Search found 12 matches

by luntrus
Tue Nov 22, 2016 11:52 pm
Forum: General discussion
Topic: Jumio.com – A Potentially Very Serious Privacy Issue
Replies: 14
Views: 2620

RE: Jumio.com – A Potentially Very Serious Privacy Issue

For the SSL certificate strength, there is a weakness in the GoDaddy DMV certificate:
Warnings
Root installed on the server.
For best practices, remove the self-signed root from the server.

luntrus
by luntrus
Mon Nov 07, 2016 11:37 pm
Forum: General discussion
Topic: WoT = VIRUS/SPYWARE - DO NOT INSTALL / UNINSTALL AS SOON AS POSSIBLE
Replies: 53
Views: 10811

RE: WoT = VIRUS/SPYWARE - DO NOT INSTALL / UNINSTALL AS SOON AS

The only thing we can hope for now is that de-anonymizing of info transferred was not intentionaly performedl. Acess to data can be bought legally from one source to another , whether by commerce or otherwise. Everything has a price. This is common big business everywhere. Google's enterprise is com...
by luntrus
Tue Oct 06, 2015 9:32 pm
Forum: General discussion
Topic: Could not save my new report
Replies: 0
Views: 193

RE: Could not save my new report

Solved it by logging out and on again. Will post that report later.
Good the issue has been solved. Gremlins gone.

luntrus
by luntrus
Sun Sep 06, 2015 4:03 pm
Forum: General discussion
Topic: Why do good websites turn bad?
Replies: 15
Views: 557

RE: Why do good websites turn bad?

When a website gets into the hands of the incompetent. When a website is being hosted by incompetent bulk hoster, where money comes first and security last., When an AS is condoning abuse all sorts. When server software is insecure, excessive server info proliferation, server misconfigurations, secu...
by luntrus
Sun Sep 06, 2015 2:19 pm
Forum: Site evaluations
Topic: procomputer.su
Replies: 18
Views: 851

RE: procomputer.su

Seems the bad web rep may stem from some other domains on that same IP: https://www.virustotal.com/nl/ip-address/5.101.152.35/information/ Site's security is OK: https://sitecheck.sucuri.net/results/procomputer.su Also consider this scan: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fprocompute...
by luntrus
Sun Sep 06, 2015 1:52 pm
Forum: Site evaluations
Topic: service-meleuz.ru
Replies: 17
Views: 589

RE: service-meleuz.ru

Some security recommendations for the site as volunteer website security analyst and website error hunter, also reporting on general avast security forums. Extensive server version info proliferation, take that up with hoster - nginx/1.9.4 Not necessary to give server info away. Some Netcraft Risk S...
by luntrus
Fri Nov 14, 2014 5:32 pm
Forum: Site evaluations
Topic: platia.byethost18.com
Replies: 3
Views: 288

RE: platia.byethost18.com

Phish - Server released on September 4, 2014 is exploitable via injected queries and POODLE when configered to use SSLv3. Blocked by an extension link from code to: htxp://c.statcounter.com/7832207/0/68ef6316/0/ Site is known as a PHISH: https://www.mywot.com/en/scorecard/platia.96.lt?utm_source=add...
by luntrus
Sun Jul 06, 2014 10:52 pm
Forum: General discussion
Topic: Have you tried the https-everywhere add on ?
Replies: 15
Views: 519

RE: Have you tried the https-everywhere add on ?

For some sites it can be a plus on others it could be a minus, as certain av-solutions generally only scan http sites. Check https only sites via: https://sslcheck.globalsign.com/nl & http://www.sslshopper.com/ssl-checker.html and of-course be guided by our WOT ratings! For https check with online c...
by luntrus
Mon Jun 09, 2014 7:29 am
Forum: General discussion
Topic: ESET Security Forum hacked
Replies: 3
Views: 255

RE: ESET Security Forum hacked

Right administering webforum software needs constant input output validation. Just one missed glitch/flaw in the forum software a mishandling of an admin account and an attacker that knows what to do with a tiny bit of excessive info spread (extensive header info, online nmap scan info and additiona...
by luntrus
Sun Jun 08, 2014 9:49 am
Forum: Site evaluations
Topic: sunpowerinc.com
Replies: 3
Views: 259

RE: sunpowerinc.com

Site is OK, but these issues could be dealt with: excessive header warning and clickjacking warning. See: http://fetch.scritch.org/%2Bfetch/?url=www.sunpowerinc.com&useragent=Fetch+useragent&accept_encoding= e,g: , x-powered-by PHP/5.3.2-1ubuntu4.24 ? This information is spread to the world and pote...