Advanced Security Xeno's Security Setup 2023

Last updated
Jul 1, 2023
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
N/A
Log-in security
    • Basic account password (insecure)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
N/A
About WiFi router
idk bruh
Real-time security
Kaspersky Premium
Firewall security
Other - Internet Security (3rd-party)
About custom security
Default Deny Intrusion Prevention - Restrictions on trusted applications that are not system based. Blocked tampering of Kaspersky.
Periodic malware scanners
NPE, Emisoft.
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Ublock Origin, Kaspersky Password Manager.
Secure DNS
N/A
Desktop VPN
Kaspersky VPN
Password manager
Kaspersky Password Manager
File and Photo backup
N/A
System recovery
EaseUS Todo Backup
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Making audio/video calls
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Downloading software and files from unknown / untrusted / shady sites
    • Gaming
    • Gaming with third-party mods
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
    • Coding and development
    • Downloading malware samples
Computer specs
Corsair Vengeance i8200 - RTX 4090, i9-14900k, 64gb RAM, 4TB SSD.
Notable changes
Changed Checkpoint to Kaspersky Premium
Default Deny setup with Kaspersky, Hardened Intrusion Prevention for Trusted Applications (Cannot Tamper with Kaspersky)
What I'm looking for?

Looking for maximum feedback.

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
I am currently using that, and a bit more hardened with that, along with SWH. I dont really mind it being overkill as it doesnt interfere with my normal operations. The only thing I dont want is for things overlapping and casuing issues.

For any Kaspersky users, any enhanced anti-tampering you can do via Intrusion Prevention

Xeno.... i dont understand what risks you are at..., so your stating that you dont do malware testing.. but you download samples? Are ya just using VT to scan or smthn
I will warn you NEVER EVER set your mouse to 0 or double click debounce time alright.... you might accident double click it
In the event I double click, it will be blocked by Kaspersky Default Deny, but i just use VT, Intellix, and Kaspersky Opentip and scan malware samples sometimes.

aight but what abt hybid analysis, i find they go VERY in depth of what the file does and how it interacts with the systems it gets executed on.
Could do that too

W since they use crowdstrike :p
imo I dont like Crowdstrike I dont think its good
 

cartaphilus

Level 10
Verified
Well-known
Mar 17, 2023
491
I am currently using that, and a bit more hardened with that, along with SWH. I dont really mind it being overkill as it doesnt interfere with my normal operations. The only thing I dont want is for things overlapping and casuing issues.
How is your setup when it comes to a gaming PC? (I e. Intrusive? Does it allow the games to fire off or are you forced to lower the defenses?...I haven't used Kaspersky in decades). Since the only windows I use is to game otherwise I stay away from that OS. (Wife is a different story).
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
How is your setup when it comes to a gaming PC? (I e. Intrusive? Does it allow the games to fire off or are you forced to lower the defenses?...I haven't used Kaspersky in decades). Since the only windows I use is to game otherwise I stay away from that OS. (Wife is a different story).
If it blocks a game, I just can unblock it, no more issues. It takes 15 seconds to do so.
 
  • Like
Reactions: cartaphilus

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
I have some "proposed" upgrades to my setup. I'm going to get a very powerful gaming PC for christmas that my parents offered to get me (which im super thankful for), and I'm going to be increasing the security a bit. Here are the changes:
  • When I get the new PC, I'm going to trial Checkpoint Harmony to see its performance. Once thats over, I switch to Kaspersky, and then in April I will (probably) buy a Checkpoint License.
  • Block Powershell and VBS from running.
  • Use X-Set and AdwCleaner as SOS.
  • Download a network monitoring software to ensure there arent any intrusions in my network.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
I’ve realized I’m paranoid about security and have all this default deny stuff yet I’m still having issues, so I’m going to change up stuff.

Malware Testing:
I am NOT doing any malware testing or sample gathering. Horrible idea and I completely regret doing it in the past although I don’t think I’ve had severe consequences. Nothing has really happened besides my accounts being hacked, but no harm was done besides them logging in. I completely regret this and I thank all MalwareTips members who have attempted to guide me away.

Security Solution:
This is staying as Kaspersky, or I might switch to ESET. No additional hardening, I shouldn’t have issues if I follow good security practices.

Browser Extensions:
Ublock, Bitwarden, MBAM Browser Guard

SOS:
Going to have AdwCleaner, MBAM, and NPE on hand with me at all times.

Password Manager:
Switching from Kaspersky Password Manager to Bitwarden. I’m absolutely disappointed with Kaspersky password manager as when I was changing the passwords to all my accounts to address a earlier breach I realized that you can log in using a older main password even if you change it. Zero reason to keep it because of that.

Account Security:
2FA on important ones, like Google, Microsoft, Steam, etc. All complex passwords.

Backup Software:
Undecided. I need a good free one I can use. I am going to USB reset my main system as I suspect a malware infection as a random file from wire guard VPN appeared without me installing wire guard. I also noticed display file extensions was turned off randomly. I will then create a backup later after all this.

Are these good changes and a good setup? For all the people seeing my large amount of anxiety related to hacking I’ve realized that I probably should get anxiety help as I’ve basically let this control my life for the past month. Every day I have been changing passwords, wondering if stuff is secure, for hours. I’m currently seeing a therapist related to anxiety since I need to get this all under control.

Looking for feedback. I want a good setup but I’m not doing anything overkill.
 

Shadowra

Level 36
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,561
I’ve realized I’m paranoid about security and have all this default deny stuff yet I’m still having issues, so I’m going to change up stuff.

Malware Testing:
I am NOT doing any malware testing or sample gathering. Horrible idea and I completely regret doing it in the past although I don’t think I’ve had severe consequences. Nothing has really happened besides my accounts being hacked, but no harm was done besides them logging in. I completely regret this and I thank all MalwareTips members who have attempted to guide me away.

As far as malware testing is concerned, there's nothing to stop you doing it on a virtual machine.
Set it up in Bridge with a good VPN, no shared folders, and it'll do the trick.

The rest of the configuration seems pretty good to me. In any case, you don't have to be paranoid about security...
 
A

Azazel

Suggestions:
1. Use 2fa for all accounts - Using an authenticator that you can use to back and extract security keys. if possible, pay for bitwarden premium and store totp keys there.
2. Buy two yubico nfc security keys, and use them for your email and password manager account.
3. Use an anti-executable like cyberlock or if you want free, whhlight or smart app control
4. if your primary email is gmail, use the advanced protection program.
5. Always use vpn for public wifi.
 
A

Azazel

If you use security best practices and use strong security solutions, you will almost never get hacked.
If you get hacked it will most likely be your own fault (open email attachments, visiting risky software and use cracks).
Unless you are so important that will be targeted by state sponsor targets with zero day exploits.
Study security best practices, use strong anti malware software and default deny security solutions and study repeatedly about social engineering attacks (phishing).
Also minimize your personal info as much as possible you share online (social media) and list all the websites in password manager no matter how insignificant they are.
But last but not least take precautions about swim swapping, with your phone carrier to require id and be present at the store to make significant changes to your account.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
If you use security best practices and use strong security solutions, you will almost never get hacked.
If you get hacked it will most likely be your own fault (open email attachments, visiting risky software and use cracks).
Unless you are so important that will be targeted by state sponsor targets with zero day exploits.
Study security best practices, use strong anti malware software and default deny security solutions and study repeatedly about social engineering attacks (phishing).
Also minimize your personal info as much as possible you share online (social media) and list all the websites in password manager no matter how insignificant they are.
But last but not least take precautions about swim swapping, with your phone carrier to require id and be present at the store to make significant changes to your account.
I am a 15 year old. Any sort of phone stuff is not under my name, meaning that they can’t go to a store and impersonate me as it’s not under my stuff. As an adult I’ll do more research on this though.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
As far as malware testing is concerned, there's nothing to stop you doing it on a virtual machine.
Set it up in Bridge with a good VPN, no shared folders, and it'll do the trick.

The rest of the configuration seems pretty good to me. In any case, you don't have to be paranoid about security...
I don’t want to risk it. I’ve already been worried about devices on my network since a malware I ran connected to the VM network but I’m pretty sure it was isolated as it didn’t show all the devices on my network. Nothing has happened since then and I figured if my network had intrusions we’d have tons of financial issues, accounts being stolen, etc, not practically nothing happening.
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
I think you should just also consider what behavior you have that's the most risk security wise.

Surfing a lot of very shady websites? Maybe add sandboxie (not sure if compatible with Kaspersky) to the mix or at least run the surfing as an standard user account (SUA). Using file sharing programs for games or programs? Prey :D
Only using unmodded steam, gog, battlenet games? Should be pretty save
I would consider using a standard user account if you haven't already (and I missed it). You could also try consider using another DNS server e.g. ZERO — Hardened security for highly sensitive environments.
Or make an free nextdns.io account where you can mix and match your needs. E.g for my daily surfing I have all newly registered domains there blocked (most legit stuff/company isn't under 30 days old :D)

Tldr: Most stuff doesn't hack you it is user error. We decide to install this new cracked game or chose a bad site to download a movie.avi.exe and try to run it sleep deprived.
So SUA and another DNS would be my suggestion.
 
F

ForgottenSeer 109138

As far as malware testing is concerned, there's nothing to stop you doing it on a virtual machine.
Set it up in Bridge with a good VPN, no shared folders, and it'll do the trick.
No virtual machine is bullet proof. They all have bugs and issues. Would you want to be responsible for encouraging someone to take a risk that ended badly.

You could teach this young gentleman how to segment his network "with his dad's permission of course" then show him how to circumvent as many possibilities of breach as possible, and how to shut down connection during testing to contain it, but seriously, what's the point.

Many malware are "sandbox" aware, and won't run. A good majority of them require Internet connection in order to transmit or drop payloads. On the other hand being responsible for turning a malware loose on a network or worse yet a server is no joke either.

The tighter you restrict the testing environment for safety the less effective it is. It bares responsibility also of not effecting/infecting others.

Creating a real isolated lab is more then just deploying virtual machine with vulnerabilities.

To the young gentleman: I would stop messing around altogether in your family's network, it sounds like your dad works hard to spoil you, show some appreciation by not bogging his internet down with all this crud and definitely stop taking advice from those that are trying to encourage you to be risky. Learn some better habits as well, there are users here "cough,cough" trying to reinforce those good habits that keep users from having trouble in the first place.

P.s. I told you once before, if you want to learn about malware and it's behaviors "reading" about them is more effective then playing with dangerous live samples.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
No virtual machine is bullet proof. They all have bugs and issues. Would you want to be responsible for encouraging someone to take a risk that ended badly.

You could teach this young gentleman how to segment his network "with his dad's permission of course" then show him how to circumvent as many possibilities of breach as possible, and how to shut down connection during testing to contain it, but seriously, what's the point.

Many malware are "sandbox" aware, and won't run. A good majority of them require Internet connection in order to transmit or drop payloads. On the other hand being responsible for turning a malware loose on a network or worse yet a server is no joke either.

The tighter you restrict the testing environment for safety the less effective it is. It bares responsibility also of not effecting/infecting others.

Creating a real isolated lab is more then just deploying virtual machine with vulnerabilities.

To the young gentleman: I would stop messing around altogether in your family's network, it sounds like your dad works hard to spoil you, show some appreciation by not bogging his internet down with all this crud and definitely stop taking advice from those that are trying to encourage you to be risky. Learn some better habits as well, there are users here "cough,cough" trying to reinforce those good habits that keep users from having trouble in the first place.

P.s. I told you once before, if you want to learn about malware and it's behaviors "reading" about them is more effective then playing with dangerous live samples.
Completely agree. Not touched malware (intentionally) for 2 months. Never going to do it again.
 
  • Like
Reactions: harlan4096
A

Azazel

If you want more robust account security.
1. Use Gmail as your primary email (They have strong email and phishing filter)
2. Enroll to their advanced security program
3. Create a Microsoft account with your new email
4. Use and Buy Bitwarden Premium
5. EVERY account you create move it to Bitwarden Database and create 2fa TOTP for all your accounts in Bitwarden (Not an external Authenticator App) and passkeys
6. Buy two Yubico Security USB keys with NFC functionalities and use them strictly for your primary email and bitwarden
7. Harden Kaspersky Application Control
8. Optional: your computer should meet the secure core requirements
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top