Thread replies: 312
Thread images: 36
Thread images: 36
Anonymous
/cyb/ + /sec/: Cyberpunk and Cybersecurity General: 2017-07-14 02:35:49 Post No. 61364245
[Report] Image search: [Google]
/cyb/ + /sec/: Cyberpunk and Cybersecurity General: 2017-07-14 02:35:49 Post No. 61364245
[Report] Image search: [Google]
File: Mariusz_Szulc_-_Rain.jpg (1MB, 686x1200px) Image search:
[Google]
1MB, 686x1200px
/cyb/ + /sec/: Cyberpunk and Cybersecurity General:
Anonymous
2017-07-14 02:35:49
Post No. 61364245
[Report]
/Cyb/er/sec/urity general is for the discussion of anything and everything related to cyberpunk and cybersecurity.
What is cyberpunk?
>https://pastebin.com/jS37Vu7A
Nothing to hide? - The importance of a cyberpunk mindset applied to a cybersecurity skillset.
>https://youtu.be/pcSlowAhvUk
Resources:
Cyberpunk:
Cyberpunk directory:
>https://pastebin.com/9JaJFqB2
Cyberpunk resources:
>https://pastebin.com/7DWCsAc8
Cybersecurity:
Cybersecurity essentials:
>https://pastebin.com/JWx5xeEM
Cybersecurity resources:
>https://pastebin.com/NaUPUDF0
Harden your OS, reroute your DNS and fire up the VPN!
Shit just got real: - Looking for more resources, help is welcomed.
>https://pastebin.com/JXyM4fTe
The Old Skool: - Looking for more resources, help is welcomed.
>0ld 5k00l h4ck3rz: http://67.225.133.110/~gbpprorg/#40
IRC:
Join: irc://irc.rizon.net:6697
>#/g/punk - Requires SSL
>#/g/sec - Requires SSL
IRC guide:
>https://pastebin.com/YDbEWRHV
Thread archive:
>https://archive.rebeccablacktech.com/g/search/subject/cyb/
>https://archive.rebeccablacktech.com/g/search/subject/sec/
>https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/
Thread backup:
>https://www.cyberpunked.org/
Previous thread:
>>61330215
Suggestions for new resources are welcome.
The Gentoomen /sec/ community is looking for CTF team members, contact them at the IRC channel.
OP message:
Have a good time and enjoy yourselves.
I'll also be adding any resources I missed from the last thread, during this thread.
So make sure to keep an eye on the OP for new content, thanks to community efforts.
>>
https://www.youtube.com/watch?v=YIvIItsd9Ok
>>
File: Donato_Giancola_-_01.jpg (158KB, 562x872px) Image search:
[Google]
158KB, 562x872px
>>61364316
Very thematic, I like it!
>>
What is the best cryptocurrency for anonymity?
>>
>>61364721
Monero (XMR)
>>
Going to dump this on my jumpbox, wondering if it's possible to instead use 42?
http://hackaday.com/2017/07/08/dropping-zip-bombs-on-vulnerability-scanners/
>>
Hello, /cyb/ + /sec/, I would like to know if it is possible to run a 24/7 solar powered rpi email server. Included with it is a battery of course. Reccomend any battery packs for ez set up or just doing it on my own?
>>
>>61364924
Holy shit dude
I too was thinking of something similar.
I was advised to be very careful about what sort of batter pack to use, as pis are very prone to damage from over volts
>>
File: 20170713_215929.jpg (188KB, 1600x900px) Image search:
[Google]
188KB, 1600x900px
>>61364245
This new thread needs some libreboot
>>
>>61364947
im thinking of recycling some old laptop batteries (testing to see how many volts and just they got in em first), then, purchase a small enclosure rather than just a long bit of metal to connect the cells all at once, soder a solar panel on to the case of the pi and the battery pack below it, soder the battery pack to a board with a usb female port slot, then thats it. not sure if plan would work or not with my skill in electronics but i have some ideas on the schematics.
>>
>>61364827
I thought so.
>>
>>61365152
I got a bunch of computers at work mining monero. Getting about 2 coins a month for free
>>
>>61365195
how much monero do you think you get per week? or how many computers are mining?
>>
>>61365297
4 machines running xmr-cpu-stak. I'm getting about .3 or .4 a week
>>
>>61363971
Anon >>61364204 mentioned Automate the Boring Stuff; Automate is a much better book (there is also a video series) for actually learning Python...Violent Python, Blackhat Python are great for giving you ideas to work off (like templates almost) and showing you what is possible (especially with different libraries, which I think is a strong suit for Python).
The Jessica Mckellar videos are pretty awesome for learning basic Python as well.
Personally I use Python a ton at work and play; it has almost become a crutch where I should be improving my C programming (though I am by no means anything near a good programmer).
>>
>>61365768
aww fuck I missed that guys post, was hidden by the announcement of a new thread.
I seem to prefer books, I don't really soak shit in with videos or lectures. Not sure why
>>
So what /sec/ tv shows exist?
>>
>>61366213
Obviously other than mr robot
>>
>>61364166
Not maderas, but here is his advice for someone starting out:
https://0x00sec.org/t/shared-thoughts-after-6-years-in-pentesting/2492/10
Specifically:
>When I got really serious about developing my skills, I developed a training regimen of at minimum, 4-8 hours of study/research/practical training a day, at least 6 days a week (I did this with a full time job working between 40-60 hours a week) .
The best way to learn is to do; when I was pushing forward with my development, there were a (slowly) increasing number of (a few) vendor bounty programs (now called a bug bounty).
Google had been doing so for awhile at that point. They were offering bounties and allowing most (it may have been all)of there domains to fall within scope.
(Note: In the present, Yahoo's bug bounty program has all of their domains within scope, including acquisitions.)
I took full advantage of these real world opportunities; I didn't even bother to graduate past the enumeration phase for months.
Attacking/enumerating applications like DVWA , Windows/Linux/Unix VMs, or any of the Metasploitables are good practice.
However, I would probably join BugCrowd, find a program/customer where attacks on most (if not all) of their domains are within scope, and begin/conduct your live training that way.
This method has multiple advantages, not the least of which being that you will develop more current, real world skills . This will also make your research/study more efficient as you will invariably gear some portion of your training by experiences you have against live hosts.
>>
>>61366641
I messed up the greentext, but you'll get the point.
>>
>>61366641
I need to break it into smaller chunks I think. The whole thing is so dense I can't process it all. I've read it a few times and have somehow missed that entire bounty section
>>
>>61366950
Perhaps you were reading the OP, whilst I quoted one of his comments in the thread.
>>
>>61364924
>>61364947
Should be possible.
For safe power management you might want to look over Adafruit, if not to buy then at least see how it is done.
>>
>>61366641
I'm glad people are finding something of merit in my shared experiences.
I'm thinking of live posting screenshots/webms/gifs in one of these generals while I pentest a live network.
That way, if anons have questions I can answer them or they can at least follow along...also, I will likely learn something from the comments and questions.
.
I am just working out the logistics of it all.
>>
>>61368089
Damn, that's a great idea. It'd be quite the experience for me (and I assume most other regulars in this thread) to see the real deal at work. Please do so, if you can.
>>
Shit >>61364166 I missed part of your question...
CTF's are definitely worth doing. Any live practice is good practice. Some live practice is better than others.
As anon stated, bug bounty's are a great training ground. Many have a large enough scope that you can get some great practice attacking/enumerating web apps and network targets.
And you neer know what you will find if you dig deep enough. My company no longer allows me to freelance, or I'd still be at it.
>>
>>61364245
>https://pastebin.com/7DWCsAc8
This links to more links, including
>http://fritzfreiheit.com/wiki/Cyberpunk_%28genre%29
>http://www.kheper.net/topics/cyberpunk/links.htm
Both are dead.
>>
Alphabay (which was down for awhile, with many yelling exit scam) was raided...reports state that one of the administrators past or present (there is some argument within that market's community) committed seppuku in their cell in Thailand.
https://arstechnica.com/tech-policy/2017/07/report-alphabay-notorious-dark-web-drug-website-shuttered-by-feds/
>>
>>61368379
>On Wednesday, Cazes was found dead, hanged in his Thai jail cell.
Since he had Canadian citizenship couldn't he have asked for prison sentence in Canada? Or is that not how it works.
Maybe the sudoku in cell was just a play from the feds to hide that they killed him in the raid or something.
Also what is going to be done with the BTC that alphabay had? Any word on that?
>>
>>61367037
Oh fuck.... I haven't drilled into the comments?!
>>61368089
I'd fucking love that.
>>61368168
Ha nice. This is like being told I can play games and get smarter. I genuinely find war games enjoyable.
>>
>>61368441
He was living in Thailand for 8 or so years, so I am not sure...Thailand is pretty serious with it's drug laws though, and prison there is nototrious for being a pretty terrible place.
As for the Feds, I put nothing past them. The degree of fuckery that seems to go on out of direct sight of the public points at anything being possible.
Some of the BTC could end up in some corrupt fed's wallets like what happened with Silk Road...Ulbricht's OPSec fuck ups aside,much of what happened with that investigation and trial was a shit show...I don't expect this latest development to be any different.
>>
>>61364245
How about some links to .mil related stuff such as electronic warfare lexicon?
https://pastebin.com/u/sadieq54
>>
>>61368715
I'll add the resource soon, I'm busy right now.
Thank you though.
>>
File: 19894881_1106681599465875_1631402250994599996_n.jpg (61KB, 960x902px) Image search:
[Google]
61KB, 960x902px
What languages should I learn to pen test / secure my shit as much as humanly possible by myself?
I'm learning Assembly and C as are, but I assume other languages can provide the same utility with a better library when it comes to hacking/security
>>
>>61368846
I never fought the end. Went away on a school camp for a week and came back to him dying of old age when I turned it on next
>>
I just want a good, affordable VPN. My ISP is on my ass because my idiot roommate can't into torrenting. He's using pirate Bay ffs.
>>
>>61364924
See the instructable below.
What's the use case? Dead drop? Then you wouldn't strictly need a mail server, just a web server with DAV. Also, how would you network it? A wireless network interface will eat up a lot of power and a wired interface would be a bit obvious, so I probably wouldn't use an rpi for that use case, maybe an ESP32 or an Orange Pi Zero?
>>61365000
Building Li+ packs is not for the noob. You need to match batteries that go into a pack, especially if you plan on leaving them unattended, so that you don't set the building on fire.
Consider something like this instead: https://www.instructables.com/id/Solar-Powered-Raspberry-Pi/
>>
>>61368846
Python or/and Perl, LISP for complex systems.
>>
>>61369041
Where do you live? In France I think they just don't give fuck about us torrenting. I'vebeen doing this for YEARS and just received a warning letter that I ignored and never heard of them again. Hadopi is such a fucking joke.
>>
>>61368543
>prison there is nototrious for being a pretty terrible place
Yeah that's why I asked about extraditation.
Do you know if any other market has gone big yet?
>>
Anyone heard of this back door before?
>Navigation Warfare
http://www.defensemedianetwork.com/stories/navigation-warfare/
>The JLOC software is built into the terrorists’ GPS receivers. When the terrorists turned on their GPS receivers to test their jammers, they unwittingly broadcast a digital message to the Global Hawk, saying “GPS jammers present.” The receivers also provided the exact location where those jamming transmitters are located.
This implies a radio transmitter is hidden in GPS receivers. That is a gigantic backdoor. Article is from 2010 and I am still surprised.
>Every element of this imaginary attack scenario has already actually occurred in Iraq and other locations. It illustrates the importance adversaries place on jamming GPS and the major efforts under way to counter that jamming.
>>
Post youtube channel or websites that you love anons.
N.O.D.E - https://www.youtube.com/channel/UCvrLvII5oxSWEMEkszrxXEA
The guy has interesting projects with raspberry pi and other stuff. Lots of 3D printed things
https://eater.net/
He built an 8-bits computer from scratch documenting the whole thing. It's pretty good and he's still posting update and progress.
>>
>>61369596
I don't like to throw any names around (if you are in this general, you'll probably find them easy enough anyway).
There are a couple that started filling in the void as soon as AB went dark. (as always, the vacuum will be filled)
The way things generally go with federal hidden service ops, I wouldn't be surprised if the others are under really close federal scrutiny now.
The majority of their operation is probably already through since there is this kind of coverage occurring now.
I'll be interested to find out where the chain of OPsec broke(or if their is some bullshit miracle discover y like what happened and was ignored in the Silk Road case)....there is already a supposed snitch who was a vendor on AB being thrown to the mob.
Where Feds are concerned though, there is no telling what is misdirection.
>>
>>61369041
PIA has been good to me.
I don't know if being US based is a problem for you but they have lots of servers and are cheap.
>>
>>61370075
Good stuff.
>>
>>61365768
I am gradually picking up Python and am looking for a compiled language to learn. Is rust a good language to learn (bug-hunting/exploit engineering)? Is it superior to C/C++ for this purpose? Is there an alternative language, the learning of which would force me to have good habits in other languages?
>>
currently using codecademy to learn python, would you anon's say this is an okay source to learn python?
>>
>>61372074
Shouldn't you ask on another thread like /dpt/ or something?
>>61372030
>rust
Isn't rust just a meme language promoted by SJWs that can't into programming?
Go with C or C++.
>>
thoughts on ProtonVPN?
>>
>>61372279
I got it, very comfy. Secure core and VPN to tor are excellent features, and it works flawlessly in GNU/Linux
>>
>>61372279
Yeah, was going to ask about this. It seems like it's a new service, I'm gonna pick up a monthly subscription just to see what's up.
>>
>>61372414
The VPN service is new but it was available to visionary members the past year through protonmail accounts.
>>
>>61372478
I see. Well, I'll go on using it and see if it's worthy the yearly upgrade.
>>
hey guys, I've been organizing my space and I've been planning to make it cyber punk, what ideas do you guys have to make it comfy yet cyberpunk? for example, other than RGB lights, bamboo lamp shades and hanging them around my main shnazzy pc, or having a comfy space with a futon with built in charger or anything of use. any ideas?
>>
>>61372829
Cyberpunk is a lifestyle and philosophy, not an interior design option
>>
>>61372944
don't be like that anon, some of us like how cyberpunk looks and are still actively involved in it, dont take it as an insult. I DO like cyberpunk media, literature, and etc.. i just want my space to resemble that of the media.
>>
>>61372944
Technically speaking, as per my understanding, that would be Cypherpunk.
>>
File: 766fe1cf5c093dce5062d15595501281.jpg (723KB, 3264x2448px) Image search:
[Google]
723KB, 3264x2448px
>>61372829
Lots of monitors, workbench, tools lying about, maybe a server or two, tech everywhere.
Dank method: google image search cyberpunk rooms - lots of great stuff there for inspiration!
>>
>>61373013
I'm just giving you a hard time, do what is comfy for you
>>
>>61373080
>>61373089
thanks for the ideas anon, gonna try some styles out.
>>
File: cybroom1.jpg (81KB, 1000x472px) Image search:
[Google]
81KB, 1000x472px
>>61373113
Post pictures of your room if you have them, I am sure we can give you some specific tips then.
>>
File: cybroom2.jpg (84KB, 561x830px) Image search:
[Google]
84KB, 561x830px
Gonna post a couple more room pics
>>
File: cybroom3.jpg (65KB, 564x813px) Image search:
[Google]
65KB, 564x813px
One of my favorites
>>
File: cybroom4.jpg (73KB, 680x355px) Image search:
[Google]
73KB, 680x355px
>>
File: cybroom5.jpg (76KB, 680x439px) Image search:
[Google]
76KB, 680x439px
Last one (I need to to sort my files..)
And a little link to various cyberpunk pictures
http://imgur.com/a/QCNjt
>>
File: 1440948677600.gif (463KB, 300x188px) Image search:
[Google]
463KB, 300x188px
>>61364245
These threads are worse than the desktop/neofetch cancer
>>
File: 1488949037526.jpg (16KB, 360x360px) Image search:
[Google]
16KB, 360x360px
>>61373342
Only because you don't understand them.
>>
>>61373217
gonna take a sec, arch isnt reading my sd card.
>>
File: Optimized-DSC_0053.jpg (1MB, 1620x1080px) Image search:
[Google]
1MB, 1620x1080px
>>61373616
>>61373217
bit of a poorfag, replacing the sheets rn so dont ask about that, cleaning and organizing room so i thought i could renovate it a bit. gonna pick up junk tomorrow since tomorrow is large trash day so i can kinda use the PC's and furniture people are just gonna throw away. excuse the broom
>>
>>61372074
Do you know how to code already? I yes then just try to do stuff on your own using the python's doc. Like a 4chan scrapper using the API or a proxy grabber from a proxy list website.
>>61372279
Why are people paying for VPN? Just rent a VPS and setup your own VPN, you'll pay less and know what's happening and make sure it's no-log.
Also, no one gave links for >>61370075
Feels bad man
>>
>>61373679
>make sure its no log
logs dont matter if you're the only one using it dummy
>>
>>61373739
>imblying the VPN owner won't give up the log if paid enough or asked by the police.
>>
>>61373749
>implying implications
literally what
with a vps your host can still see everything you do, they're a lot more likely to comply as they have a hell of a lot less to lose than a privacy-focused vpn provider
also, no, because then they lose any customer that cares about logging by showing they keep logs and comply
fuck off retard, vps is in no way safer than a vpn service.
>>
>>61373673
There is potential, and good thing your are sorting yourself out.
Anyways, change the curtains to something more modern and sleek.
Also, the left corner from the windows would make a nice place for a workbench, put some lamp on the ceiling there.
I like having my desk directly at a window, but I don't know how much room you have. If it's enough, you could put a huge desk from wall to wall.
>>
>>61373837
whatever dude
>>
>>61373853
I'd say its large enough to fit an L desk, also planning to pick up a cable modem so i can get faster speeds.
>>
>>61373679
>make sure it's no-log.
You have no possible way of knowing this other than taking the provider's word for it.
>>
>>61373874
just fuck off already
so what?
dont rely solely on a vpn
>>
>>61365768
>>61366641
maderas, in that comment in the 0x00sec thread you mentioned your training regimen, how was that structured?
>>
>>61373929
Still doesn't help you unless you're absolutely certain the machine you're connecting to hasn't been compromised which isn't possible either unless you have physical control of it at all times.
The internet was not designed to be anonymous. At best you're building on shifting sands.
>>
=== /cyb/ and /sec/ News
Privacy is pretty much gone, some places more than others:
>Biometrics catches violent fugitive 25 years on the run
https://arstechnica.com/tech-policy/2017/07/biometrics-catches-violent-fugitive-25-years-on-the-run/
>"Nelson applied for a renewal of his Nevada identification card on June 5, 2017. Investigators withheld the card after the DMV's facial-recognition system showed the same person had previously held a Nevada driver's license in the name of Craig James Pautler," Nevada DMV officials said.
>>
>>61374092
why is precisely why you shouldnt rely on a single point of failure
>>
what tools do y'all use when hunting down malicious links? For analysing phish links do y'all use something like phishkithunter or just a cursory glance at the DOM and wireshark?
For possible malware links is something like REmnux more advised or is it better to just send the link straight on to VT or Hybrid Analysis?
>>
>>61373679
>Why are people paying for VPN? Just rent a VPS
because I want multiple servers
>>
>>61364245
How are cybersecurity and cyberpunk related?
>>
>>61374766
the cyber
>>
File: Yamato_1_from_the_front.jpg (3MB, 3072x2304px) Image search:
[Google]
3MB, 3072x2304px
>>61372829
Quoth WmG:
>I put the shotgun in an Adidas bag and padded it out with four pairs of tennis socks, not
>my style at all, but that was what I was aiming for: If they think you’re crude, go technical; if
>they think you’re technical, go crude. I’m a very technical boy. So I decided to get as crude as
>possible. These days, though, you have to be pretty technical before you can even aspire to
>crudeness. I’d had to turn both those twelve-gauge shells from brass stock, on the lathe, and then
>load them myself; I’d had to dig up an old microfiche with instructions for hand-loading
>cartridges; I’d had to build a lever-action press to seat the primers – all very tricky. But I knew
>they’d work.
So don't make it *look* /cyb/. In a world where green ascii on black background monitor will raise suspicions you should rather add potted plants.Put your servers and workstations in a separate partition which is hidden and locked. Self destruct charges are optional extras but UPS are not. Use noise damping and just bring cables to your work bench. No cables on the floor, everything squeaky clean and tidy so your Roomba can amble freely around. Clean bench, oh yes and with those potted plants.
I connect air intake through filters into my servers and use the exit air to maintain fresh air in the house.
Maintain proper humidity to avoid ESD. An aquarium will do. It also lends you an air of respectability. Crazy people don't have aquarium or potted plants.
Since /cyb/ is also about functionality your personal server room should be functional. A separate backup is needed. Avoid wireless nets - that just invites snooping and activity monitoring.
Most of the pictures look stylish and cool but are messy, impractical in case of evac and screams suspiciousness.
>>
>>61374766
Read the Sprawl Trilogy.
Watch Johnny Mnemonic and the Matrix trilogy.
Then you will see it.
>>
>>61374848
So basically just because the fiction genre often features hackers they get in the same general as "real" hackers?
That's like merging /mlp/ and /an/ because ponies are animals too
>>
>>61374766
they're not, but the people interested in one are often interested in the other, so both subjects were combined to one thread so that it would actually survive (so far it's working)
>>
>>61374893
ok seems reasonable thanks
>>
Not to mention that we are living in a cyberpunk reality (knorr: 2011) and cybersecurity is a fundamental part of this societal discourse.
>>
Any of you want to share /cyb/ related radios? Maybe you know of any /sec/ related too with talks? Please no podcasts. Here's my current list, you can save it as .m3u:http://cyberadio.pw:8000/stream
http://tni.technology:8000/tni
http://lainon.life:8000/cyberia.ogg
http://privat.is-by.us:8000/necta192.mp3
http://lainon.life:8000/everything.ogg
http://listen.radionomy.com/drive
http://lainon.life:8000/cafe.ogg
http://lainon.life:8000/swing.ogg
>>
>>61375001
Maybe someone should write up a list of good defcon and C3 talks?
First one that comes to mind is https://www.youtube.com/watch?v=J1q4Ir2J8P8
>>
>>61374881
>So basically just because
No.
It is because /cyb/ is both about these things as well as a huge source of inspiration about these things.
Also, if you see a dozen threads back or so, you will see that the /cyb/ and /sec/ threads when separate didn't last that long, usually going out of steam before reaching 100 posts. So since there are commonalities it was tested to see how it would work out and so far we routinely pass 300, have plenty of good discussions with the only noise being people asking why these two should be married.
>>
Anybody use OSSEC?
>>
>>61364721
Monero or Verge
>>
>>61375304
Isn't Verge the more private of the two?
>>
>>61375658
Monero is by far the best one to use. Verge is just a meme.
>>
>>61375682
It looks perfect for money laundering.
I wonder how long until governments and corporations attempt to outlaw it?
>>
File: 1483586821177.gif (422KB, 512x512px) Image search:
[Google]
422KB, 512x512px
>>61369188
Cheers mate
>>61373290
>>61373279
Is there a larger version of these? They'd make baller desktops
>>
File: 10b95b2a46078a4771283995b2464fc6.jpg (179KB, 1600x656px) Image search:
[Google]
179KB, 1600x656px
>>61376631
I don't have them in bigger resolution, but they are both by the Artist Matt Tkocz, so you might be lucky there
http://mattmatters.artstation.com/
>>
>>61376741
Thank you.
>>
>>61373673
Update on the situation:
going to go out in my neighborhood on my bike, gonna zip tie one of those grocery milk crates to my bike to pick up good things people just throw out, Ex: old desktops, slightly used furniture, sports equipment, desks, old office chairs, etc... gonna use one of the old desktops for a server if i can find one, or just sell it or trade it for stuff on craigslist.
>>
>>61377376
Also keep an eye out for general electronics. Some of the parts can be salvaged for different uses or even just learning.
But please don't become a hoarder. Keep your room neat, don't just leave electronics or stuff lying about just because. Actually use it.
One thing you could consider however, if you get out of poorfag mode or find a group of likeminded people, is to create a hackerspace. (not a meme "look at muh led's" one though)
>>
>>61377507
could you elaborate on hackerspace? not meant to be taken offensively.
>>
>>61377523
I'm gonna copy the wiki description real quick:
A hackerspace (also referred to as a hacklab, makerspace or hackspace) is a community-operated, workspace where people with common interests, often in computers, machining, technology, science, digital art or electronic art, can meet, socialize and collaborate.
Basically any old garage, cellar, basement where you would meet with people and work on hacker related areas. This can of course be much more individual, and doesn't even have to include other people.
>>
>>61373866
>>61373929
are you actually old enough to even fucking post here?
>>
>>61377376
How do you expect to fit any of that in a milk crate?
>>
>>61378748
usually people around my area buy those mini shit pc's, you know, the mini ITX ones.
>>
>>61378780
the ITX is my first desktop, he is now my personnal ftp server, love those tiny pc
>>
>>61378659
im the second guy, what makes you think im underage (im not)
>>
>>61378659
I'm the first guy and yes. I answered with whatever because he's obviously not interested in discussing the subject with me seeing how he insulted me
>>61378780
so what did you find anon? any good stuff?
>>
>>61379062
i insulted you for being fucking retarded
sorry i hurt your feelings bud
there is no fucking way a vps is more private than a paid vpn service, it just means trusting a different company/person, and I know I'd rather go with the one with more to lose by bending the knee.
>>
>>61378780
Oh nice, free is free after all
>>
>>61372279
is their provided program free software or do you just use it with openvpn?
>>
File: 0309-7svse7y.gif (261KB, 500x750px) Image search:
[Google]
261KB, 500x750px
>>
File: 1012-tVY04uv.gif (1MB, 500x809px) Image search:
[Google]
1MB, 500x809px
>>
File: 1244-HJhAgiQ.jpg (280KB, 540x720px) Image search:
[Google]
280KB, 540x720px
>>
>>61373262
comfy
>>
>>61380471
>>61380458
love it
>>
http://gracker.org/
>>
File: 2b556e786aec7a305a6131024fc17c8b--neon-glow-neon-colors.jpg (37KB, 736x1104px) Image search:
[Google]
37KB, 736x1104px
>>
File: 0324-2JM3Th2.jpg (513KB, 581x842px) Image search:
[Google]
513KB, 581x842px
>>
File: 0428-AIfWGjt.jpg (383KB, 900x1637px) Image search:
[Google]
383KB, 900x1637px
>>
>>61380509
Personal website?
>>
scifi belongs to /lit/ and conspiracy theories belong to /x/
goodbye
>>
>>61380529
If it was also raining, this picture would be 200% cyber
>>
>>61379062
sorry that i couldnt respond earlier at that time, firefox was being a little bitch and i had to reinstall it and 4chan X at least two times each. I didnt find anything worth of value other than a mini ITX pc, and a couple of metal tubings that i could sell by the pound for some pocket change. decent find. took about 2 trips for the tubing though.
>>
>>61374014
Mostly with consistency and discipline; the lab I manage has a bunch of domain in a box type deals (salvage) that were actually production environments.
SO I will attack those for hours everyday (or do some OT on a pentest I am working on if it is a remote job).
The difference is here, that I thoroughly research anything I find interesting during the pentest and try new stuff. For instance, PowerDNS was just released, so I will mess around with that, try some things and take my time researching the possibilities.
If I am doing OT though and doing this, I prefer a single target type assignment though (such as a single box, embedded device, etc.). When the network in general is the objective, I have to be way more careful, so there is less room for shenanigans.
I may get lost in the file system of a PDC trying to find new scraps of resources that may save my ass someday, or hit a target that has Modbus with smod.py and try to get a shell by messing the ladder logic.
Ots really just learn and act learn and act till dawn alot of the time. Sometimes though, I will switch it up for some straight knowledge crunching, like reading some books or articles, copying and pasting interesting scripts and bookmarking pages that may be useful someday.
Thats what I was doing till a few minutes ago;then I found out my boss screwed me over on a vuln/exploitation technique on a new product. Dude wouldn't know what to do in a pentest against a Win2000 machine. He co-opted research I was doing in my off time, presented it and had it published behind my back without any mention of me. Fucking class act. Came here to chill and see whats new.
>>
What is /sec/'s opinion on systemd?
>>
This is a comfy thread.
>>
>>61382665
Well to be honest I like being able to do shit like start/enable/stop/restart services and it works well but poettering is fucking dumb and don't like people who criticize his work even when they have valid reasons. He refused to merge pull request that fix security bugs because he consider it "not a bug"™. And so you get endless threads on github with hundreds of users telling him he's wrong but in the and he just lock the thread because of trolls or whatever.
I plan on moving away from systemd but for know I don't have the time and it just works™ (for the most part)
>>
File: 20170715_024231-1-1.jpg (3MB, 2908x1676px) Image search:
[Google]
3MB, 2908x1676px
Is my workspace oudated and filthy enough to be cyberpunk yet?
>>
>>61383490
I thought cyberpunk was all about the newest and greatest tech?
>>
>>61381156
shitposts belong to /trash/
>>
was at a uni class, tutor made everyone stand up, tell them their name and major, like 70% said networks and security(there are 2 other majors available) , what does this mean?
>>
>>61383568
This is why I don't go to university. Too scared in case something like this happens.
>>
File: 1480046449506.jpg (853KB, 2908x1676px) Image search:
[Google]
853KB, 2908x1676px
>>61383490
>evaluates carefully
Almost.
>>61383540
>punk
>about newest and greatest tech
>>
>>61383568
what are the two other majors?
>>
>>61380573
its a wargame, dig in deeper man.
thanks for posting >>61380509, i have no idea what im in for but ill ssh in
>>
File: New-Cybrary-Logo-2016-White-Background-300x191.png (17KB, 300x191px) Image search:
[Google]
17KB, 300x191px
Any thoughts on Cybrary's Microcertifications?
Thinking of getting some while studying for OSCP, basically to put on Linkedin/CV to show I'm active and know the basics at least. They're pretty cheap, and quick, but I'm not sure if they're in any way valuable in the Security industry.
Are they worth it?
>>
>>61383856
software engineering and business IT
>>
>>61383906
at this point, cybrary seems like a giant scam
their entire video library is a whole lot of nothing, they explain the most basic of concepts extremely slowly as if everyone watching is a 15 year old without actually talking about the underlying math
there are plenty of yoututbe channels that explore security in depth and show you the math and the code behind the mechanisms
the cybrary certification is a joke, get an industry standard cert, not that worthless bullshit
>>
>>61384049
Fair enough
I worked through the SQLI course and did notice the shitty, first-take quality of the videos (compared to something like Treehouse, which we had free at work, their ones are pretty polished)
The exam also seemed to be multiple choice rather than practical, which was pretty shit
Any channels you'd recommend instead?
>>
>>61383601
and i don't really blame you. I'm socially adjusted but being forced to interact with virgins and non-whites really pisses me off.
>>
>>61384064
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
https://www.youtube.com/user/shiffman
https://www.youtube.com/channel/UC1usFRN4LCMcfIV7UjHNuQg/videos
https://www.youtube.com/user/intrigano/videos
https://www.youtube.com/channel/UCOuIJHjJChnAVQqDmzlSKtg/videos
https://www.youtube.com/user/tusharroy2525/videos
here's some
>>
>>61383193
yeah, its why i seek em out
>>
>>61383970
well its pretty obvious why they picked networking and sec, if those are the 4 choices on offer innit?
>>
>>61380509
WOWOWOWOWOW im a fucking dipshit
whoda fucking thought copying a file would remove the setuid eh?
that should have taken three minutes, and i spent two hours on it
anyway level 0 done
>>
what the fuck type of shit am i looking at here
/q#q%8\036&4r22$2\036\065)(t\036\061 226q3%
what do i even do with this?
>>
>>61386476
bump, please help me
>>
>>61383540
>I thought cyberpunk was all about the newest and greatest tech?
Nope and newest is not always the greatest. The newest processors are expected to be fully backdoored, older ones are not. I guess even Ethernet interfaces to contain backdoors these days - after all they contain DSPs that do processing and can contain more payload than we know.
Also /cyb/ is not about being ostentatious.
>>
>>61378659
Fucking use dm-crypt you pleb. Using your own VPS is 100% safer than paying to use a service VPN. You're a fucking retard. Best countries to get one are:
Romania
Iceland
Switzerland
Norway
Cuba
Mauritians
Seychelles
If you're not running at least one VPS in two of these countries using ssh tunnels and VPN you're a fucking retard.
>>
>>61384283
Cheers dude
>>
>>61384283
Probably worth putting these in the /sec/ resources pastebin actually
>>
>>61388992
in that case, add these as well
https://www.youtube.com/channel/UCYO_jab_esuFRV4b17AJtAw
https://www.youtube.com/user/danscourses/videos
https://www.youtube.com/user/DEFCONConference/videos
https://www.youtube.com/channel/UC2DjFE7Xf11URZqWBigcVOQ
>>
File: 1431894313873.gif (498KB, 500x357px) Image search:
[Google]
498KB, 500x357px
>>61389089
and
https://www.riscure.com/
https://microcorruption.com/
https://www.securityinnovation.com/
https://www.netacad.com
>>
>>61386892
which providers would you recommend for the non-european countries?
>>
>>61385707
How did you go with level1 anon? It's currently kicking my ass. Surely if the password is being encrypted we have to find it either before it's being encrypted or decrypt the hash? My 0 assembly knowledge is not helping.
I don't know what the correct term for this game is but it's pretty fun.
>>
What is a good way to get into cryptocurrencies?
I don't necessarily want to invest, I just want to know how it works and what the main technologies are.
>>
>>61369188
>LISP for complex systems.
Explain. When is a LISP ever useful?
>>
>>61390542
cryptocurrencies are a combination of different technologies and mathematics
for bitcoin, try this:
http://www.coindesk.com/math-behind-bitcoin/
>>
>>61390884
Thanks, but I was talking about the more practical aspects. I know what bitcoin is but I have no clue of how people use it, I'd like to learn about the cryptocurrencies system in general. How to get them, how they're used, what the different kinds are and how they differ, etc. I haven't been able to find a comprehensive tutorial or resource that works as an introduction to cryptocurrencies.
>>
>>61390970
Cryptocurrencies are that, a currency, people use them to buy stuff. You get them in portals where people exchange them for money.
They mostly differ in the way they're mined, exchanged and their anonimity. You might find some link about them in the pastebin no idea if there's one.
>>
>>61391026
That sounds simple but whenever I go to /biz/ or talk to someone about investing in *coin I'm faced with a lot of technical shit I don't know about. I'll try finding a link I guess.
Aside from bitcoin and ethereum, what are the cryptocurrencies that are worth knowing about?
>>
>>61364245
There's something missing in the OP.
The links provided are full of info, but there's no real indication of what to start with depending on the field of security you're interested in.
Websec doesn't require the same kind of knowledge and skills as netsec or OSsec.
How come no anon has posted a "roadmap" of sorts for beginners?
>>
>>61391169
http://www.cyberdegrees.org/
>>
Vim or Emacs for /cybersec/?
>>
Does anyone use Xephyr as part of a sandbox setup? It all seems to be a shitshow on Linux.
>>
I used to have my backup data for all my data on cloud storage like dropbox. Right now I only maintain non-sensitive data in there. What are you guys data/backup setup. I`d like some ideas since I`m trying to move away from bigBrother data hunger.
>>
>>61391928
Vim.
>>
>>61392102
Why?
>>
>>61392107
Because I like it more.
>>
>>61389366
I know you said non euro but don't discount them. If you get together with some international friends you can setup your own little VPS network.
https://www.icyevolution.com/vps-hosting/
https://www.flokinet.is/en/
https://www.orangewebsite.com/offshore-hosting.php
https://buyvm.net/
>>
File: cyb-windows.png (773KB, 1920x1080px) Image search:
[Google]
773KB, 1920x1080px
how cyb is your windows install?
>>
File: 1492330105831.jpg (99KB, 1280x533px) Image search:
[Google]
99KB, 1280x533px
>>61393369
I've been trying to achieve a setting like pic related (on Debian) for max /cyb/ but I'm not sure how. Ratpoison perhaps
>>
>>61393419
have a script run on log in to open a terminal with the program that allows splitting, then perform what splits you want to have those dimensions and execute the relevant programs you want on them
>>
>>61393419
not much into rolling just a wm, but i could get something like that going with a fullscreen terminal emulator and tmux/screen.
>>
>>61393444
>the program that allows splitting
I'm pretty sure the program running in the pic is emacs though I might be wrong
>script run on log
yeah probably, + a tiling wm
>>61393458
>tmux
Right, thanks
>>
>>61384049
Any youtube channels you'd recommend?
>>
>>61384049
Crap, didn't see your other comment. Thanks for the reccs.
>>
File: 1495396697589.jpg (579KB, 2500x1786px) Image search:
[Google]
579KB, 2500x1786px
>>61393369
Not at all. I go with more cozy themes like pic for my laptop. Its always either used in bed or left on the side to run a discord bot.
Desktop is still microsoft botnet, so not sure how I would there. i want to install qube on it anyways soon but figuring ill wait until I replace some parts.
>>
>>61393692
powershell's way more usable than i thought it was so instead of logging into my laptop (actually, instead of not doing that and instead doing nothing, nowadays) i just program on my desktop. i'm programming a lot more often now. it's got gcc, support for every language i've used so far and all the shell commands i've used so far work. and vim of course
>>
>>61393692
Is qubes really worth it?
What does it have over other security focused oses like hardened gentoo/debian/whatever or even openbsd?
>>
File: 1499052734965.gif (32KB, 400x400px) Image search:
[Google]
32KB, 400x400px
>>61393869
It also has a ubuntu vm built right in too now on 10. Complete enough to set up a GNOME desktop iirc, but besides the point.
also do my coding on windows,but thats more for the comfort of sitting at my desk and because I have no sensitive work currently
>>61393993
Everything is a separate VM, between individual windows to the networking. Makes it really hard to hack into separate parts. Snowden recomends it.
>>
>>61394086
I understand that, but do those features really make it overall more secure than the systems I've mentioned? I recall seeing openbsd ranked second only to openvms for server security at defcon or a similar conference.
>>
How do I get good at reverse engineering?
>study a function for a long time and have no idea what it is doing
>there are people out there who can read assembly code in one pass and understand it immediately
i-is there any hope?
>>
>>61394086
powershell's more convenient to use than ubuntu on windows
>>
>>61394236
>>there are people out there who can read assembly code in one pass and understand it immediately
I'm pretty sure that's not true. If these people exist they're rare as fuck and have years of experience.
>>
>>61394315
How does one git gud?
>>
>>61394368
Practice?
You don't become a reverse engineering wizard without practicing for a long time.
>>
>>61394132
Admittedly im not an expert but from what I know the VMs cant communicate without your input, and mostly cant at all beyond files after giving them permission. Maybe OpenBSM is more secure.
Reason ill go with qube anyways in all likelyhood is that it can run a windows VM well for my vidya and skype (which im stuck on because my L5R/Shadowrun group is on it exclusively)
>>
>>61394377
That makes sense
I am a beginner, and just reversing programs I wrote.
What should I be working on for "maximal experience"? Should I be taking apart malware or large applications or unix utilities or something else?
>>
>>61394368
10,000-hour rule. Basically do it as a full time job for a decade, then you'll be almost pretty good.
>>
>>61394449
10k hour rule was debunked
>>
>>61394454
What's the rule then?
>>
>>61394449
Does that mean all the professional reverse engineers started out when they were in middle school?
>tfw wasted valuable years with shitty videogames
>>
>>61394459
the more time you put into something, the better you'll generally be at it. but that's not as catchy
>>
>>61394449
but how can you reverse as a full time job if you aren't good yet?
>>
>>61394459
Just study, practice is like 4% of being world class according to (((Business Insider)))'s citation for the debunking
>>
>>61394518
>practice is like 4% of being world class
Where are the remaining 96%? Innate talent?
>>
>>61394525
Reading and retention, some talent
Forgot the "for education", for sports and music its like 21-25%
>>
>>61394478
A lot of them did, actually, they were already at least writing code by that time. Some of em were doing shit like writing keygens for shareware.
>>61394500
the top people in any field are the ones who, though they'd love to do it as their day job, are so passionate about it that they'll be a bus driver to pay the bills and then go home and spend all their free time on whatever it is they really want to do until they can manage to get a job that's closer to what they want. If you're asking the question you aren't dedicated enough to do that sort of thing, you'd want to do it so much that you'd be out finding ways to do it.
>>
It's not as sexy, but what do y'all do for developing blue team skills? Practice Snort and PCREs? Set up IPtables?
>>
It wasn't debunked in my opinion, people are simply picking out semantics again.
You need to practice something a lot, learn a lot about it, fix your mistakes, challenge yourself and, at best, have some talent for it - that in essence is how I understood the 10k rule. Someone who is programming for like 1 year, will not be better at it than someone who has been doing it for five years. (given that both parties are willing to learn, fix their mistakes, challenge themselve etc yadda yadda).
A guy who copy + pastes code for five years and calls it "practice" is obviously not better than a guy who codes for one hour a day for one year.
>>
>>61394578
That post is a big load of bullshit.
>implying you have to literally live for your hobby in order to get good
It takes practice, drive, dedication and some degree of talent and intelligence. If you have all that you're guaranteed to succeed, even if you didn't start reverse engineering enterprise software in your early childhood.
>>
>>61389510
ive pulled the password out of the code using gdb like it says in the story, but im not sure where to go. I do see a strange line of code saying "XOR" and it disassembles to "A"
>>
Does /cyb/ like to listen to
http://youarelisteningtolosangeles.com/
and the other city ones?
>>
>>61375001
thanks anon
nice music
>>
>>61394438
>VMs cant communicate without your input
A nice babby-tier example is timing attacks on shared resources. Consider VMa performing a known non-trivial computation every second or two and timing it in high resolution. Consider VMb hogging the CPU for a few seconds at a time, long enough that VMa's computation will finish later than it would have otherwise. If not processor, you could also do the same with cache, disk or network. The bandwidth isn't impressive, but it's enough to exfiltrate a password or two.
>>61394459
I've heard that if you immerse yourself into something for 30 days, to the exclusion of all else, you can git competent. Gitting gud calls for multidisciplinarism.
>>
>>61380509
how do you debug the program if you can't create files? i don't want to copy that to my own machine and run it..
>>
>>61394459
I was going to say passion, but everybody has that in some way.
Persistence.
>>
>>61395738
it's not just time, it's a function of time, how effectively you're using it, and how smart you are. intelligent people learn faster
>>
>>61389510
>>61389510
>>61389510
HEY YOU
I GOT IT
Make sure you follow the instructions in the story file.
Gotta set a breakpoint in the code. Turns out you can scoop up the plain text while its running, not from the outside while its not running.
break *0notArealADDRESS
run
x/s FUNNY_LOOKING_BIT_OF_CODE_THAT_SAYS_SECRET_WHEN_DISASEMBLED
tada
>>
>>61396117
lol man the iwashere text file threw me the fuck off. ok, this doesn't look very hard. someone put the code snippet in there so i thought that was it, i need to read more
>>
>>61394086
thats a comfy gif
>>
>>61396366
>>61396117
i just used the strings command on the file to get the secret password, but i'm perturbed. i can't figure out how to get the solution through gdb. would learning how to use gdb make this easy?
>>
>>61396489
wait, where you are user level0 or user level1?
Im talking about being user level1
>>
>>61396548
no i'm trying to use gdb on level0's executable. is it not meant to be used for that?
>>
>>61396571
try the hex string next to %esi
>>
Trying to create a little VM hack lab on an old laptop.
Is it better for the attack box to be the host system as well or should both attack and vulnerable boxes be guests?
>>
>>61396649
>should both attack and vulnerable boxes be guests?
ding ding ding
>>
>>61392292
yeah dude, i have nothing against the euro ones, but since he mentioned Cuba and Seychelles figured he'd have something to share about those countries. thanks though, i'll take a look
>>
>>61396620
i already solved it, i'm asking are you supposed to be able to solve it with gdb?
>>
>>61396663
Thanks; I got myself confused.
>>
>>61397040
if you checked that hex, it gives you the password.
there isnt a way you are "supposed" to be able to solve CTFs and wargames.
As long as you get the answer youre supposed to, you win.
>>
>>61386476
Escape chars delimiters encoding maybe shift cipher try all of those
>>
>>61397180
>if you checked that hex, it gives you the password.
i solved level0, i said that twice. i wanted to know if there was a way to solve it with gdb since i couldn't get it to work
>>
>>61397436
now for the third time
if you check that hex string in gdb, it has the password
THATS HOW TO DO IT IN GDB
fuck youre dense cunt
>>
>>61397490
how do you do that?
>>
>>61397540
from shell move to the matrix/level 0 dir
use
>gdb level0
will open using file level0, obvsiously change it to 1, 2 etc as you move
inside gdb, put in
>disassemble main
this chops it up into assembley
to investigate anything, put in
>x addressline
eg
>x $esi
>x $0x600e60
etc etc
just poke around looking into what the contents of any strange looking variables might hold
esi is of note because its the only one in the stack on the right hand side to have another address with it, so it sticks out you know? just looking for random ass things of value.
next level, be sure to read the story. it tells you how to do breakpoints.
>>
Currently studying for OSCP, and want to monetize my pen testing skillset as fast as I can.
Am I better off:
>doing freelance work
>going for bug bounties
>>
>>61398123
this
plus, is it possible to work with infosec remotely?
>>
ill tell you whats real fuckin comfy to listen to?
mr robot OST
goddamn that mac quayle guy (whoever the fuck he is) really captures the vibes in the score
good fuel for my head while i sit and try to work out this war game
also currently going the process of upgrading a vm from ms-dos 6 -> as high as i can
so far gone
>installed dos 6
>installed win 1
>installed win 2
>installed win 3.0
>upgraded to win 3.1
>installed visual basic 3
>upgraded to 95
have upgrade disks for 98, and am deciding between me or 2000. never used either; my dads machine went 95 -> 98, then it stuck around for fucking ever until i bought my own xp machine.
>>
is there such a thing as a secure vnc program?
i want to set up windows 95 in a vm on one of my linux machines and vnc into it from work so i can play diablo
>>
who /homeserver/ to host their labs here?
>>
whats going on here? why we slowed down so much?
>>
>>61399264
Time zones.
>>
>>61399278
well its the middle of the day here in oz, why cant i have any friends :(
>>
>>61399301
Because you live a in rural country, probably in a rural area. ;)
>>
File: 9f8a558ea43387054c6575b6d2801124460443e4a7aeeeb45fba686119d03455-gnussr.png (459KB, 1147x645px) Image search:
[Google]
459KB, 1147x645px
>all these self-proclaimed /cyb/-fags haven't read basic fucking cybernetics
>>
File: 1489710572968.jpg (9KB, 188x200px) Image search:
[Google]
9KB, 188x200px
>>61399545
>Implying...
>>
>>61399545
what the fuck are you on about
>>
>>61398584
i dont know why i wanted to do this.
i have upgraded 3.1 to 95, 98, and now 2000.
this isnt fun, its tedious and im barely noticing any significant leaps between them.
3.1 -> 95 was massive, and it seems the next significant update was xp.
>>
>>61400013
Why are you doing it, actually
Like, are you just installing them in order to see how it changed?
>>
>>61400032
>Why are you doing it, actually
Because I thought it would be a fun little project. I didnt expect installing DOS to be as simple as
>insert floppy img
>installer fucking starts
>>61400032
>are you just installing them in order to see how it changed?
Yeah pretty much. Started with the dos image, and every time i upgrade, clone the image and make a new vm of it, so i can have all the windows usable if i want. Which i wont ever want.
One of those silly things Im doing to avoid doing the real study im supposed to be doing.
>>
>>61400013
I am trying to upgrade lubuntu 13.05 to 14.04 or 13.10 since only old versions are suited to small machines. Problem is, archives are gone...
>>
>>61400145
https://archive.org/details/Lubuntu13.10DesktopI386
>>
what /cyb/ or /sec/ projects can i make with an arduino uno?
>>
>>61400058
Sounds like a fun day tbqhwu
>tfw no floppy drive for comfy installation
>>
Okay /sec/, real talk
How likely is are your 4chan shitposts to come back and haunt you if you have to go through a background check for gubberment clearance?
>>
>>61400758
>>tfw no floppy drive for comfy installation
Me either breh; these are all VM installations
>>
>>61400878
not at all likely
they also wont break the surface of your fb (what they can see without being your friend) unless you get above ts
they based most of my ts evaluation on the interview, not what was online
>>
>>61364988
Yes! Any news on progress for the next releases? I heard the X220 will be getting support. I have an X220T, hopefully it'll be supported.
>>
>>61400945
What happens when you get above TS?
Yuro here anyway, so no chance of US clearance I guess, but I'd imagine EU stuff would have a similar process
>>
>>61400945
>top secret isn't actually 'top' secret
I have been bamboozled again.
>>
>>61400998
>>top secret isn't actually 'top' secret
this too caught me off guard when i heard about it. it honestly sounds so fucking stupid, its like the spinal tap 11 scene. just make top secret the top. 'but these files go above".
>>61400980
>What happens when you get above TS?
I dont know. All I know is the cost of the vetting process literally doubles. Given we know thanks to the prism leaks about the shit the way they can/could punch holes straight through into facebook accounts, probably something similar.
TS required me to validate and provide evidence for my last ten years of existence. Above ts you need to declare your goddamn life. Every house youve ever lived in, every employer youve ever had, every spouse, every loan, every bank accout.
it sounds fucking exhausting.
>>
oi maderas
if youre lurking brah give us some tales from your work ?
always interesting to read how real sec works
>>
>>61392037
I use a 1tb cold storage hard drive for things I deem important to my digital life. I have a rpi hooked up to 2x 2tb hdd which my computer takes backups and uploads to on a monthly basis. The same rpi is hooked up to my tv and is also running Kodi and all my media files are also stored on the same hdd (1media, 1 backups). That's pretty much it. I wanna move to a NAS+HS build because there are quite a few servers I want to run locally. I was thinking of then switching the pi to a network monitor/ad blocker, or just for streaming from my NAS, haven't decided yet, though 1gbps ethernet port may not be good enough
>>
>>61391928
Vim is more likely to be installed on a given server so Vim it is.
>>
>>61386766
is there any hardware that is confirmed to be backdoored
all a quick search gave me were rumors and "they could totally be doing this, man" type of arguments
>>
>>61368089
>I'm thinking of live posting screenshots/webms/gifs in one of these generals while I pentest a live network.
This seems very interesting
>>
Sup guys.
I remember a webpage which have some utilities like scanning ports and representing them in a big square in blue green and other color I can't remember. I'm searching the web itself but I can't recall it. May I have a hand, please?
>>
>>61399301
Sorry m8 spent today cleaning my shit up and planning my next few projects. Always lurking. Has anything come of that vulnerability weaponized autism posted yet? I need to set up a workflow for secnews that isn't something heinous like Twitter. Is Hackernews ok?
>>61396117
Hmmmm
I feel so close and yet so far. Thanks for the tip.
>>
>>61401975
Wireshark or zenmap?
>>
>>61402046
The design looks more like zenmap but it wasn't that web,
I think it was called something as PGP or GPG but I know that webs are not what I'm searching.
>>
>>61401654
Well that would be Vi not Vim but if you know vim you can use vi no problem.
>>
>>61402046
If it helps you, it had more utilities and it welcomed you to the web with a nice cookie message in the way of "We have to tell you that if you use our website we will be able to see certain information about you" etc etc
>>
>>61402013
>Is Hackernews ok?
only if you like sjw articles and new, useless javascript shit
>>
Where's the pasta about starting out for beginners?
>>
>>61402226
In the sources.
>>
All security experts have been programming since they were like 8 or something. How can people who started at 18+ even compete?
>>
>Web Application Security
>Reverse Engineering
>Malware Reverse Engineering
>Network Security
>Incident Response
>Standards Compliance
>Programming / Creating Tools for Others
>Exploit Development
>Forensics
Which field of /sec/ is guaranteed the most growth in the near future?
>>
>>61402594
A collegue of mine was a butcher before he become chief of security (it started with an internship and he worked his way up from there). He did not start getting into tech until his late 20s.
Sure he might not be a leading world expert on cyber security, but he has a well paying job, an important role in the company and a lot of real world experience.
Another collegue who does a lot of programming did a lot of odd jobs before he found his "passion", he was mid 20s when he really started getting into it.
>>
>>61402737
>Which field of /sec/ is guaranteed the most growth in the near future?
the things that: a) can't be automated, or b) can't be automated cheaply
>>
>>61402854
Everything in that list can be automated.
>>
Is /sec/ worth studying in uni?
>>
>>61402594
Not everyone learns at the same pace. If you're a fast learner you can get there in a few years, only lacking the experience.
>>61402870
Depends on the courses, on my uni what you study in a semester could be easily wrapped in a week of studying.
>>
File: fuck_yeah.gif (2MB, 280x350px) Image search:
[Google]
2MB, 280x350px
>playing through OverTheWire
>stuck on Natas4
>cheated once or twice during Bandit, don't want to give up
>watch LiveOverflow's Web Application series, gives me some new ideas
>go back to it
>kind of knew what it was asking me to do the whole time but didn't know how to phrase it
>after some googling I realise it's a whole kind of attack, they're trying to teach you that method
>fucking figure it out and get it
Fuck yesssssssss that was driving me crazy
Won't say the kind of attack it is in case anyone here is doing it or is thinking of it
FUCK that felt good
>>
File: 1472073471338.gif (1MB, 245x118px) Image search:
[Google]
1MB, 245x118px
>>61402995
>Dat feel when you finally "get" something
feels good man
>>
What kinda stuff are you talking about? Looks like its only 36 cr Masters course anyways
>>
>>61402859
refer to point b then
>>
File: pict97.jpg (37KB, 417x512px) Image search:
[Google]
37KB, 417x512px
https://www.youtube.com/watch?v=h9wXq6oRBnI
Fucking cool talk by Mudge, just some interesting stories from his time working for DARPA
>>
>hackerspace near me
>seems to be the main one here (just moved to this city)
>most of their photos online seem to be full of kids, rather than adults hacking shit together
Is this common in hackerspaces?
I'd like to find some interesting people to work on projects with- where I'm from there's a thing called Men's Shed that my dad goes to, it's basically a club where men can go and work on DIY projects together, and build whatever they want. Hackerspaces strike me as being something similar, but for computers
>>
>>61404135
It can be, but you need to find the right people which is a challenge in itself.
Some hackerspaces are full of script kiddis, some have gamers, some just social autist "muh hacking" types, and some are a mix of everything. The latter is usually the best. My best bet would be to find likeminded people and make your own hackerspace.
How to find them? Well again, thats the challenge.
>>
>>61402737
research
>>
>>61404337
So reverse engineering and exploit development then.
And cryptography, which for some reason wasn't mentioned on the list.
>>
File: 1489009344641.jpg (120KB, 392x495px) Image search:
[Google]
120KB, 392x495px
>>61404135
>hackerspaces near me
>they're all anarchist feminist snowflakes who smoke more weed that hack
>>
>>61404352
than*
>>
>>61404348
pretty much. if you have experience in exploit development you're basically a software tester on steroids and apparently top testers get paid lots actually
>>
>>61402143
>>61402058
>>61402046
>>61401975
I have to apologize, since it was in the resources all the time.
>https://www.grc.com/x/ne.dll?rh1dkyd2
>>
>>61404135
Dude, Mens Shed sounds super gay. Are you sure he isn't going to a gay strip club?
>>
>>61404491
Gotta pass the time some way I guess
>>
>>61386476
http://defindit.com/ascii.html
>>
>>61403750
Love this talk. In a similar vein I also really enjoyed https://youtu.be/38M8ta13K0Q and https://youtu.be/bM0PmwOlifE
>>61404135
I think hackerspaces will always be a bit off, 9/10 times you're either dealing with people obsessed with the image (be it hacktheplanet or haha I love to fizzbuzz) or the real deal types who really don't want you to be bugging them and are there to use the equipment. I may have simply had bad experiences but my more paranoid and reclusive thought patterns lend themselves far better to online communiqué and community than in meatspace.
>>
so what do you guys do when you have exhausted all you can think of when playing a CTF game?
>>
>>61404723
Try Harder™
>>
>>61404752
i did. thats what i meant by "exhausted all you can think of".
>>
>>61404770
learn more
>>
>>61404682
>>61404135
isn't the whole thing about hacker culture that their communities are online, not offline? i've never even heard of hackerspaces before
>>
>>61404835
I've only ever heard of makerspaces. Is there a difference?
>>
>>61405598
It's the same.
Each hacker/makerspace is different though, hence why I recommend creating one yourself. Finding great existing ones is NOT easy sadly.
>>
>>61405691
creating one yourself is hardly easy
you need a sizable space, tools, and patrons
>>
>>61404835
I've been part of a hackerspace in The Netherlands. They were a bunch of IT experts who came together for the social aspect, i.e. drink beer, smoke weed and talk. There's also a scoreboard, where we measure our hacking skills based on the amount of wargames we complete. Harder wargames score more points of course.
>>
>>61404682
>e real deal types who really don't want you to be bugging them
most of the time these guys really dont mind helping you if you're not a fucking retard, though they usually assume you are
>>
Can someone explain me why is Serial Experiments Lain so widely acclaimed in cyb environment? It's mediocre anime at most.
>>
>>61406493
I second this.
>>
>>61400967
Last thing I heard from Leah Rowe was on the libreboot sub about a month ago, should be later this year
>>
>>61377507
Good advice, agree.
Also surplus stuff can be traded, for instance on ham fests.
>>
>>61407876
>>61407616
>>61406530
>>61406493
>>61406085
>>61405967
>>61405903
>>61405691
>>61405598
The thread is dead, long live the thread: >>61408222
>>
>>61377588
Sounds like a faggy LARP club
Thread posts: 312
Thread images: 36
Thread images: 36