Building Your Own Privacy Package

Discussion in 'privacy technology' started by Reality, Aug 5, 2014.

  1. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    There's another reason for creating address specific firewall rules for DNS.
     
  2. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    True.

    To view Resolver Cache:
    Open Command Prompt
    Type: ipconfig /displaydns <enter>

    NOTE: When DNS Client service is set to manual or disabled command prompt will show:
    Could not display the DNS Resolver Cache.

    Also does the Network Connections Status page (General) tab show errors (counts)?
     
  3. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    When you set it to manual or disable it, are you manually setting your DNS server IPs? Regarding the resolver cache, I'm pretty sure that when the service is disabled, there is no Resolver Cache. As long as I manually set DNS IPs, there hasn't been any errors displayed.
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    @ noone_particular Re Post #446

    Those apps are still very useful, & "possibly" some might work on other OS's.

    Yes HTAs did used to be run as trusted by default !

    Script Defender is what i've been using also.

    *

    No wireless Anything here !

    @ Compu KTed

    Yes Seconfig XP does add 'QueryIPMatching' reg key to the Windows registry with a value of 1?

    In both HKLM key locations:
    \Tcpip\Parameters
    \Dnscache\Parameters
     
  5. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Yes, the DNS servers are manually set & service is disabled. So you read o error counts in connection status?
     
  6. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Not sure, but \Dnscache\Parameters may be incorrect key path.
     
    Last edited: Apr 28, 2015
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I haven't seen any. I don't see where they'd be displayed. Got a screenshot of this?
     
  8. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Last edited: Apr 29, 2015
  9. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Thank you. The possibility of someone changing stuff as the radio receiver translates wifi to mouse signals scares me a bit, but I still think it's unlikely and not useful to a criminal. But I really appreciate your comments, as usual :)

    A bit OT, since few of you commented about bad and expensive mouses:
    I once had a wifi mouse some vendor gave us in the '90s. It was a clunky, slow, huge, terrible device. Trash bin in a day.
    Technology has changed.
    When my good old normal mouse stopped working and was beyond any repair or cleaning, I was unable to get a non wifi mouse in any of local stores here. They thought I was out of my mind wanting a mouse with a cord :(

    So the one I now have is M185 by Logitech, was about $12 almost a year ago, last June. Original battery (one AA no special brand alkaline) still functions fine. Some other Mxxx is about 6 months old and also runs on the original battery that's included.
    The 2Ghz radio receiver/translator is tiny. It sticks out of the laptop in the back exactly 5mm so can stay there forever.
    No slowness, fast as a normal mouse. No crosstalk, each has some unique ID.

    No special drivers needed. Standard M$ HID and mouse drivers for XP dated 2001 recognized it, as did newer drivers on Win7. Of course we don't know the security of Logitech conversion routines from radio to mouse data inside that little receiver, so it might be of some concern I suppose if they don't throw away expected USB/URB... packets going up and down and can translate them into something other than mouse x,y,button parameters and windows accepts it.
     
  10. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It would ultimately depend on who you regard as a potential adversary. If you're a whistle blower, leaker, or a dissident, your potential adversaries could be much more formidable than common criminals. I wonder what is possible with a small parabolic antenna tuned to the correct frequency.
    That surprises me. They're reasonable and easily available here. Stores like WalMart and Meijers have them, as do many of the discount "Dollar Store" type places.
     
  11. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    When you said that, I thought well sometimes it is an advantage to be in a country slow to adopt the "latest and greatest", afterall, such as mine. I don't have a problem getting wired mice here. I bought an el cheapo Logitech. When I see a good deal on a better wired mouse, I;ll go for that. Since people here think of a number and double it, I might be waiting a while.

    Regarding batteries, I have a real aversion to having to shell out for them...endlessly. In times past I would avoid anything with batteries like the plague, until I found out about eneloops. I have heaps of (genuine) eneloops which are amazingly forgiving and extremely reliable. They just go and go and go and Ive utterly thrashed them for years. They STILL haven't even had a slow reconditioning charge. High demand devices such as Cameras only use the "top end" of batteries so I'd just put those in the wireless mouse to get a bit more use before recharge. I found I was getting out of kilter with recharging and the logs I keep because they lasted so long in the mouse. That said, if all I had to worry about was batteries there'd be no worries. It scares me to think devices are going to do away with ports and plugs etc so your only choice will be wireless. :(

    I also wouldn't count on it that what TLAs call crime and what ordinary people call crime are necessarily the same. What their agenda is, is total control and to reign in anyone who crosses the line. In other words we're all at risk of being spied on. Afterall you're a terrorist for any number of reasons now.. Indeed they should be investigating themselves, not harmless people just exercising their right to choose. There's much more to this can of worms than meets the eye.
     
  12. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    If anyone has access to the last releases of SSM, Malware Defender and Kerio Personal Firewall... can they be uploaded somewhere please? I just realised I had VirtualBox installed, so I cracked open two VMs, one for Ubuntu x64 and the other for XP SP2 x64. I am just wondering, worth running an update on XP or disable auto updates altogether? Gotta' figure out what to replace this funny IE 6 with...
     
  13. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    @ Compu KTed

    Here are all the QueryIPMatching REG entries i could locate that Seconfig XP added

    QueryIPMatching.png
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm not sure if any of those will work on XP-x64. Regarding Kerio, I'm not sure what the last version is or if it's any good. A while back, I uploaded the last version of SSM-Pro here.
    For verification purposes, the file hashes are:
    MD5 8b0879140ace2e46f4c1800d083404d2
    SHA-256 93fb56802590987fe0e12452092b7c9278fe246ac1c771003fc32c5640552364
     
  15. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    AFAIK Kerio 2.1.5 which is the version we generally refer to here, is only for 32bit. If it's not the last version, from what I remember it was the last rules based only version. It also became a bit bloated. I don't update XP and haven't for years. I wouldn't recommend IE6. You might want to try SeaMonkey. Some of us are becoming more and more wary of FF. It's getting harder to keep track of whats going on with it. They've also so been too chummy with Google. I'm still using it, but I won't go past version 28.0 and when I can, I'll ditch it. As if there wasn't enough to keep our eyes on, we also can't guarantee that future versions of something won't be compromised in some way.
     
  16. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Filter rule in Kerio

    Description: IGMP
    Protocol: Other (2)
    Direction: Both directions
    Local: Any port
    Application: Any application
    Remote: Any address > Any port
    Action: Deny

    // only rule set in Kerio.

    Windows XP uses IGMPv3 by default.
    Supported values/versions (Microsoft Knowledgebase)
    Value | IGMP version
    2 | 1
    3 | 2
    4 | 3 (default)

    Do not have 'IGMPVersion' key listed under HKLM...\Tcpip\Parameters key path.
    I do have 'IGMPLevel' key with data value of 0 (disable IGMP and MLD processing)
    Internet Group Management Protocol (IGMP) is used for IPv4 multicast.
    Multicast Listener Discovery (MLD) enables you to manage subnet multicast membership for IPv6.

    The IGMPLevel entry is supported by Windows 2000, Windows XP Professional, and the Windows Server
    2003 family.
     
  17. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    The Kerio product... is it also known as Kerio WinRoute Firewall?
    http://download.kerio.com/archive/download.php
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    When I put together the reference on post 425, disabling UPnP with GRCs UNPNP utility resulted in a couple of prompts from Kerio for protocol 2 in what it called an unknown event. The IP was 224.0.0.22, which is IGMP version 3. See https://en.wikipedia.org/wiki/Multicast_address
    IGMP traffic appears to be involved in some UPnP functions.
     
  19. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If I recall, the old versions of KPF were based on the WinRoute firewall. The WinRoute firewall itself was a commercial product.
     
  20. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    KPW won't work on x64. It will install fine, but after reboot, throws up 32bit runtime initialisation errors. No biggie, I will create a XP SP3 x86 VB :p
     
  21. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Sunbelt Personal Firewall 4 does not run on the following operating systems: (Sunbelt acquired Kerio)
    * Windows NT
    * Windows 2000 Server
    * Windows 2003 Server
    * Windows 95
    * Windows 98 or Windows 98 SE (Second Edition)
    * Windows ME
    * Windows Vista
    *64 bit Versions of Windows

    Malware Defender (Help file)
    System Requirements:

    * Windows XP (32-bit)
    * Windows 2003 (32-bit)
    * Windows Vista (32-bit)
    * Windows 2008 (32-bit)
    * Windows 7 (32-bit)

    Not sure on SSM.
     
  22. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm pretty sure that both versions of SSM are 32 bit only. If I recall, there wasn't much available for XP-64bit. Not many used it.
     
  23. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    Kerio is set to alert on IGMP and SSDP filter rules. When testing GRCs UNPNP utility there were no prompts
    from Kerio.
     
  24. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Are you looking for Kerio 2.1.5, or the latest Sunbelt version (4.7.4 and 4.7.5) - both are 32 bit, stop at Win XP-Sp3.
    Or are you looking for the paid Kerio for enterprises?
     
  25. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Interesting. On every test unit I've tried it on, I get the same prompt.
    224..0.0.22.png
    In the "Customize Rule" options, the local and remote ports are shown as zero. I think Kerio regards port zero as any port or first available port, not sure.
    Perhaps one of your existing rules is already allowing or blocking it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.