I read Microsoft’s site to a “Microsoft” scammer

“Daniel” from “Microsoft” called me the other day. The number looked halfway legit so I picked up. He out and out claimed to be from Microsoft and said he was getting alerts from my computer. His voice sounded familiar–I think I’d talked to him before.

“Which computer?” I asked.

“Your Microsoft computer,” he said.

Read more

Simple tips to prevent ransomware

Last week at work, I noticed some odd events in an event log, and when I investigated them, I found they were part of a failed ransomware attack. This got me thinking about how to prevent ransomware at home.

Ransomware, if you aren’t familiar, is an attack that encrypts your data and demands a ransom, usually around $300, in bitcoins, and you get a short deadline until it destroys your files. More often than not, paying the ransom is the only way to get the files back, so it’s much better to prevent it.

Read more

Why domain squatting works

I lost an afternoon troubleshooting a Websense non-issue. A web site related to Salesforce wasn’t working, and any time something like that happens, Websense goes on trial. About all I can do is make sure it’s a fair trial. Such is the life of a proxy administrator. And in this case, Websense was innocent–the guilty party was a dirty, no-good domain squatter. It’s a business model. And people wouldn’t do it if it didn’t work. Here’s why domain squatting works.

Read more

High side vs low side

High side vs low side

The other day I heard a reference to the “high side vs low side” of a computer system in a podcast, and the speaker didn’t stop to clarify. Worse yet is when you hear “on the low side” or “on the high side.” I came from the private sector into government contracting myself. I wasn’t born knowing this jargon either, so I’ll explain it.

Read more

Recommended DD-WRT settings

Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Read more

How the Marx 1249 transformer connects to track

There are four posts on the Marx 1249 transformer, but don’t fret if you’ve lost the instructions. Connecting it is easy. But first, you’ll probably want to check it out for safety before plugging it in.

There are two sets of posts on the transformer, but don’t let that confuse you. One set of posts powers the train, and the other set powers any accessories you might have, such as a station. If you don’t have any accessories, you can simply ignore the second set.

Read more

Another reason to block fonts at the proxy

Last week Apple released a bunch of patches up and down its product line. One of the vulnerabilities it fixed in OS X was a vulnerability in its font parser.

In the past you could mitigate vulnerabilities like this by only installing fonts from trusted sources, but since it’s now possible for web pages to transmit fonts along with other content, there’s a limitless number of untrusted fonts out there in the world.

Since it may take a while for all of the major operating systems to shake out all of the problems in their font subsystems, that’s the reason I’ve recommended filtering fonts at the proxy.

Read more

The problem with ditching Flash and Java

Last week Adobe issued an out-of-band Flash patch, and once again Brian Krebs urged people to ditch Flash, noting that he’s done so and hasn’t missed it.

We decided to try ditching Flash at work a few months ago, but it didn’t go quite so smoothly for us. I thought I’d share my experience.

Read more

uBlock settings for better malware protection

I have some easy uBlock settings to improve how it protects you against malware. You don’t think of ad blockers as a security tool? I do. It’s a good idea to use one even if you configure it to allow most ads through.

My favorite ad-blocking extension for Chrome is uBlock, because it’s faster and more resource friendly than the better-known Adblock Plus. It also comes configured by default to block known malicious sites, where Adblock Plus makes you dig for that feature.

But it’s still possible to tweak uBlock to give you even better protection against malware, and that’s a good thing. It’s one thing to detect malware and block it after you download it. But it’s even better to detect and block it before you download it in the first place. That keeps you safe if your antivirus software is slow to update for any reason.

Read more

Need a good, cheap dual gigabit NIC? I have just the thing.

If you need gigabit ports for your home server or router project and you’re short on available expansion slots, I have just the thing. Home sysadmins have known for a while that you can get cheap PCI-X Intel NICs and run them in PCI mode, but you may not know that you can find the very same thing by searching Ebay for HP 7170 and it’s usually cheaper. It’s not rare to find them for $7, shipped.

Read more