Author Topic: Tests and other Media topics  (Read 301686 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #210 on: May 05, 2015, 05:56:33 PM »
I give an example of a problem site: solarlist.com Identity verified but with warnings
Encryption (HTTPS) (1)
Communication is encrypted
Site tries to load scripts from sources that weren't verified - so-called mixed content.
Possible Frontend SPOF from:

maps.google.com - Whitelist
(75%) - <script type='text/javascript' src='http://maps.google.com/maps/api/js?sensor=false&ver=1.0'>
html5shiv.googlecode.com - Whitelist
(71%) - <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js">
fonts.googleapis.com - Whitelist
(69%) - <link href='http://fonts.googleapis.com/css?family=Open+Sans:300,400,700' rel='stylesheet' type='text/css'>
(69%) - <link href='http://fonts.googleapis.com/css?family=Open+Sans:300,400,700' rel='stylesheet' type='text/css'>
s3.amazonaws.com - Whitelist
(11%) - <script src="//s3.amazonaws.com/scripts.hellobar.com/c42e00ca9c042c9f6457cf24ee9836a494d021b3.js" type="text/javascript">

See check: http://certificate.revocationcheck.com/solarlist.com

See: https://www.eff.org/https-everywhere/atlas/domains/solarlist.com.html

The following sites know that you visited this page. Click on a site to find out what more it knows about you.
-amazonaws.com
-google.com
-vimeo.com

Netcraft Website Risk Ranking 1 red out of 10: http://toolbar.netcraft.com/site_report?url=https://solarlist.com

Scanning target:  162.159.246.65 on port 443 ...

Found 1 servers with port 443 open
Checking for SSLv3 POODLE vulnerability...

IP address   Hostname   Status   Vulnerable ciphers
162.159.246.65      NOT Vulnerable   
Where I sacnned this? Here: https://pentest-tools.com/vulnerability-scanning/ssl-poodle-scanner

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #211 on: May 08, 2015, 11:50:03 PM »
Test for  X-XSS-Protection: 1; mode=block: http://www.enhanceie.com/test/xss/BlockMode.asp

What is this? X-XSS-Protection is a HTTP header understood by Internet Explorer 8 (and newer versions). This header lets domains toggle on and off the "XSS Filter" of IE8, which prevents some categories of XSS attacks. IE8 has the filter activated by default, but servers can switch if off by setting.
As  it seems to me (proof is hard to find) that it only protects against Reflected XSS (infosecisland.com/blogview/…), also because it does not have any mean to detect Stored XSS (also called Persistent XSS) info credits go to Luca Invernizzi at stackoverflow!

polonus

Netcraft extension and malware script detector will be flagging this and block it as well:
Quote
This page has been blocked by the Netcraft Extension for the following reason:

Suspected XSS Attack

Blocked URL: http://webdbg.com/test/xss/HelloBlockMode.asp?lotsoX=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx etc.

D

« Last Edit: May 08, 2015, 11:54:57 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #212 on: May 10, 2015, 01:23:24 AM »
With voices heard to legalize mass surveillance at least until 2020, here is an insteresting website with projects to opt out (where and while still possible) -> https://prism-break.org/en/
Quote
Disclaimer: Using the recommended projects on this site will not guarantee that 100% of your communications will be shielded against surveillance states. Please do your own research before trusting these projects with sensitive information.
Disclaimer quote taken from above website. Link source - Peng Zhong 2015.

polonus

P.S. A weird test result: https://en.wikipedia.org/wiki/Intelligence_Quotient_%28IQ%29_and_Browser_Usage

D
« Last Edit: May 10, 2015, 01:57:57 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #213 on: May 12, 2015, 07:07:01 PM »
Open port check tool: http://www.yougetsignal.com/tools/open-ports/
The open port checker is a tool you can use to check your external IP address and detect open ports on your connection. This tool is useful for finding out if your port forwarding is setup correctly or if your server applications are being blocked by a firewall. This tool may also be used as a port scanner to scan your network for ports that are commonly forwarded. It is important to note that some ports, such as port 25, are often blocked at the ISP level in an attempt to prevent malicious activity.
Combine with a Dazzlepod IP check: https://dazzlepod.com/ip/

Mind that the results can only be for IPs you own and you cannot publish third party scan results.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #216 on: May 15, 2015, 10:35:30 PM »
Real World Protection Test Results, download here: http://www.av-comparatives.org/wp-content/uploads/2015/05/avc_factsheet2015_04.pdf

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #217 on: May 18, 2015, 12:11:35 AM »
Next to this DNS scanner: http://www.dnsinspect.com/stabletransit.com/1431899954
I stumbled upon this one: http://www.nabber.org/projects/dnscheck/?domain=stabletransit.com *
Both can be nicely combined when you dive into some DNS issue.
So tried to get scan results with stealth nameservers *.
Read: https://support.dnsmadeeasy.com/index.php?/Knowledgebase/Article/View/108/16/why-am-i-getting-these-stealth-name-server-errors-and-warnings link article author Jennifer Oles
Stealth name servers should never listed as authorative!
* This scan was started because of this report: http://toolbar.netcraft.com/site_report?url=http://sbdforms.com
and the Nameserver given there.

My good friends, enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #218 on: May 19, 2015, 06:23:44 PM »
Generate hashes online with this generator: http://www.sha1-online.com/
Example: $ echo -n \`\^\-\,\;\:\!\?\.\'\"\(\)\[\]\{\}\§\@\*\/\\\&\#\%\±\<\=\>\|\~\$\€ | openssl
Output  f44e3004f07d617b06f61b57803a7abe30d414fd  (shellshock bash bug)

fork bomb () { :; }; :(){ :|: & };: -> 57785764f85505a15dd38ea7ffab35bc43512136
Result for md5:  8cf37ff23da0423b9c167dc05b6217ea

Enjoy,

polonus
« Last Edit: May 19, 2015, 06:35:16 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #219 on: May 21, 2015, 07:04:35 AM »
Tested the avast forum site against Logjam PFS Deployment: Test A ServerGo
Warning! This site uses a commonly-shared 1024-bit Diffie-Hellman Group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site.

Big Blue now safe, Firefox and Google Chrome still unpatched.
Due to the weakened export downgraded encryption (USA export encryption restrictions during the 90's and beyond caused this threat) Logjam is now a problem to be mitigated all over the world.
Server test can be found here: https://weakdh.org/sysadmin.html

polonus
« Last Edit: May 21, 2015, 07:08:28 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44097
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #220 on: May 21, 2015, 02:01:28 PM »
Tested the avast forum site against Logjam PFS Deployment: Test A ServerGo
Warning! This site uses a commonly-shared 1024-bit Diffie-Hellman Group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site.

Big Blue now safe, Firefox and Google Chrome still unpatched.
Due to the weakened export downgraded encryption (USA export encryption restrictions during the 90's and beyond caused this threat) Logjam is now a problem to be mitigated all over the world.
Server test can be found here: https://weakdh.org/sysadmin.html

polonus
It's actually the cyber crook that caused this problem. It's their exploitation of this 'weakness' that's the problem. :) (I'm being sarcastic.)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #221 on: May 21, 2015, 03:46:43 PM »
Hi bob3160,

And did not government promise recently they would no longer sit on these hacks, but to reveal them to us?  ;D

All your weakened encrypted traffic could be easily siphoned and decrypted by design, alas large parts of that traffic.
Read: http://www.dailydot.com/politics/logjam-vpn-top-sites-vulnerability/

UC Browser, very popular in China was deliberately being infested by NSA etc.: https://citizenlab.org/2015/05/a-chatty-squirrel-privacy-and-security-issues-with-uc-browser/

Intelligence services "helped" general internet security big time during recent years with their paranoia (ironic and sarcastic remark)  :()

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83756
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #222 on: May 21, 2015, 04:12:16 PM »
Tested the avast forum site against Logjam PFS Deployment: Test A ServerGo
Warning! This site uses a commonly-shared 1024-bit Diffie-Hellman Group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site.

<snip>
polonus

I think the key (excuse the pun) here is might and being broken by a nation-state. When it comes to nation states, they might have the resources to break it, but you would have to wonder, would they want to I'm sure this type of stuff would have to be attractive enough to make it worthwhile.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32688
  • malware fighter
Re: Tests and other Media topics
« Reply #223 on: May 21, 2015, 04:35:54 PM »
Hi DavidR,

That is not the point here, whether government had the might to decrypt weakened encryption for global surveillance purposes. I understand we normally don't do that in our homes. The point is that it was done deliberately by having stronger encryption restrictions for everyone abroad and downgrading the initial encryption strenght to be able to decrypt.
Particular governments and big corporation entities worked hand in foot to achieve such a situation.

Who was asking for normal secure encryption strength to be deliberately and secretely lowered to an extent so that eavesdropping mode could be reached. Those with strong encryption were not endangered in the first place (cybercriminals etc.), the security of the normal law-abiding citizen was endangered big time and these citizens  weren't aware.

Now webmail and webserver admins all over the world have to clear up the mess after some parties could realize their global surveillance wet dreams. and parts of the internet will stay inherently insecure and dangerous in the aftermath.
Big Brother has arrived and he will never go away again.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44097
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #224 on: May 21, 2015, 09:17:01 PM »
Quote
Big Brother has arrived and he will never go away again.
Big Brother has been there since 2007 so this certainly isn't new.
Almost all the surveys I've read also confirm that most people don't care.
It's only some of the Geeks that seem to get their feathers ruffled any time one of theses articles comes out. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq