/nsg/ - Netsec General

resurrected from >>58593563

File: .jpg (17KB, 254x338px) Image search: [Google]

17KB, 254x338px

what is my database database missing?

File: 1466301541948.jpg (133KB, 1024x640px) Image search: [Google]

133KB, 1024x640px

>>58599531
Hello, I've got an Intel Centrino 6300 Ultimate and I'd like to use aircrack-ng with it. Which patch would I need for injection with aireplay-ng? http://patches.aircrack-ng.org/

>>58600158
Where to get the LinkedIn db?

>>58600230
google "site:thecthulhu.com "linkedin data dump"

you can get most of pic related from thecthulhu.com, except the patreon one

How good are jobs in netsec?
Both pay and "fun".
Currently going for my masters, and I don't wanna become a programming drone.

Anyone else going to the cisco security conference in toronto

feb 9th.

>>58601196
netsec jobs will make your hair turn grey before you're 30. super stressful. always on the defensive, trying to defend against things like zero days you didn't even know were possible.

>>58599531
>tfw no botnet

I hope you guys don't mind me asking real quick:

/g/ doesn't think the "election hacks" were actually organized by russia/putin, right? As I recall, Podesta fell for a phishing attack that a motivated high schooler could have set up.

Or am I falling for some double-think here?

>>58604123
>As I recall, Podesta fell for a phishing attack that a motivated high schooler could have set up.
yeah, the "hack" wasn't even a hack, Podesta literally gave away the password through the phishing attack
even if Russia did orchestrate it, it could have been done by anyone with a little bit of knowledge about hillary's campaign and social engineering

>>58604123
After reading through the report it was a a 6 year long targeting phishing campaign so not something a motivated high school kid could do could do unless he started in middle school. So more then likely it was some sort of state sponsored attack but there isn't any giant glowing neon sign in pointing to Russia being that state although they are definitely high on the list of people who would do it.

These threads will never do well...

>>58604844

I like these threads tho

>>58604844
OP here, I'll just keep making them for a while until I get bored, there's been some decent discussion yesterday. I realize it's not the most popular kind of thread though.

>>58601196
expect it to be very hard to get a job out of college you most likely going to need years of experience doing normal network maintenance

>>58605345
i find the main problem with these threads is that /g/ in general is severely under experienced and uneducated on security topics in general most of the time when you see a security topic pop up it turns into a philosophical/political debate and everyone is on their high horses rather than discussing the technical aspects of what happened

>>58605468
The one time /g/ is like the general population. Security is so fucking important, yet not even all Universities teaching CS have mandatory cryptography/netsec courses.

>>58605517
i understand why a university would not teach cryptography since is it far more math intensive and is almost mandatory to major in math but i thought by now network security would at bare minimum be offered

>>58605575
It's not that math intensive. If you get modular arithmetic you have a lot of ground covered already. Throw in some basic group theory and you'll be able to understand most block ciphers and some asymmetric encryption standards. Elliptic curves and shit are higher level though, I give you that. But I agree with you, at least some netsec training, ffs.

>>58599531
add these to the op
https://isc.sans.edu/
https://www.schneier.com/
https://www.youtube.com/user/BlackHatOfficialYT
https://www.youtube.com/user/DEFCONConference

>>58605662
Noted, thanks!

>>58605626
right now it is not too math intensive but i believe learning more would help improve what we have already also you are going to have to learn some basic statistic for cracking ciphers

>>58605693
Right, forgot about differential cryptanalysis. The necessary statistics knowledge was kinda taught along the way in my course at least.

what if we ran a ctf?
https://www.strawpoll.me/12173169

or do a the over the wire wars games race?
http://overthewire.org/wargames/
http://www.strawpoll.me/12173197

>this isn't in the OP
>https://ssd.eff.org/en
Just shoot yourselves

>>58605727
also do not forget linguistics of English and foreign languages

>>58605809
Gonna add those links/polls to the next OP as well, thanks!

>>58605816
Consider me dead

>>58605816
that information is dated but is not a bad start

Here is more

opensecuritytraining.info
Beginners.re

>>58601196
I love my work and the pay is great. Do something so you stand out from the other applications. Example: Get OSCP.

>>58600213
if someone drew them with a 328-PU i would immediately nut in my trousers

>>58606074
Your mother is dated and bad

>>58599531

Gentoomen... I have a question.

If you knew your computer had been compromised with Stuxnet style malware, how would you go about retrieving your data without infecting a clean computer?

I assume, the malware is loaded into memory at boot, and infects any storage device that's plugged in?

Would if have the ability to write itself to firmware of USB drives, harddisks, DVD drives? Or, is this impossible?

>>58606592
AFAIK "Stuxnet-style malware" is Windows-only, so if you have physical access to the machine, you can simply load up any non-Windows OS and recover your data (carefully).

As long as you don't boot into Windows, you should be fine.

I am new to /g/, about 3-4 month I've been lurking (on imageboards since 2009 though, always was fond of tech-themed boards).
I've first seen /nsg/ just yesterday, and today's thread is way better than those I've looked up in warosu/g catalogue, thanks guys.

>>58605809
So, if you're going to do netsec games, may a beginner fit for a team (these are done in teams, right)? I have just over a month of python experience and am familiar with all the tech buzzwords cause buzzwords were my only interest on chans due to my dedication to not-tech-related degree.
Well, I had been running Ubuntu on laptop for several years and have 1 year experience of Arch desktop back in 2011.

certcollection forum has some things umight be interested in

>>58599531
[email protected]
op email me so we can talk and improve this thread anyone else wants to help is open to email me here too

>>58607025
ctf can be done in a team but most of the over the wire games are for single people but they are very beginner friendly like offering recommend reading material to solve each problem

>>58607473
i fucked up [email protected]

You guys got any ideas for things a cyber security club can do besides CTF competitions and practicing for CTF competitions?

>>58607991
basic cryptography challenges and maybe after some time to build trust auditing each others system

>>58607991
also auditing software someone has wrote kind of along the lines of a bug bounty

>>58608060
I'd be wary of letting people run audits on personal computers but setting up some host machines we practice exploits on to be audited would be a neat idea and cryptography challenges sound like a great idea that I feel stupid for not thinking of thank you.

>>58608284
yes running audits on personal computers can lead to terrible things but what about running vms?

>>58608284
we can run cyber war game which is basically a ctf but with a defending team but the defensive team does no have prior knowledge of what they are defending

Please set up an IRC or xmpp for cyber warfare game, I want to discuss and participate.

No discord bullshit.

>>58600158
The some thousand dbs you don't have that you can get with just a little basic hunting.