Security Hardening for QNAP NAS product

Just sharing some of the method i took to secure my QNAP NAS, if you have additional idea on how to further secure the NAS please comment. thanks

  1. Disable default admin account and create a new administrator account
  2. use very strong password,
  3. 2nd factor authentication,
  4. hard disk encryption (it will be more secure to manually enter the password every time NAS reboot instead of saving it)
  5. turn off services that you are not using
  6. forced https connection only and use custom port number
  7. install anti virus, anti malware,
  8. enable auto update,
  9. turn off 3rd party app install,
  10. enable qnap security counselor,
  11. turn on notification for all events
  12. subscribe to security advisory newsletter
  13. more tips https://www.qnap.com/en/how-to/faq/article/how-to-make-your-turbo-nas-more-secure/

PC Hardware Info

Just sharing a simple application for you to retrieve your PC Hardware Info

Click here to download the program

How to use

1. After unzip the files
2. Run either HWiNFO32.exe (For Windows 32bit) or HWiNFO64.exe (For Windows 64bit)
3. In the pop screen, click run

4. A comprehensive hardware details will be shown

5. If you have more than 1 RAM module installed, it will be shown in the drop down box.

Wanna Cry Ransomware Security Patch by Microsoft

You can download the Windows security patch here but do take note that the security patch will only work if your computer NOT infected by wanna cry ransomware. To check whether your computer running 32bit or 64 bit please right click my computer and click properties.

Windows 32/64 bit

Windows 7 32 bit – KB4012212_-_Win7_32bit_wannacry_patch
Windows 7 64 bit – KB4012212_-_Win7_64bit_wannacry_patch
Windows XP 32 bit – Windows_XP_SP2_32bit_wannacry_patch
Windows XP 64 bit – Windows_XP_SP2_64bit_wannacry_patch

Source:
Windows 7
Windows XP

Complete Anonymous Web Browsing

How does it work?

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable).

Get it now Tor Browser

This $299 tool is reportedly capable of decrypting BitLocker, PGP, and TrueCrypt disks in real-time

To those who concern about their security, remember to always shut down your computer instead of leaving it in hibernate or sleep mode.

Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008. The price tag isn’t outrageous, but EFDD will still set you back a solid $299.

Continue reading

ABOUT SECTION 114A

What is Section 114A?

Section 114A is the second of two amendments made to Malaysia’s Evidence Act 1950.

Law Minister Nazri Aziz tabled the second amendment, formally known as Evidence (Amendment) (No2) Act 2012, in Dewan Rakyat on 18 April. James Dawos Mamit supported the motion, and Section 114A was passed after the second and third reading. On 9 May, Dewan Negara passed the amendment.

The amendment was gazetted on 31 July 2012. This means the law is now operational.

What is the purpose of Section 114A?

Section 114A deals with allegedly illicit or harmful content on the Internet. In short, the amendment enables law enforcement officials to swiftly hold someone accountable for publishing seditious, defamatory, or libelous content online.

How does Section 114A affect you?

Titled “Presumption of Fact in Publication”, Section 114A holds the following people accountable for publishing content online:

(1) those who own, administrate, or edit websites open to public contributors, such as online forums or blogs;

(2) those who provide webhosting services or Internet access; and

(3) those own the computer or mobile device used to publish content online.

In other words, if allegedly defamatory content is traced back to your username, electronic device, and/or WiFi network, Section 114A presumes you are guilty of publishing illicit content on the Internet.

But what if you were the victim of identity theft and a hacker wrongfully used your Twitter or Facebook account to post defamatory content?

Under Section 114A, you are still considered guilty until proven innocent.

What is wrong with Section 114A?

Section 114A is problematic for a number of reasons:

i) It disproportionately burdens average Internet users who are wrongfully accused of publishing seditious or defamatory content.

ii) It makes Internet intermediaries–parties that provide online community forums, blogging and hosting services–liable for content that is published through their services.

iii) It allows hackers and cyber criminals to be free by making the person whose account/computer is hacked liable for any content/data which might have changed.

iv) It is a bad law passed in haste and does not take into account public interest and participation.

To get more details on how Section 114A could affect you, check out the infographic below:

How will Section 114A affect the freedom of expression?

Section 114A threatens the right to freedom of expression. Internet users may resort to self-censorship to avoid false accusations made under Section 114A. Bloggers, for example, may excessively censor comments made by their readers. As a result, Section 114A inadvertently stifles public discussion about pertinent political or social issues and protects public authorities, such as the State, from public scrutiny.

Source: http://stop114a.wordpress.com/what-is-section-114a/

CPU Heat Sink

Bought a new heat sink Cooler Master Hyper TX2 (cost SGD39) for my aging computer “Pentium D”, but the job of installing of the heat sink is really one tough nut to crack.

Spend more than an hour to install it because of the unstrategic design of the legs (underneath the fan) and have to make sure that all the legs are properly secured…