Umbra Lockdown Security 2017

Discussion in 'Security Configurator' started by Umbra Polaris, Oct 24, 2017.

Tags:
?

How do you rate my setup?

  1. 1 star

    0 vote(s)
    0.0%
  2. 2 stars

    0 vote(s)
    0.0%
  3. 3 stars

    0 vote(s)
    0.0%
  4. 4 stars

    0 vote(s)
    0.0%
  5. 5 stars

    7 vote(s)
    100.0%
  1. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Laptop 1 : Productivity machine detailed setup
    ----------------------------------------------------------------------
    Account Type
    Account Type: Standard User Account |
    UAC: Max (Always Notify ) and ask Password |
    SmartScreen: Max (require admin approval) |
    ----------------------------------------------------------------------
    Main AntiVirus/Anti-Malware/Suite

    Local + Cloud : Emsisoft Anti- Malware (EAM)
    Cloud: /
    ----------------------------------------------------------------------
    Companion AntiVirus/Anti-Malware

    Local + Cloud : /
    Cloud: /
    ----------------------------------------------------------------------
    Intrusion Prevention Systems

    HIPS: /
    Behavior Blocker: EAM |
    Application Control: /
    Anti-Executable: /
    Software Restriction Policy: Appguard (AG) on Lockdown Mode and Hardened.
    ----------------------------------------------------------------------
    Virtualization & Isolation

    System-Wide: /
    Restriction-based Sandbox: /
    Full Isolation Sandbox: Sandboxie (Sbie)
    Browser-only Sandboxing: /
    Virtual Machine: Virtual Box
    ----------------------------------------------------------------------
    Firewall & Networking

    Firewall: Windows Firewall fortified by EAM and Binisoft Windows Firewall Control (BWFC).
    Intrusion Detection System: /
    Packet Inspection: /
    Protocol Filter: /
    Certificate checker: /
    Network Protection: /
    DNS Protection: /
    Backdoor Prevention: /
    Anti-MITM: SSL-Eye
    ----------------------------------------------------------------------
    System Reinforcement

    Anti-Exploit: Windows' Exploit Guard
    Anti-PUP: EAM |
    Anti-Spyware: EAM |
    Anti-Rootkit: EAM |
    Removable Media/USB Protection: EAM | AG
    Apps Hardening : /
    Process Hardening: /
    System Encryption: /
    Docs/File/Folders Protection: SecureFolders
    File Reputation: EAM |
    Registry Protection: EAM |
    Autorun Protection: EAM |
    Keystroke Encryption:
    Banking/Shopping protection: /
    Anti-keylogger: EAM |
    Alternate Data Streams Scanner: NVT Stream Detector
    Infection Rollback: /
    ----------------------------------------------------------------------
    2nd Opinion Scanners (On-Demand)

    Local+ Cloud: Emsisoft Emergency Kit | Windows Defender Periodic Scanning | Zemana AM.
    Cloud: none installed on the system, all in USB (see below)
    ----------------------------------------------------------------------
    Browsers Security

    Secured Browsers: /
    Security Addons: Adguard (Integration mode) | Netcraft
    Browser Protection: /
    Web Shield/URL Filter: EAM's Surf Protection
    Web Reputation: / |
    Adblocker: Adguard for Windows (AdG)
    Anti-Exploit/Script: /
    ----------------------------------------------------------------------
    Web Protection:

    Anti-Phishing: EAM | Adguard
    Domain/Website Manager: /
    Hosts Blocker: EAM
    Hosts File Protection: /
    DNS Checker: /
    Secured DNS: /
    DNS Traffic Encryption: DNSCrypt (via Simple DNsCrypt)
    ----------------------------------------------------------------------
    Privacy & Anonymity

    Anti-Windows 10 Telemetry: Shutup10
    Encrypted Container: VeraCrypt (Portable)
    File Protection: Secure Folders (Portable)
    File Encryption: Gpg4Win (Kleopatra)
    Encrypted Mailing Service: www.Protonmail.com.
    Encrypted Mail Client: /
    Encrypted Messenger: /
    Encrypted File Sharing Service: /
    Password/Form Protection:
    - Lastpass (Browser addon)
    - Keepass (Portable)
    VPN: SoftEther VPN-Gate (SSL & DNSsec)
    Secure Desktop: /
    ----------------------------------------------------------------------
    3rd Party Standalone Protection

    Anti-PUP: /
    Anti-Spyware: /
    Anti-Rootkit: Combofix
    Anti-keylogger: /
    Anti-Phising: /
    Hash Checker: Hashtab
    File Reputation: /
    Registry Protection: /
    Autorun Protection: /
    Email & Antispam Protection: /
    Instant Messenger Protection: /
    P2P Protection: /
    Document Protection: /
    Removable Media/USB Protection: /
    Banking/Shopping protection: /
    Social Media Protection: /
    Anti-Theft: /
    ----------------------------------------------------------------------
    Monitoring

    System Vulnerabilities Monitor: /
    Autorun/Startup Monitor: Autorun (Portable)
    Process Monitor: Process Hacker (portable), Process Explorer (Portable)
    Resources Monitoring: /
    Registry Manager: /
    Network Monitor: /
    ----------------------------------------------------------------------
    System Maintenance & Optimization

    Browser Cleaner: /
    System Cleaner:
    - Ccleaner (Portable) | Wise Disk Cleaner (portable)
    System Optimizer: /
    ----------------------------------------------------------------------
    Recovery

    Backup: Windows Backup
    Boot CDs: Acronis TI
    System Rollback: /
    ----------------------------------------------------------------------
    USB Toolbox:

    Boot CD: Strelec Boot CD made bootable via USB
    Portable OS: Mini-WinXP/Windows 7
    Scanners: Emsisoft Emergency Kit, McAffee Stinger, Malwarebytes Anti-Malware, Comodo CE, Norton PE,Kaspersky TDSSKiller, Dr Web CureIt, Gmer,
    disinfecting tools: Rkill, Combofix, Sanitycheck, etc...


    ----------------------------------------------------------------------------------------


    All my security softwares are selected specifically to run together without conflict, i set them for maximum compatibility/protection with the lowest resources usage possible.


    This kind of configuration is not suited for beginners, many settings and tweaks are dangerous and have been perfected after years of training to make it fully functional and system-safe.

    "Stay Safe, Don't try this "
    ----------------------------------------------------------------------------------------
     
  2. Google Adsense

  3. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Laptop 2: Testing/leisure machine detailed setup
    ----------------------------------------------------------------------
    Account Type
    Account Type: Standard User Account |
    UAC: Max (Always Notify ) and ask Password |
    SmartScreen: Max (require admin approval) |
    ----------------------------------------------------------------------
    Main AntiVirus/Anti-Malware/Suite

    Local + Cloud : Emsisoft Anti-Malware (EAM) |
    Cloud: /
    ----------------------------------------------------------------------
    Companion AntiVirus/Anti-Malware

    Local + Cloud : Malwarebytes's Anti-Malware (MBAM)
    Cloud: /
    ----------------------------------------------------------------------
    Intrusion Prevention Systems

    HIPS: /
    Behavior Blocker: EAM |
    Application Control: /
    Anti-Executable: /
    Software Restriction Policy: Appguard (AG) on Lockdown Mode and Hardened.
    ----------------------------------------------------------------------
    Virtualization & Isolation

    System-Wide: /
    Restriction-based Sandbox: /
    Full Isolation Sandbox: Sandboxie
    Browser-only Sandboxing: /
    Virtual Machine: Virtual Box
    ----------------------------------------------------------------------
    Firewall & Networking

    Firewall: Windows Firewall +
    Intrusion Detection System: /
    Packet Inspection: /
    Protocol Filter: /
    Certificate checker: /
    Network Protection: /
    DNS Protection: /
    Backdoor Prevention: /
    Anti-MITM: SSL-Eye
    ----------------------------------------------------------------------
    System Reinforcement

    Anti-Exploit: Windows' Exploit Guard
    Anti-PUP: EAM |
    Anti-Spyware: EAM |
    Anti-Rootkit: EAM |
    Removable Media/USB Protection: EAM | AG
    Apps Hardening : /
    Process Hardening: /
    System Encryption: /
    Docs/File/Folders Protection: SecureFolders
    File Reputation: EAM |
    Registry Protection: EAM |
    Autorun Protection: EAM |
    Keystroke Encryption: HMPA
    Banking/Shopping protection: /
    Anti-keylogger: /
    Alternate Data Streams Scanner: NVT Stream Detector
    Infection Rollback: /
    ----------------------------------------------------------------------
    2nd Opinion Scanners (On-Demand)

    Local+ Cloud: Emsisoft Emergency Kit (EEK) | Zemana AM
    Cloud: none installed on the system, all in USB (see below)
    ----------------------------------------------------------------------
    Browsers Security

    Secured Browsers: /
    Security Addons: Adguard (Integration mode) | HTTPS Everywhere | Netcraft
    Browser Protection: /
    Web Shield/URL Filter: EAM's Surf Protection
    Web Reputation: / |
    Adblocker: Adguard for Windows (AdG)
    Anti-Exploit/Script: /
    ----------------------------------------------------------------------
    Web Protection:

    Anti-Phishing: Adguard
    Domain/Website Manager: /
    Hosts Blocker: EAM
    Hosts File Protection: /
    DNS Checker: /
    Secured DNS: /
    DNS Traffic Encryption: DNSCrypt (via Simple DNsCrypt)
    ----------------------------------------------------------------------

    Privacy & Anonymity
    Anti-Windows 10 Telemetry: Shutup10
    Encrypted Container: VeraCrypt (Portable)
    File Protection: Secure Folders (Portable)
    File Encryption: Gpg4Win (Kleopatra)
    Encrypted Mailing Service: www.Protonmail.com
    Encrypted Mail Client: /
    Encrypted Messenger: Covert Pro
    Encrypted File Sharing Service: /
    Password/Form Protection:
    - Lastpass (Browser addon)
    - Keepass (Portable)
    VPN: SoftEther VPN-Gate (SSL & DNSsec)
    Secure Desktop: /
    ----------------------------------------------------------------------
    3rd Party Standalone Protection

    Anti-PUP: /
    Anti-Spyware: /
    Anti-Rootkit: Combofix
    Anti-keylogger: /
    Anti-Phising: /
    Hash Checker: Hashtab
    File Reputation: /
    Registry Protection: /
    Autorun Protection: /
    Email & Antispam Protection: /
    Instant Messenger Protection: /
    P2P Protection: /
    Document Protection: /
    Removable Media/USB Protection: /
    Banking/Shopping protection: /
    Social Media Protection: /
    Anti-Theft: /
    ----------------------------------------------------------------------
    Monitoring

    System Vulnerabilities Monitor: /
    Autorun/Startup Monitor: Autorun (Portable)
    Process Monitor: Process Hacker (portable), Process Explorer (Portable)
    Resources Monitoring: /
    Registry Manager: /
    Network Monitor: /
    ----------------------------------------------------------------------
    System Maintenance & Optimization

    Browser Cleaner: /
    System Cleaner:
    - Ccleaner (Portable) | Wise Disk Cleaner (portable)
    System Optimizer: /
    ----------------------------------------------------------------------
    Recovery

    Backup: Windows Backup
    Boot CDs: Acronis TI
    System Rollback: /
     
  4. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    reserved for other machines
     
  5. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    weird spoiler bug... :D
     
  6. Trim

    Trim MTAC Moderator Staff Member Member Of Month - Tweakbytes Defender

    Good setup you have @Umbra Polaris , Emsisoft is a very good product, especially in behaviour blocking.
    Thanks for posting that.
     
  7. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Anyone knows how to fix this weird spoiler bug that make 2 spoliers instead of one, i try to remove the bb code but it keeps reappearing...
     
  8. RGiskardR

    RGiskardR Malware Tester Silver Member

    Hum so strange, at MTAC section We have been posting with spoilers for months and personally I've never gotten this strange behaviour... :O:
     
  9. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    i copy-pasted it from Malwaretips; maybe some XenForo different implementation on both sites.
     
    RGiskardR likes this.
  10. RGiskardR

    RGiskardR Malware Tester Silver Member

    Hum I use the same template (with spoilers) to post malware samples results here and at MT, and not getting that issue, so strange...
     
    Umbra Polaris likes this.
  11. RGiskardR

    RGiskardR Malware Tester Silver Member

    I remembered last night that sometimes I've also gotten a similar issue, here and even in MT...

    The issue was when I deleted a closing header /SPOILER by mistake, then the board tried to auto fix it generating automatically a new duplicate opening header SPOILER=... in a different place of the code, causing a 2 spoilers copies with the same name in different places of the code.

    So, probably You should to re-check the code, and find/delete the automatically generated copy of opening spoiler header, to fix the issue...

    Hope this help You :)
     
    Trim and Umbra Polaris like this.
  12. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    i can't edit anymore :O:
     
    RGiskardR likes this.
  13. RGiskardR

    RGiskardR Malware Tester Silver Member

    Hum yes, in this forum permissions to edit has a very short limit, then You should You contact to @guardian and ask him to modify Yours...
     
    Umbra Polaris likes this.
  14. jasonX

    jasonX Giveaways Moderator Staff Member

    I also noticed that and had difficulty with it so I do not use the spoiler. Seems to be a fluke there in the XenForo thing....Anyway, armored setup there Umbra!
     
    Trim, Umbra Polaris and RGiskardR like this.
  15. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    @jasonX so im not alone, i feel better then :p

    And thanks for your comment about my config. ;)
     
    grr and RGiskardR like this.
  16. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    The configuration of both laptops is very good, not for beginners.
    thanks for sharing it.
     
    grr, Umbra Polaris and RGiskardR like this.
  17. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Thank you, indeed some knowledge is necessary, but not too difficult to duplicate if the user study a bit.
     
    grr and RGiskardR like this.
  18. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    Yes I agree with you.
    For what he likes to test and knowledgeable.
     
    grr, Umbra Polaris and RGiskardR like this.
  19. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    @jerzy6012.50 i saw you are still using Defensewall, still working good? on which OS are you using it?
     
    RGiskardR likes this.
  20. grr

    grr Board Enthusiast Silver Member Known Member

    Nice Config @Umbra Polaris

    For Laptop 1 : Productivity machine detailed setup
    1. I see for most you depend on EAM
    2. I wonder why not have something like NoScript in Browsers Security
    3. Could you pls tell what is below
    NVT Stream Detector
    SSL-Eye

    For Laptop 2: Testing/leisure machine detailed setup
    Are you running MBAM as real-time? How good is latest version for you?

    Thanks,
    Grr
     
    RGiskardR likes this.
  21. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    1- EAM and Appguard are my 2 masterpieces, with both i can't be possibly infected unless i want so.
    2- because it is a pain to use it ...and i run my browser sandboxed, backed up by EAM and Appguard, Noscript will just diminishes my surfing experience; less extensions, better it is.

    NVT stream detector is about analyzing alternate data streams, and looking if they don't integrate malicious code or redirect to malicious servers that will drop a malware into your system.
    SSL-eye, is a on-demand analyzer that check the route used by your datas to the server/site you want access to detect potential MITM (man in the middle)

    Seems OK, i have a lifetime license for it so it would be a waste not using it, MBAE is integrated so it is all good :)

    I really need the edit button being permanent, so i can adjust my configs :)
     
    grr and RGiskardR like this.
  22. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    You do not use Defensewall anymore.
    I am currently on the system firewall + VS Pro + Eset NOD + Zemana Malware.
     
    RGiskardR likes this.
  23. jerzy6012.50

    jerzy6012.50 Valued Member Known Member

    so far on this configuration is with me well.
    Soon changing Eset on Emsisofta.
    as I finished the license for Eset.
     
    Umbra Polaris and RGiskardR like this.
  24. grr

    grr Board Enthusiast Silver Member Known Member

    thanks @Umbra Polaris

    Can you share the system config for both - CPU & RAM?

    Also,going by your experience, what is next best alternate (free or paid) to EAM?
     
    RGiskardR likes this.
  25. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    prod machine : i5 7200U, 8Gb RAM, 128Gb SSD + 1Tb HDD
    leisure/test machine: i5 3230M, 6GB RAM, 1Tb HDD.


    I would choose ESET, but seems they lost some of their detection prowess the past few months. let see in the future. KIS is efficient but i never really liked it.
    So for now i would choose only Windows Defender, and prioritizing complementary solutions like anti-executables or SRPs.
     
    grr and RGiskardR like this.
  26. Umbra Polaris

    Umbra Polaris Board Enthusiast Silver Member

    Never had the chance to use my license, i always was on x64 system when i got it. Pity, the dev couldn't make it x64 compatible, it was a great soft.
     
    RGiskardR likes this.

Share This Page