What is your security setup these days?

Upgraded my Desktop to Windows 10 Anniversary. Simular setup as Asus Transformer, only hardening is performed through Group Policy editor and MemProtect beta is replaced with EMET protecting Windows 2007 Office with extra ASR protection

De-installed MemProtect before update, because of signing requirements of Windows 10. I hope MemProtect driver will come out of beta soon, because MemProtect provides provides simular (probably better) memory/exploit protection than HPMA (MemProtect passes HPMA testtool exploits). Best thing of MemProtect is that it is free and uses Windows internal Mechanism (advantage: no compatibility problems as with HMPA and uses very little CPU).

After update I added AddblockPlus extension to Edge. Edge does not leak WebRTC, but has nothing against canvas fingerprinting at the moment. When MemProtect comes out of Beta I will probably switch over to Edge (adding MemProtect to the RunTimeBroker).

 

Windows Defender
SmartScreen
Windows Firewall This is a x86 win.10 with edge as primary browser.
UAC (max)
VoodooShield and Adguard

 

EG Solo (v. 1.2.4) is beta and freeware

 

Where can I dl this?

 

Do you want the installator?...try this link

Code:

http://www.filedropper.com/edgeguard-setup124

 

@Djigi, in post #38032 @ichito did say he was running Vista.

 

EGS don't want to talk with me unlike PFW whitch due to settings talk to me a lot and often...I don't like so silent partner, it's just borring. He gave up easily persuade...sorry guy

 

I am probably using the very last list that was updated some years ago, thought it wouldn't hurt having it.

dja2k

 

I also put W10AU on my wife's laptop. She noticed the change and asked if it was possible to get the same Windows as she uses for work. So I put Windows 7 Ultimate back on her laptop again. After all an OS is only an engine, to run applications which provide functionality

Returned to 'safe admin' setup (UAC deny elevation of unsigned, combined with Basic User SRP), with added third party:

- MBAE Premium (added Albelli Photo Book's apc.exe as media player shield to protect this user space executable)
- Secure Folders (set a read only on %UserProfile%\Local\Albelli Fotoboeken allowing APC.exe and MBAE.exe write access)

I know of Secure Folders weakness for attacks from network, but I have this PC set as partitioned in my router (seperated in network). Albelli always checks for updates, so only a SRP allow on path is set and forget. In combination with Secure Folders the Albelli user space folder has some basic write protection.

 

Windows 10/64bit

Windows 10 Firewall Control 7.5.100.200
AppGuard 4.4.6.1
KeyScrambler Premium 3.10
Shadow Defender 1.4.0.168
AdGuard 6.0.226.1108
Raxio Instant Recovery 2.2.0 Build 314

 

Hmm you're security setup is 'okayish' but can't beat mine..

Win10
Avast free (only file-shield installed)
MBAE free

 

Sandboxie and some other stuff.

 

@Windows_Security your information is great, I now have only allowed a few TLD's to be able to run 1p-scripts and inline-scripts without my specific interaction in ublock origin thanks to your tips.

I really would like to try memprotect but cannot find info on how to use it anywhere, then I see you even mentioned deinstalling it, so was an app you used to manage it? Only info I found is it was designed to enforce DRM, but I assume this DRM mechanism just so happens to work excellent as an exploit blocker.

 

@chrcol

Have a look at this thread I don;t know whether they are signed correctly for Win10AU, best to ask WildByDesign (who has posted how to install)

 

installed WSA + Voodooshield on my low-end Win7 machine.

 

Just to follow up on this, the Beta drivers do not have proper SHA256 signed by Microsoft Windows EV certs as of yet. The beta drivers just have the traditional SHA1 signing certs which would be sufficient for any other Windows OS, with the exception of Windows 10 Anniversary Update. Florian has provided me with a proper signed Bouncer release for AU testing and working great so far with Secure Boot still on. I'm not yet sure if he plans to sign the Beta releases with EV certs or not and also not sure if Microsoft allows beta kernel-mode drivers to pass through EV certification. Those are some things that I will still have to follow up with him on.

On a side note, it will be interesting to see if and when Microsoft decides to push these new driver signing requirements on to Windows 7 and Windows 8.x users, particularly with the cumulative updates they have just recently announced for those platforms.

 

Because of this old post of W_S (as Kees1958 )
https://www.wilderssecurity.com/threads/pc-tools-firewall.208872/#post-1244131
because of his many post and useful info about ThreatFire...and due to my sentiment to this app...so my current current setup on Vista
PC Tools FW, ThreatFire with built-in and my own rules (advanced settings)...and additionaly Crystal Security and Shadow Defender

 

PCTools firewall was my fav firewall ever!

 

Security setup:

Computer Software:
G-data total security*.
SecureAplus.
HitmanPro.Alert.
Malwarebytes anti-malware premium.
Malwarebytea rootkit.
SpyShelter free Anti-keylogger.
Sandboxie.
Shawdow Defender.
Virustotal uploader (right click menu).


Browser and internet:
Comodo Icedragon.
Ublock Origin with Disconnect list and malware list.
VPN.
Vtzilla.
Open DNS.
Browser spoofer.
Https Everywhere.
Privacy badger.
Self Destructing cookies.
Geolocator spoof.
Location guard.
Noscript.
Privacy settings.
Toggle referer.


Backup and wipe:
Macrium Reflect.
Darik's boor and nuke.

Other:
Privazer.
Secunia PSI.
Revo uninstaller

*Installed as has avast engine, Virustotal does not have the engine.

All I can remember installing.

Please feel free to recommend changes, or other to install software.

 

The same it's been for years. A well hardened XP SP3 with the POSready/WEPOS registry tweak to add support through at least 2021. Comodo FW in Custom Policy Mode, Very High Alerts, and all Advanced options checked. D+ in Paranoid mode, treat new files as Untrusted. Cloud options disabled, Sandbox disabled, vendor.n file deleted, Protect All Files tweak, Trusted Publisher certs deleted. Sandboxie for all internet facing apps. VT Hash Check & MBAM Free to scan new files (which go into a sandboxed, dedicated partition). Hitman Pro and MBAM Free for full scans which I really never do anyway.

The newest/only addition I've made to this setup over the past several years has been MBAE. It has closed sandboxed sessions a few times detecting Heap Spraying attempts... from EBay all but one of the times.

 

How secure is 5.10 compared to the latest CIS?

 

Asus ...Windows 10

G Data Internet Security
Hitman Pro.Alert
Malwarebytes... active
love the simplicity of this set-up.

 

Way too mutch stuff . Gdata and Malwarebyte is all you need

 

He's readying for war. I think his setup is fine, as it protects different hings, save for second opinion scanners.