/nsg/ - Netsec General

File: paraslinkedin.png (162KB, 707x817px) Image search: [Google]

162KB, 707x817px

bump
also anna-senpai is a pajeet

how to gdb

any netsec news sites to follow? something a professional would read, not pseudo-intellectual garbage with abstract news

>>58590221
>pajeet
>weeaboo
>"OG_Richard_Stallman"
/g/tard?

Newbie confusion here, if I use PIA does this mean I don't have to use things like I2P?

>>58591438
https://krebsonsecurity.com/
https://isc.sans.edu/
https://www.schneier.com/

i recommend to everyone to either buy of make a network tap and have a raspberry pi connected to the tap running security onion

>>58592269
Thank you for the resource links

been thinking about making an ntap like this for monitoring LAN for any abnormalities

What applications would you use it for?

Essential reads on network pentesting and available tools?

Inb4 kalilinux man pages for every package.

>>58592302
make sure the network tap goes between your modem and router and run security onion. security onion is ubuntu prepackaged with snoot snort and other firewall and network security software. the plus side to security onion is that it pre configures many of the tools for you so you do not have to spend extra time setting it up. if you do not want to run ubuntu then download security onion boot it up in a vm and look at the configs of software you want and copy and paste where is needed

>>58592360
kali linux is alright but you would be better of running what every OS you like and install what ever tools are necessary also do not assume there will be a tool for everything you are going to have to write your own tool from time to time if you are serious about this

>>58592395
Well, writing whatever I'd ever need is definitely out of the definition of "essential reads", even though I do not disregard it.

>>58592367
>security onion is ubuntu prepackaged with snoot snort and other firewall and network security software
I was just going to preassemble the utils I need onto my BBB. I don't think there is much difference besides the extra time I have to spend configuring them.

I doubt sec onion has an OS image for the BBB but I prefer it over the rasp pi for some reasons.

Forgive these amateur questions but do you need a physical piece of hardware between the modem and router or would a properly configured VM do?

I'm willing to read if there is a resource. You don't have to spoonfeed

>>58592422
it common sense learn to code pick a language and find a book and read as far as other essential reading goes it depends on what kind of pen testing you want to focus on for the time being like cryptography networks ids ect

>>58592452
i was suggesting security onion because it is very user friendly but since you need a specific image just run what ever OS you like and install the software even though you may not run security onion you should still look at since it provides a list of useful tool to use and you do not need another piece of hardware i just suggest the pi since most people do not have another ethernet port to spare but you can run any OS

>>58592480
From basics and common vulnerabilities to... Sky is the limit, finding a universal algorithm to break RSA is not in foreseeable future, but let's stick to the basics.

And, well, you actually know of such books or just spilling "common sense"?

>>58592541
i personally have my old ps3 connected to my network tap while it is running gentoo

>>58592541
>hardware i just suggest the pi since most people do not have another ethernet port to spare but you can run any OS
makes sense, thank you
I can probably just get by with running sec onion on a machine with a multiport nic to make it easy

However in the future I would like to have a small display connected to a physical device that can feed a summary of network stats

>>58592587
that is a great idea i want to say almost all the tool have extensive log files and you could have simple bash script either email the current list to you

>>58592699
>that is a great idea i want to say almost all the tool have extensive log files and you could have
yup, that's what I was planning. Forward log files to email based on event triggers. Have a small screen that shows current network stats connected to a BBB / Rpi.

I will try to publish my steps and share them in this general when I get to work on the project.

>>58592735
Looking forward to it!

>>58592547
think of something you like or have an interest in and google the ever living shit out of it if you want to crack cryptography then learn cryptography if you want to break a website learn about how they are built if you want to create a bot net learn how to write bots to become a pen tester you need to pick an area to specialize in then you will know how to break it

if you want this in simpler terms pick something to learn become and expert at it and then you have the knowledge on how to hack it

>>58590026
if you are a complete noob i recommend this http://overthewire.org/

>>58592842
this is the best advice for learning anything really
don't waste your time with trying to absorb a large blanket of formal knowledge

start poking around your interest and learn as you go. Your mind will label everything and you don't need to waste time translating pointless academia complications into the relatively simple concepts they represent.

It's really easy to learn academic buzzwords and domain specific concepts once you have personal mental knowledge of how they work.

Just wanted to share this since the other poster seems to view learning in a similar light

File: Automate-the-Boring-Stuff-with-Python.jpg (48KB, 378x499px) Image search: [Google]

48KB, 378x499px

>>58592842
>>58593083

Literally what I am doing now.
But in case of studying porgramming or cryptography there's a tonn of classic acadmic books.
And when you google "how to write bots" or simply "pentesting", you get reddit-tier guides for beginners.

And I am very familiar with buzzwords, but buzzwords achieve nothing, yet they preceed "something".
I like all the Talmud academia stuff and I want some good books to git gud.

Also, this a book that comes up from googling, but is about "routine stuff automation"-bot instead of "remote daemon"-bot. Or worse, MMORPG forums discussing "gold mining"-bots.

>>58593133
writing bots is going to require programming knowledge also with basic a.i. knowledge you need to slave learn how to read and irc chat for command and what do when it revives an order you need to learn how to host a bot head you need to learn how to automate scanning and breaking into other systems

>>58593285
essentially you have to learn how to automate an attack so that book is a good starting point if this is the route you choose

File: image.jpg (5KB, 300x57px) Image search: [Google]

5KB, 300x57px

>>58593285
Are you Chinese, Indian, Russian or high/drunk by any chance?

Well, regarding irc-control - neat, had no idea slaves may be controlled through irc.

>>58593336
lol i am none of those i just a random anon who enjoys security i have been apart of the community for a while now so you pick some shit up

>>58593336
to elaborate further on how they are controlled though irc within irc clients there is often a function where you can execute command on the machine remotely