more reliably too... Not to mention printing with Firefox... My printer just doesn't play nicely with FF while Chrome never had any issues.
 
  • Like
Reactions: Venustus, Divine_Barakah, Thales and 2 others
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Dex4Sure said:
Test again on Android ;) Big difference. On Windows 10 FF does pretty well I agree. Still behind Chrome. And over time it still gets slower until you reinstall it while I've noticed while Chrome doesn't seem to. I just used 2 months Firefox straight cause I was fed up with Google, but nah I realized just can't do it any longer. The moment I tried Chrome again, everything just seemed to work faster and in some cases just more reliably too... Not to mention printing with Firefox... My printer just doesn't play nicely with FF while Chrome never had any issues.
Click to expand...
Oh, I only use the Windows version anyway so I can't say anything about the phone versions. Even tho Chrome might be faster, privacy goes first for me.
 
  • Like
  • Applause
Reactions: Venustus, Divine_Barakah, Thales and 2 others
Dex4Sure

Dex4Sure

Level 3
Verified
Well-known
May 14, 2019
116
SecureKongo said:
Oh, I only use the Windows version anyway so I can't say anything about the phone versions. Even tho Chrome might be faster, privacy goes first for me.
Click to expand...
I need to use my browser across different devices. Gotta say that when you need fast browser with great syncing capabilities Chrome is still the top dog to this day. There are many other fast Chromium browsers, but none of them really come close to Chrome in reliability of their sync feature. That's big problem for me as multi-device user. I have large number of bookmarks of which many are vital to me. For example Brave is great, but its sync is just inadequate for me.

The only browser that can somewhat compete in syncing with Chrome is Firefox, but it has the issues I mentioned earlier. And well perhaps Edge, but never really used it and don't think I will... So looks like I'm stuck with Google unfortunately.
 
  • Like
Reactions: Thales, Kongo, ForgottenSeer 89360 and 1 other person
You must log in or register to reply here.

Similar threads

Divine_Barakah
    • Like
    • +Reputation
    • Applause
App Review Emsisoft Business Security
Replies
5
Views
858
Written Reviews - Security and Privacy
Brownie2019
Brownie2019
Shadowra
    • +Reputation
    • Like
    • Thanks
App Review K7 Total Security 2024
Replies
10
Views
1,043
Video Reviews - Security and Privacy
tofargone
tofargone
Brownie2019
    • Thanks
    • Like
Unlimited Giveaway 5 year license Acronis True Image for Western Digital
Replies
0
Views
446
Giveaways, Promotions and Contests
Brownie2019
Brownie2019

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top