Collaborate Disseminate
I’m trying to set up cURL to get data from remote server at any sitaution. I use –tlsv1.3 –tls13-ciphers TLS_CHACHA20_POLY1305_SHA256 –http2 to make it as secure as I can think of, using Windows 11. (tried http3 but cURL said it’s not f… Continue reading is it necessary for cURL to check for CRL in Windows?
Device Guard and Secured-core PC configurations are mostly located in this registry location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard
so, all in HKEY_LOCAL_MACHINE\SYSTEM
Now I’m trying to find the registry keys of… Continue reading Why is this Device Guard setting located in a different location from the rest? [migrated]
If you connect to a VPN network on a Windows machine for instance,
smart multi-homed name resolution may lead to DNS leakage. Since
requests are sent out to all network adapters at the same time, all
configured DNS servers receive the req… Continue reading Does smart multi-homed name resolution really lead to DNS leak?
https://lolbas-project.github.io/
Realistically, do we still need to block cmd.exe or certutil.exe in Windows firewall, on latest version of Windows? Lolbins are for Linux too but my question is only for Windows.
There are Attack Surface R… Continue reading Is it still recommended to block Living Off The Land Binaries (LOLBins) in Firewall?
Historically, Autorun has been an attack vector, but a lot has changed since then, Windows Security (Defender) and lots of improvements to everything. so now I’m wondering, on latest Windows 11 build, is it safe to leave Autoplay on (which… Continue reading Is it recommended to disable Autoplay in Windows 11 from a security perspective?
My goal is to block all incoming unsolicited connections to a Windows computer.
I’ve read that Windows Firewall is stateful and it can tell the difference between solicited and unsolicited traffic.
https://learn.microsoft.com/en-us/previou… Continue reading How to secure Windows computer from any unsolicited connections? [closed]