Advanced Plus Security Yanick's Security Configuration 2021

Last updated
Jun 16, 2021
How it's used?
For home and private use
Operating system
Windows 10
Other operating system
Few VM's i use are ubuntu and CentOs, but need more practice on that front.
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Hardware firewall OpnSense & PfSense (not in same house) added adblocking which is why i'm not using adblocker browser addon.
Symantec Endpoint Protection Firewall & IPS max settings (many thanks for Vitali Ortzi for SPEM)
Emsisoft Anti-Malware
SpyShelter Premium for HIPS functionality, disabled keylogger shield and didn't install the driver
Added Applocker
TinyWatcher monitors all changes registry, processes, file deletion creation, startup in windows and automatically shows what has been changed or added since last log in.
Firewall security
About custom security
-TPM active
-Added Windows Hello authentication
-Symantec Endpoint Protection Firewall & IPS max settings
-Applocker,
-Full BitLocker encrypted system partition.
-BIOS: passworded,
-AMD HW Virtualization enabled
-Hyper-V enabled

I use hardware firewall's OpnSense and PfSense, not at same time. In 2 different places.
Periodic malware scanners
Malwarebytes Anti-malware, HitmanPro, RogueKiller, Adlice Diag.
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge, Firefox all have Emsisoft Browser Security. No other addons/extensions.
Browsers and additional applications run restricted in SpyShelter's restricted apps list.
Secure DNS
I use my own DNS service from my firewall OpnSense & Pfsense.
Desktop VPN
If i need access to firewall i use Ipsec Ikev2 or OpenVpn.
From external providers i use ProtonVPN.
Password manager
KeePass.
Maintenance tools
Internal windows 10 maintenance runs automatically about 4 times a week. I think it has been sufficient.
File and Photo backup
Using Nextcloud client to send all personal files to Local & second Truenas.
System recovery
Easeus Todo Backup Free, full backup once a week and daily incremental images to Local Truenas and backups to my relatives house where my second Truenas is.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Requesting and accepting remote access
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Notable changes
16/06/2021 - Added Windows Hello authentication
17/06/2021 - Added TPM
17/06/2021 - Added ReHIPS
17/06/2021 - Removed Chrome
17/06/2021 - Removed HitmanPro.Alert Free
17/06/2021 - Forgot to add hardware firewall's adblocker to list which is why i don't use ublock origin for example.
18/06/2021 - Removed ReHIPS and Added SpyShelter Premium
21/06/2021 - AMD HW Virtualization was active but badly written in the list
29/06/2021 - Removed Hard_Configurator and added Applocker

My security insanity knows no bounds 😅
What I'm looking for?

Looking for maximum feedback.

Notes by Staff Team
  1. This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of the installed antivirus products.

Yanick

Level 1
Thread author
Jun 14, 2021
24
Hey all,

I am looking forward for hearing any negatives and positives in my setup, think it's important to have more varied perspective than just my own. Feel free to melt me =D

Been thinking if it would be worth to add something that restricts programs like SpyShelter has restricted apps, something similar. What do you guys thing?
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Symantec Endpoint Protection Firewall & IPS max settings
Emsisoft Anti-Malware
HitmanPro.Alert Free (Safe Browsing, Exploit Mitigations, webcam & keylogger protection, USB-vaccination).
SRP provided by AndyFul's Hard_Configurator
TinyWatcher monitors all changes registry, processes, file deletion creation, startup in windows and automatically shows what has been changed or added since last log in.
Very complete config, but in real-time I would say it's overkill... so many products running 🤔 probably some of them are not needed...

Thanks for sharing :)
 

Yanick

Level 1
Thread author
Jun 14, 2021
24
Very complete config, but in real-time I would say it's overkill... so many products running 🤔 probably some of them are not needed...

Thanks for sharing :)
Hehe, i believe you =D
Since 2011 i've been bitten by wildersecurity forum overkill bug =D

Sure, i think it's good way for everyone to show all of us how we configure our pc's and learn something new everytime =)
 

Yanick

Level 1
Thread author
Jun 14, 2021
24

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top