Basic Security Thenightmare's laptop configuration 2021

Last updated
Feb 20, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Network firewall
Real-time security
Configuredefender: High
Firewall security
Microsoft Defender Firewall
About custom security
firewall hardening, simple hardening
Periodic malware scanners
None
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge with ublock origin, clearurls and cookie auto delete
Secure DNS
Nextdns with OISD
Desktop VPN
windscribe vpn(using sometime)
Password manager
bitwarden
Maintenance tools
Hibit uninstaller
File and Photo backup
Google Photo
System recovery
Macruim Backup(free). manually once a month.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Coding and development
Computer specs
Lenovo Y700
CPU: i5-6300HQ
GPU: Nvidia 960m
Ram: 8 GB
Storage: ssd:100 GB, HDD: 1000 GB
Notable changes
Changing UAC to maximum
Changing Nextdns to OISD filter
**updated false information(network firewall to ISP)
What I'm looking for?

Looking for medium feedback.

Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,512
As you are using Microsoft Defender you don't need to use the hardening tools like Simple Windows Hardening and FirewallHardening seperately, just take Hard_Configurator which has all those tools included. You also might want to set UAC to always notify to prevent some UAC bypass methods.

No network firewall at all? Most routers come with a firewall built in. Last but not least you might want to use the oisd blocklist in NextDNS, it can basically replace all the blocklists that you have enabled. :)

Unbenannt.PNG
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: Protomartyr, thenightmare, Cortex and 8 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,615
Good config (y)

I would set UAC to always notify to prevent bypasses.

Example:
www.bleepingcomputer.com

Bypassing Windows 10 UAC with mock folders and DLL hijacking

A new technique uses a simplified process of DLL hijacking and mock directories to bypass Windows 10's UAC security feature and run elevated commands without alerting a user.
www.bleepingcomputer.com www.bleepingcomputer.com

Are clearurls and cookie auto delete really needed?

Every browser can delete cookies on exit.

If you don't use the advanced features of uBlock Origin the AdGuard extension is a good replacement with its stealth mode for clearurls and cookie deleting.

adguard.com

In-depth features review: AdGuard Browser extension

One of the most popular AdGuard products is a free browser extension. If you want to protect yourself online and fight ads and trackers in your browser, then AdGuard browser extension is exactly what you need. In this article we’ll reveal to you all its features and useful options.
adguard.com adguard.com
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: Protomartyr, thenightmare, Cortex and 8 others
F

ForgottenSeer 85179

Nice setup so far.

For NextDNS configuration please take a look at Tutorial - NextDNS: a DoH/ DoT guide

Also, instead of password for Windows, you can increase your security with Windows Hello:
docs.microsoft.com

Windows Hello for Business overview - Windows Security

Learn how Windows Hello for Business replaces passwords with strong two-factor authentication on Windows devices.
docs.microsoft.com

read why a PIN is more secure than password (thanks and only related to Windows Hello):
docs.microsoft.com

Windows Hello for Business overview - Windows Security

Learn how Windows Hello for Business replaces passwords with strong two-factor authentication on Windows devices.
docs.microsoft.com
 
  • Like
  • Applause
  • +Reputation
Reactions: Protomartyr, thenightmare, Gandalf_The_Grey and 7 others
thenightmare

thenightmare

Level 1
Thread author
Verified
Nov 1, 2016
17
SecureKongo said:
As you are using Microsoft Defender you don't need to use the hardening tools like Simple Windows Hardening and FirewallHardening seperately, just take Hard_Configurator which has all those tools included.
Click to expand...
I use 3 of them instead of Hard_configurator, because both 3 are portables and I intend to use recommended setting. Andy_ful mentioned that the different in recommended setting is only forced smart screen. This one caused problem to me such as I used foxit reader and it's blocked and also yoga dns that use for connecting to NextDNS.
 
  • Like
  • Wow
Reactions: Protomartyr, Gandalf_The_Grey, Kongo and 4 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
FYI: You don't need to use all of the recommended tools, some are not even worthwhile your time or PC resources. About 2 is more than enough, but others may disagree and use 14 tools.
 
  • Like
  • Applause
Reactions: Protomartyr, Venustus, enaph and 4 others
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,798
Back on topic, though. I think ESET Online Scanner and Emsisoft Emergency Kit are great tools, though recently I had issues with Defender detecting Emsisoft's signatures as threats. So for now I'd recommend Malwarebytes and ESET.
 
  • Like
Reactions: Protomartyr, Venustus, Ville and 3 others
F

ForgottenSeer 89360

blackice said:
Back on topic, though. I think ESET Online Scanner and Emsisoft Emergency Kit are great tools, though recently I had issues with Defender detecting Emsisoft's signatures as threats. So for now I'd recommend Malwarebytes and ESET.
Click to expand...
ESET is very accurate in their detections and is therefore safe to use. For advanced users, ESET usually names threats right, so you may do a search and perform additional actions, such as changing passwords, etc. ESET also removes ransomware notes (something I like a lot).
 
Last edited by a moderator:
  • Like
Reactions: Protomartyr, Venustus, blackice and 2 others
You must log in or register to reply here.

Similar threads

ZeroOne
AI Assist Lightweight AV for Celeron N4000 + 4GB Ram
Replies
20
Views
1,111
AI-Powered Dedicated Forum
anirbandutta01
anirbandutta01
Amnesia
    • Like
    • +Reputation
Advanced Security Amnesia laptop security config 2024
Replies
7
Views
461
PC Setup Configuration Help & Showcase
Berny
Berny
Gandalf_The_Grey
    • Like
    • Thanks
    • +Reputation
Technology Microsoft Weekly: Surface Pro 10 and Laptop 6, a new Microsoft division, and more
Replies
5
Views
635
Technology News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top