What is your security setup these days?

There is no trial mode. What version are you running?

Mine is V 3.1.1.0 BUILD-1 24062015. That's the right one.

Setup? Alert mode is default. If you're sure you'll never install new software or update it, you can set it on Lockdown.

 

That is not what I have. Hmm.

 

The version which is available from the website is not free.
The beta (2015) is donationware.

 

Firewall & Anti-Virus:
Router NAT/SPI (Password Protected)
Emsisoft Internet Security 2017.5.1.7567 (with hpHosts file)

Blocking/Hardening:
AppGuard 4.4.6.1
HitmanPro.Alert 3.7.0 Build 710 Beta
Norton ConnectSafe DNS (Malware, Phishing)

 

The best complementary combo to me.

 

CIS ( Cruelsisters settings ) - Mbae Pro

 

Win 10 Home/Pro 64...Creators

Windows Defender

Windows Firewall Control 4

Smart screen

UAC (Highest Settings)

Simple Software Restriction Policy

VoodooShield Pro...Always ON

On demand ...Zemana AntiMalware Premium

Google Chrome ... Ublock Origin+Extra, Vanilla Cookie Manager, privacy badger and save to Pocket extensions . Camera,Microphone,Plugins etc. Blocked by default

Microsoft Edge .... Adguard and Reddit Enhancement Suite extension.


Others:

Autoruns
Everything
ProcessExplorer
TCPView
KeePass
Ccleaner and Wise disk Cleaner Portable


And... Windows Backup

 

Would love to see your tweaks rather than "etc."

 

@chrcol too many and lazy to list them

Basically those are reg tweaks , only way when using Win10 home , you can find them in various forums like here, MT or Win 10 Forum .
I listed the most important already, others are not much needed by the "average geeks"

 

Not too much has changed here:
- KIS 2017 (maximum protection settings, including Trusted Application Mode)
- HitmanPro, adwcleaner and VT-Uploader as "second-opinion" scanners
- Firefox with QuickJava and ublock Origin
- Iperius Backup for daily backups
- additional security-related apps: Process Explorer and AutoRuns
- UAC maximum and Smart Screen enabled

Is there anything else I should use?

 

VoodooShield?

 

Of course not. Your setup is very secure IMO.

 

No. That's enough.

 

The first rule of my security setup is not to post online what my security setup is.

 

@ExtremeGamerBR and @shadek Thank you very much for your feedback, which is very much appreciated.

@Tinstaafl I think Kaspersky's Trusted Application Mode (TAM) is very similar to VoodooShield, so I don't really feel the need to use it. Anyway, thank you very much for your suggestion.

 

Security through obscurity?

My current real-time setup: Windows 7 (SUA, UAC, SRP, WFW) and Macrium Reflect.

 

It's just that any information an adversary has on what he is up against is advantagous to him. So why give him any.

 

Yes I understand - Less is more principle.
Personally I hope that there is no adversary that would be interested in my system or my data.

 

They probably do but as long as you dont do or say anything to really tick them off you wont notice anything. If you speak out against their control of our mainstream media our governments and their involvment in global terrorism as I do you will start to notice and realize the need to protect access to media that they could plant something incriminating on. They are utterly ruthless I know I put myself at risk but I will not back down to bully tactics.

 

Create Standard user account
UAC set to Max
Set Windows Firewall active profile to Public
Uncheckmark all networking protocols except for IPv4
No netbios over tcpip
Disable tcpipv6 and v6 tunneling in registry
Disable IGMP
Disable UPNP
Disable SMBv1 in Control Panel > Program and Features
Windows Firewall set to Outbound = block
Make Windows Firewall rules to allow outbound for applications that I use
Install Simple Software Restriction Policy (SSRP), and add user writable folders to configuration ini > Disabled locations section
Disable uneeded Windows Services
Remove DCOM talking protocol on the network - dcomcfg
Deny Access to this computer from the network
Kaspersky Small Office end point protection
VoodooShield
Unpin unused apps from the start menu
Turn off AutoPlay in settings > apps
Disable all apps in Settings > Privacy
Disable One Drive startup in Task Manager > Startup tab
Enable DEP (data execution protection)
Disable dump file creation
Disable Remote Assistance
Setup more system restore points memory usage
Setup View Options in Explorer to show menu, unhide file extensions, unhide system files
Setup Least Privilege by removing User Group rights to Windows command line tools
SetUp Role Based Access Control (RBAC). So that there are 3 user accounts, 1) Normal use acc 2) Install+network admin 3) full admin, where ACL's restrict the first two from doing much of anything harmful
Setup full admin account to automatically disconnect from network, aids in combating attacks where the attacker has remote access to your machine
Remove System and Adminstrators Group from accessing all Documents folders, so that only the user acc that holds the documents folder has access
Block low integrity apps from accessing private folders
Install Sandboxie and configure Restrictions settings: start/run + internet access
Setup BIOS password
Setup Syskey to enable use of USB stick for 2nd factor authentication when booting PC
Setup Event Viewer custome views to see things like SRP violations, application hangs, failed logons
Setup baselines recording autostart locations and what is currrently there. Useful for investigating attacks
Setup IPFire router with Guardian Intrusion Protection
Configure Adobe Reader to not run javascript, and not acces the internet
Configure Java to not use with browser (if you use Oracle Java)
Create a system restore point
Create a backup disk image

For details, consult http://hardenwindows10forsecurity.com (long read )

If you think something is missing, please reply

 

Windows 10 standard user account
Uac on max
Windows defender with pua tweak and max cloud. Blocking
Firefox 64 with Adblock plus, privacy badger, https everywhere, no java, no flash
Zemana antilogger
Malwarebytes 3
Sandboxie
Macrium reflect backups
Windows firewall
O&o shutup 10 recommended settings

Should I add an anti executable or is this enough? Too much?
Have been considering FIDES pumpernickel.

 

Hi pling_man,

If you are configuring Sandboxie with Settings > Restrictions > Start Run Access, then it is almost an Anti-Executable. Abiet it is only active when using your browser. AE is always good to have, as it is not signature dependent, and stops attacks when exploits attack any program.

 

Not so, lunarlander . What you doing with your browser can be done in any sandbox for any program you run in your PC. You can set your PDF Reader, video player, Office programs, any program, etc, in a Start/Run restricted sandbox. Look at the example below (my Foxit sandbox). When I click on a PDF, it runs sandboxed automatically in my Foxit sandbox. What you see listed, is all that can run when a PDF found in the hard drive is executed.



Bo

 

Hi bo elam
Thanks for pointing that out. I have never created a sandbox in Sandboxie for programs other than my browsers.

 

Using one sandbox, is really the first step with Sandboxie. Separating/isolating your browsers in their own sandbox (I think this is what you doing now, Right?) is perfect as a second step.

To get more, you sandbox most or all (what I do) programs you run in a daily basis. And to get even more, you sandbox your USB drives and Downloads folder.

I think you like Sandboxie, I ll help you like it more . But tell me what I am asking you in the first paragraph and also tell me if you are using the free or paid version.

Bo