Author Topic: Tests and other Media topics  (Read 233414 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #525 on: November 19, 2017, 10:40:49 PM »
Working the Cipscis - Fallout - Scriptvalidator for errors that not always come up with other methods:

Example code taken from
Quote
line 39 towards line 45 here: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=www.paperkrane.com&ref_sel=GSP2&ua_sel=ff&fs=1

Working out this standard with function tooltips
Quote
  < / sc​ript >
40:  < !-- /all in one seo pack -->
41:  < link rel='stylesheet' id='contact-form-7-css' href='-http://www.paperkrane.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.0.3' type='text/css' media='all' />
42:  < link rel='stylesheet' id='cpsh-shortcodes-css' href='-http://www.paperkrane.com/wp-content/plugins/column-shortcodes/assets/css/shortcodes.css?ver=0.6.6' type='text/css' media='all' />
43:  < link rel='stylesheet' id='blahlab-theme-grid-css' href='-http://www.paperkrane.com/wp-content/themes/paperkrane/assets/stylesheets/standalone/grid.css?ver=4.1.20' type='text/css' media='all' />
44:  < link rel='stylesheet' id='blahlab-external-googlefonts-css' href='-http://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C400italic%7CDroid+Sans&ver=4.1.20' type='text/css' media='all' />
45:  < link rel='stylesheet' id='blahlab-theme-style-css' href='-http://www.paperkrane.com/wp-content/themes/paperkrane/assets/stylesheets/standalone/style.css?ver=4.1.20' type='text/css' media='all' />
  all links inside the validation broken, because of:
https://urlquery.net/report/6380f772-ee76-42f8-99ff-34728fc03f6f  (suspicious code detected).

Always into this because of (in)security aspects of code, because of polonus's interest in voluntarily website security analysis and website error-hunting, and always looking for new angles to come up with,

Damian

P.S.
Quote
A parser-blocking, cross site (i.e. different eTLD+1) script, htxp://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://wXw.chromestatus.com/feature/5718547946799104 for more details.
Courtesy Google Chrome's developer console.
on my Greasemonkey json script - reported
Quote
Uncaught SyntaxError: Unexpected end of JSON input
    at JSON.parse (<anonymous>)
    at XMLHttpRequest.xhr.onreadystatechange

pol
« Last Edit: November 19, 2017, 10:48:46 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #526 on: November 25, 2017, 01:59:09 PM »
You could check here whether your browser is vulnerable:  https://mineblock.org/
I get:
Quote
If the miner doesn't start, your browser is safe!
Can't start miner. Your browser is safe!
The baddies are listed here: http://www.badbitcoin.org/thebadlist/

Bad Bitcoin i.m.o.  is a big ponzi-like blockchain scam scheme, like the Black Tulip hype in the days of our Dutch painter Rembrandt, moreover the bitcoin value now halves every three years and over a few decades all present bitcoins will be mined.

When you wanna block mal-ads, you certainly wanna block bad-bitcoin-mining as well,
a good adblocker and scriptblocker combination will keep you safe from bitcoin mining scripts-
uBlockOrigin together with uMatrix.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #527 on: November 25, 2017, 10:59:02 PM »
Check how privacy (un)friendly is a webproxy:

Beta-testing: https://privacyscore.org/site/34967/

Here we see issues: https://threatintelligenceplatform.com/report/proxy-de1.toolur.com/sCpTixZZn6

Here we found 3 problems: https://mxtoolbox.com/domain/proxy-de1.toolur.com/

F-grade status and recommendations: https://observatory.mozilla.org/analyze.html?host=proxy-de1.toolur.com

polonus (volunteer website security analyst and website error-hunter)

P.S. What strikes us in the results of this proxy website example as insecure, is that the webproxy site does offer https, but does not automatically defaults to it from http!
Secondly it serves up sub-secure ciphers and furthermore the server is vulnerable to Poodle, while also  the nameserver has version info proliferation: 9.9.4-RedHat-9.9.4-51.el7 (so one could check for vuln. and exploits, which attackers could do).
Also a warning goes for undesired redirects!

Damian
« Last Edit: November 25, 2017, 11:20:37 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #528 on: November 30, 2017, 10:52:55 PM »
Interesting resources on BGP Security and Routing: http://moo.cmcl.cs.cmu.edu/~dwendlan/routing/

Check site example: https://ip.rst.im/dig/internal.akamaistream.net.

Later we found via another check: as21342/moas
Rate - 4.0 ;  2 Router Leaks ; 54 MOAS ; 532 dDos amplifiers

Now that sitevet dot com also as AS bad history resource has disappeared, we have to look out servers not overreach quotes and sources thus disappear for researchers.  ;)

Linkrot is the worst enemy of a volunteer website security analyst and website error-hunter like little old me,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #529 on: December 01, 2017, 11:24:34 PM »
Because of recent and present threats to BGP security and the cold cyber-war,
Russia is planning to eventually set up it's own Internet only in BRICS countries.


Read here: https://www.theregister.co.uk/2017/12/01/russia_own_internet/

Here a map of the Root Server Technical Operations Assn: http://www.root-servers.org/

Then the root files: https://www.iana.org/domains/root/files

But there also new innovative solutions like blockstack coming: https://github.com/blockstack/atlas

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #530 on: December 04, 2017, 12:02:47 AM »
New Panopticlick scan launched:

 https://www.eff.org/deeplinks/2017/11/panopticlick-30

See: https://panopticlick.eff.org/

Is your browser blocking tracking ads?   ✓ yes
Is your browser blocking invisible trackers?   ✓ yes
Does your blocker stop trackers that are included in the so-called “acceptable ads” whitelist?   ✓ yes
I just changed my profile using the canvas fingerprint extension.

Current canvas noise hash
#14afxxxxxxxxxxxxxxx3244bxx0271
Last changed: December 4 00:01

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Evanna456

  • Jr. Member
  • **
  • Posts: 63
Re: Tests and other Media topics
« Reply #531 on: December 06, 2017, 12:27:46 AM »
is your browser block tracking ads? partial protection. Considering my ad blocker is adblock plus, it might be true
is your browser blocking invisible trackers? partial protection. So firefox built in tracking protection is not enough.
Firefox uses disconnect.me tracking list, @_@ i really need a plugin/addon for this huh.
Does your browser stop trackers....acceptable ads. ? no. same answer with my previous one.
Does your browser unblock third parties....Do not track? no. I set my browser to always block third party trackers.
Does your browser protect you from fingerprinting? your browser has a unique fingerprint.

Full result of browser fingerprinting:
screen size is wrong.
no timezone, undefined plugin details
system fonts is wrong, there are fonts missing on the list
user agent: firefox 52, no im using firefox 57
just a noob

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #532 on: December 10, 2017, 05:04:26 PM »
Nice new scanner outlay for Cymon - Search Threats.

Example of a randowm IP search result:
https://app.cymon.io/search/ip/209.202.252.95

Enjoy my good friends, enjoy

P.S. Missed completely here: https://www.virustotal.com/#/url/4f5f0accd4fc42fcd4c51851d77c980eaa6f0016aea08de65e3cf3cbb0da9853/detection

Can be combined with these results: https://ransomwaretracker.abuse.ch/ip/209.202.252.95/
and these: https://www.scumware.org/report/209.202.252.95.html

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #533 on: December 11, 2017, 05:18:24 PM »
Some signs of computer compromise:

Your AV is disabled and you did not do this yourself.

You get a ransom message and it does not go away after restarting your computer.

You get frequent pop-ups at a time.

Your online passwords do not work anymore and you did not change them.

An unapproved software starts to download suddenly, and you did not allow it to do so.

Your websearches in your browser are redirected.

Your browser suddenly has a new toolbar added.

You are sending spam to friends on social media for instance , and you did not do that yourself.

Your mouse suddenly starts to move all by itself.

Conclusion all could be signs of an infested computer or someone hacking into it.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #534 on: December 12, 2017, 10:26:09 PM »
Is your server secure against a 19 year old revived crypto attack threat, called by the name of ROBOT?
Background read (facebook has been patched): https://www.theregister.co.uk/2017/12/13/robot_tls_rsa_flaw/

Read: https://robotattack.org/

Check: https://robotattack.org/check/?h=   (h give domain name with www and without).

Test also added here now: https://testssl.sh/

Here: https://github.com/RUB-NDS/TLS-Attacker

Here: https://github.com/tomato42/tlsfuzzer

and here: https://dev.ssllabs.com/

Vulnerable server admins are advised to install available updates or whenever possible disable TLS RSA encryption functionality.

How this could have been kept under the detection radar for that long (19 years) is so far unknown,
but again makes the infrastructure an even more insecure theater.

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: December 13, 2017, 11:09:23 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #535 on: December 18, 2017, 11:12:06 PM »
Checked here: https://www.detectadblock.com/

It said that I am allowing ads, good for me.

I have an anti-adblock-solution of sorts running under my Tampermonkey user-script extension,
called Anti-Adblock Killer | Reek and it does a great job for me.

When I meet an adblocker blocker I can choose to block their ads and visit the site via a webproxy anyway.

Else the risk of getting any (3rd party) mal-ad-code is too great a risk in my opinion to even considering lifting my adblocker.

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #536 on: January 02, 2018, 05:17:48 PM »
Test your browser against password manager leak:
https://senglehardt.com/demo/no_boundaries/loginmanager/
this as webtrackers follow internet-users via password managers.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #537 on: January 03, 2018, 12:09:24 AM »
Tested IP here: https://www.perfect-privacy.com/check-ip/

Results OK for
Quote
HTTP metadata does not contain any suspicious information
HTTP_VIA   - empty -
HTTP_CLIENT_IP   - empty -
HTTP_CLIENT_IP (DNS)   - empty -
HTTP_FROM   - empty -
HTTP_X_REAL_IP   - empty -
HTTP_X_FORWARDED   - empty -
HTTP_X_FORWARDED_FOR   - empty -
Java disabled
Flash diabled
;)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31666
  • malware fighter
Re: Tests and other Media topics
« Reply #538 on: January 08, 2018, 09:59:21 PM »
Check here your Spectre CPU vulnerability

http://xlab.tencent.com/special/spectre/spectre_check.html

Enjoy, my friends, enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 81923
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #539 on: January 08, 2018, 10:20:04 PM »
Check here your Spectre CPU vulnerability

http://xlab.tencent.com/special/spectre/spectre_check.html

Enjoy, my friends, enjoy,

polonus

I had thought this would actually be a CPU check for vulnerability, as per the 'bold text.'

However, this would be browser check and not a CPU check.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.7.2388 (build: 19.7.4674.526)/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/