SysHardener: Harden Windows Settings

Discussion in 'other anti-malware software' started by novirusthanks, Feb 26, 2018.

  1. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    It is not required to use both. But some users choose to do so, for an additional layer of protection.
     
  2. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    811
    Location:
    Baden Germany
    I don't see your point.
    For me OSAmor is the evolution of Syshardener.
    While Syshardener is static, and gives you no feedback, OSAmor is dynamic and way easier to handle.
     
  3. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    811
    Location:
    Baden Germany
    If you are running OSAmor, you may want to add Configure Defender Master.
    Other than Syshardener it shows what migations are active, and which not.
    Way more easier to troubleshoot, in case something is blocked, or not working.
    Especially when the issue occurs days, weeks, or even months later.
     
  4. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,774
    Location:
    Europe then Asia
    SH is just an interface to automatize some OS security tweaks that were usually done manually.

    OSA is a software that will block unwanted processes execution based on rules. Originally it was oriented to beginners because less technical than his "older brother" ERP.

    Both complement each other because some of SH tweaks can't be achieve with OSA.
     
    Last edited: May 4, 2019
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,791
    Location:
    Among the gum trees
    I've had no problem using SysHardener at default settings along with OSA.
     
  6. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    833
    Location:
    Land o fruits and nuts, and more crime.
    Make sure you do a external backup, if you make a mistake your system is toast.
    SysHardener is for people knowing what they are doing.
     
  7. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    I wouldn't go quite so far as to say "toast," but I heartily agree that mistakes in configuring SysHardener can be vexing and hard to undo.
     
  8. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,192
    Location:
    Pennsylvania.
    Can you use this with a SUA? Typing in the password all the time is annoying for my mostly used safe programs.
     
  9. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    Yes.

    Run it once on all the user accounts that you want to protect. It just tweaks your system, it does not provide active protection.
    After a major Windows update, run it again on all user accounts.
     
  10. Moogle Stiltzkin

    Moogle Stiltzkin Registered Member

    Joined:
    Oct 12, 2014
    Posts:
    17
    STRONGLY agreed.

    i tried sysharderner, followed other user guide for what settings to enable. then it broke my access to my NAS on the network. Also stuff like .bat and jar files were no longer associated (which i actually needed). It felt hard to undo that.

    In the end i had to use a system restore point and not use sysharderner.

    I'm sure that people who KNOW which setting to use would be fine with it. But for me it just restricted too much to the point of breaking usability.

    Osarmor at default had no such issues, so i'm just using that instead.
     
  11. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,346
    you see, i never quite understand those who say syshardener breaks this, toasts that. syshardener is nothing more than a list of windows settings gathered in a single ui for your convenience and it does what it says perfectly well. if you don't know what you're doing, you don't need a 3rd party interface like syshardener to brick/toast/break your os whatsoever, you'll get there in any case. so if you're a novice user, you better not mess with tools like syshardener; tools that are meant for advanced users.
     
  12. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,774
    Location:
    Europe then Asia
    Amen
     
  13. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    129
    Location:
    Brooklyn, NY
    I found it to be like a third party Group Policy (which I have installed on here) but with a friendlier and much more compact interface. Since I have gpedit.msc, I have discontinued SysHardener, though I still find it highly useful, even on latest OS. I'm a pretty novice user: read and understand what you're enabling and have an image, that's pretty much it having learned after some trial and error. Also use OSArmor currently. :thumb:
     
  14. Bertazzone

    Bertazzone Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    117
    Location:
    USSR
    See Posts #188 & #195 above. :thumb:
     
  15. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    156
    Location:
    Poland
    it is
    its first thing you do: 1. prepare custom OS iso (debloated) without flash and xbox for instance, 2. side-load all updates (without re-installing flash and xbox) 3. install security apps such as antivir, usb protection as well as apps you'll need 4. Install VM 5. apply admin templates, GPO rules, further debloat and remove features/services/apps/modules/junk/tasks, apply security scripts and networking rules, apply SysHardener, further lock down system with custom files, code (intended to break or tamper normal functioning of code, like java or javascript), modifications, changing defaults for programs, setting up decoys, admin rules, browser tweaks, optimizations 6. install so-called blockers such as EXE Radar Pro or/and Os Armor 7. apply veracrypt (encrypt all drives) 8. Apply SRP either manually or with program 9. setup router with at least IDS/SPI and network forensic tools 9. only now connect to the Internet
     
    Last edited: May 20, 2019
  16. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    811
    Location:
    Baden Germany
    @lucd: Didn't you forget the #irony tag?

    Otherwise:
    If it ain't broke, it ain't tweaked enough.
     
  17. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,346
    :argh: right? "9. setup router with at least IDS/SPI and network forensic tools 9. only now connect to the Internet".

    that "network forensic tools" part though. :p
     
  18. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    156
    Location:
    Poland
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.