Thread replies: 303
Thread images: 33
Thread images: 33
Anonymous
/cyb/ + /sec/: Cyberpunk and Cybersecurity General: 2017-07-16 07:32:44 Post No. 61408222
[Report] Image search: [Google]
/cyb/ + /sec/: Cyberpunk and Cybersecurity General: 2017-07-16 07:32:44 Post No. 61408222
[Report] Image search: [Google]
File: Francois_Baranger_-_The_Machine_1.jpg (298KB, 1276x635px) Image search:
[Google]
298KB, 1276x635px
/cyb/ + /sec/: Cyberpunk and Cybersecurity General:
Anonymous
2017-07-16 07:32:44
Post No. 61408222
[Report]
/Cyb/er/sec/urity general is for the discussion of anything and everything related to cyberpunk and cybersecurity.
What is cyberpunk?
>https://pastebin.com/jS37Vu7A
Nothing to hide? - The importance of a cyberpunk mindset applied to a cybersecurity skillset.
>https://youtu.be/pcSlowAhvUk
Resources:
Cyberpunk:
Cyberpunk directory:
>https://pastebin.com/9JaJFqB2
Cyberpunk resources:
>https://pastebin.com/7DWCsAc8
Cybersecurity:
Cybersecurity essentials:
>https://pastebin.com/JWx5xeEM
Cybersecurity resources:
>https://pastebin.com/NaUPUDF0
Harden your OS, reroute your DNS and fire up the VPN!
Shit just got real: - Looking for more resources, help is welcomed.
>https://pastebin.com/JXyM4fTe
The Old Skool: - Looking for more resources, help is welcomed.
>0ld 5k00l h4ck3rz: http://67.225.133.110/~gbpprorg/#40
IRC:
Join: irc://irc.rizon.net:6697
>#/g/punk - Requires SSL
>#/g/sec - Requires SSL
IRC guide:
>https://pastebin.com/YDbEWRHV
Thread archive:
>https://archive.rebeccablacktech.com/g/search/subject/cyb/
>https://archive.rebeccablacktech.com/g/search/subject/sec/
>https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/
Thread backup:
>https://www.cyberpunked.org/
Previous thread:
>>61364245
Suggestions for new resources are welcome.
The Gentoomen /sec/ community is looking for CTF team members, contact them at the IRC channel.
OP message:
"I'll also be adding any resources I missed from the last thread, during this thread." - I still have a thread long backlog.
>>
File: netrunner1.png (23KB, 614x734px) Image search:
[Google]
23KB, 614x734px
Support NetRunner https://retrotech.eu/netrunner/
>>
2nd for the greatest OP.
>>
>>61408241
That's a nice logo.
>>61408260
Thank you, I just fall so behind on these threads.
>>
valka and s3krit sitting in a tree
Kissing to systemd
>>
One of the few gold nuggets on this belgien toad roasting forum
>>
>>61408241
Better logo than moonman.
Although moonman was cool as fuck.
>>
>>61408274
Reminds me of weyland corp for some reason, very retro
>>61408295
Agree
>>
>>61408289
E s o t e r i c
>>61408292
Thanks.
>>61408295
I agreed.
People would've just branded it:
>/Pol/ Makes A Racist Browser
>By The Male Daily
>>
>>61408327
Agree. Although it may sound as SJW, I think, at least for the time, tech-related stuff shouldn't have that kind of distintion. You know, made by X, made by Y etc etc unless you talk directly about the author.
My opinion, of course.
>>
>>61408354
Agreed.
>>
>>61408354
Agree.
>>
>>61408327
E r o t i c
>>
>>61408407
Turn it into a e-fan fiction, I dare you.
>>
>>61408419
Oh god, no. I'm not /that/ autistic, thank you very much.
>>
File: ThinkPad_X60_Series_with_Libreboot.jpg (20KB, 300x185px) Image search:
[Google]
20KB, 300x185px
>>61408222
>Cybersecurity essentials:
>>https://pastebin.com/JWx5xeEM
OP, do you think we could get a section added about Libreboot and the importance of having a free BIOS along with the dangers of Intel ME/AMD PSP backdoors?
>>
>>61408442
>... as he decompressed from the .tar his bronzed skin glinted with sweat, executing his systemD he wgave it to her, assigning all values hard to the RAM.
:^)
>>
>>61408498
I have no idea what the fuck did I just read, but please, continue.
>>
>>61408498
Hahaha
>>
Risking to be considered normie, shall we. . . ?
https://youtu.be/3rdVzqaR3ow
>>
File: 1461452686840.jpg (764KB, 1068x662px) Image search:
[Google]
764KB, 1068x662px
>>61408591
>>
>>61408670
I would be agree if it would be more readable. Maybe a remake could be nice.
Also I meant tastes on this kind of music, no "musts". I feel like we're trying to be some kind of club in that way, if you ask me.
>>
>>61408458
I second this, and a guide on librebooting thinkpads and stuff would be good
>>
>>61408712
Just a pic I found earlier when I was sorting my files. There defenitely should be an updated version, but more in the sense of recommendation, yes.
Also, the album you linked, I like it so far, gonna listen to it some more. So thanks for sharing
>>
>>61408753
A friend of mine recomended me Cybernetika because I like (as I call it, sorry if it sounds pedant) thick DnB. I checked them overall and seems like they used to make Psytrance, which is a interesting evolution.
Should I share more DnB and/or /cyb/ music?
>>
>>61408780
Sure!
I I am listening to some more Juno Reactor again lately, so share what you got
>>
File: wallhaven-535694.jpg (2MB, 2400x3000px) Image search:
[Google]
2MB, 2400x3000px
>>61408458
Is this a real issue?
I tought on moving to ARM, maybe a PiBook.
This cpu backdoors are intel agencies level of exploit. If it ever leaks out of their domain it doesn`t really matter how hardned your OS is.
Does anyone have an opinion on this
>>
>>61408804
I liked Juno Reactor (as I think, I researched it because The Matrix) but Psytrance is not usually my cup of tea unless it goes Dark, I don't really know why.
Do you want /cyb/ or DnB?
>>
>>61408809
You should take all precautions, assume you are public enemy #1.
>>
File: jules-marais-bouriaud-marais-archi.jpg (348KB, 1920x1080px) Image search:
[Google]
348KB, 1920x1080px
>>61408831
I'll take a mix of both, thanks anon!
>>
>>61408714
It's very simple to flash X60 series and can be done with a few commands in the terminal; other models (X200/T400/T500) require a beagle bone or pi through external flashing. There's also a cool guy on ebay who will flash any compatible thinkpad for $40 and install an atheros chip. I have no relation to him but just thought I'd mention that for people who don't feel comfortable doing an external flash.
And for OP, I'd be more than happy to write the section and post it here later today.
>>61408809
Yes, it's a huge issue imho. I don't know much about ARM/Pi, but the Core 2 Duo in my X200 is plenty fast for what I do on a daily basis and is currently the fastest Intel CPU with no backdoor. As others have mentioned, the X220 which has Ivy Bridge i5 might be liberated by the end of this year. You're absolutely correct to point out that no matter how much you harden your OS if there is a backdoor in the hardware. And this is more than just something theoretical, see article below
https://hardware.slashdot.org/story/17/05/07/2034245/intels-remote-hijacking-flaw-was-worse-than-anyone-thought
>>
>>61408515
>>61408550
>He kept assigning value, after value, her CPU began to shimmer with the heat of such action.
>As he got nearer and nearer to stack overflow, a few integers, mere bytes leaked from his sytemD.
>Suddenly she froze, crashing as her stack overflowed down his buffer right onto the systemD, covering it thick in data objects.
>As he froze he jammed down hard on the function keys, aiming to not lose control before he finally gave in, injecting his payright right into her memory.
>She gasped, logging an error report as he killed the systemD process tree and dragged his tarball across her PSU, moaning.
>>
File: 2a8hlkw.gif (591KB, 250x250px) Image search:
[Google]
591KB, 250x250px
>>61409044
You've been doing this for a while, haven't you?
>>
>>61408901
Hm, I think DnB has easy to get the /cyb/ imo, but I'm going to try this. I think it pretty fit both.
https://youtu.be/JnhjWUepaE8
>>
File: 56eacec0e8e26ef1aceb13e6762a6d499c456cddf8f7c7025fb81f497315fe05.jpg (138KB, 900x825px) Image search:
[Google]
138KB, 900x825px
>>61408498
>>61409044
Art.
>>
>>61409072
>Saving no time he grasped his tarball firmly, he bit banged it against her PSU roughly to execue it again.
>As it grew and grew in memory allocation he stiffened, executing flawlessly as he proceeded to connect the stager directly into her port 69.
>She gasped, having only rebooted moments ago: "N-no, i-it's ne- NNGGGH!" He'd connected, dropping no packets.
>He then opened up his airmon, -nging as she tightened around the stager, almost setting it off.
>He quickly sent deauth after deauth, hoping for a 4-way handshake. Shaking her head she said: F-four? N-no-w- Oh, s3krit! Okay!" ACK, after ACK pinged from her port as she gave in.
>"Finally" he said, "I'll crack your WPA and we'll surf, TOGETHER!"
>She counted wait, she tightened clicking on the click as his stager exploded, another payload delivered straight into her memory for execution.
>She couldn't take it, her CPU froze again, before executing line, after line.
>>
>>61409234
My dick is rock hard. thanks
>>
File: tinfoilhatday-3.jpg (497KB, 1280x1280px) Image search:
[Google]
497KB, 1280x1280px
>>61408872
I`m just a mere software engineer, everytime I get to toy around with sec I get paranoid asFuck. Makes me want to delete every normie service such as google shit and twatter and live in a digital cave. How do you guys handle this?
>>
>>61409409
>>61409125
>>61409230
>As the malicious code spread throughout her system, opening a reserveshell and giving him direct access to her pleasure.exe he mimikatzed all over her directory tree: "You dirty Winwhore..." he grunted, as his systemD process killed again.
>She blushed, she'd never let anyone in her port 69 before as it was sore after he'd driven in his meathook and systemD: "D-don't c-call m-m-me that..." She grumbled as she scanned for the malicious code with her ClamAV: "You made such a mess!"
>He sneered, peering at the screengrab of her directory tree, covered in his bytes: "You look dirty to me... GNU/Linux was and is always better and you know it..."
>She nodded, biting her bottom lip: "Linux master race..." Looking down, deflated.
>"Don't you mean GNU/Linux, valka?!" Scolded s3krit.
>"Y-yes!" She meeped, not wanting to offend.
>>
>>61408981
>T500
Any guide using an odroid c2?
>>
>>61409428
Well, I have clinically diagnosed inherited Asperger's syndrome from my maternal line.
>>
>>61409096
Yeah, I can really dig this music right now.
If you don't mind, can you name me some artists I should check out? I would go looking on from there
>>
>>61408222
>>61408458
>>61408714
Ok, here's a very quick overview that could be integrated into the main cybersecurity essentials
https://pastebin.com/Ck5S4cdK
>>
>>61408241
looks a bit eggish
>>
>>61409524
To symbolise the birth of a new browser, anon.
>>
>>61409489
Well, I'm not a person who follow names, but iirc, I use to listen to:
Cybernetika, Noisia, killer iNdustries, Blackout, as genre you can search Neurofunk for example.
>>
>>61409465
The only official guide I know is for the Beagle Bone. You could check on the libreboot sub, someone might know over there.
>>
>>61409534
>>61408241
there's no tasks that i can start working on or documentation to look at. it's just a heap of code. how do they expect people to work on this?
>>
>>61409587
Join their IRC and pm odil or gyroninja
>>
I'll ask again.
Can someone explain me why is Serial Experiments Lain so widely acclaimed in cyb environment? It's mediocre anime at most.
>>
>>61409670
it`s an anime about a girl that goes turboautism. How does /g/ will not identify with that?
>>
>>61409768
I though that /g/ liked quality anime too and the anime is really bad and cheap in that kind of matters.
>>
>>61409670
it's about a girl who acts like an edgelord on the internet while being a shy outcast in real life. it resonates well with wannabe-cyberpunks.
>>
>>61409553
Perfect starting point though, thanks a bunch anon
>>
>>61409969
If you keep going into DnB, good names would be The Prototypes and Heavy Delta, kinda older are Bad Company. I wouldn't know what to recommend in that context more /cyb/ related since I quick fall into *waves.
>>
>>61409871
you're saying it's bad because it had low production quality? first off it's old as hell
>>
>>61410072
No, I'm saying that 50% of why it is bad, is because it is poorly made. Bad voice actor, bad drawing, less some scenes everything pretty much was bad.
I've watched old animes too, and they were well made. So being old has nothing to do with be bad made.
>>
File: 1470942996054.gif (441KB, 1100x582px) Image search:
[Google]
441KB, 1100x582px
>>61410021
Again, thank you.
I never used to have an ear for DnB, never took an interest in it, aside from the odd track here and there. But now there seems to be the right time for it. Feels great having a whole undicovered genre of music on the horizon
>>
>>61408670
>demanufacture is cyb
kek
>>
File: Installing Gentoo in da club.png (560KB, 800x792px) Image search:
[Google]
560KB, 800x792px
>>61410021
Do you mean Delta Heavy link related https://www.youtube.com/watch?v=b4taIpALfAo I like eurofag dance music myself
>>
>>61410874
More like this.
https://youtu.be/fVUi5LIuG1A
I don't like DnB youtube vids alone. I mean, the tracks and videoclips are not the best always.
>>
File: Ghost in the shell solographic building aspect.jpg (186KB, 1400x926px) Image search:
[Google]
186KB, 1400x926px
>>61410988
https://youtu.be/iTuuZnhaj8Y?t=173
Reminds me of this which I listened to while coding for Java class and drinking many Monster Energy drinks D E S U x,3
(some 12 year old called me an old 2010fag on Snapchat but Im based)
>>
>>61411044
IIRC, I have one album form Excision and he's full dubstep. I mean, sometimes DnB touches Dubstep but they're genres apart.
>>
File: Blade_Runner_sun_window.png (77KB, 541x196px) Image search:
[Google]
77KB, 541x196px
https://youtu.be/_iUxPZg_akA
Extremely /cyb/ track, best OST of the franchise, makes you wanna get a proprietary implant that replaces one of your vital organs As A Service™ and live in a megacorporate fiefdom ASAP
>>
>>61409234
the airmon NNNGGGG is so clever, you're amazing
>>
Is null-byte any good? Some of these titles sound like clickbait, but perhaps there is more to it.
Anyone have experience with the site?
>>
>>61409458
GNU/Linux-libre*
>>
>>61410214
>bad voice acting
What, don't tell me you watched the English one
>>
to that anon recommending N-O-D-E a couple threads back, i still dont see the appeal
creative sure, but pretty much all he does is 3d print a case and stick a raspi inside
hardly groundbreaking and not really cyb
>>
>>61410072
so is GITS and Cowboy Bebop, but they don't look like festering arse
>>
>>61408809
That image is sick as fuck dude
>>
>>61410072
>1998
>old as hell
leave and never come back
>>61412030
its just the artstyle anon
i think its comfy
>>
>>61412016
Yea was hiped as well at first, then he began doing shit stuff
A bit like that busty chinese maker, a few cool projects and then all 360 vids of her anime tiddies
Not complaining, but still
>>
>>61412094
b-busty chinese maker?
got a link for that anon
>>
Any of y'all from the last thread playing gracker still?
gracker.org
I'm on level 4
>>
Anyone here done something cool with a small non-raspberry pi device like a pogoplug v4 or a C.H.I.P.?
>>
>>61412321
Negative, I have an arduino uno I bought on the weekend I'm wondering why the fuck I purchased it
>>
So.
I spent yesterday upgrading from ms dos 6 right through to windows 8.
I can tell you right now, it was not a fun or interesting process.
I didn't realise how easy installing old OS was? I hear people bitch about how back in the day they had to work to get shit installed; nigger I put in the floppy and it kickstarted the dos installer on its goddamn own.
All I learnt is I won't ever be out of a job, because if the publics knowledge of computers hasn't changed since 1982, then it won't ever change, and shit lel installing an OS will be put into the "justnerdthings" basket
>>
beat level0 and level1 of gracker lads
>>
>>
>>61412281
finished level0 (easy af). I'm taking a look at level1 now, but their version of radare2 on the server seems to be fucking with me - radare2 -d /matrix/level1/level1 segfaults.
>>
>>61412321
Coolest thing I've done is turning my odroid into an irc bouncer and a seedbox. I am a boring person.
>>
>>61409871
It has the best sound design of any series, it astonishingly good.
There's from where most of the ambient comes from.
>>
>>61412281
>>61412962
I've found what I believe to be the cleartext password (it's an ascii string in 1337 speak) but the level1 binary doesn't like it. Is there something extra I'm missing? It seems to be doing some strlength checking too, hmm...
>>
>>61413705
Negative, if it's unreadable, it's not the pass. You need to use breakpoints in a debugger to grab the password while the binary is in action
>>
>>61412094
You mean Ms. Yeah?
https://www.youtube.com/channel/UCRB4xZ_2ew7fzmrcv8aj4Lw/videos
Haven't watched her in a while, her first few vids were great, now looks like it's descended into "look at me and my ker-azy life"
What the fuck, she was the chosen one ;_;
>>
Can the government just shut down ZeroNet/IPFS content whenever they want (with the help of ISPs)??
If so, then what is the point
>>
>>61413819
Because the point is to run off meshnets; networks that don't require an ISP to gain access
>>
>>61413758
yeah nevermind, got it. It looks like something was manipulating the pass *after* the XOR, so the cleartext I thought was correct was one character off ('o' where it should have been '_').
>>
>>61413799
>>61412116
I think he means SexyCyborg
https://www.youtube.com/channel/UCh_ugKacslKhsGGdXP0cRRA
>>
>>61408981
core 2 quad doesn't have the ME. Its the fasteest intel CPU with no backdoors.
>>
>>61414613
No, it's got the ME as well. You need libreboot to remove it.
>Introduced in June 2006 in Intel’s 965 Express Chipset Family of (Graphics and) Memory Controller Hubs, or (G)MCHs, and the ICH8 I/O Controller Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip. In Q3 2009, the first generation of Intel Core i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside the PCH chip, which itself replaced the ICH. Thus, the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.
https://libreboot.org/faq.html#intel
>>
>>61414529
Fuck that's annoying. Actually I found a similar thing after I already solved it. It was half the password with extra spoof characters around it, I honestly don't know what the fuck I was looking at tbqh
>>
Is there a way to do a wipe of a hard drive that would still leave some stuff intact? I want to learn some forensic analysis and I figured using one of my old hard drives would be a good way but I'm not sure how I would go about doing it.
>>
File: nice meme.gif (3MB, 420x300px) Image search:
[Google]
3MB, 420x300px
>tfw so poor i got a CPU with no botnet.
am i /cyb/
>>
>>61415057
Wiping it with a quick format only deleted the file table, which lists where shit on the hdd is.
It's still technically there, and you'll be able to recover it using forensic Toolkits
>>
Amen breaks cut up by hand will always be cyber af https://youtu.be/NplL1Cg0xiE
>>
File: Buffer overflow.webm (3MB, 1280x720px) Image search:
[Google]
3MB, 1280x720px
>>61409044
>>
File: tumblr_nypjfu5ah51t6nu7uo1_r1_1280.jpg (52KB, 736x368px) Image search:
[Google]
52KB, 736x368px
>>
What cheap/quick /sec/ certifications can I get while studying for OSCP?
Or would I be better off just networking with the /sec/ community here like a motherfucker?
>>
>>61409044
Should have got you to do that cringey scene in Va-11 Hall a
>>
>>61411477
No, I did watch the Japanese one.
>>61413162
Maybe the scenary or ambient sound can be great, but the voice of each character it wasn't. Lain in particular (the few lines she has)
>>
>>61415472
What's the point if you're getting oscp.
>>
>>61415617
Might be a little while before I get it, and I need a job
>>
>>61415472
hackyourselffirst.troyhunt.com is a good site to practice website hacking on.
>>
>>61415638
It's not a certificate, but good for practicing.
>>
>>61415412
Simon Stålenhag is always great.
>>
>>61415638
>google hackyourselffirst
>previews show the site is about ferraris
Nice try nigger
>>
>>61415665
Go to troyhunt then, if you don't believe me, it really is a good site to practice.
>>
File: 1497816282514.gif (471KB, 570x670px) Image search:
[Google]
471KB, 570x670px
>>61415665
>not getting your car fix and your security fix from the same website
>>
>>61415665
I literally have no idea what to even say to you.
>>
Opsec is like defense: really hard to do right and if you screw up one thing you're blown
>>
An anon in the last thread asked for sec tales.
Last month i tracked a chinese hacker who rooted company infrastructure. I did this by google searching his MAC vs server abuse reporting sites.
Thoughthe person worked with a number of IP, they never seemed to spoof their MAC or the useragent of their browser since 2015.
Also, some of the server logs caught their OS (OSX Sierra since '16 and El Capitan in 15) and wireless card (zytell) which were all consistent throughout.
This person would pretty much just masscan the entire internet (multiple exploited servers had logs with wget to masscan github after comprimise) for ports with services that had common or new vulns.
They were attacking everything from residential IP with IoT devices to .gov, .edu domains(which are valuable for carding and some other stuff).
The trail always began at the same place:a chinese telecom NTP server that had at least a dozen NTP UDP ports and a single ssh port (current ssh, no known vulns).
A chinese national attacking tons of intetnational boxes is understandable...they will face zero repercussions.
The telecom though...they were jumping from there via some manner of UDP NTP tunneling to rooted international boxes...after any number of hops they begsn attacking...with how strict officials are about the GFW and the lack of spoofing for so long made me wonder if they were a state actor
>>
>>61416350
That was me TGG.
Nigga that's a pretty amazing tale. Also pretty clever imo, punching out of a NTP server. Who'd even think?
>>
>>61408419
i'm gonna do it
for great justice
>>
https://github.com/crypto101/book
>>
finally installed void, what do you guys think of it?
>>
>>61416888
link
>>
>>61416888
I think it is a very OS easily de-bloatable. I like it a lot.
>>
>>61415712
THANKS DOC
>>
jesus fuckign christ
ive got a wna3100 that i fucking can NOT get working on my rpi
what monitor mode compatable wifi dongles are recommended, and that JUST WERK?
>>
well to answer my own question i just bought an Alfa AWUS036NH, apparently it works on a pi
>>
What programming language should I start with? No experience with coding.
>>
>>61418283
i recommend you fuck with visual basic
its nice to see things immediately, and flip it around to see the code behind
i can already hear and feel the comments coming, but i am genuinely recommending it because visual studio is a great confidence building ide
inb4 visual code, its not the same.
>>
>>61418283
ASM
>>
>>61418304
>Visual Basic
>>
>>61418283
Gotta agree with this guy>>61418339
It's probably the simplest one to grasp, considering just how straight forward it is.
>>
>>61418304
>Visual Basic
>>
>>61408222
>your new search engine is duckduckgo or searx
no love for startpage?
>>
>>61418878
Gives shit results tbqh
Needs to be usable at the end of the day
>>
>>61419367
Really? Searx gives me garbage results. Startpage uses google how is that bad results? I have had no problem.
>>
>>61419378
Never really understood it, but I always noticed my results were a lot more limited using Startpage, not sure why
>>
>>61419426
Interesting. If it works for me is it still a good choice for security sake?
>>
File: 1479450836699.png (4KB, 225x225px) Image search:
[Google]
4KB, 225x225px
>tfw too much of a brainlet to figure out how to set my VPN up on Arch
i just browse the web with my phone now, cause the NordVPN Android app is bulletproof
>>
File: the_dying_sun_by_eaglshadow.png (2MB, 1100x1100px) Image search:
[Google]
2MB, 1100x1100px
>>61410826
Duh, dude. Up until Obsolete, FF was pretty cyber punk.
>>
>>61419530
What? Just install openvpn and use your client.conf file you got when setting up your vpn
>>
File: 1499666213479.jpg (90KB, 736x998px) Image search:
[Google]
90KB, 736x998px
>>61409428
Idk save ur hacker man stuff to a laptop that's more clean, and keep a public profile that's consistent on ur reg pc
>>
>tfw having a security conscious computer will only be a hobby because i've already used facebook with my real name, signed in google chrome that has a google account connected to everything i do not to mention a third party password manager
they have a file on me 10 pages long and every instance in which i've said nigger
is it too late?
>>
>>61421818
No because they'll never it's you behind this secure computer if you do your shit right
>>
File: 1499910262993-g.png (853KB, 1280x720px) Image search:
[Google]
853KB, 1280x720px
So I already have an associate's degree in Network Administration. My transfer options are limited, but I'm the only option the school I'm considering has where they'll accept all my transfer credits is "Bachelor of Science in Cybersecurity".
There are 3 specific fields I can choose from. Cloud Security, Homeland security, and Digital Forensics.
Which do you think would be most beneficial for finding a decent job? I was leaning towards cloud Security what with everyone trying to making all services cloud based now. Just look at Adobe.
>>
>>61421818
The way I see it, you have several "profiles" of your life. Public life, life in your social circle, private life, internet life, shitposter life and maybe also illegal stuff. The tricky part is to keep everything separated and as tightly private as possible.
"Privacy is dead" is a meme spread by people having interest in having their users breaking the "don't mix irl with online" rule, which was common sense a decade ago. Yes, privacy in general getting eroded by 3rd parties that aggressively are trying to push the "privacy is dead" meme, but all they can do is to erode privacy from the top, not all areas. These days you will have problems making your social life private and deluded normalfags will keep pestering you to drop your privacy, but its still perfectly possible to create fake identities online and shitpost in full anonymity, you just have to recognize which domains of your life can be made fully private and separate them from the compromised domains.
This being said I'm still trying to learn and I'm not that knowledgeable in security or stuff like opsec, maybe somebody who knows more would tell if this idea is right on track or maybe just a delusional rant.
>>
>>61408222
Interesting paper here, full break of 1024bit keys in GnuPGP (libgcrypt) and 13% of all 2048bit keys due to extremely bad advice in 1990s crypto 'engineering' handbooks. https://eprint.iacr.org/2017/627.pdf
>>61418283
>programming
This course uses Scheme (Racket)
https://www.edx.org/course/how-code-simple-data-ubcx-htc1x and is the best intro anywhere.
Land of Lisp, the book is also great, so is the book 'Practical Common Lisp' just so you can start building random shit you want to build.
>>
>>61422259
I for one want to see what strategies /cyb/+/sec/ has to separate accounts for private trackers, what kind of info to give, what to do when anons already have gmail/facebook, etc.
>>
>>61422365
Well I have a gmail address and whenever I need it I restart my browser.
I've configured it so it deletes everything on shutdown.
Also I try to keep my sessions for one activity, for example right now I'm only reading 4chan, when I stop I'll restart it to clear out the jewgle cookies
Also setup unbound + DNSCrypt so your ISP doesn't know what you're doing and use https everywhere
Also if you use windows, don't. Use umatrix to disable all the shit website connect to and filter it. You'll need to do this once for each new website you visit if you want them working correctly but it's worth it (less tracking, less bloat, faster loading).
All this is just for everyday actions, if you need to really hide what you need to do you need something like tails or maybe whonix.
>>
>>61422294
So GnuPG you have a 13% chance of recovering a software release signing key (if using 2048) or 100% chance if using 1024, and then impersonating Tor devs or Debian. Great.
>>
>>61422495
I use umatrix myself with an addon called Privacy Settings on firefox to avoid more fingerprint, that is not to say recent ff update broke a lot but is usable still.
>>
>>61422552
remember those addons are a dbl edged sword, you're giving a 3rd party direct access to your browser, and if the addon uses the native development kit, it has C low level access to break out of any sandbox you're using, plus by default an addon kills the tab sandbox that isolates each tab from each other. Better trust those addon devs or hope they don't quietly sell their addon and new ppl push adware update
>>
what are the best ways to test your security?
>>
>>61422630
Privacy Settings and umatrix are open source tho so at least we know what's going on
>>
>>61422693
Good question, I test my browser here https://panopticlick.eff.org/, and also I am learning about Lynis and plan on learn about hacking so I "hack myself first"
>>
>>61422693
Hack yourself?
>>
>>61422735
Any websites to test the fingerprint of y browser? The test on this website doesn't seem to work for me.
>>
>>61422801
>The test on this website doesn't seem to work for me.
Why?
>>
>>61423025
I don't know it just keep loading. Might be because of uBlock
>>
>>61423025
>>61423102
Yeah that was it, it's working now.
>Your browser fingerprint appears to be unique among the 491,070 tested so far.
fuggg
>>
>>61423158
Be warned that sometimes when you provide less information they increase your uniqueness, I've found this to be the case by playing with my user agent.
>>
>>61423216
Yeah I know, it appears to be the canvas fingerprint that makes me unique. I don't what that is tho, I need to look this up
>>
>>61423268
My best results were with this https://pastebin.com/dinBuXxJ
is for FF, I try not to use more than the mentioned here as some addons might hinge the work of others, like using umatrix and no ublock. Among these there is a canvas fingerprinting prevention addon.
>>
File: CqRDk4wWEAE2FEU.jpg (41KB, 1051x581px) Image search:
[Google]
41KB, 1051x581px
The Mind-Controlled Bionic Arm With a Sense of Touch:
https://www.youtube.com/watch?v=F_brnKz_2tI
GiTS SOON
>>
>>61423307
Canvas Defender is not open source, I'll be looking for an open source alternative
>>
File: df20030113.jpg (92KB, 640x480px) Image search:
[Google]
92KB, 640x480px
>>61422743
This
Develop your skills, and test your own security at once.
>pic unrelated
>>
>>61423351
And this was 1 year ago, I wonder just how much they've improved in that period of time.
>>
I love this thread.
>>
>>61423351
Less impresive but I like it more, the next video.
https://youtu.be/3YLwTJMyoB8
He has a TED chat but I though you folks will feel it as tl;dr
>>
>>61415146
yeah
>>
>>61423831
Is this the same guy? I think it is.
https://www.youtube.com/watch?v=CDsNZJTWw0w
If you want feelz watch it. It's worth it anon
>>
>>61424189
Yeah that's the TED chat I was talking about. I like that TED chat but the faces the man with bionic arm makes when he puts up his pants is epic.
>>
>>61409428
Just do it, buckaroo. I deleted my google/facebook/netflix, etc. Started hosting my own alternatives at home. Have my own email, chat, blog, media server, and drop box. All running from my spare room.
It's liberating. You should do it.
>>
>>61424325
that honestly sounds like the most enjoyable computing experience. I wish i didn't need facebook
>>
>>61424461
Why do you need one?
>>
Sorry if this is a stupid question but howcome /cyb/ uses an IRC network that blocks tor?
>>
>>61424509
family and friends
is the only way i can connect with some of my family and friends
>>
>>61424551
Don't you have their phone number, their addresses or their mail?
I mean, I never had facebook and I can be in touch with 95% of them, if not with all.
>>
>>61424551
Start your own XMPP server and have them join. It's like AIM/Facebook Messenger.
Should be easy to get the family to join if they like talking to each other.
Start a wordpress blog for what you'd post to FB and tell them where it is.
>>
>>61424551
>>61424551
that's the excuse I had for awhile, but ya need an email to have a facebook account so...
email + phone + any other social media faggotry you want ends up getting the job done. Facebook let's you passively 'keep in touch' but if you really want to contact someone there are many ways to. I got rid of my fb, trying to get rid of google stuff next
>>
>>61424566
nobody writes, emails, or even calls eachother anymore. I dont want to be directly told through phone or email everything that they can just make a quick post about on facebook
>>61424609
nobody wants to do any of that
>>
>>61424325
is hosting your own email as risky as people say it is? I hear you gotta configure it just right or else it's nightmare fuel
>>
>>61424626
I think your issue is more an excuse.
>>
File: 1456129557469-0.gif (2MB, 540x603px) Image search:
[Google]
2MB, 540x603px
>>61411309
self-bump
>>
>>61424650
numerous friends from highschool and other social encounters, on top of numerous family members, most of which are tech illiterate
"please join my weird chat client because i don't want to use facebook"
>>
>>61424646
>ple say it is? I hear you gotta configure it just right or e
It's not too bad any more. This project takes care of most things for you. https://mailinabox.email/
If you want extra security, put it behind a good open source firewall. Block non-americans and use SNORT for other threats. https://www.pfsense.org/
Do that, then set up Fail2ban, and it's pretty secure.
>>
>>61424681
Haven't had too much pushback on friends joining my chat. Just give them an app and sign them into it. Tell them "push that button to talk to me and all our other friends."
If you really don't like that, they all have email now. Print up some name cards with your email address and hand them out to new people you meet.
>>
File: 1497583274158.jpg (16KB, 365x276px) Image search:
[Google]
16KB, 365x276px
>>61424688
beautiful thanks anon
>>
>>61424719
literally "talking" to these people is no fucking problem i can get anyones phone number and email but its a blessing knowing whats going on in my friends and families lives without having to directly contact them
>>
#~%cf =@@<D D@ >F49 4@@=6C E92? #~%`b] &D6 :E :?DE625 E@ @3D4FC6 E6IEP
>>
>>61409428
>>61424325
>>61424551
Get your friends on Mastodon.
>>
>>61424688
>block non-americans
gee thanks anons
cant you just block chinks and russians
>>
I'll just drop this here https://www.youtube.com/watch?v=xLqrVCi3l6E&spfreload=10
>>
>>61424845
>"no anon this is weird"
>either dont use it at all or stop after a day
normies are the biggest obstacle to cyber security
>>
File: mastodon.png (25KB, 1300x152px) Image search:
[Google]
25KB, 1300x152px
>>61424883
>>61424845
>mastodon
>normies
>>
https://www.humblebundle.com/books/cybersecurity-wiley
Thoughts?
>>
>>61424758
Sorry, Anon. I get attacks from lots of countries. I'd block America too but I live there.
You can block/not block whoever you want with of pfblocker-ng.
>>
>>61425152
attacks?
what do you do that makes you a target for attacks?
>>
>>61425164
Pretty much all you have to do is exist.
>>
>>61424758
>its a blessing knowing whats going on in my friends and families lives without having to directly contact them
It is a blessing gossipping and never talking to them? wow
>>
>>61425179
that makes me feel really unsafe
>>
>>61425179
*exist on IPv4
>>
>>61425179
And have open ports. People scam every IP looking for something they can attack.
>>
>>61425199
It's okay, Anon. If you don't have any port forwards on your router, it should keep them out.
>>
File: sweating.png (75KB, 200x188px) Image search:
[Google]
75KB, 200x188px
>>61425238
>>
>>61425238
Noob /sec/ here. How would you acess ssh from outside, for example?
>>
>>61425279
Best thing is to disable password authentication and sign in to your ssh with a key. That way it can't be brute forced.
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
>>
>>61425328
Already did this but I'm behind 2 routers. ISP + "custom"
>>
>>61425328
Change ssh port too for less spam.
>>
>>61425328
That's probably secure enough. If you're extra paranoid, move ssh to a different port so scanners won't know right away that it's ssh.
Add a firewall like pfsense to block China/Russia and know bad IPs. Then use SNORT to watch out for known attack methods.
>>
I'm >>61425346 and I'm doing >>61425328 + >>61425364 although I never tried the IP Russia/China thing. I think I never saw some tries on my IP tables.
>>
>>61425346
I don't get it. Why two routers?
>>
>>61425401
>my IP tables.
I meant fail2ban. I also have iptables
>>
>>61425413
If you're using keys+Pw disabled I don't think fail2ban does much good.
>>
>>61425403
ISP ones for family members. The standard one whatever ISP can assign to you, blinded to my known, that may be not for whatever average hacker.
As I have a retard brother and old parents, I wanted to get one for my own, same or maybe a little more blinded. So if someone enters on a network, it should enter on two.
>>61425445
You're right but I learnt too late about NoPw and it is only a few lanes on ipTables. Should I remove it? I plan to put a webserver on same machine.
>>
>>61425510
Shouldn't hurt anything to keep fail2ban. For a webserver you'll probably want it.
>>
>>61424688
Running Security Onion is pretty viable as well
>>
>>61424626
>I dont want to be directly told through phone or email everything that they can just make a quick post about on facebook
Once you delete it you'll realise most of the shit people make "quick posts about on Facebook" is irrelevant and you didn't give a shit about
>>
I don't like being on page 8. Bump.
>>
File: 1394233678910.jpg (110KB, 1010x1036px) Image search:
[Google]
110KB, 1010x1036px
>mfw C dev trying out javascript
the fuck is this shit
>>
duckduckgo or searx?
>>
>>61427356
bump
>>
>>61427356
startpage
>>
Still so many resources to add.
>>
What's going on brehs? Why we so quiet?
>>
>>61415365
HOT
>>
>>61422495
This is all pointless if it is all done from your home connection, your MAC address and NIC ID's will all be linked to these accounts, you are easily identifiable.
>>
>>61427356
startpage
if you truly hate jewgle like a real /g/entooman you would use startpage
>getting the results directly from Google without showing them your ip
>ultimate form of cuckoldry
I smile every time I search with Google, I'm using their own algorithms against them. I won't deny it, Google search is a great engine but it's even better to use startpage since it is literally google search but without the google
fuck yeah
>>
>>61428428
*with startpage
>>
File: Capture.png (708KB, 1266x732px) Image search:
[Google]
708KB, 1266x732px
rockyou.txt said a bad word.
>>
>>61428630
Wow that's offensive!
>>
/sec/, I realized three years into my security degree that I need more than the degree to get a job in this field.
I'd like to be able to discover some CVEs to put on my resume; it sounds fun and like it would look good. Any recommendations on what to learn to go about this?
>>
>>61428630
>SJWs mob against this kind of stuff
>nigger becomes the most secure password in existence
>>
How do I configure openvpn server1 to tunnel its traffic through to openvpn server2 without routing ALL traffic on server1 through server2?
>>
>>61424662
>>61411309
Yes is good enough
>>
>>61426419
This.
>>
>>61428362
Is about "less metadata to feed the beast" these days.
>>
>>61428980
I agree, but it is important that people understand this. There is nothing more cruel than giving someone a false sense of security.
>>
>>61417812
netgear wireless adapters dont work well on GNU/Linux, you need ndiswrapper
>>
What's going on brehs? Why we so quiet?
>>
>>61429823
What the fuck happened
I refreshed the page and it posted my message again?
>>
>>61428362
Tor, I2P, and ultimately GNUnet are gamechangers.
>>
>>61429823
I'm waiting for a (You) :(
>>
>>61428658
Do the 15-213 course at CMU https://functionalcs.github.io/curriculum/#org26e8957
Then do the NCC group CTF thing herehttps://microcorruption.com/login which is exactly the same as Data Lab and Attack lab u do in that course. Then apply as a 'security consultant' and they will teach you whatever u want to learn and get paid for it. Otherwise after the CMU course read 'Art of Software Security Assessment' and 'A Bug hunters Diary' to sell shit to thegrugq u find or whatever
>>
>>61409587
https://git.teknik.io/gyroninja/netrunner/src/master/anime.h
>This file is too large to be shown
>>
Are there any fucko/opsec resources for novice blackhats? Most of the training books focus on the ethical hacking/exploits/etc. Are there resources dealing with blackhat "trade-craft" e.g.: anti-forensics, opsec, fucko, counter-interrogation techniques (like Reid method), etc? etc. Is 2600 my best bet?
>>
File: looking_for_someone.jpg (311KB, 1445x950px) Image search:
[Google]
311KB, 1445x950px
Hey /sec/ wanted to know if pic related is still relevant and if you had any updated versions.
>>
>>61430786
>novice blackhats
*teenagers
>>
>job at work where we needed to find out where a competitors' app was making a request to, so we could scrape it
>load up wireshark, never used it before
>fuck around with it for a while, not really getting how it worked, eventually one of the engineers figures it out before me
>fuck this
>install wireshark on home laptop
>currently figuring out how to use it
Any fun projects to help learn it?
Also, out of curiosity, if I use it on a public wifi, can I see packets ANYONE is sending?
>>
>>61430786
>fucko, counter-interrogation
You're fucking deluded
>>
>>61431314
>Any fun projects to help learn it?
This is exactly the same thing as asking if there are any fun projects to learn how to use a screwdriver. It's just a tool.
>>
>>61431373
You can do some pretty fun projects to learn to use a screwdriver tbqh though
>>
>>61430786
https://pastebin.com/5XfDX4wL
if you bother to read the OP you would've found it
>>
>>61431373
>>61431399
a screwdriver is a bad example. You just turn the motherfucker. A program tends to have a few more functions than that.
>>
>>61431493
pallets of wood is a better example.
>>
>>61431510
Hand over the schematics dammit, I am not the same anon but goddamn I am triggered
>>
>>61431510
You can have even MORE fun with pallets of wood
>>
>>61414963
Shit now I have to spend another 80 bucks on a newcase and motherboard that will work with libreboot.
>>
>>61431548
rockchip cpu chromebooks have no ME/proprietary microcode. Can replace with distro of choice, no idea if libreboot has a port for it
>>
>>61422294
>Land of Lisp, the book is also great
I disagree. As esoteric as it is, The Little Schemer is a better introductory lisp book.
>>
Australia getting a home office like the U.K. to hold all the spy agencies... first the new laws to force international companies to decrypt data, now the most significant reshuffle of intelligence in over four decades..
>>
>>61431707
Nobody is organizing protests, is the establishment succeeded in brainwashing our culture to confront right vs. left when in reality we are getting rekt sideways.
Divided an conquered.
>>
>>61431761
I'm sure not showing up in a protest group of 10.
>>
>>61416350
you tracked their mac address through server abuse reporting sites? and past an ntp jump off point?
>>
>>61418283
art of assembly and complete digital design OR learning python
>>
>>61428818
traffic mangling using iptables or pf
>>
>>61432115
Thanks man, do you have any resources to start with? If not that's fine, I'll probably find them eventually. Does pf mean pfsense because if not I don't know what you mean.
>>
>>61431644
>t. chinese cyberspy pushing backdoored hardware from glorious motherland
>>
>>61431130
Interested on this.
>>
Don't you 404 on me
>>
>>61432124
BSDs (OpenBSD, FreeBSD, ect) and Apple use pf. You can use libgen.io to get pf books from NoStarchPress like "The Book of PF 3".
However you do not want OpenVPN, it is a pile of literal garbage. What you want is Wireguard https://www.wireguard.com/ which uses modern cryptography, and was just recently formally verified. Absolutely nothing in OpenVPN can be formally verified it's spaghetti code.
If anybody here owns an Ubiquiti EdgeRouter you can install Wireguard on it via this https://github.com/Lochnair/vyatta-wireguard
IPSec would be preferable to OpenVPN too, even though it's shitty crypto (as in slow) and extremely complex to setup it's still less of a pile of garbage than OpenVPN which nobody should ever use.
>>
>>61434159
>Ubiquiti EdgeRouter you can install Wireguard on it
Shit, its almost like I needed another reason to get one.
>>
>>61434232
You can also install OpenBSD on the ERL (not the other version, like the X or whatever) http://www.tedunangst.com/flak/post/OpenBSD-on-ERL or install regular Debian on it if you wanted to rid yourself of Vyatta, that strange Ubuntu clone
>>
>>61434277
Forgot to note for anybody interested, the Edgerouter Lite literally has a usb stick inside it you can easily remove and swap with a new usb stick to boot any OS you want (if they have a port for it). That way you don't have to worry about bricking the device fucking around with the bootloader (though you can edit uboot anyway, just make sure to copy the defaults first if something happens)
>>
im thinking of setting a fake scholarship website for datamining purposes. what do ya guys think?
>>
>>61428658
Some ideas:
If you don't have one already, start a homeland. GNS3 and Virtual box are your friends. Watch online security courses at 2x or 3x speed because you should be familiar with the early stuff at least if you browse here regularly and have paid attention in class. Seek out action oriented video series i.e the Kali Linux course and wireshark course on cbtnuggets. It will introduce you to the basics of actually compromising a network.
Now you have a real basic understanding start making things harder for yourself - begin hardening your target environment and removing options and get in other ways. There is always a way in. Start pounding the pavement offering basic pentesting to local small businesses. Work on your social engineering. Humans are a huge weak point. Obviously shy away from anything threatening to a production environment during testing. Get a lawyer to write you up a disclaimer you reuse about not being liable.
Ctfs are probably also useful
Ask your professors about wtf to do. They are paid to be your biggest resource.
Generally immerse yourself in the culture there is more than sufficient to get you started.
>>
>>61434159
>WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We're working toward a stable 1.0 release, but that time has not yet come. There are experimental snapshots tagged with "0.0.YYYYMMDD", but these should not be considered real releases and they may contain security vulnerabilities (which would not be eligible for CVEs, since this is pre-release snapshot software). If you are packaging WireGuard, you must keep up to date with the snapshots.
Eh, doesn't seem to be very trustworthy. Plus OpenVPN has been audited. What's the problem with it?
>>
>>61428980
>>61428362
>>61422552
>>61422495
If you want to take this seriously then keep identities separate by hardware and possibly even network.
Buy in cash, remove WiFi and Bluetooth modules, remove cameras and microphone, use a rj45 mini ap with OpenWrt configured to put all traffic through a VPN paid for in BTC...
You get the idea. If you want to get serious about airgapping your life you can do so. Clearing your cookies is a nice start but not having connections made between aliases is better. Important to remember your phone should be left at home during excursions :)
>>
>>61434322
>>61434277
are you fucking kidding me
thats fucking amazing
>>
>>61434372
OpenVPN uses OpenSSL. Both are legacy libraries that are a nightmare of complexity trying to track state, the guy (Matthew D Green) who did the very brief first audit of OpenVPN 2.4 tells people not to use it. An audit is not a formal verification of proof of correctness. A proof means this protocol will never do what it's not supposed to do. An audit means "we didn't notice any obvious bugs but there are nearly infinite states we would have to track and possibilities of usage, combined with external shit like OpenSSL sabotaging us".
IPSec has been audited by every government agency in the world as they use it for their infrastructure, it's still not 100% 'bulletproof' because again enormous complexity trying to keep track of all possible states while unrolling a loop.
>>
>>61434487
To clarify, OpenVPN is only as robust as OpenSSL. You can compile it with PolarSSL instead, but any SSL library is undesirable. You could tunnel wireguard through IPSec instead or QuickTun.
If you want a good turnkey VPN that's not wireguard Algobits is good enough as a one click IPSec VPN https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/
>>
>>61434793
>but any SSL library is undesirable
Interesting. I thought SSL was still viable, since SSL is the reason a few MITM exploits no longer function.
>>
What's the point in concealing my IP address after I joined the IRC channel? My first login will stay in the logs with my real IP address.
>>
>>61424948
Can someone kind enough post all the books with original hashes please
>>
>>61435294
why not just hit up a tracker, or like maybe spend 2$ and get untouched copies?
>>
>>61435284
That's why you conceal it before. And if you get a new IP it won't be shown.
>>
>>61435391
On the pastebin it says I have to join a network in step 1 and that's before I can conceal my IP so how does this work? Doesn't my IP get logged before I can use the vhost? Am I being retarded?
And by the way, what is a vhost?
>>
>>61435449
Yes you're being retarded. Your IP gets logged by the network, not by everyone on it, if you get a vHost before you join a channel no one will see your IP by then. Also if it's Rizon, rizon masks your IP already, but still recommended to get a vHost. A vHost is just a mask to hide your IP.
>>
>>61435489
Ok thanks dude
>>
>>61419478
It's the best choice for security's sake as far as I know. DickSuckGo is questionable. The guy behind it has a sketchy past and it's based in the US.
>>
How long does nickserv takes to send the nickname registration code to my email address? Been waiting for 10 minutes now.
>>
>>61435317
I'm poor pls no bully
>>
>>61435768
Cool, thanks
>>
>>61435795
Nevermind I was just being retarded
>>
=== /cyb/ News
Or at least news article about literature, especially the nostalgia and the view of the future
>If you think sci-fi is about the future, think again
https://www.1843magazine.com/culture/the-daily/if-you-think-scifi-is-about-the-future-think-again
So when will we see more cyberpunk nostalgia of the 80's? The successful crowdfunding of Elite: Dangerous shows there is a lot of potentials here.
Also the Gernsback Continuum seems alive.
>>
>>61436407
Elite: Dangerous isn't really cyberpunk though.
>>
>>61416692
No...I tracked multiple common variables of their rig that stood pretty much the same from 2015 through present...as I stated, OS (OSX, but they upgraded at some point), MAC, browser (one of the older versions of Firefox....maybe version 42 I think, the user agent stood the same from 2015 to present).and wireless card (ZyXel).
I didn't track them back through NTP/UDP (meaning I didn't literally follow them through the tunnels they were running their traffic through)....UDP connections were reaching from the Network Time Server to multiple jump boxes; the server/IP abuse forums posted logs with the NTPserver IP.
Other logs for the same day logged failed bruteforce and other attacks from the jumpbox with a timestamp close to the time of the first hop...in some cases, the attacker routed/tunneled their traffic through multiple IP before attacking. Other times, it was a single jump (UDP connection from NTP Server to attack box) then other logs correlated an attack from the exploited server IP shortly after via date/timestamp.
The attacker was prolific...they were attacking many different targets everyday with a number of techniques...they were on their grind.
>>
>>61416350
My reply above was meant to address this anon's question as well.
>>
So there's is some old argument about adding custom directories to your PATH
Argument against is that you can have nasty shit placed in your PATH, like a su/sudo wrapper to steal your password
On the other hand, if someone has access to your home directory, they might as well modify your environment variables too, so this point seems moot
Is there any consensus/article on this?
>>
>>61436592
My replys above was meant to address this anon's question as well.
>>
>>61424688
>Block non-americans
That doesn't really achieve anything apart from getting connectivity issues when dealing with yurop
Hefty amount of malicious traffic these days comes from tor nodes and pay-per-hour servers, which are located in every country
>>
>>61409515
Any word from OP >>61408222 about adding this to the pastebin?
>>
>>61436706
I'll be adding the last three threads resources in the next.
I've been extremely busy and only able to read a small enough amount to keep the threads bumped on and off.
>>
>>61436706
>>61436683
>>61436613
>>61436602
>>61436592
>>61436565
>>61436514
The thread is dead, long live the thread: >>61436875
>>
>>61423351
>mfw prosthetics hacking might soon be a thing
>>
>>61411044
Boring + still boring at 4x speed.
>>
=== /cyb/ and /sec/ News
Electronic Warfare, for home use
>DETECTING CAR KEYFOB JAMMING WITH A RASPBERRY PI AND RTL-SDR
http://www.rtl-sdr.com/detecting-car-keyfob-jamming-with-a-raspberry-pi-and-rtl-sdr/
> It’s been known for a while now that it is possible to break into cars using simple wireless attacks that involve jamming of the car keyfob frequency. Sammy Kamkars “rolljam” is one such example that can be built with a cheap Arduino and RF transceiver chip. One way to secure yourself against wireless attacks like this is to run a jammer detector.
Thread posts: 303
Thread images: 33
Thread images: 33