"Simple Windows Hardening (SWH) is a portable application that works on Windows 10 (Home and Pro editions). It is a simple configurator (front end) of advanced security that is already present in Windows 10, but which is not activated by default. This security is based on Software Restriction Policies (SRP) and some useful Windows Policies. It is not intended to work as a standalone security solution, but to support antivirus by reducing the attack surface in the home environment. After the initial configuration made via SWH, it can be closed and all protection comes from the Windows built-in features. (...) SWH application is a simplified version of Hard_Configurator. Generally, it will apply the Hard_Configurator Windows_10_Basic_Recommended_Settings (without Forced SmartScreen). These settings can be modified (in a limited way) in SWH, because sometimes on some computers they should be allowed for usability." Full info here https://github.com/AndyFul/Hard_Configurator/tree/master/Simple Windows Hardening MT thread https://malwaretips.com/threads/simple-windows-hardening.102265/#post-892670
According to Andy Ful the author of Simple Windows hardening: https://malwaretips.com/threads/simple-windows-hardening.102265/page-5#post-899818 So, SWH offers stronger protection out of the box plus logging and whitelisting. Would be interesting to compare that against SysHardner + OSArmor, but that combination is no longer free.
Thanks @Gandalf_The_Grey , I read that whole thread and have a better idea now. Trying it and Firewall Hardening out, after imaging with Macrium Reflect of course.
Slightly OT, but it's a little odd that Firewall Hardening's rules show in Windows Firewall, but not when I open WFC, which is set not to start with Windows.
I'm no expert on firewalls, but wouldn't it be better if you already use WFC to look at the rules of Firewall Hardening and use them in WFC? Now you're using 2 programs to configure Windows own firewall.
Yes and no. I only installed WFC to block CCleaner and its Emergency Updater, while everything else is allowed (except the block rules created by SysHardener and for now, Firewall Hardening). That's why I don't have WFC set to start with Windows. I could have created block rules for CCleaner without WFC but WFC makes it much easier through its GUI.
Yes, I'd bought Windows 10 Pro in the past for the enhanced security. I'd say Andy Ful and his software saved me about 150 US bucks in that context. I'm serious! Re: Andy Ful and Wilders: I've read some of his posts mentioning Wilders so he clearly knows of its existence. Maybe there is a personal reason he's resisted this forum to date? I dunno, just speculating.
He seems pretty much at home there, and very active. Probably just easiest to focus on the one forum - just speculating also!
make sure to whitelist the pogram in spy shelter, otherwise it might not configure properly at first run, just before windows restarts there is a pop up from spy shelter, no time to allow/deny spy shelter ends up blocking something during SRP config, not sure what I think there might be slight incompatibility on first run, so spy shelter must have light HC program added to whitelist first. Does anybody know if the firewall rules are also updated in SWH ?
SWH ver. 1.0.1.1 (beta 3) - Jan 30, 2022 https://malwaretips.com/threads/simple-windows-hardening.102265/post-973715 As far as I know, this is the latest beta.
Is there a way to clear the blocked logs in Simple Windows Hardening or does that require a manual user function?
Good for Windows 10. On Windows 11 22h2, its been superseded by SAC and its not compatible with the new Windows security architecture.
Andy Ful has brought in support for Windows 11 in the new release of Simple Windows Hardening that just came out: Simple Windows Hardening 2.1.1.1. It can be downloaded here: https://github.com/AndyFul/Hard_Configurator/raw/master/Simple Windows Hardening/SimpleWindowsHardening_2111_beta1.zip Windows 11 ver. 22H2 (fresh installation) turns off by default Software Restriction Policies. So, SimpleWindowsHardening ver. 2.0.0.1 (and prior) cannot use the SWH options related to SRP. This issue is corrected in the new version. The new version can also work with enabled Smart App Control.
Since he labels it as beta it never hurts to have a backup in case you are unlucky and encounter a problem. Thanks for the update NormanF
SWH ver. 2.1.1.1 beta 4. https://github.com/AndyFul/Hard_Configurator/raw/master/Simple%20Windows%20Hardening/SimpleWindowsHardening_2111_beta4.zip https://malwaretips.com/threads/simple-windows-hardening.102265/page-32#post-1043984