Category: Security

Computer Security

Disable Windows autorun with BitDefender USB Immunizer

Autorun is a Windows feature that indicates the operating system what action must be carried out when a drive is mounted, i.e. USB external drive, thumbdrive, CD-Rom, according to the latest BitDefender report autorun is also one of the most exploited methods to insert malware in computers, the Conficker worm for example created an autorun trojan on removable drives attached to the infected machine, autorun command, i.e. view, play file menu options, is executed without user intervention which is meant to be helpful but it carries a security risk being able to execute malware too.

BitDefender USB Immunizer

BitDefender USB Immunizer will warn you if autorun is enabled in your computer offering you to disable it with a single click, it will then create an Autorun.inf folder on your chosen drive (thumbdrive, SD card, etc) this file will stop malware from auto launching and will prevent itself from being overwritten by another program storing a hidden folder and other files inside Autorun.inf (where autorun commands are) making it hard for malware to locate and erasing it, if you ever need to erase the file yourself you can do so booting from a Linux live CD which will override windows file permissions.

An alternative to USB Immunizer preventing malware from launching exploiting Windows autorun feature is the open source project “No Autorun” which locks the default Autorun.inf file as opposed to creating its own like BitDefender does.

Visit USB Immunizer homepage

3 August, 2011
ETXT, a portable tool that encrypts text notes

ETXT is an open source program of only 97Kb in size, it doesn’t need installation, it can be executed from within a USB thumbdrive making it ideal for use at public computers, the software doesn’t need administrator rights to run either.

This free encryption notepad tool is very simple to use, the text can not be formatted with bold, colouring or any other fancy features, you simple write your message, click on Save and a .etxt (encrypted text) file will be created. To read the ciphered text message all that it is needed is to use the program to select the file and it immediately be decrypted as soon as you open it up, there is no password to be used.

ETXT encrypted text notes

I was very disappointed with this software, it claims to encrypt text messages but I could not find anywhere what algorithm they are using for that which makes me think that it could be some kind of untested home brew encryption algorithm, a bigger disappointment was the lack of password protection, anyone who comes across your encrypted text message can read it by just downloading the program and opening it up, all they need to do is guessing what software you used for encryption, if you really need that kind of weak protection you could encrypt and decrypt your messages online with the weak ROT13 or Base64 ciphers, there are plenty of websites for that.

Visit ETXT homepage

1 August, 2011
NotSharingMyInfo a permantent email forwarding address

There are many disposable email address (DEA) services but they are limited in time which means you have to get a new email every time you open an account and you have to use the webmail interface they provide you to retrieve email. NotSharingMyInfo will automatically send all email to your real email account and the forwarding address they give to you will not be deleted, you can reuse that very same address to recover passwords if necessary, a feature requiring the email you previously used for registration.

If you start to get spam you can cancel your NotSharingMyInfo email address asking for a cancellation email link to your real email address. The best feature of this privacy email address is that it is very quick to open an account with them, you are asked for zero details to sign up, just an email address where to forward the messages is necessary, a Chrome browser addon to create a disposable email address is available.

NotSharingMyInfo DEA address

I would have preferred it if the email domain name was something neutral not disclosing on the URL that it is a forwarding cover address, another problem is that if you want to reply to a message you will have to fake the headers to make it look like it came from your NotSharingMyInfo alias. The service appears designed to protect your privacy rather than spam, to stop spam is best to use a disposable email address with a time limitation and not made permanent.

If you want an alternative to this disposable email address you can open an account with an email service that allows aliases, I am using GMX and Yahoo Mail and they both allow me to create an alias that can be disabled and forwards to my real inbox but they require registration.

Visit NotSharingMyInfo website

31 July, 2011
LocBox adds encryption to files stored in the cloud

This addon utility will encrypt your files before they are sent for storage to the cloud, it is a good way to securely share folders online. Some online storage services that do not use encryption or services with a backdoor in their “encrypted” servers, like DropBox, will find it impossible to look at your files if you have encrypted them with LocBox before uploading it. This tool for secure cloud storage uses the AES256 cipher and SHA256 for encryption, there is no backdoor, if the key you have used to encrypt the files is erased, there will be no way to access the files.

The best feature of LocBox is probably how easy it makes to share files with multiple people, you can create various encryption keys and store all of the files in the same folder, because they have been encrypted with a different key, not everyone will be capable to access them even if they see the files. LocBox makes it very easy for users to identify what key has been used to encrypt each file, when someone access the folder online he will be able to identify his own files by looking at the used encryption keyfile.

LocBox cloud files encryption

The premium version of LocBox can be run off a USB thumbdrive, what I believe could be improved is that the password is shown in clear text and not behind asterisks, this is not suitable to be used at public computers where anyone could see what you type on the screen, on the other hand LocBox advantage over other encryption utilities is that it does not require administrator rights (once installed in the thumbdrive) which is one of the main obstacles when using portable encryption programs at public computers (internet cafe, library,etc).

Visit LocBox homepage

27 July, 2011
List of services to find out what company is hosting a website

The most common way to find out who is hosting a website is by doing a whois on the domain name and looking at the Domain Name System (DNS) which often leads to the hosting provider, but in occasions some webhost do not use an obvious NS name making it difficult to find out who the host is, it is also possible for those on a dedicated server to create their own custom DNS name throwing off the trail anyone investigating them, or to use a free DNS provider that helps hide the real hosting company.

HostLogr.com: This free service will show you a website data centre physical location, can be useful to troubleshoot ping rates and latency as well, it will also the website IP with a list of websites sharing the same IP, a common happening in shared hosting, but this does not mean that all those sites belong to the same owner, just that they are on the same server.

Who-Hosts.com: This service will name the webhosting company behind a website. If you are going to report abuse this is much more useful than finding out about the data centre since abuse reports should be send to the hosting company and not the data centre.

Who-Hosts finds out who is hosting a website

Whois.Domaintools.com: A very complete domain name information tool, with details about domain name registrar changes, IP history, whois history changes and DNS changes. This data will not tell you who is hosting a domain name but domain ownership and registration dates can help you work out what a website has been up to in the past. You will need the paid for version of Domaintools to get access to the most advanced features..

Ishostedby.com: A simple report tool showing a map with the exact geographical location of the server, the IP and the data centre where the server resides, a data centre is also the ISP for that server/website, if a hosting company ignores an abuse report it might be worthwhile try to send an abuse complaint to the data centre as a last resort.

26 July, 2011
Monitor network bandwidth and perfomance with PRTG Network Monitor

PRTG (Paessler Router Traffic Grapher) Network Monitor is a Windows only free monitoring tool to scrutiny network traffic and evaluate performance (i.e. availability and usage), it enables network administrators to find out the CPU and memory load providing live readings. This network tool displays very detailed information with easy to understand graphs allowing you to see what traffic is roaming through your network, PRTG Network Monitor comes preconfigured with templates for various devices, it can analyze any device attached to your computer network, including routers, servers and firewalls.

PRTG Network Monitor software

Understanding network usage is fundamental to optimize it and avoid bandwidth bottlenecks, network monitoring software helps you discover traffic jams and troubleshoot network problems. The software is comprehensive, it has an intuitive multilingual interface that can be password protected, access is possible using an Internet browser locally or over the Internet, using an iPhone/iPad app (called iPRTG) or using a Windows GUI. A system tray balloon will immediately notify you of problems when they occur, if you are away from your computer just set up notifications to your email or mobile phone via SMS, the free version comes with 10 sensor types (over 100 sensors in the commercial version) looking at TCP/IP connectivity, HTTP, SMTP, FTP, SSH, etc.

PRTG Network monitor includes a packet sniffer that makes for a good alternative to Wireshark, it can monitor network users capturing packets and find out what websites they visit in real time, if you suspect an unauthorized person is using your wireless network this home network software will help you find out their hardware MAC address and what they are doing, once you choose the network adapter you would like to monitor (i.e. wireless or Ethernet) you can instruct PRTG to log all captured traffic to review it later on.You will need some basic understanding of network protocols before using this tool, other than that, it is very easy to manage.

Visit PRTG Network Monitor homepage

24 July, 2011
Hide Firefox bookmarks encrypting them with Link Password

Link Password is a Firefox addon to encrypt your Firefox browser bookmarks using the symmetric AES cipher, you could combine Firefox Private Browsing mode that runs in RAM memory and does not save anything to your hard disk, with this privacy Firefox addon that will hide what your favourite sites are, it can be useful for those sharing computer at home or an Internet cafe, library, etc.

If you already have bookmarked link you can choose to encrypt them, Link Password can encrypt individual links or the folders containing them, it uses its own protocol “linkpassword“, the links can be renamed and rolled back if necesary, when you click on a link you will be asked for the password before it can be opened, decryption and encryption of bookmarks can be done with using a right click.

Link Password Firefox privacy addon

An alternative to Link Password would be to create an encrypted container and store Firefox Portable inside (including bookmarks), but encryption software like Truecrypt requires administrator rights and can not be used at libraries and Internet cafes where you are logged in as a user.

Visit Link Password Firefox addon

23 July, 2011