Upgraded to Win7 and was told PCTools wasn't compatible
Who or what told you this? Windows 7?
I have that version I mentioned downloaded and have been meaning to give it a go and see what happens on my end. Having said that, do the same with that version. Who knows, it might work for you since you indicated the other didn't and it may be because of the version. I don't know.
As to the cryptic nature of my post. LOL Well. that's typical for a lot of what I say and has been for almost two decades now. I'll see if I can't shed some light on the things I was talking about that
think you don't know about.
A) Executable signature.
Find a known executable like for example, Adobe.exe or something. Right click that file, chose properties, see that tab up there called Digital Signatures? This can "help" in IDing that the file is legit, but not always. It's called
code signing and it SHOULD be used for EVERYTHING. Up to and including firmware for routers,
IoT, you name it. About router firmware, this could help prevent crap like
this and
this. I see it get blocked all the time on my website. It's like Tor (the "dark web"/Onion routing) but waaaay more sneaky and robust. It's why I chose to use third-party firmware for my router of ASUS Merlin or DD-WRT.
B) ASN
Autonomous System Number. You know what an IP address is. How about a range of them? Like 192.168.1.0-192.168.1.155 or its CIDR (Classless Inter-Domain Routing) 192.168.1.0/24. Now imagine a whole bunch of CIDRS (ranges in a group) That's an ASN. Here's all the ranges for one ASN for Amazon AWS (Amazon Web Services).
https://bgp.he.net/AS14618#_prefixes You'll note there are other service providers withen that ASN. What's great about whole ASN blocking in pfSense is that it covers the whole damn hosting provider, ISP, etc. So If I want to block AWS, I can block all of their ASNs, but, I have to be conscientious on the possibility of other service providers withen that ASN. Sometimes there are multiplay ASNs where legit ISPs are mixed with hosting providers and what not. So you have to weed it all out by hand at the CIDR level for blocking. This is what I do on an almost day by day basis for my website at the Cloudflare level (a reverse proxy offering a security WAF Web Application Firewall) and with a PHP (Hyper Text Pre-Processor. It's just code) based firewall at the website as well. So I have two layers of protection.
C) IDS
Intrusion detection system - Wikipedia pfSense offers this with Snort.
Snort (software) - Wikipedia
D) Zerotier
ZeroTier - Wikipedia
Instead of having to port forward a port to allow your friend's to play a local network of World of Warcraft or something, you can use Zerotier. It's great because an open port
is an open invitation for a hack. Same goes if UPnP (Universal Plug and Play) is on. Ever use Team Viewer? It's able to communicate right past firewalls and routers because it makes an HTTP connection straight from the software its self. No port forwarding and what have you required (well, not for very strict networks). Zerotier is like the same thing, except I use it to access to my own private Team
Speak server for audio delivery from my "police" scanners (they're communication receivers). I can access my local FTP server for file transfers, etc. It's cross platform so I can do this via an App or Windows.
E) File hash.
Cryptographic hash function - Wikipedia
Basically means this long ass number is associated to this file and no other file. If one thing, just one thing changes within that file the whole damn hash number is different. So, if I calculate a hash for a file and check that hash at VirusTotal, and if that file was already uploaded to Virus Total, I'll get a virus report without having to upload the file because the hash already matches that specific file in that state that was already uploaded. The type of hash VirusTotal uses is SHA256 (
some say Jamaican kush, but that's another story...). SHA256 is the same hash used for Bitcoin and maybe others, I don't know.
How do you calculate a hash for a file? Lots of software out there will do it, I use
HashTools. So when I download a file (even a damn image), I compute its SHA256 hash, and then check the hash at VirusTotal (can't copy/paste anymore it seems. Have to control+V via the keyboard into the input search box). There is other software that does this with the VirusTotal API (Application Program Interface) at Github.
Now here's some real dorky stuff. I uploaded what is called a
canary token (like a web bug so to speak) to VirusTotal to see who would open the file (security researchers) and found about 90% of all IPs were from China. The rest from Russia.
Interesting to note, the U.S. Cyber Command is not in this article. Maybe I need to fix that.
https://en.wikipedia.org/wiki/VirusTotal
https://www.zdnet.com/article/us-cyber-command-starts-uploading-foreign-apt-malware-to-virustotal/
https://web.archive.org/web/2018110...-uploading-foreign-apt-malware-to-virustotal/
I think that takes care of the cryptic nomenclature.
