What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    no, it's not the security software that's the problem. you don't even need one, all you need is a BRAIN. but when the employees lack that, what do u expect? phishing attacks in 2022 lmfao how stupid do u have to be
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I have to disagree, it's indeed true that sometimes it looks kinda dumb how people are getting tricked, but security software is supposed to protect you against this stupidity, but it often can't. So no wonder so many companies are getting hacked. And your brain isn't always enough, think of supply chain attacks where legitimate apps are being trojanized.
     
  3. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Hey y'all, just wanted to drop by and say Howdy! Will be back to update my security list, though not much has changed, haven't had a single virus pass through. Laterz
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I absolutely MUST and have to agree with @Rasheed. Brain IS NEVER ENOUGH- These communication/internet machines what we call computer PCs are inherently coded by strangers none of us know much if anything about their credentials or expertise let alone all the circuitry and electronics which drive them to perform and computate accurately what a user expects. It's not a magic machine-it's a man made system and as such never immune from disruptions or errors.

    This is where complimentary additions come into the picture in order to shore up potential shortcomings and proactively set prerequisites to prevent or at least raise some alarm when they go awry.
     
  5. sevenstar

    sevenstar Registered Member

    Joined:
    Oct 19, 2010
    Posts:
    54
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    W.10 Home x64 22H2
    Local Account - Standard user - Limited permissions
    UAC maximum - Always notify
    Quad9 DNS
    Onedrive,Cortana,Advertising ID,Web Search - disabled
    Usage of location data for Cortana disabled
    Telemetry OFF
    Removed some Windows optional features.

    Microsoft Defender Firewall hardened with H_C.
    Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

    • Ransomware protection - disabled
    • No run in a sandbox
    • Core Isolation: Memory integrity - disabled
    • Some softwares hardened with maximum AE protection
    • All Windows Exploit Protection options - enabled
    MS Edge --no-pings --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"
    • Enabled Security Mitigations - Strict
    • Detection Protection - Strict
    • Always HTTPS
    • Next DNS DOH - (oisd + Easy Privacy)
    • Share browsing data with other Windows features - disabled
    • 4 Insecure Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
    • TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
    • IL AppContainer - enabled
    • Audio Service -sandboxed
    • Network Service - sandboxed
    • Clipboard permissions - blocked

    Edge://flags:

    Enabled:

    • Block scripts loaded via document.write
    • Enables the BrowsingDataLifetimeManager service to run
    • Experimental QUIC protocol
    • Use DNS https alpn
    • Support for HTTPS records in DNS - DNS-over-HTTPS only
    • Enable Back/Forward Cache
    • Project Robin experiment
    • Automatic HTTPS
    • Strict-Origin-Isolation
    • Show block option in autoplay settings
    • Experimental Tracking Prevention Features
    • Block insecure private network requests
    • Enable Digital Signature for PDF
    • Partitioned cookies
    • Microsoft Edge tracking prevention
    Disabled:
    • Show feature and workflow recommendations
    • Allow tab-to-search using Microsoft Search with Bing
    • Allow Microsoft Search with Bing for any default search engine
    • Allow preloading of pages by other applications
    • Enable First-Party Sets
    • Consider SameParty cookies to be first-party
    Extensions:
    • UBO - Hard Mode
    • JShelter
    • Don't add custom search engines
    • AdGuard MV3 (Off/On)
    When and if the AdGuard team will fix this problem:

    https://github.com/AdguardTeam/AdGuardMV3/issues/22

    and UBO will no longer be available, I will switch to AdGuard MV3.
    UBO Lite cannot provide a minimum of privacy that I desire.



    Mozilla Firefox - Arkenfox.user.js

    • Tracking protection: Strict (enables Total Cookie Protection)
    • HTTPS-only-mode enabled
    • Clearing browsing data on exit
    • AutoPlay for audio and video disabled
    • DDG Search Engine
    • Hardware acceleration enabled
    • Next DNS DOH (oisd + Easy Privacy)
    Extensions:
    • UBO - Hard Mode
     
    Last edited: Oct 30, 2022
  7. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    Every connection over QUIC is encrypted, and authenticated, and integrity-protected by TLS. QUIC takes care of packet retransmittions etc. No need to worry about lack of TCP mechanisms, since TLS has better ways to ensure integrity.No even remotely comparable to TCP, especially on client side of client-server connection.

    @Sampei Nihira Solid setup.
     
  8. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
  9. henryg

    henryg Registered Member

    Joined:
    Dec 13, 2005
    Posts:
    342
    Location:
    Boston

    Any particular reason? Is this due to compatibility issues or something else?
     
  10. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy

    Correct.;)
     
  11. henryg

    henryg Registered Member

    Joined:
    Dec 13, 2005
    Posts:
    342
    Location:
    Boston
  12. acid king

    acid king Registered Member

    Joined:
    Jan 19, 2019
    Posts:
    101
    Location:
    europe
    Win11 21H2 (+Core Isolation Off)
    BitLocker On
    DefenderUI (Recommended Profile)
    VoodooShield CyberLock
    NextDNS for Windows (+NextDNS list +1Hosts Lite +AI-Driven Threat Detection Off +Google Safe Browsing Off)
    Glasswire Elite
    Macrium Reflect 8
    Process Lasso 11
    Kerish Doctor (+Apps Live Optimization Off +PC Protection Off)
    KeePass 2.52
    + 2nd opinion scanner Malwarebytes/NPE
    + Tweaking/Hardening Windows (Optimizer 14.3/Privacy.Sexy/wpd.app/WindowsSpyBlocker/RazerCortex)
    + Firefox (DarkReader, uBlockOrigin, i still dont care about cookies)

    some interesting links
    https://github.com/yokoffing/NextDNS-Config
    https://github.com/yokoffing/filterlists#security
    https://avoidthehack.com/firefox-privacy-config
     
    Last edited: Nov 2, 2022
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Windows 10
    ~~~~~~~~
    Sphinx Firewall
    AppGuard Solo
    Faronics AE
    DeepFreeze

    Android 12
    ~~~~~~~
    G Data
     
    Last edited: Nov 3, 2022
  14. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,961
    ESET Endpoint Security with pretty tight settings across all devices and OSs except Apple.
     
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    W.10 Home x64 22H2
    Local Account - Standard user - Limited permissions
    UAC maximum - Always notify
    Quad9 DNS
    Onedrive,Cortana,Advertising ID,Web Search - disabled
    Usage of location data for Cortana disabled
    Telemetry OFF
    Removed some Windows optional features.

    Microsoft Defender Firewall hardened with H_C.
    Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

    • Ransomware protection - disabled
    • No run in a sandbox
    • Core Isolation: Memory integrity - disabled
    • Some softwares hardened with maximum AE protection
    • All Windows Exploit Protection options - enabled
    MS Edge --no-pings --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"
    • Enabled Security Mitigations - Strict
    • Detection Protection - Strict
    • Always HTTPS
    • Next DNS DOH - (oisd + Easy Privacy)
    • Share browsing data with other Windows features - disabled
    • 4 Insecure Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
    • TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
    • IL AppContainer - enabled
    • Audio Service -sandboxed
    • Network Service - sandboxed
    • Clipboard permissions - blocked

    Edge://flags:

    Enabled:

    • Block scripts loaded via document.write
    • Enables the BrowsingDataLifetimeManager service to run
    • Experimental QUIC protocol
    • Use DNS https alpn
    • Support for HTTPS records in DNS - DNS-over-HTTPS only
    • Enable Back/Forward Cache
    • Project Robin experiment
    • Automatic HTTPS
    • Strict-Origin-Isolation
    • Show block option in autoplay settings
    • Experimental Tracking Prevention Features
    • Block insecure private network requests
    • Enable Digital Signature for PDF
    • Partitioned cookies
    • Microsoft Edge tracking prevention
    Disabled:
    • Show feature and workflow recommendations
    • Allow tab-to-search using Microsoft Search with Bing
    • Allow Microsoft Search with Bing for any default search engine
    • Allow preloading of pages by other applications
    • Enable First-Party Sets
    • Consider SameParty cookies to be first-party
    Extensions:
    • UBO - Hard Mode
    • JShelter
    • Don't add custom search engines
    • AdGuard MV3 + uBlock Origin Lite - only AdGuard URL Tracking Protection List - enabled (on/off)


    Mozilla Firefox - Arkenfox.user.js

    • Tracking protection: Strict (enables Total Cookie Protection)
    • HTTPS-only-mode enabled
    • Clearing browsing data on exit
    • AutoPlay for audio and video disabled
    • DDG Search Engine
    • Hardware acceleration enabled
    • Next DNS DOH (oisd + Easy Privacy)
    Extensions:
    • UBO - Hard Mode
     
  16. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Question - Would you bother reinstalling Windows 11 just to enable Smart App Control (for those of you who rely only on Windows Defender)?
     
  17. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    Absolutely not worth it. It's basically an Alpha feature rollout that is full of issues, and won't remain enabled for most users due to the tight restriction level of its deny-by-default policies.
     
  18. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    No, it is supposed to block malware and PUP, AVs already do that and on top of it, to block unsigned/untrusted apps, something I already do with ValidateAdminCodeSignatures/VirusTotal.
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    W.10 Home x64 22H2
    Local Account - Standard user - Limited permissions
    UAC maximum - Always notify
    Quad9 DNS
    Onedrive,Cortana,Advertising ID,Web Search - disabled
    Usage of location data for Cortana disabled
    Telemetry OFF
    Removed some Windows optional features.

    Microsoft Defender Firewall hardened with H_C.
    Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

    • Ransomware protection - disabled
    • No run in a sandbox
    • Core Isolation: Memory integrity - disabled
    • Some softwares hardened with maximum AE protection
    • All Windows Exploit Protection options - enabled
    MS Edge --no-pings --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"
    • Enabled Security Mitigations - Strict
    • Detection Protection - Strict
    • Always HTTPS
    • Next DNS DOH - (oisd + Easy Privacy)
    • Share browsing data with other Windows features - disabled
    • 4 Insecure Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
    • TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
    • IL AppContainer - enabled
    • Audio Service -sandboxed
    • Network Service - sandboxed
    • Clipboard permissions - blocked

    Edge://flags:

    Enabled:

    • Block scripts loaded via document.write
    • Enables the BrowsingDataLifetimeManager service to run
    • Experimental QUIC protocol
    • Use DNS https alpn
    • Support for HTTPS records in DNS - DNS-over-HTTPS only
    • Enable Back/Forward Cache
    • Project Robin experiment
    • Automatic HTTPS
    • Strict-Origin-Isolation
    • Show block option in autoplay settings
    • Experimental Tracking Prevention Features
    • Block insecure private network requests
    • Enable Digital Signature for PDF
    • Partitioned cookies
    • Microsoft Edge tracking prevention
    Disabled:
    • Show feature and workflow recommendations
    • Allow tab-to-search using Microsoft Search with Bing
    • Allow Microsoft Search with Bing for any default search engine
    • Allow preloading of pages by other applications
    • Enable First-Party Sets
    • Consider SameParty cookies to be first-party
    Extensions:
    • UBO - Hard Mode
    • JShelter
    • Don't add custom search engines
    • AdGuard MV3 + uBlock Origin Lite - only AdGuard URL Tracking Protection List - enabled (on/off)


    Mozilla Firefox - Arkenfox.user.js

    • Tracking protection: Strict (enables Total Cookie Protection)
    • HTTPS-only-mode enabled
    • Clearing browsing data on exit
    • AutoPlay for audio and video disabled
    • DDG Search Engine
    • Hardware acceleration enabled
    • AdGuard DNS DOH (oisd)
    Extensions:
    • UBO - Hard Mode
    I am trying 2 different DOH DNS for the 2 installed browsers.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I often always draw very useful inspiration from your unique formidable configurations @Sampei Nihira

    Nice effort.:thumb:
     
  21. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    Just for fun, tested McAfee(Trellix) Enpoint Security but only mighty Adaptive Threat Protection component active. Its kind of a "sandbox". Tested it against 10 bazaar samples, it nailed or sandboxed them instantly. But it works for only for executables.
    And another funny test against bazaar samples was G Data only BB component active with Dan's VoodooShield(or cyberlock). That combo nailed them all too.
     
  22. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,428
    Windows 10 Pro 64-bit

    Windows inbuilt Firewall
    Windows Defender (disabled)
    VoodooShield Pro (customized)
    Aomei Backupper Pro
    uBlock Origin
     
  23. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    ;):)
     
  24. tuvalu_tt

    tuvalu_tt Registered Member

    Joined:
    Apr 28, 2013
    Posts:
    56
    Location:
    Finland
    Last year there was 6 Computers with Emsisoft Anti-Malware, and 4/6 also HitmanPro.Alert
    But because Emsisoft stopped definition updates to Win 8.1 last June, i had to test and then get another AV.
    I needed more time with that one Win 8.1 computer.

    ESET NOD32 has been on my Win 10 since January and since May on mom's computer.
    Now mother has new computer.
    But i think ESET is better, so soon all Win 10 computers gonna have NOD32 Antivirus.

    Time with HitmanPro.Alert ends soon and there has not been any Sales, so it's maybe over with that.
     
    Last edited: Dec 4, 2022
  25. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    Smart App Control is an anti executable like ERP. It makes third party AE's redundant.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.