Computer security

Hex · Oct 18, 2018

Might be an issue with the DNS service that it's set to forward to. Internet dying the second it becomes your DNS server usually indicates it can't reach the resolver it's forwarding to to lookup/cache that info locally.

Looking into training/CBT for some of the easier entry level certs like Security+ would be good since it's applicable to both work and personal use and might even give you some ideas on where you'd like to focus or specialize. (Sorry if a little broad but security in general is a massive space lately)

wilkxus · Oct 23, 2018

How well do you trust your tools? Vesta Control Panel..... lol.... aaah the irony. From Vestacp Vesta Control Panel :

You can always inspect the code and make sure it's backdoor free and has no spying modules.

Open source means you can modify the code yourself if you need to.

Someone definitely felt a *need to* modify the source. From (ARS Tech) : Two new supply-chain attacks come to light in less than a week

Poisoning the source
“The VestaCP installation script was altered to report back generated admin credentials to vestacp.com after a successful installation,” Eset Malware Researcher Marc-Étienne M.Léveillé told Ars. “We don’t know exactly when this happened, but the modified installation script was visible in their source code management on GitHub between May 31 and June 13.”

Funny stuff.

KurganAU · Oct 24, 2018

MusicForFish said:
Free VPNs (I have used these):

Windscribe

Free ProtonVPN Plan

But see this about Proton VPN: The company that ‘’officially’' operates ProtonVPN is ProtonVPN AG, a Switzerlan... | Hacker News

Interesting. Relevant considering this dropped the other day -

Mozilla is reportedly preparing to offer ProtonVPN service to users of the Firefox browser

Alternatively, pay for PIA VPN and use free FoxyProxy plugin to toggle on/off

Hex · Oct 25, 2018

wilkxus said:
How well do you trust your tools? Vesta Control Panel..... lol.... aaah the irony. From Vestacp Vesta Control Panel :

Someone definitely felt a *need to* modify the source. From (ARS Tech) : Two new supply-chain attacks come to light in less than a week

Funny stuff.

There was another case recently where I think Filezilla had a supply chain attack where their repo was modified with a malware package bundled into it, apparently not the first time either. The guy/team behind Filezilla are a bunch of dickheads though apparently so WinSCP will remain as my go-to.

On the topic of VPNs there's so much FUD and crap going around about who to trust, even paid ones. I still use Nord in cases where I cannot trust the local network i'm connected to (hotel/hotspot etc..) but the reasoning behind some of the concern is sound in my book from a "reasonably paranoid" standpoint. VPN companies especially those operating within US/EU can claim they don't store logs about your activity but it is in their best interest to do so. The $20 a month or year or whatever payment cycle you give them does not mean they're going to just fall on a sword for you if you do something via their network that is bad (copyright infringement/vuln scanning etc..)

The whole "You gotta VPN bruh" thing has given a lot of people a lot of false assumptions about their security or anonymity.

edit: to clarify, not referencing anyone here on this board just conversations in the past with people who see it as some panacea to security concerns.

wilkxus · Nov 15, 2018

Two more meltdown and 5 new spectre attack strategies, a methodical analysis: [1811.05441] A Systematic Evaluation of Transient Execution Attacks and Defenses

wilkxus · Nov 29, 2018

From ARS Tech today, yep, UPNP is Yummy and delicious gargbage: Eternal Silence: UPnProxy: EternalSilence - Akamai Security Intelligence and Threat Research Blog
Mass router hack exposes millions of devices to potent NSA exploit

Might be worth a read to torrenters without walled gardens to torrent from. Perhaps a good reason to nudge the dyi "build a seperate open source firewall & router box" projects up the priority list if that is already your kinda thing.

LiquidDeath · Dec 15, 2018

Any good, current year appropriate sources to read about hacking and how to do it and understand it? I'm really getting interested in the subject again after 15 years of not paying attention and I'd love to have some resources to start on a path to understanding the modern landscape.

Hex · Dec 15, 2018

I have two humble bundles worth of titles on the subject of penetration testing, forensics, incident response and malware analysis if that's of any interest.

[PentesterLab] Learn Web Penetration Testing: The Right Way is a decent resource to begin learning the ins and outs of attacking targets if that's something you're interested in. It does have a monthly fee for some material but it's worth it if you're learning the basics.

LiquidDeath · Dec 16, 2018

Hex said:
I have two humble bundles worth of titles on the subject of penetration testing, forensics, incident response and malware analysis if that's of any interest.

[PentesterLab] Learn Web Penetration Testing: The Right Way is a decent resource to begin learning the ins and outs of attacking targets if that's something you're interested in. It does have a monthly fee for some material but it's worth it if you're learning the basics.

Thanks for the info! I'm mainly looking into modern IT security vs actual threats rather than IT security theory. It's my belief that IT security will continue to be a huge market while other things become more and more automated in the workforce.

Hex · Dec 16, 2018

Makes sense, the mentality of "slap in a box" is kind of an issue at the moment, it doesn't work without people with the contextual knowledge to make sense of alerts or potential security threats. Outsourcing is definitely big in the space which I personally hate because you're basically paying people to care about your company and its security which usually means they'll do what they're contractually obligated to vs what should be done. If you want to take a look at any of the materials I mentioned shoot me a PM.

Incident Response is definitely booming at this point, most organizations have no plan/clue how to address a security incident and with all of the wide scale compromises going on lately it can be the difference between a contained "Hey this happened but never fear we stopped it quickly" and an Equifax level failure at basic security. You also get to run table tops which is exactly what it sounds like, InfoSec DND but without the dice

wilkxus · Jun 18, 2019

Ack! Sacked! Ouch

New for Linux and FreeBSD peoples see: New vulnerabilities may let hackers remotely SACK Linux and FreeBSD systems

cve-details

access.redhat.com

SACK Panic: Linux and FreeBSD Kernels Vulnerable to Remote Denial of Service Vulnerabilities (CVE-2019-11477)

Researchers at Netflix have disclosed new remote denial of service and resource consumption vulnerabilities in most Linux and FreeBSD versions.

www.tenable.com

Search

Computer security

Hex

Lord Nagafen Raider

wilkxus

KurganAU

Hex

Lord Nagafen Raider

wilkxus

wilkxus

LiquidDeath

Magnus Deadlift the Fucktiger

Hex

Lord Nagafen Raider

LiquidDeath

Magnus Deadlift the Fucktiger

Hex

Lord Nagafen Raider

wilkxus

cve-details

SACK Panic: Linux and FreeBSD Kernels Vulnerable to Remote Denial of Service Vulnerabilities (CVE-2019-11477)