|
Wiggly Wayne DDS posted:not apt enough
|
#
?
Jun 8, 2016 02:55
|
|
|
|
| # ? May 10, 2024 00:17 |
|
|
Wiggly Wayne DDS posted:not apt enough boo this man booooooooooooooo
|
|
#
?
Jun 8, 2016 05:18
|
|
|
Mustache Ride posted:I made this during a vendor meeting today. For you Full buzzword bingo card without "internet of things", "ransomware", "hunting", "purple teaming", "data science", "CYBER DECEPTION", "machine learning", "elastic search THAT SCALES", "machine learning", "no really MACHINE LEARNING", "EDR". You disappoint me (jk <3). I'll end with "cyber enabled economic warfare". This industry is in a bubble at the moment, if you don't already have a security specific job RIGHT NOW (and you want one), apply to one of the million open jobs and don't stop learning until the bubble pops and we're on the same level as enslaved software engineers managing offshore resources that took our original jobs.
|
|
#
?
Jun 9, 2016 04:57
|
|
|
I'd like to read about best practices for key/certificate management for IoT devices. I'm researching developing a device and it seems like there are a lot of pitfalls to avoid. Can someone recommend a book or good web resource? e: Had a conference call and of course the potential customers don't think they could possibly be the target of hacking and even if they were it wouldn't be a big deal. :/ taqueso fucked around with this message at 18:43 on Jun 10, 2016 |
|
#
?
Jun 9, 2016 18:21
|
|
|
loving AV poo poo merchants must die in a toxic chemical fire. In this particular case, webroot.
|
|
#
?
Jun 14, 2016 11:55
|
|
|
ming-the-mazdaless posted:loving AV poo poo merchants must die in a toxic chemical fire. See also: McAfee
|
|
#
?
Jun 14, 2016 17:26
|
|
|
We're gonna need a bigger toxic chemical fire.
|
|
#
?
Jun 14, 2016 17:36
|
|
|
Suggestions for a CISSP study guide? The official one good?
|
|
#
?
Jun 15, 2016 18:12
|
|
|
I've been using Eric Conrad's CISSP Study Guide almost exclusively and I think it's well done. Far less dry than the old Shon Harris one.
|
|
#
?
Jun 15, 2016 18:15
|
|
|
I'm not sure of the best way to word this, but does anyone have a good tool for letting me test what ports are open through a firewall when I have no control of the firewall, but have control of both sides? I keep asking my company's firewall team to open a large number of ports between ranges, but they keep only doing half of what I ask and I don't find out until another group comes to me and asks "Why doesn't SNMP or some such work for device in range A, but does for device in range B?" and I find out security only half did the request. I have a bunch of monitoring/jump servers (outside) and a bunch of managed devices (inside) from a crap ton of different vendors. The issue is not every device "behind" the firewall uses every port and I can't even get a good list of which ones need what. My plan is to have laptops or something set up behind the main firewalls and nmap from some important servers outside. I can do a full tcp/udp port scan from the outside servers, but I am looking for something to listen on all TCP and UDP ports on the inside and report what can TCP handshake and what can be received via UDP. I think I will also need to test in the other direction. A buddy showed me http://portspoof.org/ which looks like it can get me TCP. Does anyone have something similar for UDP, or a better tool, or am I XYing this problem?
|
|
#
?
Jun 15, 2016 21:54
|
|
|
the real blah posted:I'm not sure of the best way to word this, but does anyone have a good tool for letting me test what ports are open through a firewall when I have no control of the firewall, but have control of both sides? http://scanme.nmap.org/ Run nmap against this.
|
|
#
?
Jun 15, 2016 22:13
|
|
|
OSI bean dip posted:http://scanme.nmap.org/ These devices are not going to be able to get to the internet. I'm testing from one (mostly) internal network to another (completely) internal network. The dumb thing is that it passes through a third internal network (very briefly, and by mandate) that has the firewall I can't control.
|
|
#
?
Jun 15, 2016 22:37
|
|
|
sudo nmap -n -PN -sT -sU -p- remote_host Run nmap against this.
|
|
#
?
Jun 15, 2016 22:47
|
|
|
And capture traffic on the target host so you can detect asymmetric blocks.
|
|
#
?
Jun 15, 2016 22:58
|
|
|
Subjunctive posted:And capture traffic on the target host so you can detect asymmetric blocks. If you really can't get the firewall configs this is probably the best way to go. Honestly I wouldn't even mess around with the port spoof, I'd just run a packet capture on the remote host or use a little network tap (best option IMO - and so useful/cheap) north of the remote host and hit it on all ports. Couple of thoughts on this: - You're only going to be testing that exact src/dest host combo. For all you know the admins could have put a rule to deny <your ip>:any to <any ip>:any just to ensure your test shows they are secure. More likely - there are certain segments with more permissive access than the one you're testing from/to. - To fix the above issue and keep the portscanning plan - if you can capture PCAP on the outside interface of the last firewall you're concerned with, scan all segments. - UDP scans generally suck - I'd definitely want the pcap.
|
|
#
?
Jun 18, 2016 03:23
|
|
|
Successful execution of mimikatz (not via metasploit) on an end-point is not a threat according to webroot.
|
|
#
?
Jun 29, 2016 15:10
|
|
|
I didn't see it here, but the other infosec thread is talking about AV again.  MiniFoo posted:
flosofl posted:Hahaha Wiggly Wayne DDS posted:you missed the best part: first time a poc was sent to them it crashed their mail servers as they were actively scanning incoming attachments Tell me again why AV is good? 
|
|
#
?
Jun 29, 2016 15:15
|
|
|
ratbert90 posted:I didn't see it here, but the other infosec thread is talking about AV again. MF_James posted:but it opens you up to other vulnerabilities! GOD DON'T YOU loving GET IT.
|
|
#
?
Jun 29, 2016 19:34
|
|
|
Patch your systems. Don't run 3rd party AV because it's probably not stopping anything, but if you really really want to, keep that patched that as well. AV vulnerabilities are especially scary because of things like filter drivers and because they run with system/root privs - most vulns require the user to actually do something to get infected and run at the user level. wyoak fucked around with this message at 20:21 on Jun 29, 2016 |
|
#
?
Jun 29, 2016 20:17
|
|
|
Hmm yes, install known bad software because maybe other software is bad too.
|
|
#
?
Jun 30, 2016 12:39
|
|
|
Corporate AV mandates will likely never die but the level of scrutiny at least seems to be doing something. Symantec says their next major release will be removing system/root privs from the sandbox which should lower the risk created by lovely coding and the other vendors are likely to follow suit if Symantec does something like that.
|
|
#
?
Jun 30, 2016 16:56
|
|
|
Wait so are they saying that they will no longer use a filter driver for I/O interception?
|
|
#
?
Jun 30, 2016 17:45
|
|
|
No, and that's likely going to have kernel access and continue to be a target.
|
|
#
?
Jun 30, 2016 19:04
|
|
|
OSI bean dip posted:Just to drive the point home, I posted this in another thread: I didn't want to continue the topic in that thread because it's kind of a shitshow. Is that person the most prominent in the field? It just seems weird that there's a list by a single person rather than a group. Do people generally work by themselves in the whole security research field (if that's the right term? That's kind of terrifying, tbh. Are there any other types of "security" programs that have major vulnerabilities?
|
|
#
?
Jun 30, 2016 23:21
|
|
|
He works for Google's 'Project Zero' and as far as I know he decided to look at AV products out of personal interest. And it seems to always have big payoffs so why stop.
|
|
#
?
Jun 30, 2016 23:28
|
|
|
What advice would you give to people running Windows 8 or 10, with the built-in AV that tries as hard as it can to stop you from disabling it? Assuming, I mean, that most people in this situation (say, my parents) aren't going to have the technical knowledge to mess with registry hacks and such to force-disable it anyways.
|
|
#
?
Jul 1, 2016 00:55
|
|
|
Avenida posted:What advice would you give to people running Windows 8 or 10, with the built-in AV that tries as hard as it can to stop you from disabling it?
|
|
#
?
Jul 1, 2016 00:58
|
|
|
Leave it on, make sure Windows Update is set to install rather than endlessly prompt, don't run as an admin.
|
|
#
?
Jul 1, 2016 01:10
|
|
|
The only place I've seen defender really fall on its rear end is malicious firefox extensions, I think MS doesn't bother to track those at all.
|
|
#
?
Jul 1, 2016 02:54
|
|
|
Is anyone else just fascinated by the security implications of using a remote controlled robot with some sort of detonator and bomb attached to it to execute a human? I'm trying to learn more about how these EOD or other robots are controlled, what sorts of protocols, encryption, etc. and finding basically no info at all. Seems like the implications are insane if there are any vulnerabilities, and unless everything is wired there will be vulnerabilities.
|
|
#
?
Jul 8, 2016 20:50
|
|
|
Pryor on Fire posted:Is anyone else just fascinated by the security implications of using a remote controlled robot with some sort of detonator and bomb attached to it to execute a human? I'm trying to learn more about how these EOD or other robots are controlled, what sorts of protocols, encryption, etc. and finding basically no info at all. Seems like the implications are insane if there are any vulnerabilities, and unless everything is wired there will be vulnerabilities. Well, the US drone program seems to work quite well.
|
|
#
?
Jul 8, 2016 20:53
|
|
|
18 Character Limit posted:Well, the US drone program seems to work quite well. lol did they ever get around to encrypting the video feeds on Predator drones?
|
|
#
?
Jul 8, 2016 21:36
|
|
|
18 Character Limit posted:Well, the US drone program seems to work quite well.
|
|
#
?
Jul 9, 2016 00:03
|
|
|
Oh boy password managers! I've been using LastPass for a while and obviously that has a few trust / external point of failure problems, so I've been looking at things like KeePass as an alternative. I know a lot of y'all security professionals use it, with apps like Keepass2Droid or whatever on Android. Can anyone explain why that's OK from a security perspective? I know you're basically trusting the KeePass software in the first place, but how can you trust these free third-party apps on your phone? You're letting them have full access to your password database and credentials, right? It feels potentially really sketchy (nothing against these particular app devs) and I'm just curious why some of you who are really serious about security are happy to use this kind of setup. Why's it sufficiently trustworthy, or whatever
|
|
#
?
Jul 11, 2016 05:37
|
|
|
Actually, on the same topic, I'm thinking of migrating from last pass to 1password, but using their cloud sync stuff + browser integration, since that's my big use case. Has anyone done an analysis of what they do, and how it compares to last pass?
|
|
#
?
Jul 11, 2016 05:44
|
|
|
As far as I'm aware 1password is like a KeePass setup (where everything's done locally and you just sync the encrypted database to any device that wants to use it) except it's a total solution. So they run a syncing service, they make apps for different devices, they make browser plugins etc, and you trust them because you're paying for this product, and it should all work nice because it's a professional company developing it LastPass provides their own suite of apps too, but the actual password management happens on their servers instead of locally, so that's the main difference and why there are a bunch of issues and extra potential risks involved I think that's basically the deal anyway - or were you asking more about a review of the user experience? I'd be interested in that too, I'd like to get relatives using LastPass because it's better than nothing, but the browser plugin messes up in some really weird ways sometimes, and I'm not comfortable recommending something that I have trouble janitoring myself baka kaba fucked around with this message at 06:01 on Jul 11, 2016 |
|
#
?
Jul 11, 2016 05:56
|
|
|
baka kaba posted:As far as I'm aware 1password is like a KeePass setup (where everything's done locally and you just sync the encrypted database to any device that wants to use it) except it's a total solution. So they run a syncing service, they make apps for different devices, they make browser plugins etc, and you trust them because you're paying for this product, and it should all work nice because it's a professional company developing it
|
|
#
?
Jul 11, 2016 06:02
|
|
|
It says they do for 'families and teams' which I'm assuming means it's a bonus option for those tiers https://support.1password.com/sync-options/ It doesn't really say how it works but it sounds like automatic cloud sync. Looks like they have WiFi sync too
|
|
#
?
Jul 11, 2016 06:08
|
|
|
|
| # ? May 10, 2024 00:17 |
|
|
wyoak posted:1password doesn't have a syncing service They do but it's fairly recent
|
|
#
?
Jul 11, 2016 07:59
|
|