Building Your Own Privacy Package

Discussion in 'privacy technology' started by Reality, Aug 5, 2014.

  1. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    The OS has SP3 and all updates until MS EOL support ended. The ICS service whether set to manual or disabled the
    results are the same. The connection is set manual (static) IP and DNS servers. Didn't try it with DHCP assigned.
    Kerio is also set to ' stop all traffic ' on bootup.
     
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Which method did you use to disable the NetBIOS ports? One of the NetBIOS options in WWDC prevented Kerio from starting. If you can post the registry/service settings for that, I'll compare those to mine tonite and try a few more test configurations.
     
  3. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    untitled.JPG Connections.JPG
    The WWDC utility added some changes to registry when clicking on Enable NetBIOS button.
    (ports 137-139)
    // only tested that particular setting and not all reg changes may have been captured.

    Modified values:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT
    Key Name: Start
    Value data: 2
    // Value data was 4 (disable)
    // Other ControlSet keys were changed as well in HKLM.
    // Another HKLM was changed, but looks like a key that continually changes.
    // 4 Values were added under one of the HKEY_USERS subkey as well.

    Windows Settings:
    Advanced TCP/IP Setting > Disable NetBIOS over TCP/IP is checked in WINS tab.
    TCP/IP NetBIOS Helper Service (disabled)
    Service Name: LMHosts

    Screenshot shows Kerio firewall status when ICS service is set to manual and Kerio
    firewall set to enable traffic.
    Result: Show all network Connections.(none)
    Restart ICS service and Network Connections now show and PFWADMIN.EXE, however must reboot
    to load PERSFW.EXE.

    Other Screenshot when testing other apps, but shows normal Kerio loads.

    Task Manager does show process PERSFW.exe running.(before rebooting)
    Changed Kerio setting back to Stop All Traffic.

    Also noticed 3 more messages on (had to click on each one) logon screen.
    Kerio Personal Firewall Driver: Unable to attach 'UDP '
    Kerio Personal Firewall Driver: Unable to attach 'IP '
    Kerio Personal Firewall Driver: Unable to attach ' RawIP '

    Again.This popup message only occurs when ICS service is not running.
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    There's the difference. On mine, the start setting is 3 (on demand). On this setting, Kerio works while the NetBIOS ports remain closed.
     
  5. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    The port closing whether Start key set to 3 or 4 is the same result. Ports are closed. The issue is with Windows
    Firewall (ICS) service when set to manual or disable is preventing Kerio and connections from functioning
    properly.

    Windows Firewall (ICS) Service
    Dependencies: Network Connections
    Remote Procedure Call (RPC)
    Windows Management Instrumentation
    Default: (started) Automatic

    Event viewer > System category (related to logon screen popup message)
    Description: The description for Event ID (4000) in Source (fwdrv) cannot be found.
    The local computer may not have the necessary registry information or message DLL files to
    display messages from a remote computer. You may be able to use the /AUXSOURCE=flag to retrieve
    this description: see Help and Support for details. The following information is part of the
    event:\Device\FWDRV, Unable to attach 'TCP'!
    // One of the four errors reported in Event viewer
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Just for information purposes, does your system show the Kerio service having any dependencies? This is odd. On my units with the NetBIOS start set on 3, the status of the firewall has no effect on Kerio.
     
  7. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Checked Kerio service and it shows no dependencies. Set Start for NetBIOS to 3 , but get same error results.
    Could be another reg tweak since I've made many modifications.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Are you working with a virtual or physical system?
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I've got the default SP3 unit updating now. Looking at the size of that update list, this looks like it's going to take a while. I'm hoping that I can create separate reports for each update.
     
  10. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Currently working with a physical system. I had to revert back to a previous image backup which is very
    similar to current setup, but shouldn't be the cause of Kerio and Windows errors AFAIK.
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm limited to virtual XP at the moment. Getting very low on hard drive space, especially with my old external drive developing problems. A while ago, I reclaimed the XP system partition for data. I'll try to get the virtual system finished and see if I can duplicate those errors as soon as I can. Might take a few days. Very busy time of year for me.
     
  12. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,776
    Just lurking here. Two puzzling things from few previous posts:
    1. This question is about posts 436 and 437. What's wrong with using a wireless mouse? What sort of USB/URB packets are undesireable in terms of security of privacy?
    I just moved one to an old Kerio using computer with only USB1, going through a hub, and it amazed me that it worked at all. It's Pentium 3 laptop :) Anyway I can't think of why two people think it's a bad thing.
    2. On this old XP-SP3 box, Windows firewall (ICS) is disabled. But Kerio can and did coexist with it enabled just fine. So I can't imagine the Kerio driver not starting when WinFW service is turned off.
     
    Last edited: Apr 27, 2015
  13. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,776
    How? Where did you set that? Perhaps blocks its own loopback?
     
  14. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    After further investigating I went through the Windows Services after reading a brief statement
    about a hidden dependency on Windows firewall and it relies on DHCP Client service being set to
    Automatic.(started) I don't use DHCP (manually configured), but left DHCP client running.
    // marzametal posted the article on this thread.

    Ran test with Windows Firewall (ICS) service set to manual or disabled and booted up machine. No more errors
    and Kerio loads properly and have network connections.
     
  15. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Right-click on Kerio tray icon and select ' Stop All Traffic '.
     
  16. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    Have a look at post # 377
    Right click the Kerio shield icon in taskbar and click "stop all traffic" before turning computer off.

    As for wireless mice, in my case, I can only say a little knowledge is a dangerous thing and I don't lnow enough to say they are safe, privacy wise. Therefore I prefer to think in preventative ways. I do have other reasons I don't like wireless in general..
     
  17. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Posted results in post #464. If you leave DNS Client service to manual and also Windows firewall (ICS) service
    to manual you might see those errors.
     
  18. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,776
    I didn't know it carries over through the next reboot.

    Wireless in general is fine so long as you've set the network adapter and Kerio rules to your network which should not be 192.168.1.x, for instance, since that's what everyhome has. That said, at home I'm always wired and NetBIOS enabled but only if ethernet, since I need it for correct resolution of my computer's names. And NetBIOS and SMB packets are limited to few of my IPs to share few mapped drives. As far as I can tell, anyone who comes here with Wi-Fi has no chance to get into my computers or printer, and I can do zilch between the computers if I use wi-fi. Just my 5 cents.
    Still can't see what a wireless usb adapter for mouse would do other than send hardware level packets. Perhaps someone can enlighten me/us?
     
  19. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    I (try to) remember to disable traffic before powering down (every night). When I boot next day, that lil red icon always shows, indicating traffic is stopped. Cant go online to I enable it so it survives a cold boot.
    Hopefully they can. Meantime, I'll trust my cautious nature :cautious:.
     
  20. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    ...and I am still procrastinating with my wireless mouse... piece of...!!!
     
  21. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    A wireless mouse wouldn't have as many security issues as a keyboard. With a wireless keyboard, the potential for remote keylogging is there as is the potential to send keystrokes and/or entire commands. Remote control and/or monitoring of a mouse isn't as useful to an adversary, especially if they can't see the desktop or work area. My primary security concern would center around how the wireless receiver (and its drivers and components) on the PC would respond to unexpected or malformed traffic. Can commands be sent via the wireless connection? With many of the components and software being proprietary, I'd wonder just how closely this has even been examined by anyone besides the NSA. There's no way to know for certain just how vulnerable the wireless is to undesired or malicious traffic. Considering the level of system access the components have, I'd choose not to have wireless mice and keyboards adding to the attack surface.

    This aside, I prefer wired devices for more practical reasons like not having to deal with batteries. A friend who used wireless mice on a laptop had to replace them twice due to lost USB receivers. For most purposes, the benefits of the wireless aren't that much and don't justify the added complexity and cost, both the initial purchase and the maintenance (batteries).
     
  22. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    "piece of...!!!" yep, so I'd procrastinate no longer. That middle button gets a lot of use with me, and that's whats on its last legs with mine. Pushing it harder than Id like makes me want to throw it further than I can :) . Very junkie. Again...what was I thinking. I like noones reasoning. Lessening the attack surface as much as possible and if at all possible. One reason I shun wireless as much as can is the ever increasing EMFs around us. One of the worst offenders is smart meters. I have successfully circumvented having one of those hideous things installed, and the powercos are trying to force and bully people more and more into getting them. In my jurisdiction, they lie to the consumer saying they're mandatory when in fact theyre not (yet). Smartmeters are a gross invasion of your privacy. PERIOD.
     
  23. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I hear you loud and clear on the smart meter topic. I still haven't had one installed, so happy. They insist I do. ~ Snipped as per TOS ~ Mandatory is just a word. You're kidding, you guys have been given the choice of "optional". Here, it is set as mandatory, which isn't legal, but means "they have to try their best". Lol.

    Would you happen to know of the proper name of the gadget/gizmo/thingamabob that measures EMF levels? I would like to see how many GeoCleanse bars I'd need to neutralise my block. The creators say one is enough, but I am sceptical. I also wish to test out their pendant strength, see how many is required to maintain a neutral reading past my front fence.

    Anyways, back to the wireless mouse topic. You think replacing batteries is annoying, or the mouse wheel abuse? My wireless mouse has this little strap that sits inside the battery slot. Pulling on it releases the battery easier than picking at it from a corner. It is about 2mm longer than it should be, so it sticks out a tiny bit from the battery cover. Oh man, when that lil' piece flicks up and hooks onto the mouse pad, makes scratching sounds... WHERE IS A LEMON GUN WHEN YOU NEED ONE!
     
  24. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    @marzametal I believe this is what you're looking for....

    https://www.youtube.com/watch?v=s99i0H-nBw4 The Sounds of Different RF Radiation Sources with a HF Analyzer
    https://www.youtube.com/watch?v=xJzBeUeXb0Q
    https://www.youtube.com/watch?v=s-oJnvCZrt4

    Here's a couple of links which give a lot of information on the privacy issues and health issues, respectively. I don't necessarily agree with everything these sites adhere to or their links but for the most part they're on the button for the issue at hand.
    https://smartmeterpowerstruggle.wordpress.com/
    http://www.stopsmartmeters.org.nz/health-issues/

    I've never heard of "neutralizers" and Id also be skeptical. In my way of thinking, prevention is better than cure. As such, our analogue meter board has a padlock installed (in such a way as to be impossible to remove outside of vandalizing the board) and a cautionary notice to any would be trespassers. We also have an agreement with our powerco that they won't force this on us. Id fully recommend that strategy for those who care about their privacy and health at the very least. With each passing day building a privacy package involves looking at the whole picture of how everything is getting more tightly integrated and forcing its way into our private lives. They're taking over our homes without firing a shot. In times to come it's going to be more important to try and secure everything that even hints of any electronic component.
     
    Last edited by a moderator: Apr 28, 2015
  25. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Seconfig XP app setting: Accept responses only from queried DNS servers.

    Does Seconfig XP add 'QueryIPMatching' reg key to the Windows registry with a value of 1?

    Possible HKLM key locations:
    \Tcpip\Parameters
    \Dnscache\Parameters

    // By default, the resolver accepts responses even from servers it did not query.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.