Category: Security

New public DNS: NextDNS
article #1566, updated 326 days ago

Appears to be very very good. Better ping than many from some major ISPs. Also very sophisticated and configurable, and considerably less expensive for the features, than some.

https://nextdns.io

Categories:      

==============

Test files and URLs for viruses
article #1573, updated 373 days ago

This very nice tool will download an executable from a web site and test it for bad actor behavior.

www.virustotal.com/

Categories:      

==============

Block real-name email spoofing
article #1572, updated 375 days ago

We see it fairly often. An email comes “From” a real name, but the actual email address is wrong, a spammer’s or scammer’s Gmail or worse. Once we saw this with a very slightly misspelled domain — let’s say “pondervorthy” instead of “ponderworthy”. I just learned of a way to handle it, when one has email filtration which can do it, and when it works for another reason:

Let’s say we’re protecting me. I know all of my email addresses, at work and home. If I set my email filtration system to consider spam everything From “Jonathan E. Brickman” and “Jonathan Brickman”, which does not come from any of my email addresses, that will take good care. The biggest risk is another person named Jonathan Brickman trying to email me. Reportedly, one should actually do it like this, scanning email headers:

FROM: Jonathan Brickman, FROM: "Jonathan Brickman

This is because some of the bad actors are adding spaces after the name text. So the final quote is not set up in the filter rule. It’s really two different FROM field lookups within headers of the email, OR’d, in this system.

Now there are a number of Jonathan Brickmans in the world, but I haven’t met one yet (if you are one, please do email me at jeb@ponderworthy.com, that way we both will have done so at least once); I’m not sure there are many Jonathan Edward Brickmans; but if I found that there were, I’d put in a nickname in parenthesis, set the filtration rule for it

FROM: Jonathan Brickman (JEB), FROM: "Jonathan Brickman (JEB)

and that should do the job nicely, giving me a unique “From” real name for filtration purposes.

There may be other “gotchas”, I will test this over time. It cannot do a comprehensive block, but can clearly help.

In Microsoft Outlook rules, some of the above logic seems to be missing: one cannot filter based on text or email addresses not in the header. I will be checking Exchange Online shortly. One third-party service is confirmed as working well for this.

Categories:      

==============

Check web sites for active infections, via sandbox analysis
article #1569, updated 382 days ago

This tool does the job, it uses Crowdstrike and other major-player tools:

www.hybrid-analysis.com

Categories:      

==============

Send passwords securely
article #1525, updated 604 days ago

Something new:

https://pwpush.com

Categories:      

==============

Use Group Policy to set PC/Laptop Local Admins
article #1443, updated 1209 days ago

Here’s a very nice article.

Categories:      

==============

Thoughts for Generating Good Passwords
article #1262, updated 2151 days ago

Mr. Jack Foster has written an excellent article on this topic:

https://www.vpngeeks.com/how-to-secure-your-passwords

Categories:      

==============

Block Removable Devices by Group Policy
article #1247, updated 2236 days ago

It’s very possible, per user or per computer:

www.mustbegeek.com/block-usb-or-removable-devices-using-group-policy/

It’s done in Policies, Administrative Templates, System, Removable Storage Access. There are quite a few granulations available.

Categories:      

==============

NIST National Vulnerability Database
article #1244, updated 2257 days ago

Nicely searchable, including for CVE numbers:

https://nvd.nist.gov/vuln/search

Categories:      

==============

Identify safe and infected web sites
article #1234, updated 2292 days ago

From the remarkable Tharin Brown:

https://transparencyreport.google.com/safe-browsing/search

Categories: