Advanced Persistent Threat (APT) Groups

There are APT group list on https://www.fireeye.com/current-threats/apt-groups.html

Firewall selection consideration

Product
Company
Certifications	NSS Labs Security Effectiveness for NGFW - ?% Effectiveness for BDS - ?% Effectiveness for IPS -?% ICSA (Firewall, IPSec, SSL, Antivirus, NIPS, Antispam) IPv6 VB 100 - ?% AV Comparative - ?% Cyber Threat Alliance
# interfaces	GE RJ45 GE SFP 10GE SFP+ Modules Slot
Throughput and Performance
Firewall Throughput	This is raw throughput, the measurement of traffic flowing through the firewall without necessarily being subjected to antivirus scans, content filtering, intrusion prevention, data loss checks and similar steps. The figure can also vary by protocol and packet size. Some vendors may cite 1500 Byte TCP whilst others 64 Byte UDP 1518/512/64 byte UDP
IPS Throughput	Gbps(Optimal traffic),  Gbps(Enterprise Mix)
NGFW/UTM Throughput	Gbps(Enterprise Traffic Mix)
SSL Inspection Throughput
AV Proxy Throughput
Sessions
New Sessions per second
IPSec VPN	Gbps
Tunnels	No. of Tunnels (e.g. 10000)
SSL VPN	Gbps
Firewall Policies
Latency	Microsecond
Remark	When compare between different vendor on performance, it need to confirm they are using the same assumption to provide the figure (e.g. Vendor A will enable all features when testing throughput but Vendor B will disable all features)
Features
SD-WAN
DNS Filter
Web Filter
IPS	(No. of signatures)
Anti-Spam
Antivirus Gateway
Sandbox Integration	Cloud and/or On-perm
Application Control
SSL Inspection	443 Port only or ALL ports?
Data Leak Prevention (DLP)
Content Filtering
Web Application Firewall (WAF)
Reverse Proxy
Forward Proxy
Virtual Domain
High Availability
3rd Parties Security Solution Integration
Power Supply	Single or Dual PSU
Operation
Administration Effort	High/Low
Management	Console/Web
Reporting
Automation
Vendor Support
Cost
Licensing/Subscription
On-going cost /Maintenance cost

 

Reference:

https://www.manxtechgroup.com/small-business-firewall-guide/

Email migration from Rackspace mail to Gmail (G-Suite)

The source server need to select IMAP and the server address is secure.emailsrvr.com

Reference for how to setup the wizard and migration tools on Google:

https://support.google.com/a/answer/6351474?hl=en

Sophos SG UTM and XG Firewall

Astaro Security Gateway has been renamed Sophos UTM (Sophos SG)
Cyberoam become Sophos XG

Microsoft Internet Security and Acceleration (ISA) server 2000, 2004, 2006 or a Microsoft Forefront Threat Management Gateway (TMG) server 2010 EOL, one of the option are using Sophos SG UTM as a replacement.

Sophos SG UTM – Traditional Firewall comes with full coverage security function.

Sophos XG – Next Generation Firewall (NGFW) comes with full coverage security function PLUS heart-beat function, heat beat means firewall can be communicates with Client PC to stop threat exposure.

UTM: Unified Threat Management

NGFW: Next Generation Firewall

Huawei Firewall USG 6305 – Basic Setup and Upgrade Firmware

1. Set fixed IP on laptop (e.g. 192.168.0.2 /24) and connect to ETH 0/0 (Port 0)

2. Open browser access https://192.168.0.1:8443

3. Default login : Username: admin Password: Admin@123

4. Force change password

5. Follow the setup Wizard to complete the basic setup

Remark:

1. Download firmware (You need to register a free customer account by using the product SN or contract number)

For USG 6305, you need to use the mini one

2. After upgrade , delete the old one (To free up space)

Dell Inspiron 15-3567 replace hard disk to 2.5” 7mm SSD

1. Remove all Screw under bottom and under the battery

2. Remove the keyboard

3. Remove all Screw under the keyboard

4. Remove the cover and you will see the hard disk

How to find a log of Microsoft Store on Windows 10?

Open Command Prompt and run “wscollect”

The logs will be store at your desktop:

Unzip it by using 7zip:

You will able access to those logs

#Logs

#Troubleshooting

Reference:

https://superuser.com/questions/1257486/windows-10-app-store-where-are-logs

北斗衞星導航系統（Beidou Navigation Satellite System, BDS）provide service globally and how to check your mobile device is it support?

One of the sample method is install GPS Test on your Android phone (https://play.google.com/store/apps/details?id=com.chartcross.gpstest&hl=zh_HK)

Use the GPS test filter to show Beidou only, if there are no satellite signal being receive, it is probably your phone did not support.

Reference:

http://en.beidou.gov.cn/

The Hong Kong Satellite Positioning Reference Station Network (SatRef):

https://www.geodetic.gov.hk/tc/satref/rawstream.htm

Example of support tracking system:

https://www.rehabsociety.org.hk/zh-hant/%E3%80%8C%E8%B9%A4%E8%B7%A1%E6%98%93%E3%80%8D-e-track-system/

The third one LTSC (LTSB) of Windows 10 released - 1809

Reference:

https://docs.microsoft.com/en-us/windows/windows-10/release-information

Allow Microsoft Windows Update (Windows 10) pass-thru Sophos XG Firewall proxy (SFOS 17.1)

Add the following exclusion URL under Microsoft Windows Updates exception list:

^([A-Za-z0-9.-]*\.)?tlu.dl.delivery.mp.microsoft\.com/

^([A-Za-z0-9.-]*\.)?au.windowsupdate\.com/

^([A-Za-z0-9.-]*\.)? download.windowsupdate\.com/

Reference:

https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-troubleshooting

Allow Kaspersky Update pass-thru Sophos XG Firewall proxy (SFOS 17.1)

Add the exceptions policy, ^([A-Za-z0-9.-]*\.)?geo.kaspersky\.com/

Reference:

https://support.kaspersky.com/6105

Create firewall service for proxy only on Sophos XG Firewall (SFOS 17.1)

You need to Add TCP and UDP from ALL Source Port to Destination Port which is your proxy server for connect

Android 8.1 Oreo released on Nokia 3

Cumulative Update for Windows 10 Version Next (10.0.18305.1003) have been released

Windows 10 Insider Preview 18305 (19H1) to Fast Ring released

New Control Panel on Windows 10 Insider Preview 18298

It show your Microsoft account status on the top of the panel.

Nokia 5 receive Google Security Patch (Dec-2018)

Windows 10 Insider Preview 17763.194 (RS5) (1809) (Dec 2018 Update) (2018-12 CU) to Slow Ring released

Windows 10 Insider Preview 18298 (19H1) to Fast Ring released

MacOS VM on Virtualbox on Lububutu – Upgrade MacOS

A few notes from another users and forum:
1. Updates – this image is 10.13 and the latest is 10.13.6, but the update install never finishes after a reboot and it just tries to install the update, reboots, etc. Here is the fix:
1.a Install the update but shutdown instead of reboot. It will update a few things and then shut down, turning the VM off.
1.b Start the VM again, but as soon as the screen turns black, start to hammer the F12 key. Make sure your keyboard is grabbed by the VM. If you managed to hit F12 at the right time, the VirtualBox EFI should pop up. If the VM starts up normally, go back to step 3.a (yes, you have to download and reinstall the update again)
1.c Now use your arrow keys to select “Boot Manager” and hit Return, then launch the “EFI Internal Shell” from there.
Inside the shell, type the following commands:
Shell> fs1:
FS1:\> cd “macOS Install Data”
FS1:\macOS Install Data\> cd “Locked Files”
FS1:\macOS Install Data\Locked Files\> cd “Boot Files”
FS1:\macOS Install Data\Locked Files\Boot Files\> boot.efi

Essentially, Apple moved the update boot.efi and Virtualbox is running the regular boot.efi and the update doesn’t finish.

If you get “Installing High Sierra” and then a progress bar that takes about 50 minutes, you are golden. Anything else and something is messed. I successfully got the latest xCode running on the latest High Sierra in virtualbox.

 

Until Virtualbox fixes where it looks for the boot.efi, you will have to do this for every update.

If you success upgrade, you will found the OS version become 10.13.6

Reference:

http://archive.is/Stfe5#selection-2709.0-2759.98

https://www.wikigain.com/fix-virtualbox-macos-high-sierra-screen-resolution-1920x1080-4k-5k/

https://www.wikigain.com/fix-macos-high-sierra-screen-resolution-virtualbox/

https://mysolutions.tech/2018/04/virtual-sierra/

The base VM

https://techsviewer.com/install-macos-high-sierra-virtualbox-windows/

MacOS 12.12 on Lubuntu Virtualbox

Windows 10 Insider Achievements Badge – Flight Major have been released

#Builds4Badges

#Flight Major

Dell Support Assist for Non-Admin Users login pop up to request administrator privilege resolution

Solution: Change the service startup to “manual”

Reference:

https://www.dell.com/community/SupportAssist/Dell-Support-Assist-for-Non-Admin-Users/m-p/6056737#M84409

English Office 2016 Home and Business install Proofing tools for Taiwan Chinese

Step 1: Go to download the Proofing tools for Taiwan Chinese:

https://www.microsoft.com/zh-TW/download/details.aspx?id=52668

Step 2: Install this "proofingtools2016_zh-tw-x86.exe"

Step 3: Done.

https://support.office.com/en-us/article/add-an-editing-language-or-set-language-preferences-in-office-663d9d94-ca99-4a0d-973e-7c4a6b8a827d?ui=en-US&rs=en-US&ad=US

Reference:

http://www.cityu.edu.hk/csc/install-guide/tcsctranslate.htm

To resolve the RSS feed exceeds 512KB Size Limit

Add “?max-results=3” after the RSS feed URL

e.g. http://billyfung2010.blogspot.com/feeds/posts/default?max-results=3

The issue have been fixed.

Reference:

https://www.youtube.com/watch?v=NFPZJWaGuNI

Windows Movie Maker on Windows 10 and alternative and also good software to reduce video size on Windows 10

Good software to reduce video size:

https://handbrake.fr/

Shotcut

https://www.shotcut.org/download/

https://www.techradar.com/reviews/shotcut

https://www.techradar.com/news/the-best-free-windows-movie-maker-alternative

Download Windows Movie Maker Free Archived

https://www.winmoviemaker.com/

Netgear R6400 - WiFi 5GHz channel disappear regularly

Symptom:

5GHz channel disappear after few days 

Solution:

change the wireless channel to another less interface with nearby AP.

Reference:

https://kb.netgear.com/25182/Resolving-poor-5GHz-wireless-range-signal-from-my-NETGEAR-router

https://kb.netgear.com/25057/NETGEAR-Range-Extender-is-not-detecting-the-5GHz-wireless-band-of-the-NETGEAR-router-or-the-5GHz-connection-is-intermittent

Cannot enter " " when using US - international keyboard in outlook 2016 on Windows 10 1803

If you are using the English (Hong Kong SAR) with US - international keyboard, you will not able to enter “ “ in Microsoft Office Outlook 2016 on Windows 10 1803

A Intelligence Health Bracelet official apps might be infected malware