The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,160 other followers

Archive for the ‘Security’ Category

Bootable virus scanners supporting ntfs

Posted by jpluimers on 2020/11/09

I was looking for a bootable virus scanner supporting NTFS. Kaspersky was the first one I found, and it worked well.

Back then, these were the output locations:

The HTTP link can be convenient for locations that do not support TLS (cough, VMware ESXi wget, cough), which are OK if you calculate the sha256 hash from the TLS link first.

Likely there is a 2020 version by now.

I got the links via:

I might try BitDefender later.

–jeroen

Posted in LifeHacker, Power User, Security | Leave a Comment »

OpenCandy – Wikipedia

Posted by jpluimers on 2020/11/06

Hmm, one of my machines contained OpenCandy – Wikipedia as found by Malwarebytes (software) – Wikipedia:

Tracking back the installation, revealed it came with ImgBurn 2.5.8.0, which is now on my black-list.

In my case this was how to remove it:

rd /s /q %AppData%\OpenCandy

This is not universal; you might need to take additional measures like in [WayBack] How to Remove PUP.Optional.OpenCandy (Removal Guide).

I use this batch-file to get the most recent Malwarebytes and Chameleon:

If you do not have wget on your system, then try this PowerShell alternative (which does not show progress) via [WayBack] Windows batch file file download from a URL – Stack Overflow

:: in case you do not have wget:
powershell -Command "(New-Object Net.WebClient).DownloadFile('https://downloads.malwarebytes.com/file/mb3/', 'mb3.exe')"
powershell -Command "(New-Object Net.WebClient).DownloadFile('https://downloads.malwarebytes.com/file/chameleon/', 'chameleon.exe')"
:: note these do not show progress!
:: https://stackoverflow.com/questions/4619088/windows-batch-file-file-download-from-a-url

Related: [WayBackJeroen Pluimers on Twitter: “What if the most recent @Malwarebytes on a Windows 8.1 x64 VM (all patches installed) on ESXi backed by NVME hangs for hours on one file with hardly any CPU usage? Screenshots of mbam.exe, mbamservice.exe and mbamtray.exe thread usage below.

–jeroen

Posted in *nix, *nix-tools, LifeHacker, Power User, Security, wget, Windows | Leave a Comment »

Ik ben wat verward over de @WoonVeilig site. https://t.co/ui8agTkgM9 heeft het bijvoorbeeld over GATE-03 en GATE-02, maar https://t.co/QswkrlsuZY over ALARM-03 en SMARTHOME-01. Ook heeft SMARTHOME-01 meer accessoires dan ALARM-03. Werken die extra (zoals CO-25) niet op ALARM-03?”

Posted by jpluimers on 2020/11/02

[WayBack] “Ik ben wat verward over de @WoonVeilig site. www.woonveilig.nl/juiste-producten- heeft het bijvoorbeeld over GATE-03 en GATE-02, maar www.woonveilig.nl/klantenservice/handleidingen over ALARM-03 en SMARTHOME-01. Ook heeft SMARTHOME-01 meer accessoires dan ALARM-03. Werken die extra (zoals CO-25) niet op ALARM-03?”

Wat linkjes:

Tweakers.net:

Concurrentie: SmartAlarm; ook met beperking IP-only.

Meer domotica dan concurrentie: HomeWizard.

Over het hoe en waarom:

–jeroen

Read the rest of this entry »

Posted in LifeHacker, Power User, Security | Leave a Comment »

Facebook ist in Bezug auf Kundenzufriedenheit und Vertrauen in Umfragen zieml…

Posted by jpluimers on 2020/10/16

Nice thread as it talks a bit about how keep your own stuff secure with companies doing MitM, or have VPN infrastrcuture.

[WayBack] Facebook ist in Bezug auf Kundenzufriedenheit und Vertrauen in Umfragen zieml…

Most larger TLS based web-sites now have HSTS so detect MitM.

Having a proxy locally helps checking the certificates.

Corporate laptops usually has device management. If they use MitM, their root certificates are usually put back automatically. But not all software uses the same root certificate store (:

In the past, I have used [WayBack] cntlm, or VPN (routing only corporate traffic over VPN).

There are corporate VPN variants, which take over the complete routing table or even run arbitrary scripts as root on your box on connect in order to do “endpoint validation”. And then there is OpenVPN, which routes the traffic that the company shall see to the company and lets you use normal connectivity for the rest.

You want openvpn, in all cases.

Another trick I have used is to VPN/SSH out of a corporate box and route some of the traffic over it.

Finally, for some larger corporate VPN software, there is an open source replacement that has better configuration options: OpenConnect supports AnyConnect, Juniper and GlobalProtect.

Related: picture on the right via [WayBack] Torsten Kleinz – Google+

–jeroen

Posted in Cntlm, Encryption, HTTPS/TLS security, Power User, Security, Windows, Windows-Http-Proxy | Leave a Comment »

SSL certificates – not optional | Open Query Pty Ltd

Posted by jpluimers on 2020/09/04

Some tips on using the certbot for Let’s Encrypt and the support for wildcard certificates through DNS updates: [WayBack] SSL certificates – not optional | Open Query Pty Ltd

–jeroen

Posted in Encryption, HTTPS/TLS security, Let's Encrypt (letsencrypt/certbot), Power User, Security | Leave a Comment »

 
%d bloggers like this: