Browsed by
Category: phishing

Configuring Quad9 on pfSense

Configuring Quad9 on pfSense

Quad9 is a DNS platform that adds a layer of security. It does this via standard DNS queries/responses. Basically, if a machine on your network queries a known bad hostname, the Quad9 DNS server responds by stating that domain does not exist (NX DOMAIN or non-existent domain). If you would like a bit more info on Quad9 including some speed benchmarks against other DNS services, I would suggest an earlier article, Quad9 – First Thoughts & Benchmarks. This post is all…

Read More Read More

Quad9 – First Thoughts & Benchmarks

Quad9 – First Thoughts & Benchmarks

Changelog 29Nov2017 – Originally published 6Dec2017  – Provided download links to DNS Benchmark tool and associated ini file Quad9 is the collaboration of IBM X-Force, PCH, and Global Cyber Alliance. It provides a DNS platform that combines high performance with security by blocking known malicious domains. At the time of this writing, Quad9 was using 19 threat feeds. I’m not going to get into the marketing speak because quite frankly, enough folks cover that well enough. Quad9 Main Site New…

Read More Read More

Testing SPF, DKIM, and DMARC

Testing SPF, DKIM, and DMARC

If you are interested in a step-by-step implementation of SPF, DKIM, and DMARC, there’s a post for that! It’s on this site as well and it will walk you through the entire process. https://www.linuxincluded.com/implementing-spf-dkim-and-dmarc/ Before you jump into testing SPF, DKIM, or DMARC, you need to verify where your authoritative DNS nameservers are. The easiest way to do this is by going to a Linux command line and performing a whois. # whois linuxincluded.com   Domain Name: LINUXINCLUDED.COM   Registry Domain ID: 1985890536_DOMAIN_COM-VRSN   Registrar WHOIS…

Read More Read More

Implementing SPF, DKIM, and DMARC

Implementing SPF, DKIM, and DMARC

If you made it here, you might not be interested in the why’s of implementing the holy trinity of anti-email spoofing. However, if you’re still uncertain whether you should or shouldn’t, just do it! With the guide below, you’ll see it isn’t all that difficult and when used together, they provide great benefits like brand protection, reducing a phishing attack vector, less chance of your legitimate marketing emails ending up in spam, etc. It also makes you and your domain a…

Read More Read More

Stop CEO/CFO Domain Spear Phishing

Stop CEO/CFO Domain Spear Phishing

Pretty bold title… While it is nearly impossible to stop any motivated attacker/phisher, I also believe in doing every bit you can to improve your environment and these steps will go a long way to helping your situation. I will talk about two primary ways to put an end to CEO/CFO spear phishing. Realize upfront that you should not do one step without the other. I will also talk about the ins and outs of these techniques as well as some of…

Read More Read More