Some Notes on the Machines

Something new:

https://pwpush.com

Here’s a very nice article.

Mr. Jack Foster has written an excellent article on this topic:

https://www.vpngeeks.com/how-to-secure-your-passwords

It’s very possible, per user or per computer:

www.mustbegeek.com/block-usb-or-removable-devices-using-group-policy/

It’s done in Policies, Administrative Templates, System, Removable Storage Access. There are quite a few granulations available.

Nicely searchable, including for CVE numbers:

https://nvd.nist.gov/vuln/search

From the remarkable Tharin Brown:

https://transparencyreport.google.com/safe-browsing/search

A number of Internet tools use DNSBLs (DNS blacklists) and retrieve them by HTTP/HTTPS. Here are a number of good resources for this.

www.reddit.com/r/PFSENSE/comments/7s3ug9/pfblockerng_recommended_lists/

forum.it-monkey.net/index.php?topic=17.0

supratim-sanyal.blogspot.com/2017/04/pfsense-pfblockerng-ultimate-list-of-ip.html

This tool decommissions quite the list of Windows 7 through 10 telemetry inclusions by which Microsoft informs itself of our behavior, using quite a lot of our RAM, CPU, and bandwidth in so doing.

https://www.safer-networking.org/spybot-anti-beacon/

Brought to this forefront by the Beard, Mike Hunsinger.

If you have access to the console and the machine runs GRUB or something similar, reset of a password is easy. Just interrupt the boot before kernel load (hit the Tab key if it really is GRUB you have there), edit the kernel load line, and add the following to the very end:

init=/bin/bash

Then boot that kernel load line (F10 in GRUB) and the machine will come up in single-user ‘bash’ shell, and you can run ‘passwd’.

The amazing David Lewis recently discovered something very close to unbelievable. A user profile on a PC — not a user, not a PC — had full administrative rights to a folder on a server on the domain, where the user was explicitly denied such rights. Deletion and replacement of the user profile, eliminated the problem.