Windows RDP vCPU08 RAM16 SSD300 Service Start from $5

Best Configuration and Cheapest Windows VPS-RDP Service in Fiverr. Even the whole Online MarketPlace. Guarantee Windows RDP & VPS Service for Any kind realtime works Like Gaming Server, Streaming Server, Run SEO Software, and many more. Hi-Speed Connection for Download & Upload
Package Offer:
Package 01 – $ 5
-2vCPU
-2GB RAM
-75GB SSD
-Windows Server 2012/2016/2019
-Minimum 1GBp/s Connection
—————Buy it Now———————————–
Package 02 – $ 15
-4vCPU
-8GB RAM
-150GB SSD
-Windows Server 2012/2016/2019
-Minimum 5GBp/s Connection
—————Buy it Now———————————–
Package 03 – $ 25
-8vCPU
-16GB RAM
-300GB SSD
-Windows Server 2012/2016/2019
-Minimum 5GBp/s Connection
—————Buy it Now———————————–

How to close all torrent ports on Windows [closed]

I used to use Deluge to download stuff from torrent (like Linux ISOs), but now I stopped doing it as it’s a huge risk security-wise. I uninstalled Deluge, but I wonder what I have to do to find out whether some torrent ports are still open and I’m at risk of being attacked.

Also, is there a way to find out if I’ve been attacked through torrent?

Does this registry entry for implementing custom protocol handlers in Windows present a security risk?

Background

Some features are not yet available on the web platform and thus require cooperation with a native application in order to provide them. One method for a web application and a native application to communicate with each other is a custom protocol handler.

For instance, the web application can call "mycustomproto://some/params", where "mycustomproto" must first be registered with the operating system as a valid URI protocol. On Windows, this is done in the registry. There are a few keys/subkeys/values etc that must be added to the registry, but only one actually deals with specifying the executable and it’s parameter(s).

Note that once the protocol handler is registered with the operating system, it can be launched by any website that knows of its existence, subjecting it to potential abuse.


Example Windows registry value for this purpose

All of the examples that I’ve found documenting this show the following:

C:\myapp.exe "%1"


Primary Question

Assuming that the registered handler (e.g. "myapp.exe") has zero possible security flaws, is the above example registry value sufficient for ensuring that malicious websites are unable to piggyback additional commands and/or arguments?


Clarifications

  • For the purpose of this question, please assume that the protocol handler (e.g. "myapp.exe") is incapable of exposing vulnerabilities of its own – it’s idle – it launches, does nothing, and quits. This question is specifically related to the browser and/or OS and the "execution" of this registry value.
  • Can malicious actors somehow escape out of the "%1" double quotes and cause the browser and/or OS to run additional commands (e.g. && C:\Win32\do-something-malicious.example.exe)?
  • Similarly, can malicious actors somehow send additional arguments to the protocol handler? Or does the "%1" ensure that the handler will only ever receive a single argument?
  • If this registry value is insufficient to only ever call the protocol handler (and nothing more) with a single argument, is there a better way?

What are the security implications of adding an Intermediate Certificate into the Trusted Root Store in Windows?

I have 2 certificates (one root and one intermediate).

In Windows OS, the Root certificate is in the trusted root store (for current user). The other intermediate certificate (signed by the root CA), is to be found (under current user also) under the Intermediate CA store.

I am using SSL verification in one of my client applications (Kafka Confluent) and realized the client only enumerates certificates in the root store. Therefore SSL handshake fails (the intermediate CA is needed).

One solution is to import that certificate into the Trusted Root Certificate Authorities. With that solution, SSL verification at client works. However, is there any concern in doing so?

From security point of view does it make a difference if the intermediate CA exists in the Root store vs the Intermediate store on Windows?

UPDATE If more context is needed as to what exactly I am facing you can check the issue here https://github.com/edenhill/librdkafka/issues/3025

Windows Exploit Protection: what is SEHOP setting: “TelemetryOnly” for?

I’m reading myself into the different exploit protection methods from MS. One is SEHOP, if I check it e.g. with PS:

Get-ProcessMitigation -System

I get:

    Enable                             : NOTSET     TelemetryOnly                      : OFF     Audit                              : NOTSET     Override SEHOP                     : False 

What is "TelemetryOnly" ? Internet search was not successful so fare.

Thanks for hints and resources!

moving files from veracrypt store logs on windows?

If i move a file from an non-hidden encrypted drive to my main C drive, then move the original file to a hidden container on the encrypted drive, then wipe the original file with ccenhancer/secure erase, is that doing enough to ensure the original location isnt Knowles? Or does windows log moved files by default and someone could tell if the copied file came from the encrypted drive? Additionally, do softwares like ccenhancer/secure erase remove "recently viewed" logs from applications in case they are opened from either hidden or non hidden volume?

Windows and Linux from a DBA prospective

I’m considering moving into the DBA field and have begun reading in areas of SQL and Database design theory however I’m not sure how to approach Windows and Linux.

I’ve passed the CompTIA A+ in 2006 so I’m familiar with Windows for a 1st line support perspective however should I be reading literature which is more catered toward DBA and if so can anyone suggests an appropriate book?

I will also need a suggestion for Linux.

Many thanks

Proxy problems on windows 10

Hello,

I tried to find a solution but in vain.

I have recently changed my PC which is running on windows 10 (x64).

After installing GSA SER, I pasted 100 private proxies. While testing proxies, all proxies are not verified, i.e., all proxies failed. 

On the other hand, I am using the same proxies on a VPS running on windows server 16 with GSA SER and they are running fine.

Therefore looking for help to configure windows 10 so that proxies should be tested properly.

Thanks,