The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,676 other followers

Archive for January 25th, 2019

Philips Brilliance 240B max resolution: 1920 x 1200 pixels at 24 bit

Posted by jpluimers on 2019/01/25

Since the Display on the frontside is labeled as “Philips Brilliance 240B”, finding the actual supported maximum resolution took an additional step resulting in these specs: [WayBack] Specifications of the LCD monitor with Ergo base, USB, Audio 240B1CB/75 | Philips

This is what I needed from it:

Philips Brilliance 240B max resolution: 1920 x 1200 pixels at 24 bit via either of the inputs

  • VGA (Analog )
  • DVI-D (digital, HDCP)

–jeroen

Posted in Displays, Hardware, Power User | Leave a Comment »

ScanSnap ix100 open ports

Posted by jpluimers on 2019/01/25

For my archive: the open ports on the ix100 WiFi connection:

# sudo nmap -O -v -A -p- -Pn 192.168.0.1
Password:

Starting Nmap 7.50 ( https://nmap.org ) at 2017-08-01 17:40 CEST
NSE: Loaded 144 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 17:40
Completed NSE at 17:40, 0.00s elapsed
Initiating NSE at 17:40
Completed NSE at 17:40, 0.00s elapsed
Initiating ARP Ping Scan at 17:40
Scanning 192.168.0.1 [1 port]
Completed ARP Ping Scan at 17:40, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 17:40
Completed Parallel DNS resolution of 1 host. at 17:40, 0.03s elapsed
Initiating SYN Stealth Scan at 17:40
Scanning 192.168.0.1 [65535 ports]
Discovered open port 53218/tcp on 192.168.0.1
Discovered open port 53219/tcp on 192.168.0.1
Completed SYN Stealth Scan at 17:40, 51.05s elapsed (65535 total ports)
Initiating Service scan at 17:40
Scanning 2 services on 192.168.0.1
Service scan Timing: About 50.00% done; ETC: 17:41 (0:00:32 remaining)
Completed Service scan at 17:41, 31.85s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against 192.168.0.1
NSE: Script scanning 192.168.0.1.
Initiating NSE at 17:41
Completed NSE at 17:41, 0.04s elapsed
Initiating NSE at 17:41
Completed NSE at 17:41, 0.02s elapsed
Nmap scan report for 192.168.0.1
Host is up (0.0037s latency).
Not shown: 65533 closed ports
PORT      STATE SERVICE VERSION
53218/tcp open  unknown
| fingerprint-strings: 
|   DNSStatusRequest, DNSVersionBindReq, GenericLines, LPDString, NULL, WMSRequest, afp, oracle-tns: 
|_    VENS
53219/tcp open  unknown
| fingerprint-strings: 
|   DNSStatusRequest, DNSVersionBindReq, GenericLines, LPDString, NULL, WMSRequest, afp, oracle-tns: 
|_    VENS
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port53218-TCP:V=7.50%I=7%D=8/1%Time=5980A106%P=x86_64-apple-darwin16.6.
SF:0%r(NULL,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(GenericLines,10,"\0\0\0
SF:\x10VENS\0\0\0\0\0\0\0\0")%r(DNSVersionBindReq,10,"\0\0\0\x10VENS\0\0\0
SF:\0\0\0\0\0")%r(DNSStatusRequest,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(
SF:LPDString,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(WMSRequest,10,"\0\0\0\
SF:x10VENS\0\0\0\0\0\0\0\0")%r(oracle-tns,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0
SF:\0")%r(afp,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port53219-TCP:V=7.50%I=7%D=8/1%Time=5980A106%P=x86_64-apple-darwin16.6.
SF:0%r(NULL,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(GenericLines,10,"\0\0\0
SF:\x10VENS\0\0\0\0\0\0\0\0")%r(DNSVersionBindReq,10,"\0\0\0\x10VENS\0\0\0
SF:\0\0\0\0\0")%r(DNSStatusRequest,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(
SF:LPDString,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0")%r(WMSRequest,10,"\0\0\0\
SF:x10VENS\0\0\0\0\0\0\0\0")%r(oracle-tns,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0
SF:\0")%r(afp,10,"\0\0\0\x10VENS\0\0\0\0\0\0\0\0");
MAC Address: 84:25:3F:25:7F:21 (silex technology)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.17 - 2.6.36
Uptime guess: 248.550 days (since Sat Nov 26 03:30:04 2016)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=199 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE
HOP RTT     ADDRESS
1   3.66 ms 192.168.0.1

NSE: Script Post-scanning.
Initiating NSE at 17:41
Completed NSE at 17:41, 0.00s elapsed
Initiating NSE at 17:41
Completed NSE at 17:41, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 85.09 seconds
           Raw packets sent: 65856 (2.898MB) | Rcvd: 65608 (2.625MB)

The nmap is aliased as nmap-fingerprint_host_all-ports-even-if-ping-fails

–jeroen

Posted in *nix, *nix-tools, Fujitsu ScanSnap, ix100, nmap, Power User, Scanners | Leave a Comment »

Google’s Phishing Quiz shows why Google AMP (Accelerated Mobile Pages) is a bad idea

Posted by jpluimers on 2019/01/25

This week, Google introduced the [WayBack] Phishing Quiz, a series of questions to see how good you spot phishing emails.

It is a perfect example on why Google AMP is a bad idea: it makes it easier to write phishing mail targeting Google users.

One of the questions is about a password change email seemingly from Google with a link by Google.

The link is really deceptive, as it:

  1. uses Google AMP (Accelerated Mobile Pages) which are hosted directly through a root path on the Google main domain: the URL starts with https://google.com/amp
  2. Especially on mobile, Google accelerates a lot of things through Google AMP, so a link on mobile that looks like this might be legit

This will deceive a lot of people as they are trained to look at the main domain to assess authenticity: google.com

That combined with an email domain that also looks being from Google (with so many real word top-level domains, many would not be surprised getting email from no-reply@google.support)

Just look at the below screenshot to see how deceptively this trick is.

Solution

The only solution is for people to learn that URL shorteners are evil: they mangle URLs. Which kinds of defeats both URL shorteners, and Google AMP (which also mangles URLs).

Postscript

Google already stopped with their URL shortener (see for instance [WayBack] Google is shutting down its goo.gl URL shortening service), so I wonder when they will stop with AMP.

Read the rest of this entry »

Posted in Google, LifeHacker, Power User, Security | Leave a Comment »

 
%d bloggers like this: