Jump to content

Sampei.Nihira

Member
  • Content Count

    764
  • Joined

  • Last visited

  • Days Won

    19
  • Donations

    $0.00 

Sampei.Nihira last won the day on January 17

Sampei.Nihira had the most liked content!

Community Reputation

338 Excellent

About Sampei.Nihira

Profile Information

  • OS
    XP Home

Recent Profile Visitors

3,134 profile views
  1. In chrome-based browsers this is possible through an extension. The best extension from a privacy point of view is: https://chrome.google.com/webstore/detail/font-fingerprint-defender/fhkphphbadjkepgfljndicmgdlndmoke?hl=it
  2. It's indirect protection. If they change the method of attack it will be in vain. I personally prefer to use a direct block. I put a custom rule in NVT OSArmor that blocks Finder.exe: [%PROCESS%: *\finger.exe] In OSes later than W.XP it is easy to get a firewall hardening for the most abused commands via the tool below: https://hard-configurator.com/download/ LOLBin - Add If a rule is not in the list it is easy to add it.
  3. @VistaLover [OT mode on] My friend if you want to reduce the fonts fingerprint consider that our browsers have this function: https://www.ghacks.net/2016/12/28/firefox-52-better-font-fingerprinting-protection/ Some time ago I inserted the default list of Tor fonts. [OT mode off]
  4. https://www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/ It is interesting to note that Finger.exe is also available in Windows XP. The exe is in the "System32" folder. This type of attack will probably never affect our OS. But considering the rarity of use of the Finger.exe command, it might be interesting to consider blocking it. Adding a rule to block the connection in your firewall has the same effect. P.S. For OS after W.XP, for example w.10 x64, the rules are at least 2 because you also need to lock the ex
  5. @to All Always enable "click-to-play" mode. When you don't need to use Flash you can hide the plugin with the rule: about:config plugin.scan.plid.all If your browser doesn't detect the Flash plugin probably (but you need a test to know this for sure) you don't have to worry about unwanted connections.
  6. More Flash Player test: https://browserleaks.com/flash
  7. You do well. I've been sleeping well since last Friday. https://www.wilderssecurity.com/threads/0patch.386344/page-4#post-2981136 However, this warning thread + solution might be useful to some other MSFN member.
  8. 1) PAExec does not encrypt the data: https://github.com/poweradminllc/PAExec/issues/31 Even the officially supported version for XP (v. 2.11) encrypts data. 2) Development seems to have stopped many years ago .... too many. It would be interesting to find out which version of PsExec.exe is embedded in the latest version of PAExec 1.28. 3) It probably suffers from the same vulnerability discovered recently.
  9. For more info see the article below: https://www.bleepingcomputer.com/news/security/windows-psexec-zero-day-vulnerability-gets-a-free-micropatch/ Just today PsExec.exe v.2.21 is out: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec After downloading the tool I discovered that the version of PsExec.exe is v.2.30. Although in the system requirements is specified from Windows Vista onwards through CFF Explorer I discovered that in: so it can also run with Windows XP. I use PsExec in my Windows XP pc with the command: psexec -
  10. EasyList does not have a malware tag in the Filterlist. Just do a simple search by Tags. The purpose of the list is to block ads: If the blocking of ads also prevents the opening of pop-ups with possible malware content as a secondary effect, this decreases in value for those who use the Kees1958 list + Noscript. As you can see in my custom lists there are antiphishing and antimalwares lists as well. And in "my filters" I use my very personal Spamhaus list of 17 rules compared to the default of 10. Not to mention the rule: ||HTTP://*^$third-party,~stylesheet,~med
  11. I have two custom lists that are more efficient than the predefined ones: 1) Extremely Condensed Adblocking List 2) EU US most prevalent ads & trackers ABP format And as you can see I have also entered the specific language list: 2A) EasyList Italy (minified) These lists are more than enough to stop ADS. Note that I also use Noscript. Those who don't use Noscript can set uBlock Origin in medium mode. To get an ADS block with identical effect.
  12. Please read Tomaso's final comment which might be useful for MSFN members using Github: https://forum.palemoon.org/viewtopic.php?f=70&p=206033&sid=d31d63cf2d7940d63dbdc9e6d97abd7d#p206033
  13. Thank you for your test. So that's it for the chinese Flash.
×
×
  • Create New...