Frank – WindowsTechs.com

Is it possible for an attacker to change an email-attachment of a received email client-side and synchronize it via IMAP with Webmailer?

Posted on December 11, 2023 by Frank

an attacker manipulated the IBAN of an invoice.pdf attached to a received email. The question remains, can said attacker manipulate/change such a pdf client-side and cause an IMAP synchronization with the webmailer provided by a hoster?
I … Continue reading Is it possible for an attacker to change an email-attachment of a received email client-side and synchronize it via IMAP with Webmailer?→

With TLS 1.3 is it possible to conduct the handshake on a separate device from where the main channel is?

Posted on September 4, 2022 by Frank

With TLS 1.3 a PSK is established along with main secrets for the encrypted channel.
Can this mechanism be employed to allow client authentication to occur on one device (say a mobile device), which would then transfer those secrets over a… Continue reading With TLS 1.3 is it possible to conduct the handshake on a separate device from where the main channel is?→

Is an IP based whitelist practical for controlling internet use?

Posted on September 28, 2021 by Frank

I have to set up internet controls for our schools study hall/testing center. The idea is that computers on that network should only be able to access the school’s webportal and learning platform that the school uses during class hours, b… Continue reading Is an IP based whitelist practical for controlling internet use?→

Trying to determine if our application login constitutes 2FA

Posted on June 24, 2021 by Frank

Our organization uses a Voip "push to talk" type app on Android and IOS devices. The application connects to a server on premises through the internet. To use the app, the user is assigned a UID, which can only be used from on a… Continue reading Trying to determine if our application login constitutes 2FA→

Does OIDC explicitly handle refresh token exchange for multiple devices?

Posted on April 29, 2021 by Frank

This question is inspired by this answer and question
I also use that method to handle the case where users can sign in and out of multiple devices, by storing a per-device refresh token for a device id. I am making the assumption that var… Continue reading Does OIDC explicitly handle refresh token exchange for multiple devices?→

What could re-enable uPnP on router apart from malware?

Posted on April 16, 2021 by Frank

I’m the sole person who has access to this router. I turned uPnP off and have twice found it turned back on in recent weeks. The Router is Asus DSL-AC68U.
I have a VPN running at the router level, installed about a month ago. I’ve recently… Continue reading What could re-enable uPnP on router apart from malware?→

How to know what type of encryption type is that? [duplicate]

Posted on June 15, 2020 by Frank

the hash is a lot of numbers separated by hyphens, something like that
02-35-161-51-43-227-161-06-151-43-22-71-43-46-21….
More than 700 numbers.

Continue reading How to know what type of encryption type is that? [duplicate]→

Emsisoft Emergency Kit 2020.3.2 beta

Posted on March 13, 2020 by Frank

We’ve just released Emsisoft Emergency Kit 2020.3.2.10048 beta. You will have to enable beta updates to get this version. Fixed: Issue with driver not unloading after program exit. Several minor fixes.
The post Emsisoft Emergency Kit 2020.3.2 bet… Continue reading Emsisoft Emergency Kit 2020.3.2 beta→

What does DNS-over-HTTPS actually do?

Posted on February 27, 2020 by Frank

I don’t mean a technical breakdown of how the technology works but what does it do for me, the end user. For instance, does it prevent my ISP or network admin from seeing/logging the sites I connect to similar to how HTTPS prevents them fr… Continue reading What does DNS-over-HTTPS actually do?→

What are legitimate case of smb and netbios communication?

Posted on May 28, 2019 by Frank

Please can any one help me to understand what are the legitimate case to observing the netbios and smb communication between two machine in the same network? (when I see my logs I confronts with several internal communication… Continue reading What are legitimate case of smb and netbios communication?→