September 2019

Useful Software

Spiceworks; Hardware/Software Inventory. Required for many certifications. AlienVault; EUBA End User Behavioral Analysis. Detect odd behavior of malware/insider threats. OpenVAS; Vulnerability Scanner. Scan workstations & servers for security problems. No client required. NMAP; fast subnet scanner, requires WinPcap or NpCap Angry IP scanner; minimal information but portable and doesn’t require special drivers. PRTG Monitor; free …

Useful Software Read More »

Windows Lockscreen Graphic

I have been looking for an easy way to set the lockscreen Graphic to some Security Awareness posters. (Don’t click links in email) Incidently i also like to create a Wireless network named DontClickLinksInEmail just so it’s in everyones face. Found an interesting writeup here Microsoft Group policy setting here works on Win8 and newer

Clientless Malware

If an attacker uses software already installed on windows to create a persistent connection, the industry calls this Clientless Malware or Living off the Land. This usually involves using Windows Powershell which is so easy to block using the built-in Defender firewall, i’m surprised it’s not blocked by default. I propose a fix for this …

Clientless Malware Read More »

Free Security Training

Wizer is offering free security training. Their videos are only a few minutes long and in an entertaining hand-drawn style. The site will also keep score if you need that for your business records. Infosecinstitute.com/learn lots of videos Professer Messer CompTia A+ network + security+ Home – Professor Messer IT Certification Training – CompTIA A+, …

Free Security Training Read More »

GeoFirewall for RDP

What? A Geography based firewall blocks access to/from entire countries. Why? Useful on a RDP server to reduce risk by ignoring entire chunks of the internet. (RDP has been targeted recently with wormable exploits) Verigio makes a cool little software firewall, that is super simple and free. (free for 5 areas or less, still waiting …

GeoFirewall for RDP Read More »

2FA Hardware Keys

Hello All; I was curious about 2FA hardware keys popularized by Yubikey. Recently the FIDO standard has been published, which incentivizes cheaper hardware through competition. I purchased this Mini HyperFido key to use for my testing. The unit came with ZERO documentation so I am creating a document here. Setup for Gmail: If your FidoKey …

2FA Hardware Keys Read More »