|
code:
join us on irc: irc.synirc.net #yossec useful news resource for information security professionals: http://reddit.com/r/netsec/ here are some old threads that haven't been archived: Security Fuckup Megathread - v11.4 - who u gonna snitch to pussy bitch gently caress u (apr 2015-apr 2016) Security Fuckup Megathread - v10.1 (Hackers can turn your gas station into a bomb) (nov 2014-apr 2015) Security Fuckup Megathread - v7.69 (stay safe security ghost) (aug-nov 2014) Security Fuckup Megathread - v7.2 "BoringSFM" (jun-aug 2014) Alereon posted:seriously though people dont post anything that would allow a lurker from gbs to gently caress with anything Lain Iwakura fucked around with this message at 15:43 on Nov 3, 2016 |
# ? Apr 8, 2016 19:12 |
|
|
# ? May 2, 2024 01:39 |
|
first post to hold stuff for later
|
# ? Apr 8, 2016 19:12 |
|
Epic! Here's to another year!
|
# ? Apr 8, 2016 19:14 |
|
|
# ? Apr 8, 2016 19:15 |
|
0floor
|
# ? Apr 8, 2016 19:17 |
|
posting on the first page cause thats important
|
# ? Apr 8, 2016 19:17 |
0day posting
|
|
# ? Apr 8, 2016 19:17 |
|
Bangersinmyknickers" posted:jre is such poo poo Hey gently caress you
|
# ? Apr 8, 2016 19:18 |
|
Sup, SELinux still good and cool.
|
# ? Apr 8, 2016 19:19 |
|
Root of thread trust chain posting
|
# ? Apr 8, 2016 19:19 |
|
Captain Foo posted:Root of thread trust chain posting looks like we found the first vulnerability of this thread lol
|
# ? Apr 8, 2016 19:20 |
|
What is the public PGP key of this thread so I know I'm getting an authenticated yospos security fuckup experience?
|
# ? Apr 8, 2016 19:21 |
|
|
# ? Apr 8, 2016 19:21 |
|
Powercrazy posted:What is the public PGP key of this thread so I know I'm getting an authenticated yospos security fuckup experience? FCKGW
|
# ? Apr 8, 2016 19:21 |
|
ground floor
|
# ? Apr 8, 2016 19:22 |
|
MD5 hash your OP 31badc4023d67bf53111ec783291661f Methanar fucked around with this message at 19:32 on Apr 8, 2016 |
# ? Apr 8, 2016 19:22 |
|
0-day floor
|
# ? Apr 8, 2016 19:22 |
|
Is there a SHA256 sum of this thread? I could only find a md5sum.
|
# ? Apr 8, 2016 19:23 |
|
kalstrams posted:0day posting
|
# ? Apr 8, 2016 19:23 |
|
BeOSPOS posted:looks like we found the first vulnerability of this thread lol lol
|
# ? Apr 8, 2016 19:24 |
|
0-day Hussein
|
# ? Apr 8, 2016 19:25 |
|
loading 0day hacking tools
|
# ? Apr 8, 2016 19:29 |
|
what a bunch of loving nerds
|
# ? Apr 8, 2016 19:31 |
|
here is a security fuckup for the new thread: at my last job, they used solarwinds and most of the stuff piped logs to some server that it monitored. their "ids" solution was a script that checked logs for false ssh entries, and on the 100th hit, it would send a ticket to the noc. the noc was responsible for pulling that ip address, going back into solarwinds to make sure that they were really an active threat, and not some guy who only made two or three invalid attempts in the past hour, and then fed that ip address into another script that null routed that ip to some of the routers. this script was very old and did not affect the routers for the somewhat newer pci/compliance environment. oh, and solarwinds was helpful in pulling the ptr for ip addresses that had one, and if you had a domain name that didn't have an a record, it couldn't get added to the null route table anthonypants fucked around with this message at 19:34 on Apr 8, 2016 |
# ? Apr 8, 2016 19:31 |
|
0day posting in a new thread that gives me an excuse to write off the thousands of unread posts in the old one
|
# ? Apr 8, 2016 19:31 |
|
OSI bean dip posted:
Finally, can't read my shitposts as they fly through the tubes Or can they?
|
# ? Apr 8, 2016 19:34 |
|
if you guys want me to put images or highlights from previous threads, just share them and i'll put them into the second post or some poo poo
|
# ? Apr 8, 2016 19:34 |
|
i put forth a proposal for a new gang tag for the thread:
|
# ? Apr 8, 2016 19:36 |
You're busted dude is definitely necessary also all the times tavis ormandy caught AV firms royally loving up
|
|
# ? Apr 8, 2016 19:37 |
|
heh
|
# ? Apr 8, 2016 19:37 |
|
grnd floorspankmeister posted:i put forth a proposal for a new gang tag for the thread:
|
# ? Apr 8, 2016 19:37 |
|
quote:Java keystores are dumb as gently caress and slow to load. Just include the files. There's a keystore in the JAR-o
|
# ? Apr 8, 2016 19:39 |
|
caro is alive
|
# ? Apr 8, 2016 19:39 |
|
OSI bean dip posted:if you guys want me to put images or highlights from previous threads, just share them and i'll put them into the second post or some poo poo
|
# ? Apr 8, 2016 19:39 |
|
anthonypants posted:here is a security fuckup for the new thread: lol 100 hits, i've seen bots get bored and give up before that
|
# ? Apr 8, 2016 19:44 |
|
cool and good in on the ground floor this time
|
# ? Apr 8, 2016 19:44 |
|
Parallel Paraplegic posted:lol 100 hits, i've seen bots get bored and give up before that also i should be more clear that it wasn't 100 hits from the same ip, it was every 100 hits. no one had a problem with this
|
# ? Apr 8, 2016 19:49 |
|
high quality op, op
|
# ? Apr 8, 2016 19:51 |
|
anthonypants posted:the pci environment had different reporting and in there it was usually around three at a time but from like 50 different ips. that report was actually a solarwinds-generated pdf and was even worse to comb through wait what, it would just flag every 100th failed login?
|
# ? Apr 8, 2016 19:53 |
|
|
# ? May 2, 2024 01:39 |
|
lol at https://gifs.are.theworst.technology/
|
# ? Apr 8, 2016 19:58 |