What is your security setup these days?

Nope. They simply keep their IT infrastructure religiously up to date.

 

I'm afraid that this won't protect against zero days. You can't patch holes that you are not aware of, and here's where security tools come into play.

 

I tend to agree, but even the most sophisticated security tools are not capable of patching each and every hole that might exist in a company's IT infrastructure. There will always be some sort of a residual risk level.

 

No correct, but they don't try to patch anything, they are simply monitoring for suspicious behavior which eventually all malware will trigger.

 

If not for 3rd party security tools and some of those oddly enough from freelancer's, I dare say my machines would have been an endless stream of constantly restoring clean images OR at the very least keeping Shadow Defender always ON which I refuse to do. If my front line, mid zones can't fully prevent, the last line of defense always does, luckily. A lot more sharp pencils out there and many of them never receive as much credit for their assistance than commercial one's do.

 

I just replaced WiseVector Stop-X (way too many FPs) with Kaspersky Free.

 

I am also annoyed with too many WVSX's real-time behavior FPs. The problem is compounded due to inoperative reporting within the real-time alerts as well as receiving the very same FP alert no matter how many time I exclude the FP!

 

Worth posting in WiseVector thread?

 

W.10 Home x64 21H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Quad9 DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge

• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Always HTTPS
• Quad9 DOH
• Share browsing data with other Windows features - disabled
• 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
• IL Appcontainer - enabled
• Audio Service -sandboxed
• Network Service - sandboxed

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• GPU rasterization
• Zero-copy rasterizer
• Block insecure private network requests
• Enable Digital Signature for PDF
• Partitioned cookies

Disabled:

• Show feature and workflow recommendations
• Allow tab-to-search using Microsoft Search with Bing
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets

Extensions:

• (MS Store) - Decentraleyes
• (Chrome Store) - UBO - Hard Mode
• (Chrome Store) - Don't add custom search engines
• (Chrome Store) - JShelter

 

Unless it is still causing you issues, I'd recommend enabling this.

 

Unfortunately, it causes me problems.

 

Bitdefender Free. All good so far.
Brave browser | Brave Adblock | Emsisoft Browser Security
Startpage
Brave:Flags -

Code:

Enable CNAME uncloaking
Enable domain blocking
Enable debouncing
Enable extension network blocking
Reduce language identifiability
Enable ephemeral storage
Smooth scrolling
Block scripts via document,write
Block insecure private network requests
Strict Origin Isolation
Reduce user-agent request header
Partitioned cookies
Isolated sandboxed iframes

 

You can avoid using YogaDNS in Windows 11 for using NextDNS or any other DNS.
Try this after running CMD with admin rights or create a .BAT file.
netsh dns add encryption server=x.x.x.x dohtemplate=https://dns.nextdns.io/xxxxxx autoupgrade=yes udpfallback=no
You can also add your device name in the end if you wish to identify your device in NextDNS logs.
netsh dns add encryption server=x.x.x.x dohtemplate=https://dns.nextdns.io/xxxxx/Nightwalker-PC autoupgrade=yes udpfallback=no
After this, edit DNS in the Network and Internet section with your NextDNS IP and choose Encrypted only.
I've been using like this since Windows 11 came out in the dev builds with no issues.
Similarly for Adguard DNS:
netsh dns add encryption server=94.140.14.14 dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no

 

I see, I will try it, thanks for the advice.

 

I can't really be ***** to look through 1680 pages so can someone tell me what program should i use to allow a certain program to only be able to read its own location? For example right now im using teamviewer and it constantly cries im a commercial user even tho im not (but i got stuff like vs code on the my pc so it thinks i am) and even tho i can circumvent it, that causes some headaches as well so i'd like the problem to be solved once and for all and i need a program to tell teamviewer that it can only read its own directory and not much more. There was smth liket hat pumpernickel or bouncer? But now its gone and even if i would find it it's prob very outdated so i thought this is a good place to ask with all of u knowledgeable and paranoid security folks, what program should i use?

 

OS: Windows 10
DNS: Quad9
Modem-Router: CODA-4582-U

Software: Symantec Endpoint Protection 14.3 (firewall not installed)
Windows Defender Firewall
Malwarebytes Windows Firewall Control
Macrium Reflect 7.3
Firefox with uBlock Origin for ad blocking
VirusTotal also used for checking any new software before installing

This is my favorite config of all time. However I still miss AtGuard 3.22 and Kerio 2.1.5 firewalls a bit even though I haven't used them for years.

 

I think it was indeed called Pumpernickel or Bouncer. Isn't is possible to run TeamViewer as an AppContainer app, since those tools can only access their own folder?

 

OS: Windows 10 21H2

Backup: Macrium Reflect Home and IceDrive
Updates: SUMo, HP Image Assistant, Windows and Office updates
Anti-malware: Eset Internet Security
Content blocker: uBlock Origin

OD scanners: HitmanPro, Norton Power Eraser
Passwords: Keepass
Encryption: VeraCrypt
Privacy: Mullvad, CCleaner, ShutUp10

 

How would i do that tho? All I found was some c++ tutorials on how to do it which is outside my area of knowledge (i don't like c and c++)

Is there a ready program out there that does this?

 

W.10 Home x64 21H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Quad9 DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes"

• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Always HTTPS
• Quad9 DOH
• Share browsing data with other Windows features - disabled
• 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
• IL AppContainer - enabled
• Audio Service -sandboxed
• Network Service - sandboxed

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Block insecure private network requests
• Enable Digital Signature for PDF
• Partitioned cookies

Disabled:

• Show feature and workflow recommendations
• Allow tab-to-search using Microsoft Search with Bing
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Consider SameParty cookies to be first-party

Extensions:

• (MS Store) - Decentraleyes
• (Chrome Store) - UBO - Hard Mode
• (Chrome Store) - Don't add custom search engines
• (Chrome Store) - JShelter

 

What I meant is that perhaps you could search for the UWP version of TeamViewer, see first link. And seems like there is also a portable version, scroll down on the second link.

https://www.teamviewer.com/en/download/windows-app/
https://www.teamviewer.com/en/download/windows/

 

3 computers right now : (all win 11 - built 22621 - 105)

Main desktop : osarmor - f-secure safe - Nextdns - ublock origin
17'' laptop : osarmor - f-secure safe - Nextdns - ublock origin
15'' laptop : osamor - k7 internet security - Nextdns - ublock origin

easus todo backup home - Kerish doctor resident - f-secure freedome if needed

Light and enought for me.

 

Windows 8.1 Pro.
Comodo firewall (Cruelsister settings) and Hard Configurator with recommended settings for Win 8.1
Brave browser with only a couple of adjusted settings and Ublock Origin.
Macrium Reflect Home, and current backup saved to external HDD.

 

Stellar settings @Chuck57 and that CFW with Hard Config is solid! Happy 8.1 Safe Computing!

 

W.10 Home x64 21H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Quad9 DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge --time-zone-for-testing --enable-features="GpuAppContainer,IsolateSandboxedIframes,EnableCsrssLockdown"

• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Always HTTPS
• Quad9 DOH
• Share browsing data with other Windows features - disabled
• 4 Cipher Suites - 0x002f,0x0035,0xc013,0x009c - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled
• IL AppContainer - enabled
• Audio Service -sandboxed
• Network Service - sandboxed

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Enables the BrowsingDataLifetimeManager service to run
• Experimental QUIC protocol
• Enable Back/Forward Cache
• Project Robin experiment
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Block insecure private network requests
• Enable Digital Signature for PDF
• Partitioned cookies

Disabled:

• Show feature and workflow recommendations
• Allow tab-to-search using Microsoft Search with Bing
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Consider SameParty cookies to be first-party

Extensions:

• (MS Store) - Decentraleyes
• (Chrome Store) - UBO - Hard Mode
• (Chrome Store) - Don't add custom search engines
• (Chrome Store) - JShelter