Securing Your Domains

If you are responsible for any website domain, PLEASE make sure you secure you registrar account, setup MFA and have a long complex password. If you lose access to your registrar account or your hosting account and/or FORGET to renew your domain then the bad guys definitely will help you out by taking it over. I just spent about 4 hours helping a friend track down ownership of their domain. It is hosted on WordPress and luckily I still have admin access to that. They have email from that domain and it is hosted with Google Admin. We were also able to reach out to the company who hosts the domain, albeit pro bono for the last several years, something they would love to offload. I contacted GoDaddy and since I can’t provide proof of a GoDaddy account then I am in a Catch 22 right now. I did submit an email to [email protected] and submit a request on their site changeupdate.com. The key to this whole thing is the whois record. It shows Wild West Domains as the registrar which I know is a reseller (subsidiary) of GoDaddy. Unfortunately the domain was renewed on 11/1/23 which either means it was automatically renewed and we need to find the good owner, OR it was forgotten about and a bad guy purchased and renewed it on their account and is looking for a big pay out. We know also the WordPress has several updates needed and the content on the site has been completely changed to some Japanese blog. I am now waiting on the abuse department to reply back to my request.

If this domain was not set to auto renew then it goes to the open market after so many days and is fair game for anyone to renew. This actually happened to Google a few years back. So if a large company can lose access to their domain then so can you. – https://jasr.me/lost-google-domain  

Stay tuned for more on this story…

Update:

I was able to get access to the domain dns and it was an account that has been set up years ago and forgotten about. I update the account info and password and documented everything. The host was able to restore the site for a couple of minutes by overwriting the WordPress core files, but the bad script soon took over again and the site is still in a hacked state.

My options now are to wait for the host to make a backup export and send to me via a FTP account that I setup for them so I can restore the site files and sql database on my host or to completely start a new WordPress site and start from scratch. I’m hoping for the first option.

I just loaded the site and see it’s restored on the front end but the backend admin portal is still hosed.

And just refreshed and it’s back to bad…again.

Stay tuned for more updates on this website recover journey.

LinkedIn Post

Izzy Tech Support

#BabyIzzy was very talkative before I started filming. Once I started she was confused. I also put my headset on her and she was trying to figure that out…

I think she will be a great customer service rep.

GRC Link Shorteners

Source: https://www.grc.com/securitynow.htm – Leo Laporte and Steve Gibson as Star Trek characters. “Live long and prosper.”

I have created an Excel doc that I am tracking all of grc.sc link shorteners. This is an Excel file stored in Dropbox, with my own link shortener to make it easier to go to.

https://jasr.me/grcsc

I have referenced grc.com and Security Now many times on this site. I started listening to it faithfully back in 2010 when my then new boss and now friend enlightened me to wonders of Leo Laporte and the Twit network.

GRC is Gibson Research Corporation and SC is Short Cut

Here are the links to subscribe to the podcast and show notes.
https://www.grc.com/securitynow.htm & https://twit.tv/sn

Often times Steve will reference an external website, article, picture, or other media and then he makes it “short cut of the week.” He used to use bitly but then people started to pre-register the same bitly links for his show and then he created his own shortcut domain using YOURLS. I liked this so much that I also created a shorter domain jasr.me and used YOURLS for my implementation.

Thank you Leo and Steve for this long lasting podcast. 999+
As of this writing there are 942 episodes.

The History Of My Web Domains

I will build this out chronologically and explain what I have done in the last 20 years on the web. Starting with indycrewworld.com in December 2004.

December 2004 – purchase indycrewworld.com from luckyregister.com and host on powweb.com
This started my journey in to web development.

October 19, 2005 – purchase icwnow.com from luckyregister.com and host on powweb.com

These are other domains that I was involved with in the past:

nxlvlent.com bluestartwarriors.com mlambphotography.com mlambphotography.info jk-entertainment.net blackriverkennels.com doubleunlimited.com greatlakeslawnscape.com luckytouchchimneysweeps.com kristiseymour.com pclprobiz.com

These are other domains I currently own and when they were first registered.

icwnow.net – 11/11/10

jasonlamb.me – 4/12/12

jasrasr.com – 5/22/17

jasr.me – 8/29/22

jasonlamb.co – 10/14/22

MORE TO THIS STORY, COMING SOON…

World Architecture Day & Cybersecurity: Building a Secure Foundation

Not my own words but I think they are important enough to share. Thank you Tom Blair (IT Director at Middough Inc.

As we look ahead to October 2nd, we anticipate the celebration of World Architecture Day – a day dedicated to honoring the art and science of designing and constructing spaces that shape our world. Just as architects meticulously plan and build structures to withstand various challenges, we, too, must fortify our digital landscape against the ever-evolving threats in the cyber world.

 In the spirit of this occasion, we would like to draw parallels between the principles of architecture and cybersecurity to emphasize the importance of safeguarding our company and personal data.

Strengthening Our Digital Defenses

 In the world of architecture, the foundation is the key to any resilient structure. Similarly, in the digital realm, our collective actions are the foundation of our security. Let us take this opportunity to discuss critical steps that each of us can take to enhance our digital security, while drawing parallels to architecture:

Cybersecurity Awareness: Just as architects understand the materials they work with, each team member should have a basic understanding of cybersecurity. This knowledge is akin to an architect’s deep understanding of construction materials, enabling them to make informed decisions for the structural integrity of a building.

Password Hygiene: Like using high-quality materials in construction, use strong, unique passwords for your accounts. Think of your password as the structural framework of a building—strong and resilient.

Multi-Factor Authentication (MFA): Implement MFA, which is akin to adding multiple layers of security to a building. It ensures that even if one layer is compromised, there are additional barriers to protect sensitive areas.

Phishing Awareness: Be vigilant against phishing attempts, which are like unexpected design flaws in a building. A keen eye for detail in architectural design helps identify flaws, much like your ability to spot suspicious elements in emails or websites.

 Software Updates: Regularly update your software and devices, just as architects ensure buildings are well-maintained. Updates often include security patches that protect against known vulnerabilities – similar to ongoing maintenance in the architectural world.

Safe Browsing: Exercise caution when visiting websites, just as architects assess the structural integrity of a building before entering. Only enter websites you trust and avoid unsecured connections, much like entering a well-designed and maintained structure.

Our Collective Commitment to Security

On this World Architecture Day, let us commit to building a strong, secure digital foundation for our company. Just as architects imbue their creations with creativity and innovation, let us infuse our cybersecurity efforts with the same spirit of ingenuity. We must continuously adapt and improve our security measures to protect our valuable assets and uphold our reputation.

Remember, just as architects transform blueprints into awe-inspiring structures, our individual and collective efforts can transform potential vulnerabilities into robust defenses. Let us celebrate World Architecture Day by fortifying our digital world and ensuring the safety of our company and clients.

Thank you for your dedication to our shared mission and let us work together to build a secure future!

#iheartarchitecture #middough

It it’s not tied down…

This just just shows that the bad guys are only getting better. No matter how much security we think we have, we need to constantly test ourselves. “…attacks always get better, they never get worse…” #BruceSchneier

Given enough time, the bad guys will find a way. It’s unfortunate, but true. The bad guys are highly motivated by money. There is a LOT of money in being bad. There’s not enough monetary motivation to being a good guy. You just have to want to do it for moral reasons. On a recent #SecurityNow podcast, Steve Gibson laid out all the millions of dollars that were gained by the top recent attacks and the company behind those attacks.

If you are responsible for your company’s security then you need to educate your users regularly on security measures and best practices. If you are a human and have any username/password combination then you MUST use MFA when you can, or when offered. Time-based is way more secure than SMS. You MUST use a reliable password manager because you MUST NOT use the same passwords on different accounts. Help yourself stay secure because the bad guys will help themselves to your data. I PROMISE YOU!

#security #data #motivation #podcast

Courtesy: Steve Gibson from #SecurityNow Podcast – grc.com/sn/sn-928-notes.pdf

Grandma Lamb

Grandpa Jerry Lamb and Grandma Lavonne Lamb (~1960) – Adobe Photohop Neural Filters, Colorize and Photo Restore

YouTube Link to Celebration of Life videoYouTube Link to funeral service video
Dropbox link to Celebration of Life with original music

For My Grandma Lavonne Lamb (1938-2023):

“I can only imagine, What it will be like, When I walk by Your side
I can only imagine, What my eyes would see, When Your face is before me
Surrounded by Your glory, What will my heart feel?
Will I dance for You Jesus, Or in awe of You be still?
Will I stand in Your presence, Or to my knees, will I fall?
Will I sing hallelujah? Will I be able to speak at all?
I can only imagine.”

Credit: Bart Millard of MercyMe – ” I Can Only Imagine”

MY Grandma Lamb doesn’t have to imagine. She is there and oh what a sight! You are the matriarch of this Lamb Family. You may have been born a Cline, but you have been a Lamb for 65+ years. Without you I would not be here. Grandma, without you, twenty-five of us would not be here today. Between the 25 immediate family members here (including all great grandkids), you’ve been loved for a combined 600 years plus. I had to round for some ages and weddings. Both of your kids turned out great. Most of your grandkids turned out pretty good. There’s still hope for Jeremy. All of your GREAT Grand kids are amazing and beautiful. Alex will get there. Sorry buddy, you have me to blame for that.

Alex, I am so grateful you were able to meet all your great grandparents. Unfortunately, I did not. Well, I don’t remember most of them. My Great GrandMOTHER Lamb passed away when I was a little younger than you. I remember seeing all the crying and didn’t quite understand. I do now. It’s truly amazing how God can take a stubborn military-trained, fighting machine, idiot like me and make me into a softy when it comes to things like this. It wasn’t too long ago that I can remember saying I only cried 5 times in my life.

  1. When my Great Grandmother Lamb died, at her funeral. I remember looking at my Aunt Pam and my dad and they were crying, so my eyes started watering too
  2. My dad wrote me a letter that I read when I went off to Army boot camp
  3. My son was born, watching We Were Soldiers afterwards
  4. Marrying my wife
  5. My daughter was born
  6. And now, My Grandma passing

You may know two things in life are certain, taxes and that other thing. I can tell you a few others. Grandma always had ice cream. She always wanted to make sure you had enough to eat and you were probably looking like you needed to eat some more. Most would call that skinny. But in the South, you’re just looking a little too unhealthy if you don’t have some meat on your bones, also a little gravy too. Grandma is a southern gal through and through. She may have been in Indiana for the last 60+ years but she is from the south.

I know the general statement of “Grandma is in a better place.” Truly only God knows a person’s heart but we mere humans see their actions and hear their words. Not once can I remember my Grandma getting angry or upset or loud or frustrated (besides a little with Grandpa). I actually remember her reminding us to trust in God and live for him. Jeremy has a snapchat video proving this if you want to watch it later. She always expected us to pray before our meals and of course wash our hands. I remember being tucked in bed by her and she reminded me to say my night time prayers. These are words of a God-fearing woman. I know she went to church every Sunday and was in BSF, a weekly bible study with Mrs. Mary Ann DeMotte. I know every one who knew her had only the best things to say about her, once they found out I was her Grandson.

A final thank you to the wonderful staff at Otterbein for taking care of my Grandma in her last years. I am sorry if she was anything but the most pleasant person you have ever met, because she was. We can blame that on her failing mind. Thank you to the Bell family and staff. Thank you to Pastor Gary Johnson for the service. I have known you since first attending Indian Creek in 1994 and most of us grew up there. Grandma was there on many occasions, as well. I still use some Johnson-isms when teaching to my Middle school boys at my church in Cleveland. Thank you to the family who came into town from all over. Thank you to the Grandma’s friends or friends of the family who are here to support us. Thank you to my beautiful wife. I can only hope and pray for 65 years on this earth with you. Grandpa, thank you for showing your family how to be a Godly loving husband, father, grandfather, and great grandfather. And finally, Grandma, you will forever be missed on this earth. Until we see each other again, in Heaven…I love you.

God Bless you all and thank you.

Remember The Fallen

Source: https://www.facebook.com/VeteransRemembrancePage/
Source: https://www.facebook.com/photo/?fbid=390974186579923&set=a.390974153246593

As we approach a holiday weekend and Memorial Day Monday, I’d like to put this out there again…

PSA – ANNUAL REMINDER: Memorial Day is not for those who are serving or those who are still living and served. Memorial Day is for those who paid the ultimate price and are no longer with us. Memorial Day is for the Fallen. #rememberthefallen

Don’t tell a vet, “Happy Memorial Day”. There’s nothing ‘happy’ about loosing a fellow comrade in battle.

Don’t tell a vet, “Thank you for your service” on Memorial Day. We are still alive. You can thank us on Veterans Day.

#TilValhalla #MemorialDay

Goodbye Windows 10, Hello Windows 11

Are you tired of annoying Windows 10/11 feature updates? Do you want to stay on Windows 10 instead of prompting for Windows 11?

LOOK NO FURTHER
grc.com/incontrol.htm

From the brain behind GRC (Gibson Research Corporation), Steve Gibson (twitter: @sggrc) has a tool just for you. It’s called InControl. It sets a couple of RegEdit keys that keep your computer on the current feature version.

With ONE CLICK to either “Take Control” or “Release Control”, YOU can decide whether your computer gets the next feature update, no Microsoft.

This is a free tool and does not need to install. You run the simple exe and BAM!

I have this on my own home personal Asus laptop running Windows 11 22h2 and I actually did a Google search for when the release of Win 11 23h1 because I didn’t know because I was still IN CONTROL of my Windows 11 major feature updates. The answer was 2/5/23.

Also, if you didn’t know, Microsoft just announced it will not be releasing any more feature update/semi-annual roll ups for Windows 10. Win 10 22h2 was the last. You will still get monthly updates until Oct 2025 for Windows 10.

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-client-roadmap-update/ba-p/3805227 (posted 4/27/23)

#TLDR – Don’t be afraid of Windows 11. It’s the same as Windows 10 with a few rounded corners and a centering start menu. Update now or at least before 10/14/25