Clik here to view.
Application Network Connection Monitoring With Splunk & uberAgent
This is part 1 of my application network connection monitoring series, a group of articles that explain how to analyze the network traffic of any Windows or macOS app. The communication targets of the...
View ArticleMS Office & Teams: Network Connection Target Hosts
This post lists the internet communication targets of Microsoft Office and Teams. It is a part of my application network connection monitoring series, a group of articles that explain how to analyze...
View ArticleWindows OS, Services & Apps: Network Connection Target Hosts
This post lists the internet communication targets of the Microsoft Windows operating system, including its various services and UWP apps. This post is a part of my application network connection...
View ArticleCitrix CVAD: Network Connection Target Hosts
This post lists the internet communication targets of Citrix Virtual Apps and Desktops (formerly XenApp/XenDesktop). This post is a part of my application network connection monitoring series, a group...
View ArticleAdobe Acrobat & Photoshop: Network Connection Target Hosts
ContentsTL;DRAbout This DataWhat Is This List?Where Does the Data Come From?List of Adobe Acrobat Reader, Photoshop, & Creative Cloud Network Connection Target Hosts This post lists the internet...
View ArticleClik here to view.
Top 10 IT Security Tips for Individual Users
Contents1. Install All the Updates2. Completely Disable MS Office Macros3. Use a Simple PDF Reader Like Sumatra4. Do Not Reuse Passwords5. Enable Two-Factor Authentication (2FA)6. Use a Password...
View ArticleClik here to view.
How to Check the TPM Status & Enable the CPU’s fTPM/PTT
The recent Windows 11 announcement has created a lot of confusion due to the requirement for a trusted platform module (TPM). This article explains why your machine almost certainly has a TPM, how to...
View ArticleClik here to view.
Checking Windows Hello Key Storage: TPM or Software?
Windows Hello for Business (WHfB) stores a cryptographic key on the device. The preferred storage location is a hardware TPM module. However, if a TPM is not available, the key may be stored in the...
View ArticleClik here to view.
Finding (Executables in) User-Writeable Directories
ContentsDirectory Scan With ListUserWriteableDirectories & SetACLHow Does It Work?How to Scan the Filesystem With ListUserWriteableDirectoriesDirectory Scan With Sysinternals AccessChkAccessChk vs....
View ArticleClik here to view.
DNS Exfiltration & Tunneling: How it Works & DNSteal Demo Setup
ContentsHow DNS Exfiltration & Tunneling WorkVariant A: Talk Directly to the Attacker’s DNS ServerVariant B: Use the Regular DNS Resolver ChainPros and Cons of the VariantsWhat is DNSteal?DNSteal...
View Article