Share a Windows 10 printer by UNC

Windows 10 uses homegroups, but if you have systems that don’t understand homegroups and want to share a Windows 10 printer by UNC (the old school way to share a network printer), it’s not obvious how to go about doing it.

I couldn’t find a way from the GUI, but it’s still possible to share the printer from a command line.

Read more

Use this file to find out how much your antivirus is protecting you

Unlike some security professionals, I still regard antivirus as a necessity. It doesn’t catch advanced threats, and everything it does catch can be caught through other methods, but it is the most cost- and labor-effective way to catch the best-known, least sophisticated attacks. If you put a $100,000 incident responder to work hunting ordinary viruses, you’ll waste a lot of money on salary and quickly lose that incident responder to another company offering more interesting work.

Of course, there’s a great deal of discussion in the mainstream computer magazines about which antivirus is the best. I don’t agree with their methodology though–they might as well be looking for the longest 8-foot 2×4 at the home improvement store. Yes, you can probably find some variance if you get out a micrometer, but what have you accomplished?

SANS has a good real-world test to see how much protection your antivirus software is really giving you.

Read more

Application whitelisting on Windows, even home editions

One of the very best things security measures you can take is application whitelisting–limiting the apps that are allowed to run on your computer.

The Australian Signals Directorate–the Australian counterpart to the NSA–says doing four things cuts security incidents by a whopping 85 percent. You probably do three of the things. The fourth is application whitelisting.

  • use application whitelisting to help prevent malicious software and unapproved programs from running
  • patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
  • patch operating system vulnerabilities
  • restrict administrative privileges to operating systems and applications based on user duties.

Read more

Windows XP isn’t just a Navy problem

I’ve heard enough scoffing over the past few days over the Navy re-upping its contract for paid support for Windows XP to last a lifetime.

But it’s not just a Navy problem, and it’s not necessarily as bad of a problem as it sounds. Necessarily.

Read more

You’re telling me someone gave a stranger his password?

I was talking breaches last week when a very high-up joined the conversation in mid-stream.

“Start over, Dave.”

“OK. I’m talking about breaches.”

“I know what you’re talking about,” he said, knowingly and very clearly interested.

Read more

The Fujitsu Scansnap iX500 deserves its reputation

I don’t buy a lot of hardware anymore, but we purchased a Fujitsu Scansnap ix500 document scanner this month. It has a fantastic reputation, and it only took an hour to live up to it for me.

Read more

How to make an LG LD301EL dehumidifier drain the water out of a hose instead of the bucket

I recently came into possession of an LG LD301EL dehumidifier. It was supposed to be draining out of the hose, but it wasn’t. I figured out why.

If you have one of these or a similar dehumidifier, chances are you have the same problem. The instructions on the back of the dehumidifier aren’t as clear as they could be and the diagrams are tiny. The manual doesn’t quite seem to explain it either. If you don’t have the manual and don’t want to download one from a dodgy web site–and as a computer security professional I recommend that you don’t (more on that at the end)–here’s how to get it done.

Read more

EMET protects against what your antivirus cannot–and it’s free

A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame.

Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by default. EMET is a wrapper that forces software to use these technologies, even if they weren’t designed from the get-go to use them. The idea, then, is that if a badly behaving data file tries to exploit a traditional vulnerability in one of these programs, EMET steps in and shuts it down. A real-world example would be if you visit a web page that’s playing a malicious Flash video, or that contains a malicious Acrobat PDF. The malicious data loads, starts to execute, and the minute it misbehaves, EMET slams the browser tab shut. You won’t know right away what happened, but your computer didn’t get infected, either. Read more

The NSA’s guide to finding things on the Internet is available now

A wonderful NSA document called Untangling the Web, thanks to a FOIA request, is now available and free for all to download and use. Although dated, the book will prove highly useful. If you company or client is exposing data that it shouldn’t to the public Internet, this book will help you find it, so you can correct it.

The copy isn’t perfect. It’s a bit dated, and it’s a straight scan to PDF, so it isn’t searchable, and it’s not the clearest, cleanest copy. I’m cleaning up a copy for my own use right now. I expect to use it, and often. It isn’t a document I’ve been privileged to see before, so I’m excited to have a chance now to study it and learn its techniques. Read more

“Computer Maintenance Department” called me again from India

So, “Peggy” from “Computer Maintenance Department” called me again last night. This time I decided to mess with him a bit more. This is the second time.

(No, “Peggy” wasn’t his real name, nor did he identify himself as “Peggy,” but that’s the name I’ll use, thanks to that old Discover commercial.)

Read more