security

Hostsman makes it easy to block malware with a hosts file

Dave Farquhar security , , , ,

I’ve written before about using the hosts file to block domains that are hosting malware. The idea is pretty simple. There’s a known list of domains that are either hosting or controlling malware, so by blocking your computer from accessing those domains, you make it much harder to get infected in the first place, and in the event that you do get infected, at least you block access to the command and control servers.

The problem is that Windows doesn’t make this easy. Well, I found an easy way: Hostsman. You can have it up and running in minutes.

Update: Don’t mess around with hosts files. It’s more efficient and more effective to change DNS servers instead.

Read more

Getting a proper Start button back even when Microsoft doesn’t want to give one

Dave Farquhar security, Windows , , , , ,

Are you putting off switching to Windows 8.1 because you don’t want to relearn everything from scratch that you’ve known since 1995? I saw Windows 8.1 on Thanksgiving, and you have to do some asinine downward swipe with the mouse to bring up Control Panel. Yeah, that’s easier.

But even though Microsoft insists on shooting itself in the foot with a nuclear missile, Classic Shell fixes what Microsoft refuses to fix. Want Windows 8 to act like Windows 7? No problem. Want it to look like XP? Yeah, you can even do that.

So I highly recommend it. Yes, Windows 8.1 with Classic Start. Here’s why. Read more

Upgrading a D-Link DIR-615 to DD-WRT

Dave Farquhar DD-WRT, Hardware, security, Servers and Networking , , , , , , , ,

Last year I bought my mother in law a D-Link router, an oddball DIR-615 revision E1 that was only sold at a few stores. It was supposed to be a Fry’s exclusive, but I bought hers at Micro Center. It worked for a while, then gave her trouble, so this year I was working with it again, and when I was setting it up, I noticed it had some security vulnerabilities–remote code execution, UPnP vulnerabilities, and who knows what else.  So that got me some practice upgrading a D-Link DIR-615 to DD-WRT.

DD-WRT’s track record and attitude towards security research could be better, but I’d rather trust my mother in law to DD-WRT’s B+ security than D-Link’s F.

Read more

How to get started in regulatory compliance

Dave Farquhar security , , , , , , ,

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective.

I think most any CISSP will answer that question similarly, so I’ll take a stab at it. Read more

Using antivirus to deliver a virus

Dave Farquhar security ,

A coworker tipped me off the other day to how it’s possible to use a certain major-brand antivirus to infect a computer. “I didn’t have admin rights,” I overheard him explaining, “So I got them with [redacted] antivirus.”

My head spun around violently. “You did what?

“Google ‘confused deputy persistence,'” he deadbeated. “It’s the first result.” Then he went back to explaining the problem at hand. Read more

Cleaning a hard drive with Linux

Dave Farquhar security ,

A friend asked me a favor in church one Sunday: He had a computer he wanted to clean off so he could donate it, but since it had financial data on it, he wanted to make sure it was cleaned up securely. I recommended Darik’s Boot and Nuke, which I’ve recommended before, but he wasn’t able to get it working for whatever reason. So he asked if I would clean it if he dropped it off. I agreed.

Rather than burn a DBAN disc, I just took the hard drive out and put it in a Linux box and wiped it with that. It was easier than trying to find a blank CD.

Read more

You need a Yubikey.

Dave Farquhar security , , , , , , , ,

I mentioned the Yubikey as the ultimate solution stolen passwords on the excellent Yahoo Marx Train forum, and another member asked me to elaborate on it. Rather than take up a lot of space with some off-topic discussion, I decided it would be better to write about it here.

The Yubikey is a great idea, but I have reasons for using something else. I am a computer security professional by trade, but I will try to avoid as much techno-jargon as I can, and explain what I do use.

Read more

Taking back the drive time

Dave Farquhar security ,

Several months ago, I started listening to security podcasts in the car during my commute. I probably have my annual CPE requirement tripled by now–I’ll go submit my 30 in a week or two, and I don’t see much point in tracking it beyond that–but, more importantly, I’ve increased my professional awareness. Read more

Young people aren’t interested in information security? I think it depends on your definitions.

Dave Farquhar security , ,

I saw an assertion on Slashdot today that Millennials aren’t interested in information security, in spite of the average salary in the field being six figures. I’m not sure I agree with the article’s assertion that 24% of those polled being interested translates into disinterest, though. How many of them are interested in other white-collar professions, like medicine or accounting or law?

I also disagree with the article’s definition of information security. The article asserts that information security is working for “The Man,” namely, the government, and information security isn’t just for governments anymore. Read more

Check your smoke detectors, please. And make sure you have more than one.

Dave Farquhar security , , , , ,

Early Monday morning, a fire broke out a couple of streets over from me. Sadly, there was one casualty, a seven-year-old second grader who attends the same school as my oldest son. His older sister heroically came and got him and tried to lead him out the front door, but they became separated and he lost his way.

The paper noted that there have been a large number of fires with fatalities in my area in this past year. It did not speculate on the reasons, but I think I know why.

I think inadequate smoke detectors have a lot to do with it. Read more