Author Topic: Tests and other Media topics  (Read 579314 times)

0 Members and 3 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #180 on: March 06, 2015, 05:50:35 PM »
WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices.
What web to check can be found here: http://whatweb.net/
To find out what websites are Built With, check here: http://builtwith.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #181 on: March 10, 2015, 06:08:33 PM »
Adsense banned checker: http://www.bannedbyadsense.com/
and another: http://www.isbanned.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #182 on: March 14, 2015, 05:13:04 PM »
A GZip Discrimination test: http://nontroppo.org/tools/gziptest/?url=
Opera users can use this button to drag to a toolbar of choice: opera:/button/Go to page, %22http://nontroppo.org/tools/gziptest/?url=%25u%22

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #183 on: March 18, 2015, 10:07:12 PM »
Test for Superfish in Google Chrome: https://lastpass.com/superfish/
For firefox there is this extension: https://addons.mozilla.org/en-us/firefox/addon/superfish-checker/?src=cb-dl-recentlyadded

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #184 on: March 18, 2015, 11:00:00 PM »
Test for Superfish in Google Chrome: https://lastpass.com/superfish/
For firefox there is this extension: https://addons.mozilla.org/en-us/firefox/addon/superfish-checker/?src=cb-dl-recentlyadded

polonus

You can also run the LastPass test in Firefox if your using FF 37.0 :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #185 on: March 18, 2015, 11:04:26 PM »
Does http://screenshots.screencast-o-matic.com/screenshot/u/Lh/1426715840242-32424.png
works for all as in bob3160's reply? Hi bob, you and I are secure  ;D

See attached...
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #186 on: March 25, 2015, 03:50:14 PM »
Is your DNS hijacked?
Test here: https://www.ismydnshijacked.com/
So your router DNS-settings were not altered by cybercriminals,
then all is well.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #187 on: April 04, 2015, 08:01:25 PM »
To those that know how to protect themselves,   Message on ScriptSafe and uMatrix extensions for Google Chrome.

These two extensions are the best in-browser-security related extensions that came to be installed into the Google Chrome browser and the combination can be compared to the No-Script and Request Policy add-on combination for firefox.
For working both extensions you do not need rocket science, but if you want to surf dumbed down on full automatic clicking after anythings that shows up on the browser screen to completely work your PC or laptop into a doorstopper only state, please do not read on. When you trust others to take care of your browser security and you do not want to have anything to do with it, this posting is not meant for you.
For the others, this is not too hard. First know where you are going, whenever you are visiting a link from a search page that is not alerted as suspicious (Avast Online Security warning,  Bitdefender Traffic Light alert, DrWeb URL checker warning, Google Safebrowsing or Yandex blacklisting alert or privacy alert) or when you visited a website before work ScriptSafe green and allow the main site and block third parties or allow third parties also when that is needed for the full functionality of that page (else leave these blocked), for uMatrix you follow a likewise procedure, only click there if you need additional blocking or when you need more functionality on a certain secure webpage.
Rule 1 when you get an alert from Avast Online Security or the Avast Shields or Bitdefender TrafficLight extension or DrWeb's or Google Safebrowsing or Yandex alert, do not go to that destination and do not visit that website. When you are a responsible guy or gal report the link with hxtp or wXw so the unaware cannot get infected by clicking a live link. We have section for that here on the forums; the virus and worms or report to virus@avast.com.
Really folks, these two extension can be learned to be toggled and the additional bonus is advanced security (you can block any frame, any script you like inside the extension), more insight in what threatening things can arrive at your browser from the Interwebs and additional privacy by blocking scripts that try to track you with analytics, ads, widgets etc.
Install ScriptSafe and uMatrix from the Google Webstore https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf
and
https://chrome.google.com/webstore/detail/%C2%B5matrix/ogfcmafjalglgifnmanfmnieipoejdcf
learn to point and click and enjoy the advanced browser security you have gained through a couple of right toggling clicks.

An important observation - always toggle uMatrix first and then adjust ScriptSafe, just in that order!

Users that want to experience a uMatrix-like extension in firefox should try Policeman:
https://addons.mozilla.org/nl/firefox/addon/policeman/
Also support rules based on content type: images, styles, scripts, frames etc.
The purpsoe of the extension is similar to NoScript and RequestPolicy.

When uMatrix comes to firefox, we will be have a hard time to choose between chrome and firefox,
tired a bit of the increasing bloatness of these "googlalities",
but the searching versatility keeps me aboard.

Just look at a youtube website through the eyes of uMatrix with some 248 items that can be toggled.
Google is the Big Tracking machine par excellence.
For that reason I added Stop Tracking -> chrome://extensions/?id=cjadnibdialbplafleaocjllgggfflko
and you won't be tracked any longer.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #188 on: April 05, 2015, 05:32:21 PM »
Who is using this block list in the hosts file?.
Re http://pgl.yoyo.org/adservers/serverlist.php?showintro=0;hostformat=hosts

One of the blocked items: https://www.mywot.com/en/scorecard/cash4webmaster.de?utm_source=addon&utm_content=popup
Spam. Scam and Ponzi Schemes...

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #189 on: April 07, 2015, 11:11:28 AM »
I did not notice this before, VT now give Snort and Suricata IDS alerts

An example here:
exploit detection
https://www.virustotal.com/en/file/961751ef6378515dc09a94135fa0c23d133aa41ae6dc2267340067773f51efde/analysis/

This is an important enhancement of virustotal scan capabilities, I can therefore compare these detections now with urlquery dot net scan results and the IDS alerts there and the Fortinet findings.
And check on the alerts, like "ET POLICY HTTP Request on Unusual Port Possibly Hostile (Potential Corporate Privacy Violation) -" leads us to these resources:  http://www.aldeid.com/wiki/Suricata-vs-snort/Test-cases/Malwares-viruses. These test-cases may be revealing, so one may learn what kind of malware comes 'covered by these rules" . So combining snort rule detection patterns can narrow down detection. Also one could compare the Fortinet findings from urlquery dot net and go after (search) either the malware name or IP preceded by the term Clean MX. So the search query "clean mx Packed.Generic.187" delivers: realtime:
http://support.clean-mx.de/clean-mx/md5.php?Sophos=Mal/Behav-351, this is a simple identification, see: https://malwr.com/analysis/MDMzOWM3MDM4Y2JhNDllMmI0YTFmN2MxOTdmMTAxNjA/  and then we return to the detailed snort analysis;
Quote
Packed.Generic.187
Test: 84dc4e81531c373e431d818790dd26d1
Payload: pcap
Suricata trace:
ET USER_AGENTS Suspicious Mozilla User-Agent - Likely Fake
BACKDOOR rogue software ms antispyware 2009 runtime detection
Suricata score: 1
Snort trace:
A Network Trojan was detected
I think users should always have VT as a pre-checker in the browser now just one click away, for example via VTchromizer.
Read here from Madras Geek: http://www.madrasgeek.com/2010/12/scan-for-virus-malware-removal-with-virustotal-chromizer.html  download VTChromizer here-> https://chrome.google.com/extensions/detail/efbjojhplkelaegfbieplglfidafgoka

For the real g33ks and aware, a nice pcap collection here: https://www.mediafire.com/?a49l965nlayad#a49l965nlayad (info credits Mila Parkour) Be aware do not open payloads.

polonus

« Last Edit: April 07, 2015, 11:27:41 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #190 on: April 11, 2015, 05:40:52 PM »
Website Test behind the Great Firewall of China for various locations:
http://www.websitepulse.com/help/testtools.china-test.html
and http://www.greatfirewallofchina.org/
and here: https://en.greatfire.org/
DNS tests: http://viewdns.info/chinesefirewall/
See attached our forum website seems blocked:
Contradictory results here: https://en.greatfire.org/https/forum.avast.com/index.php

pol
« Last Edit: April 11, 2015, 06:47:59 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #191 on: April 12, 2015, 11:58:18 PM »
What uMatrix is blocking as malware domains/just domains - updated 3rd-party assets
Those users here on the forums working ScriptSafe next to uMatrix like to have this info.
updated 3rd-party assets: https://github.com/gorhill/uMatrix/commit/d2ed6778c59d2592ecb3f854a4853b522e38ec30
Also look here: https://github.com/gorhill/uMatrix/blob/master/assets/umatrix/blacklist.txt
# Blacklist maintained by HTTP Switchboard (the pre-decessor of the uMatrix extension).
# For those domain names which are not found in other blacklists
enjoy....

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #192 on: April 15, 2015, 10:49:07 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #193 on: April 17, 2015, 11:21:38 AM »
To-day I was surveying at a design coding exam at a Higher Educational Insitute for IT staff outbuilding and polonus would not be polonus when he would not be going over the code.
When "public Void" was staring back at me and I combined that with the words "override" and "XSS exploitable".
Re: http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
See: https://github.com/tonyzampogna/XssSanitizer/blob/master/test/unit/org/tonyzampogna/xss/sanitizer/util/XssSanitizerUtilTest.java
This example shows how in the JVM memory system two objects are at a different address while the stored parameter is in the same memory location, and is overwritten by the second method. This is the basis of the "vulnerability".
actually it is a so-called C vulnerability, that you need not live with if you develop in Java.

info credits go to thomas-pornin

polonus
« Last Edit: April 17, 2015, 11:31:28 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #194 on: April 17, 2015, 11:43:43 AM »
Test whether an iis server has been patched with MS15-034.
Go here: https://lab.xpaw.me/MS15-034/
Example: Cannot discern patch status of www.iisprotect.com. This most likely means it is not vulnerable.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!