Domain – Page 14 – WindowsTechs.com

[SANS ISC] Suspicious Domains Tracking Dashboard

Posted on November 16, 2017 by Xavier

I published the following diary on isc.sans.org: “Suspicious Domains Tracking Dashboard“. Domain names remain a gold mine to investigate security incidents or to prevent some malicious activity to occur on your network (example by using a DNS firewall). The ISC has also a page dedicated to domain names. But how

[The post [SANS ISC] Suspicious Domains Tracking Dashboard has been first published on /dev/random]

Continue reading [SANS ISC] Suspicious Domains Tracking Dashboard→

Manage SSL certificates for a multi-tenant website

Posted on November 16, 2017 by user163873

We have given customers the option to allow custom domains which ultimately point to our server by changing the CNAME.

Some of our customers would like to have SSL enabled to their domain but I am wondering how to manage ce… Continue reading Manage SSL certificates for a multi-tenant website→

how block all subdomains for a particular domain

Posted on November 2, 2017 by PJ7

I want to block all traffic to and from my network to a particular domain. Apparently, this is not possible in Windows, with either a HOSTS file or using firewall rules: the HOSTS file requires every sub-domain to be listed s… Continue reading how block all subdomains for a particular domain→

Can the subdomains have different certificates from the main domain if I use HSTS includeSubDomains and preload?

Posted on October 29, 2017 by Ani Sinanaj

I have a main domain where I serve my website, and then I have subdomains that I use to deploy other projects which may be temporary. Having set up a deployment system with docker and letsencrypt, each project automatically h… Continue reading Can the subdomains have different certificates from the main domain if I use HSTS includeSubDomains and preload?→

Whois Maintainer Accidentally Makes Password Hashes Available For Download

Posted on October 24, 2017 by Tom Spring

Whois maintainer for Asia Pacific notifies customers of an error where hashed authentication details for were inadvertently available for download. Continue reading Whois Maintainer Accidentally Makes Password Hashes Available For Download→

Expired domain names and malvertising

Posted on September 5, 2017 by Jérôme Segura

A look at how expired domain names can be turned into a lucrative malicious traffic redirection tool.
Categories:
Malware
Threat analysis
Tags: domainmalvertisingmalwareregistrantregistrartech support scam

(Read more…)

The post Expired domain na… Continue reading Expired domain names and malvertising→

How do you prevent a computer in a network from accessing RDP?

Posted on August 18, 2017 by Newlo Newly

So you’re on a domain.

I know that Remote Desktop needs an authorized user’s credentials (e.g admin) to log in with a remote computer. But can you also place a condition that you need to be using a certain computer(s) in the… Continue reading How do you prevent a computer in a network from accessing RDP?→

White Supremacist Website Daily Stormer Goes Offline

Posted on August 15, 2017 by Joseph Cox

The past few days have triggered a debate around the responsibility of tech companies to host or provide services for extremist content. Continue reading White Supremacist Website Daily Stormer Goes Offline→

Is there a more secure way for users to log into the domain other than just passwords?

Posted on August 14, 2017 by Newlo Newly

Say you have this:

An NPS server that grants access to users using client certificates (EAP-TLS).

So say someone managed to snatch the domain administrator’s password. So he logs into the computer using the domain Administ… Continue reading Is there a more secure way for users to log into the domain other than just passwords?→

Is there a more secure way for users to log into the domain other than just passwords?

Posted on August 14, 2017 by Newlo Newly

Say you have this:

An NPS server that grants access to users using client certificates (EAP-TLS).

So for example someone managed to snatch the domain administrator’s password and they log in to the computer using the domai… Continue reading Is there a more secure way for users to log into the domain other than just passwords?→