Your computer is logging this!

PC Security Channel
15 Apr 202507:25

Summary

TLDRThis video explores a quick and easy way to view the websites and services a computer is connecting to in the background by using the 'ipconfig /displaydns' command. The presenter highlights various connections, such as those related to Microsoft, Apple, Nvidia, and third-party software. The script also discusses privacy concerns and the role of telemetry in modern systems. Additionally, the video introduces a tool for preventing untrusted software from running, 'Threat Locker,' emphasizing zero trust and default deny cybersecurity practices to safeguard systems from malware. The video encourages users to stay informed and secure.

Takeaways

  • 😀 By running the command 'ipconfig /displaydns', you can quickly see a list of DNS resolutions your computer is making, revealing the websites your system is connecting to in the background.
  • 😀 The list shows common DNS connections, which can act like a cache to preload websites for faster access, but also provides insight into the software installed on your computer.
  • 😀 Microsoft-related domains such as 'microsoft.ure.net' and 'msidentity.com' are frequently seen, showcasing the telemetry and connectivity features built into Windows and Microsoft products.
  • 😀 Unexpected software like Wondershare and its connections to the internet can be spotted, highlighting how third-party software might communicate online without the user's knowledge.
  • 😀 The presence of Nvidia, OneDrive, and Office Apps in the DNS list indicates widespread connectivity by various software components installed on the system.
  • 😀 Even outdated software like Skype can still be found in the list, even though Microsoft plans to phase it out, showing that old software can continue to make background connections.
  • 😀 The list of connections can include not only Microsoft-related services but also Apple (iCloud.com) and gaming services like Steam and Gamepass, due to cross-platform software installations.
  • 😀 It’s possible to identify analytics tools such as 'Amplitude' in the list, indicating third-party companies might collect data on your system without direct user awareness.
  • 😀 The command 'flush dns' can be used to clear the cache, removing stored DNS records, allowing you to reset the list of connections and potentially reduce tracking.
  • 😀 By observing the list of DNS resolutions, users can become more aware of which software communicates online, helping them make informed decisions about privacy and data sharing.
  • 😀 Zero trust security models like the one provided by ThreatLocker can block untrusted software from running, preventing potential malware or ransomware from executing on the system.

Q & A

  • What does the command 'ipconfig /displaydns' do?

    -The command 'ipconfig /displaydns' shows a list of DNS resolutions, which includes the websites that your computer has accessed. This list is stored as a cache for quicker access to frequently visited sites.

  • Why does the speaker find it surprising that Microsoft and other companies dominate the DNS list?

    -The speaker is surprised because, while many connections belong to Microsoft-related services (such as msidentity.com and sharepoint.com), it highlights how much background communication Windows and other software do, which was unexpected to the speaker.

  • What is the significance of seeing software like Wondershare and Dell software in the DNS list?

    -The presence of these entries suggests that software like Wondershare and Dell may be communicating with the internet without the user’s knowledge. This could be for updates, telemetry, or other purposes, which could be concerning for privacy.

  • How can running the command 'flushdns' help a user?

    -Running 'flushdns' clears the cached list of DNS resolutions, removing all records of websites the computer has accessed. This can help maintain privacy or clean up the list if unwanted or unnecessary data is stored.

  • What is the purpose of Zero Trust security as mentioned in the video?

    -Zero Trust security focuses on blocking untrusted software by default. It ensures that any software running on the system must be specifically allowed, providing an additional layer of defense against malware or ransomware attacks.

  • What role does Threat Locker play in cybersecurity?

    -Threat Locker is a cybersecurity solution that implements a Zero Trust model, blocking untrusted software and only allowing specific approved software to run. It also monitors system behavior to detect and prevent suspicious activities.

  • What example of ransomware defense does the speaker demonstrate using Threat Locker?

    -The speaker demonstrates how Threat Locker blocks ransomware from executing on the system. When an attempt is made to run the ransomware, the software is prevented from running, and the system can analyze it safely in a test environment.

  • Why is it important for businesses to implement a Zero Trust approach?

    -Zero Trust is crucial for businesses because it prevents untrusted software from executing, thereby protecting systems from ransomware and other malware that could compromise data or operations.

  • How does 'ipconfig /displaydns' compare to using a tool like Wireshark for monitoring connections?

    -While Wireshark offers a detailed and advanced analysis of network traffic, 'ipconfig /displaydns' provides a simpler and quicker way to view DNS resolutions and the websites your system is interacting with, without needing complex tools.

  • What types of connections might appear in the DNS list that could indicate spyware or tracking software?

    -Connections to unexpected websites, such as telemetry services or analytics platforms (like amplitude.com), may suggest that installed software is collecting data on your system, potentially for tracking or surveillance purposes.

Outlines

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Mindmap

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Keywords

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Highlights

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Transcripts

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Browse More Related Video

Basics of IP Addressing

How To Access Your Localhost Website Running With XAMPP From Another Devices (Like Android Phone)

Network Troubleshooting using PING, TRACERT, IPCONFIG, NSLOOKUP COMMANDS

How to Transfer Data between Mobile & Computer Wirelessly without any Software on PC | Android 🛜 PC

TUTORIAL PERINTAH DASAR DI DEBIAN

A Practical Guide To Website Page Layouts (1/3)

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Related Tags
DNS MonitoringNetwork SecurityWindows ToolsTelemetryZero TrustPrivacy AwarenessCybersecuritySystem MonitoringTelemetry TrackingSoftware InsightsRansomware Protection