Author Topic: Tests and other Media topics  (Read 579373 times)

0 Members and 1 Guest are viewing this topic.

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #390 on: October 06, 2016, 12:50:46 AM »
I suggest you get a can of Raid to help solve your bug problem. :)

Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #391 on: October 23, 2016, 12:36:38 PM »
Did any part of your home network became part of a IoT bot network?
No of course not, you may say, because I have the Home Network Protection module  on my Avast AV Solution enabled!  ;) ;D
So you are more secure than others. OK. Good start. Then now for all the others.

A free scanner here to make out if you are known at Shodan's public iOT scanner:
http://iotscanner.bullguard.com/

You could also check for dorks (often used and abused by these hackers):
https://sourceforge.net/directory/os:windows/?q=google%20dork%20scanner

Do you make use of any of those 62 terribly insecure default passwords?
As always starting with the admin - admin combination or admin - password for that matter?

Read: https://www.malwaretech.com/2016/10/mapping-mirai-a-botnet-case-study.html

Do you have user enumeration settings enabled so they can scan for just such a combination like "polonus - admin" for instance.
I would not dream of using that, but just to give an example it is there....

Also have I seen the rise of this check "have i been pnewed"- https://haveibeenpwned.com/
Or you may decide not to use it as these your data haven't been shared anywhere before. That is up to you.
Know curiosity killed the poor proverbial animal..... :D

Enjoy, my good avast friends, enjoy.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #392 on: November 06, 2016, 02:19:40 PM »
Dear avast friends,

I am working on my F-Bufferbloat Status mitigation, and probably it is my chain of routing config that builds this up
or rather problems with my ISP, who had connection problems lately, and sent me an e-mail.
Some have to update their router firmware to get b etter scores.

Wanna test your Bufferbloat Score here? Go to: https://www.dslreports.com/speedtest (check according to your situation).

How is avast av interfering to further increase bufferbloat.  Some experience high latency problems of several hundred ms.
Bufferbloat testing then comes disabled. Mine worked second time around.
Do you have different readings on different browsers or for different devices.

You can also test with this software from Google github, download and open in any browser:
https://google.github.io/latency-benchmark/

An online latency test: http://freeola.com/line-test/#start
Ideally the jitter should always read: 0

Enjoy,

polonus
« Last Edit: November 06, 2016, 03:01:24 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #393 on: November 23, 2016, 04:23:07 PM »
Do the privacy DSN test here: https://getdnsapi.net/query.html
My private IP query returned: Response code was: GOOD. Status was: Queries for the name yielded all negative responses

Check yours as well, while the surveillance grabbing may go on in your cloud data,
it is important to know what goes along behind our backs.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #394 on: November 25, 2016, 11:11:14 PM »
Mirai scam scanners: https://scanme.iotdef.com/
and https://www.incapsula.com/mirai-scanner/

No scareware or are you just not vulnerable?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #395 on: November 26, 2016, 01:30:29 AM »
Nice decoding tools to use to protect better on the Big Bad Net: https://paulschou.com/tools/xlate/
so fooling the filters and make da XSS won't work...

Another online one for connoisseurs: http://encoders-decoders.online-domain-tools.com/

Example
Quote
/?%22%3e%3c%73%63%72%69%70%74%3e%64%6f%63%75%6d
%65%6e%74%2e%63%6f%6f%6b%69%65%3c%2f%73%63%72%69%70%74%3e
[example 2] [host]/?%27%3e%3c%73%63%72%69%70%74%3e%64%6f%63%75%6d%65%6e
%74%2e%63%6f%6f%6b%69%65%3c%2f%73%63%72%69%70%74%3e
which is being decoded here
as URL output
Quote
/?"><script>docum
ent.cookie</script>
[example 2] [host]/?'><script>documen
t.cookie</script>
Try it here: http://coderstoolbox.net/string/#!encoding=url&action=decode&charset=us_ascii

enjoy, my good friends, enjoy,

polonus
« Last Edit: November 26, 2016, 05:32:00 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #396 on: December 01, 2016, 09:07:14 PM »
Check your google account for Gooligan: https://gooligan.checkpoint.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #397 on: December 01, 2016, 09:44:38 PM »
Check your google account for Gooligan: https://gooligan.checkpoint.com/

polonus
Once done, will Zonealarm add you to their list of prospective customers ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #398 on: December 01, 2016, 10:35:21 PM »
Check your google account for Gooligan: https://gooligan.checkpoint.com/

polonus
Once done, will Zonealarm add you to their list of prospective customers ???

I don't like using these checkers as I'm really trusting NOT. But I gave this a go and if failed to get of the starting blocks. Clicking the Check button fails to do anything.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #399 on: December 01, 2016, 10:40:11 PM »
Check your google account for Gooligan: https://gooligan.checkpoint.com/

polonus
Once done, will Zonealarm add you to their list of prospective customers ???

I don't like using these checkers as I'm really trusting NOT. But I gave this a go and if failed to get of the starting blocks. Clicking the Check button fails to do anything.
That means you have something blocking it. I tried it on a throw away and it worked. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #400 on: December 02, 2016, 12:17:16 AM »
Check your google account for Gooligan: https://gooligan.checkpoint.com/

polonus
Once done, will Zonealarm add you to their list of prospective customers ???

I don't like using these checkers as I'm really trusting NOT. But I gave this a go and if failed to get of the starting blocks. Clicking the Check button fails to do anything.
That means you have something blocking it. I tried it on a throw away and it worked. :)

I do have firefox tied down pretty well with NoScript, RequestPolicy and ABP add-ons, but I did try to allow areas/sites it accessed, without giving it blanket authority.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #401 on: December 02, 2016, 02:45:50 PM »
But the issues still remain: http://www.securityweek.com/gooligan-android-malware-compromises-more-1-million-google-accounts

What is there left we can realy, realy trust?

With a world so full of uneliable information and outright deceit, I sometimes even worry
whether  I can trust the info I spread myself.

I hope I can and always try to be a truthful person in every respect.

Sometimes we are purposefully being fed desinformation or lied to or misled even brainwashed
by those that wanna profit from us big time.

What about the ordinairy end-user without much technical insight.
You can tell them anything to believe, and they still would be going around in the dark.

You apparently cannot trust all the apps from GooglePlay,
and Google has a hard time throwing out  all those that try to abuse their services.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #402 on: December 02, 2016, 11:54:35 PM »
Never go against the "same origin policy" or disable it inside the client (CORS disabled).
Only developers on very specific occasions may do so. As a general rule it is mighty unsafe.

See an example of secure frame cross domain communication here: http://sandbox.ternarylabs.com/porthole/
The code resides here: https://ternarylabs.github.io/porthole/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #403 on: December 04, 2016, 06:47:10 PM »
Some links here. One for request validation: http://web-sniffer.net/

Then in the struggle ahgainst spam mails,
it is important websites have a so-called spf aka Sender Policy Framework record.

The testing tools: http://www.kitterman.com/spf/validate.html

Scan whether they have one: http://www.kitterman.com/getspf2.py
or generate one at http://www.spfwizard.net/  or here: https://www.dynu.com/en-US/NetworkTools/SPFGenerator

Also helpful in the battle against spoofing is the CSR decoder: https://www.sslshopper.com/csr-decoder.html
and see the other tools at that page.

enjoy my good friends, enjoy,

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #404 on: December 05, 2016, 12:55:21 AM »
Real method to come to a free second-op scan or too good to be true?

Read: http://www.infoworld.com/article/3014323/security/a-free-almost-foolproof-way-to-check-for-malware.html#tk.ifw-infsb

Anyone to react?

polonus

P.S. Can imagine a couple of situation where this won't work, as for instance with malware like visbot that lies dormant as to the moment you start to perform certain specific actions in the browser. In such and other plausible situations it is better to have real AV like avast, folks.

Damian
« Last Edit: December 05, 2016, 12:59:54 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!