Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name, URL, IP address or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).
Uses multiple public blacklists (alientvault, autoshun, badips, sblam etc)
Has extensive static trails for identification (domain names, URLs, IPaddresses or User-Agent values)
Optional heuristic mechanisms for detection of unknown threats
Based on Traffic -> Sensor <-> Server <-> Client Architecture
Virtualization is almost as old as our beloved integrated silicon chips.
At the beginning of the 1960s, there had been two major computing issues.
First, many individual mainframe models were bespoke, so incompatible.
The other stumbling block was that as integrated processors became more powerful, institutions wanted to implement flexible “timesharing” between multiple users.
IBM dismissed this multi-user batch processing was definitely the future! But in 1963, it lost a large MIT contract to General Electric. Realising its huge mistake, IBM developed the general purpose S/360 architecture, which could be implemented on a wide range of compatible systems. In 1965, IBM released the S/360-76, the world’s first mainframe to support virtualisation. And the rest is very much history.
When it comes to mass spying, the best game in town is not CIA or any of the alphabet soup agencies. Private companies and data brokers have been doing data collection on a massive scale, and given their advanced statistical methods, this information can say a lot about a person. In fact, I’d say that what they have is better than what the alphabet soup has, and their data has a lot of implications.
This started when companies like Amazon realized that they can make a profit every step of the way: sell items to customers, sell customers’ data to data brokers. Data brokering has since become much bigger, and so the data collection methods have also become much more extensive. There are many ways to gather mass data, and these are just the ones I can think of off the top of my head: first, many websites straight up sell their data to brokers. This includes many online vendors, all kinds of popular sites (not all of them, but some of them), adult entertainment sites, you name it. If those sites do not sell data, dishonest brokers can and do embed tracking ads on sites that accept them, revealing a user’s entire browsing history. Then of course there are companies like Google, that sell user search histories.
Today I will show you how to easily block the servers hosting Spotify ads on your Linux/Mac or Windows machine. This will allow you to listen all day long on a free account without hearing a single ad. This trick is very simple, legal and works great. Spotify may catch on and find some way to stop this from working but, as of today (10/07/2018) it works swimmingly.
Blocking Ad Server
In order to remove those pesky ads, all we need to do is setup out hosts file to override the DNS for Spotify’s ad servers and redirect that traffic to our local machine. When the traffic hits out local machine the call will fail and the ad will be skipped. Follow the steps below to add the entries needed.
This has been going around on the ‘Net the past few days. It has been found that Windows 10 uploads data to its servers even when every “feature” and app that normally might be expected to do that is disabled/uninstalled. For example, even if you don’t use the Cortana voice-command feature or Bing search, stuff is still being uploaded to Microsoft servers related to this. And even when users choose to not participate in any sort of customer improvement options and disable any kind of tracking, it is still tracking and uploading things.
Not only is this a big privacy issue, there is also a system performance issue, as extra CPU cycles must be run and disk and network activity must occur to process these telemetry-related tasks.
And it is also the case that Windows 8.1 and 7 also are now doing this. Microsoft has been adding all these telemetry and tracking aspects to them lately through Windows Update, making them closer to Windows 10.
The advice from many experts now is to not go near Windows 10. Do not install it. Retain your privacy and control over your systems.
Below are instructions for disabling the unwanted telemetry/tracking in Windows 7 and 8.1
Afraid to answer a bit background knowledge is necessary first.
Viruses hardly exists any more. Programs that infect other executables, overwrite parts of them and/or add new code to them is not how malware spreads nowadays in most cases. In windows that distinction is not really necessary, windows users use the term “virus” to describe every form of malware (and user error, sorry, couldn’t resist 😉 ). But in Linux that distinction is important as virus scanners in Linux do exactly what the name says…they scan for viruses. They don’t protect you against attacks from websites in any form. And on top of that they hardly even scan for Linux viruses…there are only very few proof-of-concept Linux viruses at all. And due to people never installing anything themselves but always packages provided by the distro through the package manager there is almost no attack surface for traditional viruses…no spreading of .exe saying they are the most fancy screensaver or similar. So the Linux virus scanners actually mostly scan for windows viruses, for example in a mail server scanning email attachments before delivering the mails.
There’s been a lot of discussion about Telemetry in Windows as well as avoiding the Windows 10 upgrade. Here is the list of service bulletins we compiled and what they do. It should be noted that even when not installed, they may appear again so this will require some effort on your part. Most people will simply not bother with this but it’s great information for any tech to have at their disposal or simply for research purposes.
If you have already installed Windows and did a few updates, then head over to Control Panel > Programs and Features > View Installed Updates then go from the top to the bottom through the list to ensure none of them is installed, if you do find one installed, then uninstall it, reboot, then check for updates and once it appears right click on it and hide it.
I would suggest oup-out of them, which can be done by, right-clicking them in Available Updates List, and choosing "Hide Update".
KB2505438 (Although it claims to fix performance issues, it often breaks fonts) KB2670838 (This update often breaks AERO on Windows 7 and makes some fonts on websites fuzzy. A Windows 7 specific update only, do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install to avoid this. KB2952664 (Windows 10 Upgrade preparation) KB2976978 (Windows 10 Upgrade preparation) KB2977759 (Windows 10 Upgrade preparation) KB2990214 (Windows 10 Upgrade preparation) KB3021917 (Windows 10 Upgrade preparatioon + Telemetry) KB3022345 (Telemetry) KB3035583 (Windows 10 upgrade preparation) KB3068708 (Telemetry) KB3075249 (Telemetry) KB3080149 (Telemetry)
Hi my name is Anis! And I’m a full time Linux user and I know a lot about it. It’s a great system, does not spy on you, and makes it very difficult to get malware. In the past few years, it’s also become a great platform for gaming, too. Here’s the answers to a bunch of questions I usually hear about Linux from Windows users.