Author Topic: Tests and other Media topics  (Read 246874 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #600 on: July 23, 2018, 11:59:13 AM »
Testing with a JavaScript Tester online /*! JsRender v1.0.0-beta: http://github.com/BorisMoore/jsrender and http://jsviews.com/jsviews
informal pre V1.0 commit counter: 63 */
Possible strict violation - Assignment in conditional expression - Confusing use of '!' - 't' is already defined - A constructor name should start with an uppercase lletter - 'g' is already defined - 'd' is already defined - The function constructor is a form of eval - use '!==' to compare with "null'.

Unpacker does not find errors
Quote
nothing detected] script
     info: [decodingLevel=0] found JavaScript
     file: d3d7bb9a49ca44016a34a26956f1bfeacc4de695: 16068 bytes

Read here in this respect: http://mahalingamganesan.weebly.com/security.html
Re: http://www.webtoolkitonline.com/javascript-tester.html  Test in http://jsbin.com

polonus
« Last Edit: July 23, 2018, 03:08:26 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #601 on: August 02, 2018, 12:40:17 AM »
Check your secure connection DNSSEC & DS algorithm
at https://rootcanary.org/test.html

enjoy my good friends, enjoy

polonus

Somehow GOST WebCrypto is not validated by my resolver(s) - Pure Javascript implementation of WebCrypto API interfaces and Public Key Infrastructure for GOST algorithms (Russian Cryptographic Standards) - read: https://github.com/rudonick/crypto
Demo: http://gostcrypto.com/

When trying to test GOST I was held back by a MalwareBytes Browser Extension Beta alert: Website blocked due
to possible suspicious activity

We strongly recommend you do not visit this site.

Website blocked: htXp://gostcrypto.com/self-tests.html

Damian
« Last Edit: August 02, 2018, 01:08:58 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #602 on: August 02, 2018, 01:07:36 AM »
Tested it in a decentralized browser, Beaker browser beta, then it worked as a charm, results below:

Quote
GOST R 34.11-94 TEST

Test 01 GOST R 34.11-94-256 ........................................ PASSED 0.024 sec
Test 02 GOST R 34.11-94-256 ........................................ PASSED 0.007 sec
Test 03 GOST R 34.11-94-256 ........................................ PASSED 0.018 sec
Test 04 GOST R 34.11-94-256 ........................................ PASSED 0.032 sec
 
Test 05 GOST R 34.11-94-256/D-TEST ................................. PASSED 0.003 sec
Test 06 GOST R 34.11-94-256/D-TEST ................................. PASSED 0.002 sec
Test 07 GOST R 34.11-94-256/D-TEST ................................. PASSED 0.002 sec
Test 08 GOST R 34.11-94-256/D-TEST ................................. PASSED 0.003 sec
 
PBKDF2 tests
Test 09 GOST R 34.11-94-256-PBKDF2 ................................. PASSED 0.069 sec
Test 10 GOST R 34.11-94-256-PBKDF2 ................................. PASSED 0.026 sec
Test 11 GOST R 34.11-94-256-PBKDF2 ................................. PASSED 1.527 sec
 
TOTAL OK
 
GOST R 34.11-2012 TEST

Test 01 GOST R 34.10-12-256 ........................................ PASSED 0.01 sec
Test 02 GOST R 34.10-12-256 ........................................ PASSED 0.026 sec
Test 03 GOST R 34.10-12-256 ........................................ PASSED 0 sec
Test 04 GOST R 34.10-12-256 ........................................ PASSED 0 sec
 
Test 05 GOST R 34.11-12-256-KDF .................................... PASSED 0.013 sec
Test 06 GOST R 34.11-12-256-KDF .................................... PASSED 0.005 sec
 
HMAC/PBKDF2 tests
Test 07 GOST R 34.11-12-256-HMAC ................................... PASSED 0.001 sec
Test 08 GOST R 34.11-12-512-HMAC ................................... PASSED 0.001 sec
Test 09 GOST R 34.11-12-256-PBKDF2 ................................. PASSED 0.476 sec
Test 10 GOST R 34.11-12-512-PBKDF2/VN .............................. PASSED 0.029 sec
Test 11 GOST R 34.11-12-512-PBKDF2/VN .............................. PASSED 0.026 sec
 
Test 12 GOST R 34.11-12-512 ........................................ PASSED 0 sec
Test 13 GOST R 34.11-12-512 ........................................ PASSED 0 sec
Test 14 GOST R 34.11-12-512 ........................................ PASSED 0 sec
Test 15 GOST R 34.11-12-512 ........................................ PASSED 0.004 sec
 
TOTAL OK
 
SHA-1 TEST

Test 01 SHA-1 ...................................................... PASSED 0.007 sec
Test 02 SHA-1 ...................................................... PASSED 0.001 sec
Test 03 SHA-1 ...................................................... PASSED 0.008 sec
 
PBKDF2 tests
Test 04 SHA-1-PBKDF2 ............................................... PASSED 0.001 sec
Test 05 SHA-1-PBKDF2 ............................................... PASSED 0.004 sec
Test 06 SHA-1-PFXKDF ............................................... PASSED 0.004 sec
Test 07 SHA-1-PFXKDF ............................................... PASSED 0.029 sec
Test 08 SHA-1-PFXKDF ............................................... PASSED 0.003 sec
Test 09 SHA-1-PFXKDF ............................................... PASSED 0.106 sec
 
TOTAL OK
 
GOST R 34.10-94 TEST

Test 01 GOST R 34.10-94-256/S-TEST ................................. PASSED Sign 0.072 sec, Verify 0.036 sec
 
TOTAL OK
 
GOST R 34.10-2012 TEST

Test 01 GOST R 34.10-12-256/S-256-TEST ............................. PASSED Sign 0.237 sec, Verify 0.118 sec
Test 02 GOST R 34.10-12-256/T-512-TEST ............................. PASSED Sign 0.566 sec, Verify 0.408 sec
Test 03 GOST R 34.10-12-256/S-256-TEST ............................. PASSED Sign 0.056 sec, Verify 0.141 sec
Test 04 GOST R 34.10-12-256/S-256-TEST ............................. PASSED Sign 0.035 sec, Verify 0.063 sec
Test 05 GOST R 34.10-12-256/S-256-TEST ............................. PASSED Sign 0.079 sec, Verify 0.279 sec
Test 06 GOST R 34.10-12-256/T-512-TEST ............................. PASSED Sign 0.235 sec, Verify 0.297 sec
 
Key exchange scenario
Test 07 GOST R 34.10-12-256-DH/S-256-TEST .......................... PASSED DeriveKey 0.067 sec
Test 08 GOST R 34.10-12-256-DH/X-256-A ............................. PASSED DeriveKey 0.05 sec
Test 09 GOST R 34.10-12-256-DH/X-256-A ............................. PASSED DeriveKey 0.047 sec
 
TOTAL OK
 
GOST 28147-89/GOST R 34.12-2015 TEST

Test 01 GOST 28147-ECB/D-TEST ...................................... PASSED
Test 02 GOST 28147-CBC/D-TEST ...................................... PASSED
Test 03 GOST 28147-CTR/D-TEST ...................................... PASSED
Test 04 GOST 28147-CFB/D-TEST ...................................... PASSED
Test 05 GOST 28147-ECB/D-TEST ...................................... PASSED
Test 06 GOST 28147-CFB/D-TEST ...................................... PASSED
Test 07 GOST 28147-CFB/E-TEST ...................................... PASSED
Test 08 GOST 28147-CFB/E-A ......................................... PASSED
Test 09 GOST 28147-CFB-8/E-B ....................................... PASSED
Test 10 GOST 28147-CFB-8/E-C ....................................... PASSED
Test 11 GOST 28147-CFB-8/E-D ....................................... PASSED
Test 12 GOST 28147-CFB-8/D-A ....................................... PASSED
Test 13 GOST 28147-CFB-8 ........................................... PASSED
Test 14 GOST 28147-CTR/E-A ......................................... PASSED
Test 15 GOST 28147-ECB/E-Z ......................................... PASSED
 
MAC sing/verify
Test 16 GOST 28147-MAC-32/E-A ...................................... PASSED
Test 17 GOST 28147-MAC-32/E-A ...................................... PASSED
 
Padding
Test 18 GOST 28147-ECB-BITPADDING/D-TEST ........................... PASSED
Test 19 GOST 28147-ECB-BITPADDING/D-TEST ........................... PASSED
Test 20 GOST 28147-ECB-PKCS5PPADDING/D-TEST ........................ PASSED
Test 21 GOST 28147-ECB-PKCS5PPADDING/D-TEST ........................ PASSED
Test 22 GOST 28147-ECB-ZEROPADDING/D-TEST .......................... PASSED
 
Key meshing
Test 23 GOST 28147-CFB-CPKEYMESHING/E-A ............................ PASSED
Test 24 GOST 28147-CBC-CPKEYMESHING/E-A ............................ PASSED
Test 25 GOST 28147-CTR-CPKEYMESHING/E-A ............................ PASSED
Test 26 GOST 28147-MAC-32/E-A ...................................... PASSED
 
Key wrapping
Test 27 GOST 28147-KW/D-TEST ....................................... PASSED
Test 28 GOST 28147-KW/E-A .......................................... PASSED
Test 29 GOST 28147-CPKW/D-TEST ..................................... PASSED
Test 30 GOST 28147-CPKW/E-A ........................................ PASSED
Test 31 GOST 28147-SCKW/E-SC ....................................... PASSED
 
GOST R 34.12-2015/64bits
Test 32 GOST R 34.12-15-ECB ........................................ PASSED
Test 33 GOST R 34.12-15-ECB ........................................ PASSED
Test 34 GOST R 34.12-15-CTR ........................................ PASSED
Test 35 GOST R 34.12-15-CBC ........................................ PASSED
Test 36 GOST R 34.12-15-CFB ........................................ PASSED
Test 37 GOST R 34.12-15-OFB ........................................ PASSED
Test 38 GOST R 34.12-15-MAC-32 ..................................... PASSED
 
GOST R 34.12-2015/128bits
Test 39 GOST R 34.12-15-128-ECB .................................... PASSED
Test 40 GOST R 34.12-15-128-ECB .................................... PASSED
Test 41 GOST R 34.12-15-128-CTR .................................... PASSED
Test 42 GOST R 34.12-15-128-OFB .................................... PASSED
Test 43 GOST R 34.12-15-128-CBC .................................... PASSED
Test 44 GOST R 34.12-15-128-CFB .................................... PASSED
Test 45 GOST R 34.12-15-128-MAC-64 ................................. PASSED
 
RC2
Test 46 RC2-63-ECB ................................................. PASSED
Test 47 RC2-ECB .................................................... PASSED
Test 48 RC2-ECB .................................................... PASSED
Test 49 RC2-ECB .................................................... PASSED
Test 50 RC2-ECB .................................................... PASSED
Test 51 RC2-ECB .................................................... PASSED
Test 52 RC2-128-ECB ................................................ PASSED
Test 53 RC2-129-ECB ................................................ PASSED
 
TOTAL OK

Do not understand why it does not work in the main line of browsers, should work in Yandex browser,
but did not test it there. Also do not understand the over-reactive security alert from MalwareBytes extension  ???


polonus (volunteer 3rd party website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #603 on: August 11, 2018, 12:41:40 PM »
Nice collection of various blocklists, all incorporated in the code of this dns-fw:
https://github.com/cbuijs/unbound-dns-firewall/blob/master/dns-firewall.lists

Some you could add to your blocker of sorts.
Quote
////
Default-Regex-Black   black   /etc/unbound/regex-blacklist
Default-Regex-White   white   /etc/unbound/regex-whitelist

##Disconnect-Ads   black   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt   /etc/unbound/disconnect-ads.list   86400   @DOMAIN
##Disconnect-Malware   black   https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt   /etc/unbound/disconnect-malware.list   86400   @DOMAIN
##Disconnect-Tracking   black   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt   /etc/unbound/disconnect-tracking.list   86400   @DOMAIN
##Disconnect-Malvertising   black   https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt   /etc/unbound/disconnect-malvertising.list   86400   @DOMAIN

#Adguard-Android   white   https://raw.githubusercontent.com/AdguardTeam/HttpsExclusions/master/android.txt   /etc/unbound/adguard-android.list   86400   @DOMAIN
#Adguard-Banks   white   https://raw.githubusercontent.com/AdguardTeam/HttpsExclusions/master/banks.txt   /etc/unbound/adguard-banks.list   86400   @DOMAIN
#Adguard-FireFox   white   https://raw.githubusercontent.com/AdguardTeam/HttpsExclusions/master/firefox.txt   /etc/unbound/adguard-firefox.list   86400   @DOMAIN
#Adguard-Issues   white   https://raw.githubusercontent.com/AdguardTeam/HttpsExclusions/master/issues.txt   /etc/unbound/adguard-issues.list   86400   @DOMAIN
#Adguard-Sensistive   white   https://raw.githubusercontent.com/AdguardTeam/HttpsExclusions/master/sensitive.txt   /etc/unbound/adguard-sensitive.list   86400   @DOMAIN

EasyList   black   https://easylist.to/easylist/easylist.txt   /etc/unbound/easylist.list   86400   @ADBLOCK-BLACK
EasyList-Element   black   /etc/unbound/easylist.list.download   /etc/unbound/easylist-element.list   86400   @ADBLOCK-ELEMENT
EasyList-White   white   /etc/unbound/easylist.list.download   /etc/unbound/easylist-white.list   86400   @ADBLOCK-WHITE   @ADBLOCK-EXCLUDE
EasyPrivacy   black   https://easylist.to/easylist/easyprivacy.txt   /etc/unbound/easyprivacy.list   86400   @ADBLOCK-BLACK
EasyPrivacy-Element   black   /etc/unbound/easyprivacy.list.download   /etc/unbound/easyprivacy-element.list   86400   @ADBLOCK-ELEMENT
EasyPrivacy-White   white   /etc/unbound/easyprivacy.list.download   /etc/unbound/easyprivacy-white.list   86400   @ADBLOCK-WHITE   @ADBLOCK-EXCLUDE
EasyList-Dutch   black   https://easylist-downloads.adblockplus.org/easylistdutch.txt   /etc/unbound/easylist-dutch.list   86400   @ADBLOCK-BLACK
EasyList-Dutch-Element   black   /etc/unbound/easylist-dutch.list.download   /etc/unbound/easylist-dutch-element.list   86400   @ADBLOCK-ELEMENT
EasyList-Dutch-White   white   /etc/unbound/easylist-dutch.list.download   /etc/unbound/easylist-dutch-white.list   86400   @ADBLOCK-WHITE   @ADBLOCK-EXCLUDE
EasyList-French   black   https://easylist-downloads.adblockplus.org/liste_fr.txt   /etc/unbound/easylist-french.list   86400   @ADBLOCK-BLACK
EasyList-French-Element   black   /etc/unbound/easylist-french.list.download   /etc/unbound/easylist-french-element.list   86400   @ADBLOCK-ELEMENT
EasyList-French-White   white   /etc/unbound/easylist-french.list.download   /etc/unbound/easylist-french-white.list   86400   @ADBLOCK-WHITE   @ADBLOCK-EXCLUDE

#FanBoy-Complete   black   https://fanboy.co.nz/r/fanboy-complete.txt   /etc/unbound/fanboy.list   86400   @ADBLOCK-BLACK
#FanBoy-Complete-White   white   /etc/unbound/fanboy.list.download   /etc/unbound/fanboy-white.list   86400   @ADBLOCK-WHITE   @ADBLOCK-EXCLUDE

#PipeRun   black   https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist   /etc/unbound/piperun.list   86400   @ADBLOCK-BLACK

#PopAds   black   https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt   /etc/unbound/popads.list   86400   @ADBLOCK-BLACK

#Anudeep   white   https://raw.githubusercontent.com/anudeepND/whitelist/master/whitelist.txt   /etc/unbound/anudeep.list   86400   @DOMAIN
#Anudeep-YouTube-Ads   black   https://raw.githubusercontent.com/anudeepND/youtubeadsblacklist/master/domainlist.txt   /etc/unbound/anudeep-youtube-ads.list   86400   @DOMAIN

#BarbBlock   black   https://ssl.bblck.me/blacklists/domain-list.txt   /etc/unbound/barbblock.list   86400   @DOMAIN

##Adguard-Cryptominers   black   https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/EnglishFilter/sections/cryptominers.txt   /etc/unbound/adguard-cryptominers.list   86400   @ADBLOCK-BLACK
##CoinBlocker   black   https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/list.txt   /etc/unbound/coinblocker.list   86400   @DOMAIN
##CoinBlocker-IP   black   https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/MiningServerIPList.txt   /etc/unbound/coinblocker-ip.list   86400   @IP
##NoCoin   black   https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt   /etc/unbound/nocoin.list   86400   @HOST0

##Dshield-Top10   black   http://feeds.dshield.org/top10-2.txt   /etc/unbound/dshield-top10.list   86400   @HOST   ^site$
##Dshield-Suspicious   black   https://www.dshield.org/feeds/suspiciousdomains_High.txt   /etc/unbound/dshield-suspicious.list   86400   @DOMAIN   ^site$
#Dshield-Whitelist   white   https://dshield.org/feeds/suspiciousdomains_whitelist_approved.txt   /etc/unbound/dshield-white.list   86400   @DOMAIN   ^site$

##FireHol1   black   https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset   /etc/unbound/firehol1.list   86400   @IP
#FireHol2   black   https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset   /etc/unbound/firehol2.list   86400   @IP
#FireHol3   black   https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset   /etc/unbound/firehol3.list   86400   @IP
#FireHol4   black   https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset   /etc/unbound/firehol4.list   86400   @IP
#FireHol-Abusers   black   https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_abusers_30d.netset   /etc/unbound/firehol-abusers.list   86400   @IP

##BaddBoys   black   https://raw.githubusercontent.com/mitchellkrogza/Badd-Boyz-Hosts/master/hosts   /etc/unbound/baddboyz.list   86400   @HOST0
#Krogza-False-Positive   exclude   https://raw.githubusercontent.com/mitchellkrogza/CENTRAL-REPO.Dead.Inactive.Whitelisted.Domains.For.Hosts.Projects/master/DOMAINS-whitelist.txt   /etc/unbound/krogza-fp.list   86400   @DOMAIN
#Krogza-Dead-Domains   exclude   https://raw.githubusercontent.com/mitchellkrogza/CENTRAL-REPO.Dead.Inactive.Whitelisted.Domains.For.Hosts.Projects/master/DOMAINS-dead.txt   /etc/unbound/krogza-dead.list   86400   @DOMAIN
#Krogza-Reactivated   black   https://raw.githubusercontent.com/mitchellkrogza/CENTRAL-REPO.Dead.Inactive.Whitelisted.Domains.For.Hosts.Projects/master/DOMAINS-re-active.txt   /etc/unbound/krogza-reactivate.list   86400   @DOMAIN
#Krogza-Ultimate-IP   black   https://hosts.ubuntu101.co.za/ips.list   /etc/unbound/krogza-ultimate-ip.list   86400   @IP
#Krogza-Ultimate-Domain   black   https://hosts.ubuntu101.co.za/domains.list   /etc/unbound/krogza-ultimate-domain.list   86400   @DOMAIN
##Krogza-Hacked   black   https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hacked-domains.list   /etc/unbound/krogza-hacked.list   86400   @DOMAIN

##Notracking-Hosts   black   https://raw.githubusercontent.com/notracking/hosts-blocklists/master/hostnames.txt   /etc/unbound/notracking-hosts.list   86400   @HOST0
##Notracking-Domains   black   https://raw.githubusercontent.com/notracking/hosts-blocklists/master/domains.txt   /etc/unbound/notracking-domains.list   86400   @DNSMASQ-ADDRESS

##SpamHaus-Top10-TLD   black   https://www.spamhaus.org/statistics/tlds/   /etc/unbound/spamhaus-top10-tld.list   86400   @SPAMHAUS
##SpamHaus-Top10-BotNet   black   https://www.spamhaus.org/statistics/botnet-isp/   /etc/unbound/spamhaus-top10-botnet.list   86400   @SPAMHAUS
##SpamHaus-Top10-ASN   black   https://www.spamhaus.org/statistics/botnet-asn/   /etc/unbound/spamhaus-top10-asn.list   86400   @SPAMHAUS
##SpamHaus-Drop   black   https://www.spamhaus.org/drop/drop.txt   /etc/unbound/spamhaus-drop.list   86400   @IP
##SpamHaus-Edrop   black   https://www.spamhaus.org/drop/edrop.txt   /etc/unbound/spamhaus-edrop.list   86400   @IP
##SpamHaus-DropV6   black   https://www.spamhaus.org/drop/dropv6.txt   /etc/unbound/spamhaus-dropv6.list   86400   @IP
##SpamHaus-ASNDrop   black   https://www.spamhaus.org/drop/asndrop.txt   /etc/unbound/spamhaus-asndrop.list   86400   @ASN

##Steven-Black-Hosts   black   https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn/hosts   /etc/unbound/stevenblack.list   86400   @HOST0

#SquidBlackList-Ads   black   https://www.squidblacklist.org/downloads/dg-ads.acl   /etc/unbound/squidblacklist-ads.list   86400   @DOMAIN
#SquidBlackList-Malicious   black   https://www.squidblacklist.org/downloads/dg-malicious.acl   /etc/unbound/squidblacklist-malicious.list   86400   @DOMAIN

##Suspect-Networks   black   https://suspect-networks.io/downloads/suspect_networks.txt   /etc/unbound/suspect-networks.list   86400   @IP

##Turris-Grey   black   https://project.turris.cz/greylist-data/greylist-latest.csv   /etc/unbound/turris-grey.list   86400   @IP

#Zonefiles-Malware   black   https://zonefiles.io/f/compromised/domains/live/   /etc/unbound/zonefiles-malware.list   86400   @DOMAIN
#Zonefiles-Malware-IP   black   https://zonefiles.io/f/compromised/ip/live/   /etc/unbound/zonefiles-malware-ip.list   86400   @IP

##MalwareDomainList   black   http://www.malwaredomainlist.com/hostslist/hosts.txt   /etc/unbound/malwaredomain.list   86400   @HOST127

##MailwareDomains   black   https://mirror1.malwaredomains.com/files/justdomains   /etc/unbound/malwaredomains.list   86400   @DOMAIN
##Bulk-Registars   black   http://mirror1.malwaredomains.com/files/bulk_registrars.txt   /etc/unbound/bulk-registars.list   86400   @DOMAIN-WILDCARD
##Immortal-Malware   black   http://mirror1.malwaredomains.com/files/immortal_domains.txt   /etc/unbound/immortal-domains.list   86400   @DOMAIN
##Skype-Resolvers   black   http://mirror1.malwaredomains.com/files/Skype-resolvers.txt   /etc/unbound/skype-resolvers.list   86400   @DOMAIN
##Free-WebHosts   black   http://mirror1.malwaredomains.com/files/freewebhosts.txt   /etc/unbound/freewebhosts.list   86400   @DOMAIN
##Spyware   black   http://mirror1.malwaredomains.com/files/spywaredomains.zones   /etc/unbound/spyware.list   86400   @ZONE

##RansomeWareTracker-Domains   black   https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt   /etc/unbound/ransomewaretracker-doms.list   86400   @DOMAIN
##RansomeWareTracker-IPs   black   https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt   /etc/unbound/ransomewaretracker-ips.list   86400   @IP
##ZeusTracker-BadDomains   black   https://zeustracker.abuse.ch/blocklist.php?download=baddomains   /etc/unbound/zeus-baddomains.list   86400   @DOMAIN
##ZeusTracker-BadIPs   black   https://zeustracker.abuse.ch/blocklist.php?download=badips   /etc/unbound/zeus-badips.list   86400   @IP
##Feado-Domains   black   https://feodotracker.abuse.ch/blocklist/?download=domainblocklist   /etc/unbound/feado-domains.list   86400   @DOMAIN
##Feado-IPs   black   https://feodotracker.abuse.ch/blocklist/?download=ipblocklist   /etc/unbound/feado-ips.list   86400   @IP
#SSL-BL   black   https://sslbl.abuse.ch/blacklist/sslipblacklist.csv   /etc/unbound/ssl-blacklist.list   86400   @IP

#SA-BlackList   black   http://www.sa-blacklist.stearns.org/sa-blacklist/sa-blacklist.current.domains   /etc/unbound/sa-blacklist.list   86400   @DOMAIN

#OpenPhish   black   https://openphish.com/feed.txt   /etc/unbound/openphish.list   86400   @URL

#PhishTank   black   http://data.phishtank.com/data/online-valid.csv   /etc/unbound/phishtank.list   86400   @URLCSV2

#HPHosts-Ads   black   https://hosts-file.net/ad_servers.txt   /etc/unbound/hphosts-ads.list   86400   @HOST127
#HPHosts-Exploit   black   https://hosts-file.net/exp.txt   /etc/unbound/hphosts-exploit.list   86400   @HOST127
#HPHosts-Misleading   black   http://hosts-file.net/mmt.txt   /etc/unbound/hphosts-misleading.list   86400   @HOST127
#HPHosts-Phising   black   https://hosts-file.net/psh.txt   /etc/unbound/hphosts-phising.list   86400   @HOST127

##Blacklist.DE   black   https://lists.blocklist.de/lists/all.txt   /etc/unbound/blocklist.de.list   86400   @IP
##Blacklist.DE-Strong   black   https://lists.blocklist.de/lists/strongips.txt   /etc/unbound/blocklist.de-strong.list   86400   @IP

#Bogon4   black   https://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt   /etc/unbound/bogon4.list   86400   @IP
#Bogon6   black   https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt   /etc/unbound/bogon6.list   86400   @IP

Info credits cbuys

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #604 on: August 12, 2018, 02:40:30 PM »
Re: -https://www.makeuseof.com/tag/followed-click-bait-internet-ads-heres-found/  (Clickbait as clickbait goes)

What do you use as a fact checker for clickbait and media bias?
Example: https://mediabiasfactcheck.com/awareness-act/
Or do you have an extension for that?

Is this a new WOT, webutation outlet?

Always take it with a pince of salt, and make up your own opinion, based of what you know to be facts.
Don't get locked up in your own tunnel-vision.  ;)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41959
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #605 on: August 12, 2018, 03:11:32 PM »
Part of the Avast Secure Browser:

Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #606 on: August 14, 2018, 12:34:51 PM »
Does the website you are on offer the new TLS-protocol version?
Firefox browsers are now ready for it.
Read: https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/ *
Test website online here: https://www.1and1.com/ssl-checker

* polonus does not particularly recommend the use of CloudFlare. (Be aware of CloudBleed bug).

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5408
  • Spartan Warrior
Re: Tests and other Media topics
« Reply #607 on: August 15, 2018, 06:58:13 AM »
Thanks, pol

avast com has two issues of which ssl test will reveal.  Who to notify?
« Last Edit: August 15, 2018, 07:02:03 AM by mchain »
Windows 10 Home 64-bit 1809 Avast Premier Security version 19.8.2393 (build 19.8.4793.541) UI version 1.0.415.  Current version is back to Avast Internet Security.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #608 on: August 17, 2018, 09:34:24 PM »
LS,

Bypassing of cookie crunchers in the browser of tracking and monitoring cookies
 
(uBlock Origin, ABP, Disconnect, Ghostery etc.).
How they do it and what they do not fix: https://www.theregister.co.uk/2018/08/17/usenix_cookies/
test data: https://wholeftopenthecookiejar.eu/

How to check cookies random example: http://www.cookiechecker.nl/check-cookies.php?url=ogv-pompetzki.de
and another one: https://webcookies.org/cookies/media.reklamaizer.ru/2468946
also scan: https://privacyscore.org/

polonus (volunteer 3rd part cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #609 on: August 18, 2018, 10:35:19 AM »
Canvas Tracking example - give in some text and then click generate (Dutch genereren).
Re: http://ermmedia.nl/canvas/

Protection against canvas tracking: https://thehackernews.com/2017/10/canvas-browser-fingerprint-blocker.html
Trace: -https://www.thewindowsclub.com/trace-offers-tracking-protection-chrome-firefox
MalwareBytes warns against installing Cliqz Internet solution!

polonus
« Last Edit: August 18, 2018, 10:47:42 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #610 on: August 19, 2018, 08:49:11 PM »
Searching for outward links on a malware infested (Ramnit A) domain -888088 dot com:
https://seomon.com/domain/88088.com/outbound/
Also: https://moz.com/researchtools/ose/ which ends August 31st, and now https://moz.com/link-explorer ,
where you have to start an account to scan for links:
Same example from the existing links checker:
https://moz.com/researchtools/ose/links?site=88088.com&filter=&source=external&target=page&group=0&page=1&sort=page_authority&anchor_id=&anchor_type=&anchor_text=&from_site=

polonus
« Last Edit: August 19, 2018, 09:13:03 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #611 on: August 21, 2018, 06:43:22 PM »
On the subject of DNS interception and manipulation, read:

https://www.theregister.co.uk/2018/08/20/dns_interception/

Some tests to perform:

1. https://cmdns.dev.dns-oarc.net/
2. https://medium.com/@dnsoarc/go-go-check-your-dns-resolver-s-8793e977a84d 
3.  https://www.whatsmydns.net/ 
4. https://openresolver.com/?ip=   
5. https://www.cyberciti.biz/faq/how-to-find-out-what-my-dns-servers-address-is/

Tested with a form and
Quote
Recursive resolver is not detected on X.X.X.X

IP address X.X.X.X is not vulnerable to DNS Amplification attacks.

Also test at:
1.  https://dnssec-debugger.verisignlabs.com/ 
2.  http://www.ipvoid.com/dnssec-lookup/

Read: 3. https://pypi.org/project/dnsknife/ 

In the case of error-scanning:
Please check if you can resolve for instance domain address  'mycomputer.bmw.us' to IP at your Security Center
and at your scanner. I suspect you've got bad DNS server address definition.

Enjoy, my good friends,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #612 on: August 21, 2018, 11:55:10 PM »
A situation of a malicious 301 redirect flagged by avast's, re: https://forum.avast.com/index.php?topic=221314.msg1473291#new

You can check the search engine friendliness of redirects here: http://www.webconfs.com/redirect-check.php
In the above example we got these results:
Quote
Either www.club21ids.is is NOT REDIRECTING to any URL or the redirect is NOT SEARCH ENGINE FRIENDLY

or check with Google's Malware Check Tool: https://transparencyreport.google.com/safe-browsing/search?url=%20www.club21ids.is
No insecurity found there for -www.club21ids.is .

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #613 on: August 26, 2018, 03:01:05 PM »
Added blocklist collection: https://firebog.net/

Also out of the ordinairy blocklist like coinblocker list: https://zerodot1.gitlab.io/CoinBlockerLists/hosts

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31938
  • malware fighter
Re: Tests and other Media topics
« Reply #614 on: August 27, 2018, 01:15:11 AM »
Sometimes you find a block of Base64 Encoded code on a website & you want to see what that code is all about.

Random example: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=dHxrbXxeLm5tLn11YEJ7fH0tYltnLV58LV58YltuLX17bnQuaHRtbA%3D%3D~enc  see inside line 32

Here you could have it decoded https://www.base64decode.org/

Our example comes out like this:
Quote
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ev="http://www.w3.org/2001/xml-events" height="18px" width="18px"><path fill="rgb( 181, 181, 181 )" d="M17.01,7.98299999999995 C17.01,7.98299999999995 17.01,10.005 17.01,10.005 C17.01,10.005 4.87799999999993,10.005 4.87799999999993,10.005 C4.87799999999993,10.005 10.4390000000001,15.566 10.4390000000001,15.566 C10.4390000000001,15.566 9.00299999999993,17.001 9.00299999999993,17.001 C9.00299999999993,17.001 0.99600000000009,8.99400000000003 0.99600000000009,8.99400000000003 C0.99600000000009,8.99400000000003 9.00299999999993,0.98800000000006 9.00299999999993,0.98800000000006 C9.00299999999993,0.98800000000006 10.4390000000001,2.423 10.4390000000001,2.423 C10.4390000000001,2.423 4.87799999999993,7.98299999999995 4.87799999999993,7.98299999999995 C4.87799999999993,7.98299999999995 17.01,7.98299999999995 17.01,7.98299999999995 Z "/></svg>

Good to know if you have some Base64 Decoding and Encoding on your hands, so enjoy my good friends, enjoy.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!