Basic Security Thenightmare's laptop configuration 2021

Last updated
Feb 20, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Network firewall
Real-time security
Configuredefender: High
Firewall security
Microsoft Defender Firewall
About custom security
firewall hardening, simple hardening
Periodic malware scanners
None
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge with ublock origin, clearurls and cookie auto delete
Secure DNS
Nextdns with OISD
Desktop VPN
windscribe vpn(using sometime)
Password manager
bitwarden
Maintenance tools
Hibit uninstaller
File and Photo backup
Google Photo
System recovery
Macruim Backup(free). manually once a month.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Coding and development
Computer specs
Lenovo Y700
CPU: i5-6300HQ
GPU: Nvidia 960m
Ram: 8 GB
Storage: ssd:100 GB, HDD: 1000 GB
Notable changes
Changing UAC to maximum
Changing Nextdns to OISD filter
**updated false information(network firewall to ISP)
What I'm looking for?

Looking for medium feedback.

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,592
As you are using Microsoft Defender you don't need to use the hardening tools like Simple Windows Hardening and FirewallHardening seperately, just take Hard_Configurator which has all those tools included. You also might want to set UAC to always notify to prevent some UAC bypass methods.

No network firewall at all? Most routers come with a firewall built in. Last but not least you might want to use the oisd blocklist in NextDNS, it can basically replace all the blocklists that you have enabled. :)

Unbenannt.PNG
 
Last edited by a moderator:

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,345
Good config (y)

I would set UAC to always notify to prevent bypasses.

Example:

Are clearurls and cookie auto delete really needed?

Every browser can delete cookies on exit.

If you don't use the advanced features of uBlock Origin the AdGuard extension is a good replacement with its stealth mode for clearurls and cookie deleting.

 
Last edited by a moderator:
F

ForgottenSeer 85179

Nice setup so far.

For NextDNS configuration please take a look at Tutorial - NextDNS: a DoH/ DoT guide

Also, instead of password for Windows, you can increase your security with Windows Hello:

read why a PIN is more secure than password (thanks and only related to Windows Hello):
 

thenightmare

Level 1
Thread author
Verified
Nov 1, 2016
17
As you are using Microsoft Defender you don't need to use the hardening tools like Simple Windows Hardening and FirewallHardening seperately, just take Hard_Configurator which has all those tools included.
I use 3 of them instead of Hard_configurator, because both 3 are portables and I intend to use recommended setting. Andy_ful mentioned that the different in recommended setting is only forced smart screen. This one caused problem to me such as I used foxit reader and it's blocked and also yoga dns that use for connecting to NextDNS.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Back on topic, though. I think ESET Online Scanner and Emsisoft Emergency Kit are great tools, though recently I had issues with Defender detecting Emsisoft's signatures as threats. So for now I'd recommend Malwarebytes and ESET.
 
F

ForgottenSeer 89360

Back on topic, though. I think ESET Online Scanner and Emsisoft Emergency Kit are great tools, though recently I had issues with Defender detecting Emsisoft's signatures as threats. So for now I'd recommend Malwarebytes and ESET.
ESET is very accurate in their detections and is therefore safe to use. For advanced users, ESET usually names threats right, so you may do a search and perform additional actions, such as changing passwords, etc. ESET also removes ransomware notes (something I like a lot).
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top