Collaborate Disseminate
As I got from my preliminary research, there is an established standard TCG Opal 2.0 which defines in specification the principles of SED encryption thus enabling the interoperability between vendors.
Upon reading the specification my unde… Continue reading SED specification for USB sticks?
Recently I noticed I have opera browser installed. I definitely did not install it because I was sleeping at that time. I checked installation time and revealed it was the day before yesterday
Checking installation source like this give… Continue reading Prevent unsolicited/malicious app install on Android [migrated]
Is this eToken supported by Windows 10 natively?
I have this stick left from my former work and wanna re-use it for Windows authentication, for example. Is there a way?
Continue reading Is Aladdin eToken Pro Java 72k supported by Windows? [on hold]
I receive SPAM to my private Gmail email address which have never been publicly available and is not googlable at all.
How could I receive SPAM on it? I saw this question, but in my case BCC is not the point, as in the to: f… Continue reading Investigate email address leak source
As we know, latest Petya (NotPetya) modifications infect machines by rewriting their MBR records at boot.
GPT partition table also has MBR record by design for backward compatibility, and supposedly it cannot be omitted duri… Continue reading GPT protective MBR resilience to Petya attacks
Suppose I have several machines both Linux and Windows I want to connect to each other for file-sharing. Now I use mount -cifs command with vers=3.0 clause to access Windows shares from my Linux machines
mount -t cifs -o credentials=/etc/credentials.cred,vers=3.0,uid=1000,gid=1000 //192.168.137.1/folder /media/folder
and I also use standard Windows SMB/CIFS functionality to access Linux shares from Windows 10. What bothers me is the efficiency of such configuration.
I know that I can utilize encryption and signing in Windows, e.g. via Set-SmbServerConfiguration –RejectUnencryptedAccess $false, and I also know I can do this in Linux via smb.conf.
The question is: what is the most secure way to organize dual-way Samba sharing between Linux and Windows? Should I set up Linux as a server and Windows as client or vice versa?
It bothers me because of recent ransomware epidemic and impossibility to prohibit SMBv1 in Windows in such mixed heterogeneous landscape. When I turn off SMB/CIFS like this, my Linux boxes cannot access Windows boxes anymore.
Continue reading SMB/CIFS security in heterogeneous environment
I am highly concerned about RDP security and about multiple occasions of ransomware infections through RDP, so now I am inspecting possibilities for self-defense against these threats.
What interests me a lot is securing of router ports from outside. As it was thoroughly explained here, blocked/filtered port is better than just port having no services bind to it, ’cause blocked port doesn’t send response to attacker.
However, what if the port is not blocked , but not forwarded anywhere on router level? Is it equivalent to blocking in sense of security?
In my understanding, unforwarded port is just simply redirected to nowhere, and attacker just cannot use it to compromise anything. Does this makes any sense?
UPDATE: Added reference links for @ISMSDEV and others who don’t believe that ransomware and RDP are following in toe.
1. Ransomware and RDP – Are you vulnerable?
2. Ransomware spreads through weak remote desktop credentials
3. Ransomware using Remote Desktop to spread itself
Continue reading Port forwarding and port blocking security concerns
I recently was attacked by some cryptolocker (not sure if it’s WannaCry) and now I am revising my network policies. For reaching this aim I want to disable all SMB-activity for infected PC. Surprisingly, even doing all accord… Continue reading Effective blocking of SMB connections
I am considering a solution for securing my private data in Dropbox. In spite of OneDrive, MEGA and AmazonCloud are also being considered but now I put my focus on Dropbox as the most feature-rich of all.
I came to the couple of options th… Continue reading EncFS vs EFS advantages for Dropbox-seamless encryption
I am considering a solution for securing my private data in Dropbox. In spite of OneDrive, MEGA and AmazonCloud are also being considered but now I put my focus on Dropbox as the most feature-rich of all.
I came to the couple… Continue reading EncFS vs EFS advantages for Dropbox-seamless encryption
