What is your security setup these days?

F SecureSafe
Voodoo Shield
UBO

 

Heimdal Threat Prevention Home is an AI-based network traffic filter, CylancePROTECT only works at the disk and memory level. Premium version of SpyShelter offers only some firewall features. Everything with very small footprint for the system.

 

W.10 Home x64 22H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Cloudflare DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge --no-pings --time-zone-for-testing --enable-features="IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"

• DDG - Home page and deafult search engine
• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Clipboard permissions - blocked
• Next DNS DOH - (oisd + Easy Privacy)
• Share browsing data with other Windows features - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled

Policies:

• AutomaticHttpsDefault = 2
• DnsOverHttpsMode = secure
• DnsOverHttpsTemplates = Next DNS
• TLSCipherSuiteDenyList = "0x002f","0x0035","0xc013","0x009c"
• HubsSidebarEnabled - false
• CryptoWalletEnabled - false
• SyncDisabled - true
• AudioSandboxEnabled - true
• NetworkServiceSandboxEnabled - true
• RendererAppContainerEnabled - true
• SandboxExternalProtocolBlocked - true
• MaxConnectionsPerProxy =48

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Block insecure private network requests
• Parallel downloading
• Enable experimental cookie features
• Experimental QUIC protocol
• Use DNS https alpn
• Enable Back/Forward Cache
• Back-forward cache - Enabled force caching all pages (experimental)
• Project Robin experiment
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Enable Digital Signature for PDF
• Partitioned cookies
• Microsoft Edge tracking prevention
• Experimental third-party storage partitioning - Third party cookies blocker enabled
• New PDF Viewer
• Block insecure downloads
• Select HW overlay strategies = Occluded and unoccluded buffers (single-fullscreen,single-on-top,underlay

Disabled:

• Show feature and workflow recommendations
• Enable system notifications
• Combine sync consent and sign in
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Enable Drop's custom notification

Extensions:

Edge Store:

• UBO - Hard Mode with TLD's
• Video DownloadHelper

Chrome Web Store:

• JShelter
• SwiftDial
• Stream Recorder - download HLS as MP4
• Don't add custom search engines
• ( on/off) - AdGuard MV3 - Hard Mode with TLD's + UBO Lite - only AdGuard URL Tracking Protection List

Recent changes that have increased the usability and performance of the browser.

 

OK I see, my mistake. I assumed that Heimdal was an AV. And I forgot that SpyShelter Premium does indeed not have all of the firewall functions. So yeah, if it all runs smoothly on your system, why not.

 

This time i'm trying Trend Micro Antivirus(hypersensitive mode) with Spyhelter Silent and Windows Firewall Control.
I really like Trend Micro, especially in "Hypersensitive" mode. In this mode, it's kind of a "default-deny".
I also do like WFC alot BUT, on my computer, it behaves the same like Glasswire does.
For example:
1) Run steam.exe
2) Steam.exe reports that NO internet connection available
3) WFC or Glasswire popups a window, that steam.exe wants to connect to internet
4) Re-run steam.exe and now it can connect

It should be in this way:
1) steam.exe wants to connect to internet
2) The Firewall intercept the outgoing connection and ask for user permission to accept
3) The User click allow
4) Steam starts

I dunno if this behavior is API based coding, or something else, but its really, really annoying.
Does anyone else have this problem with WFC/Glasswire?

 

Why?
Since steam has an offline mode I would think that when steam starts and finds no internet (since blocked by gw) it just assumes you have none and goes into offline mode till you allow the file in GW and tell steam to reconnect (to online). For my logic steam should always start since a firewall is not an antiexe only it's internet access should be denied on the first start till the user says otherwise.
For me it works the way I would expect it (novice user logic here )

 

To put it simpler way, that even you understand what i mean @Freki123:
any.exe wants to connect to internet
no internet
lets click any.exe again
any.exe says, oh yeah

Another perspective:
any.exe wants to connect to internet
Allow or not
Allow and voila

If you compare above, whats a difference, annoyance between?

 

Look like in 1st you have disabled internet from up to all and you need manualy add allow for conection
in 2nd looks like decent setup where firewall ask for each connections before 1st run.

 

W.10 Home x64 22H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Cloudflare DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

MS Edge --no-pings --time-zone-for-testing --enable-features="IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"

• DDG - Home page and deafult search engine
• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Clipboard permissions - blocked
• Next DNS DOH - HaGeZi - Multi LIGHT
• Share browsing data with other Windows features - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled

Policies:

• AutomaticHttpsDefault = 2
• DnsOverHttpsMode = secure
• DnsOverHttpsTemplates = Next DNS
• TLSCipherSuiteDenyList = "0x002f","0x0035","0xc013","0x009c"
• HubsSidebarEnabled - false
• CryptoWalletEnabled - false
• SyncDisabled - true
• AudioSandboxEnabled - true
• NetworkServiceSandboxEnabled - true
• RendererAppContainerEnabled - true
• SandboxExternalProtocolBlocked - true

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Block insecure private network requests
• Parallel downloading
• Enable experimental cookie features
• Experimental QUIC protocol
• Use DNS https alpn
• Enable Back/Forward Cache
• Back-forward cache - Enabled force caching all pages (experimental)
• Project Robin experiment
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Enable Digital Signature for PDF
• Partitioned cookies
• Microsoft Edge tracking prevention
• Experimental third-party storage partitioning - Third party cookies blocker enabled
• New PDF Viewer
• Block insecure downloads
• Select HW overlay strategies = Occluded and unoccluded buffers (single-fullscreen,single-on-top,underlay

Disabled:

• Show feature and workflow recommendations
• Enable system notifications
• Combine sync consent and sign in
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Enable Drop's custom notification

Extensions:

Edge Store:

• UBO - Hard Mode with TLD's
• Video DownloadHelper

Chrome Web Store:

• JShelter
• SwiftDial
• Stream Recorder - download HLS as MP4
• Don't add custom search engines
• ( on/off) - AdGuard MV3 - Hard Mode with TLD's + UBO Lite - only AdGuard URL Tracking Protection List

Firefox - Arkenfox + FastFox

• Tracking protection Strict
• HTTPS-only-mode enabled
• DDG Home Page and Search Engine
• Clearing browsing data on exit
• Next DNS (DOH) - HaGeZi - Multi LIGHT
• Protection against fraudulent content and dangerous software enabled

Extensions:

• uBlock Origin - Hard Mode with TLD's
• VideoDownloadHelper
• SwiftDial
• TWP Translate Web Page
• MPMux

 

Same as in my siggy below and flawless going on 5 years or better! Third Party security in combo is BEST!

 

Desktop - FSecure Safe and Voodoo Shield

Laptop- Configure Defender, Simple Windows Hardening and Firewall Hardening

 

win 10 x 64 pro 22h2 ( 19045.2965 )
-heavily debloated ( sycnex - o&o shut up 10 - appbuster ) plus other manual tweaks
-defender completely removed from system
-edge completly removed from system ( manually tweaks in regstry to prevent it from reinstalling with future windows upgrades )
-browsers :
brave ( tweaked in settings and flags for maximum privacy and security ) wth ubo ( medium mode ) - trend toolbar - trend shell shock detector
librewolf ( with some manual extra tweaks ) with ubo ( medium mode )
mullvad browser with ubo ( medium mode )
realtime : Trend Micro Ultimate in hypersensitive mode
simple windows hardening tweaked manually
Windscribe pro when needed
backup aomei backupper pro

 

W.10 Home x64 22H2
Local Account - Standard user - Limited permissions
UAC maximum - Always notify
Cloudflare DNS
Onedrive,Cortana,Advertising ID,Web Search - disabled
Usage of location data for Cortana disabled
Telemetry OFF
Removed some Windows optional features.

Microsoft Defender Firewall hardened with H_C.
Microsoft Defender hardened with Configure Defender (Customized level) - Cloud Block Level

• Ransomware protection - disabled
• No run in a sandbox
• Core Isolation: Memory integrity - disabled
• Some softwares hardened with maximum AE protection
• All Windows Exploit Protection options - enabled

Firefox - Arkenfox + FastFox

• Tracking protection Strict
• HTTPS-only-mode enabled
• DDG Home Page and Search Engine
• Clearing browsing data on exit
• Next DNS (DOH) - OISD full + EasyPrivacy + EasyList Italy
• Protection against fraudulent content and dangerous software enabled

Extensions:

• uBlock Origin - Hard Mode with TLD's
• VideoDownloadHelper
• SwiftDial
• TWP Translate Web Page
• MPMux

____________________________________________________________________________

MS Edge --no-pings --time-zone-for-testing --enable-features="IsolateSandboxedIframes,EnableCsrssLockdown,EncryptedClientHello"

• DDG - Home page and deafult search engine
• Enabled Security Mitigations - Strict
• Detection Protection - Strict
• Clipboard permissions - blocked
• Next DNS DOH - OISD Full + EasyPrivacy +EasyList Italy
• Share browsing data with other Windows features - disabled
• TLS_RSA_WITH_AES_256_GCM_SHA384 - enabled
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - enabled

Policies:

• AutomaticHttpsDefault = 2
• DnsOverHttpsMode = secure
• DnsOverHttpsTemplates = Next DNS
• TLSCipherSuiteDenyList = "0x002f","0x0035","0xc013","0x009c"
• HubsSidebarEnabled - false
• CryptoWalletEnabled - false
• SyncDisabled - true
• AudioSandboxEnabled - true
• NetworkServiceSandboxEnabled - true
• RendererAppContainerEnabled - true
• SandboxExternalProtocolBlocked - true

Edge://flags:

Enabled:

• Block scripts loaded via document.write
• Block insecure private network requests
• Parallel downloading
• Enable experimental cookie features
• Experimental QUIC protocol
• Use DNS https alpn
• Enable Back/Forward Cache
• Back-forward cache - Enabled force caching all pages (experimental)
• Project Robin experiment
• Automatic HTTPS
• Strict-Origin-Isolation
• Show block option in autoplay settings
• Experimental Tracking Prevention Features
• Enable Digital Signature for PDF
• Partitioned cookies
• Microsoft Edge tracking prevention
• Experimental third-party storage partitioning - Third party cookies blocker enabled
• New PDF Viewer
• Block insecure downloads
• Select HW overlay strategies = Occluded and unoccluded buffers (single-fullscreen,single-on-top,underlay

Disabled:

• Show feature and workflow recommendations
• Enable system notifications
• Combine sync consent and sign in
• Allow Microsoft Search with Bing for any default search engine
• Allow preloading of pages by other applications
• Enable First-Party Sets
• Enable Drop's custom notification

Extensions:

Edge Store:

• UBO - Hard Mode with TLD's
• Video DownloadHelper

Chrome Web Store:

• JShelter
• SwiftDial
• Stream Recorder - download HLS as MP4
• Don't add custom search engines
• ( on/off) - AdGuard MV3 - Hard Mode with TLD's + UBO Lite - only AdGuard URL Tracking Protection List

 

its been years since I last posted here.
right now I'm using Hard_Configurator in my Windows 10 PC.
also Ghostpress Anti-keylogger

 

BitDefender GravityZone XDR. One endpoint security product protects against both malware and network intrusion.

 

On both main computers :

Eset smart security premium + OsArmor + NextDNS + weekly Aomei Backupper

On third Holydays laptop :
F-Secure Internet Security + OsArmor + NextDNS + monthly Aomei Backupper

Light, efficient and sufficient for me.

 

My current setup:

Eset Internet Security
Macrium Reflect
uBlock Origin for FIrefox

 

Still CFW, IVPN, AOMEI back, system image backups. that's all...

 

Pretty much the same here.

 

Still running the same security software over 2 years. No need to change.

 

Still same as my siggy- smooth as silk and water tight.

 

Smooth, tight and very light

I run something similar on Win 7 and 10.

Regards Eck

 

Great minds think alike

 

ReviOS (modified windows 10)
Hard_Configurator (recommended settings)
Ghostpress Anti-keylogger
Brave Browser with JShelter

 

Sphinx Firewall Plus
AppGuard Solo
ShadowDefender

IVPN
AdGuard
Raxco InstantRecovery