Hard_Configurator - Windows Hardening Configurator

Kerneli

Kerneli

New Member
Apr 28, 2024
1
Is there Windows 11 23H2 support coming? Or what else would be good free alternative besides Hard configurator as cannot use it with my Win11 23H2...
 
A

Azazel

Hello @Andy Ful ,
I have a question.
Is "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" a robust protective rule or are there non-sophisticated ways it can be easily bypassed?
 
  • Like
Reactions: Andy Ful
n8chavez

n8chavez

Level 17
Well-known
Feb 26, 2021
842
Azazel said:
Hello @Andy Ful ,
I have a question.
Is "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" a robust protective rule or are there non-sophisticated ways it can be easily bypassed?
Click to expand...

I've found that particular option being more trouble then it's worth; in essence creating a lockdown mode where EVERYTHING new-ish needs to be whitelisted in order to run.
 
  • Like
Reactions: Azazel
n8chavez

n8chavez

Level 17
Well-known
Feb 26, 2021
842
Really? Well, curiouser and curiouser. I've had nothing but problems. But I always automate things via scripting and always update my software.
 
Last edited:
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,173
n8chavez said:
Really? Well, curiouser and curiouser. I've had nothing but problems. But I always automate things via scripting and always update my software.
Click to expand...

Yes, It can block new installations/updates with low prevalence. The block disappears after about 2 days. One can use that ASR rule set to Warn to avoid most problems.
Of course, it will be inconvenient when one has many applications that auto-update frequently. That is why it is not included in ConfigureDefender HIGH settings.
 
  • Like
  • +Reputation
Reactions: sypqys, oldschool and simmerskool
n8chavez

n8chavez

Level 17
Well-known
Feb 26, 2021
842
Andy Ful said:
Yes, It can block new installations/updates with low prevalence. The block disappears after about 2 days. One can use that ASR rule set to Warn to avoid most problems.
Of course, it will be inconvenient when one has many applications that auto-update frequently. That is why it is not included in ConfigureDefender HIGH settings.
Click to expand...

Don't get me wrong; I'm not in any way, shape or form saying that you or Hard Configurator is bad. I just mean that particular ASR option doesn't fit my needs, for reasons you mentioned. My opinion, this or @danb's Configure Defender should be on every system without exception.
 
  • Like
Reactions: Andy Ful and simmerskool
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,173
n8chavez said:
I just mean that particular ASR option doesn't fit my needs, for reasons you mentioned.
Click to expand...

Yes, I know. :)
Anyway, I do not think that you need H_C or ConfigureDefender. For many MT members, any advanced protection is a kind of insurance, learning, or fun.
 
  • +Reputation
  • Like
Reactions: oldschool and simmerskool
F

ForgottenSeer 109138

Andy Ful said:
Yes, I know. :)
Anyway, I do not think that you need H_C or ConfigureDefender. For many MT members, any advanced protection is a kind of insurance, learning, or fun.
Click to expand...
No way, you didn't just contradict yourself here did you, an advanced application is for fun and learning yet so easy a typical users can use them correct. Its not like they could misconfigure into vulnerability.
 
F

ForgottenSeer 109138

skiper said:
If I understand correctly, Sponsors=LOLBins?

I'm thinking of @oldschool configuration.If Sponsors=LOLBins, FirewallHardening ADD LOLBins can be obtained in this way too?

1. Press <Load Profile> and choose All_OFF.hdc
2. Press <(Re)Install SRP>
3. Press <Block Sponsors> <Select All>
4. Apply changes.

There are 178 in total.

Is one better than the other? It is better to block LOLBins from FirewallHardening or Sponsors this way. LOLBins contain the same number?
Click to expand...
Its lack of understanding the operating system and how it works, combined with a lack of understanding of the software that can cause issue Andy, how easy would it be to misconfigure something you don't understand. I can pull posts from this thread all day long demonstrating this if you would like, since you trashed my thread stating otherwise.
 
F

ForgottenSeer 109138

If you are using this software for fun or learning do become aware of the products disclaimer. Any damage you do to your system or any other issues that may arise are solely the responsibility of the user. The developer that pushes this software as so easy to use, is not responsible once you install his product. If you are not knowledgeable of windows process and procedures or familiar with default deny I would not recommend taking this chance. You are better off using a Security Suit.

Disclaimer of Warranty
THIS SOFTWARE IS DISTRIBUTED "AS IS". NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE IT AT YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS, DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING THIS SOFTWARE.

Distribution
These tools may be freely distributed as long as no modification is made to it.

Andrzej Pluta (@Andy Ful)
Click to expand...
 
  • +Reputation
Reactions: Trident
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,173
ForgottenSeer 109138 said:
No way, you didn't just contradict yourself here did you, an advanced application is for fun and learning yet so easy a typical users can use them correct. Its not like they could misconfigure into vulnerability.
Click to expand...

There is no contradiction. The H_C is mainly intended for advanced users to apply Windows built-in restrictions on the computers of inexperienced users (no MT members).
MT members can use H_C on personal computers if they want, but often it is not necessary for security reasons. I guess that they often like to use it as a kind of insurance, learning, or fun.
 
Last edited:
  • Like
Reactions: Jan Willy
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,173
ForgottenSeer 109138 said:
Its lack of understanding the operating system and how it works, combined with a lack of understanding of the software that can cause issue Andy, how easy would it be to misconfigure something you don't understand. I can pull posts from this thread all day long demonstrating this if you would like,
Click to expand...

I am not sure what to say. H_C is a tool for advanced users, but there can be users who want to experiment with settings.
Anyway, you are wrong when thinking that such experiments will do something dangerous to the system. Even with the most restricted setup we have:
  1. During the installation, the user is prompted to do a System Restore Point.
  2. SRP restrictions do not restrict local Administrators and processes running with high privileges.
  3. SystemSpace is always whitelisted (%WinDir%, %ProgramFiles%, etc.)
  4. H_C can be started even with the most restrictive setup, so the user can always change the setup.
  5. The Recommended Settings can be restored with one click.
By the way, I am sorry that your thread has been closed. I did not ask the staff for that (and did not report anything), even when your posts became too personal.
 
Last edited:
  • Like
Reactions: Jan Willy and SirJon
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,173
ForgottenSeer 109138 said:
If you are using this software for fun or learning do become aware of the products disclaimer. Any damage you do to your system or any other issues that may arise are solely the responsibility of the user. The developer that pushes this software as so easy to use, is not responsible once you install his product. If you are not knowledgeable of windows process and procedures or familiar with default deny I would not recommend taking this chance. You are better off using a Security Suit.
Click to expand...

You know that this is a standard disclaimer for open-source & free software. This disclaimer is displayed during installation, so users are informed without your warning. As you can see the disclaimer intends to discourage inexperienced users. I already explained it to you in another thread. It seems that you start trolling this thread.
Hard_Configurator has been here for several years and does not produce much trouble.
 
  • Like
  • +Reputation
Reactions: Jan Willy, 1chaoticadult, Digmor Crusher and 2 others

Similar threads

Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
269
Views
20,954
Hard_Configurator Tools
Andy Ful
Andy Ful
Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
23,287
Hard_Configurator Tools
South Park
South Park
SpyNetGirl
    • Like
    • Applause
    • Thanks
Serious Discussion Why do you use obsolete security technologies such as SRP?
Replies
7
Views
644
General Security Discussions
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top