|
FAT32 SHAMER posted:oh yeah 100% i thought we were on that page but i'm frequently off the page
|
# ? Aug 26, 2017 07:10 |
|
|
# ? May 22, 2024 05:11 |
|
i reinstalled windows and forgot which keep rear end is the legit one aaaaaaaAAAA which keep rear end should i use for win10?
|
# ? Aug 27, 2017 00:29 |
|
is it this one? http://keepass.info/ domain name is fishy AF and its plain http e: https://keepass.info has an invalid cert
|
# ? Aug 27, 2017 00:30 |
|
Shinku ABOOKEN posted:is it this one? http://keepass.info/
|
# ? Aug 27, 2017 00:33 |
|
Shinku ABOOKEN posted:i reinstalled windows and forgot which keep rear end is the legit one aaaaaaaAAAA Whichever one comes from ninite.
|
# ? Aug 27, 2017 00:53 |
|
why am i suddenly being prompted to install a MSE update signed with a certificate that expired six years ago. is this legit
|
# ? Aug 28, 2017 15:58 |
|
A 1 year validity term? That is weird as hell for a MS cert. Is it using a 1024-bit RSA key? There were some attacks impersonating the windows update channel spoofing a weak MS cert in the past.
|
# ? Aug 28, 2017 16:12 |
|
Meat Beat Agent posted:
quit being a wuss and install it and tell us what happens so we can laff cmon
|
# ? Aug 28, 2017 16:13 |
|
i already dismissed that update (and forgot to look at the key details) and then just updated MSE manually and it worked fine
|
# ? Aug 28, 2017 16:19 |
|
We see a fair amount of syn/ack traffic hitting our firewall from web servers that didn't originate from our network. It's a fairly trivial amount of traffic that isn't hurting anything from a bandwidth or device CPU standpoint but its enough to notice in statistical analysis. It seems to be spiking at weird times and then goes away. I'm pretty sure we aren't the target and are just getting backscatter from other servers getting hit but I'm having a hard time figuring why they are spoofing our IPs as the src in the first place. Maybe it helps maintain a lower profile for compromised endpoints in a network? Is this a common IPS evasion technique where if the session doesn't get completed because the ACK doesn't come back it gets ignored? It seems like it would be more effort than its worth since ISPs that aren't poo poo should be dropping this traffic before it hits the DDOS target. Obviously some amount gets through in some situation but its so weird.
|
# ? Aug 28, 2017 17:56 |
|
maskenfreiheit posted:so i guess gchq is an apple shop
|
# ? Aug 28, 2017 18:09 |
|
BangersInMyKnickers posted:It seems like it would be more effort than its worth since ISPs that aren't poo poo should be dropping this traffic before it hits the DDOS target. Obviously some amount gets through in some situation but its so weird. That first part is the problem, there are a hilarious amount of ISPs who don't even block spoofed traffic from standard single-homed connections where it's really easy. Once you add in multihomed clients who may legitimately send traffic from networks they aren't actively advertising through you it begins to actually get challenging to do well, and a lot of ISPs don't think the costs are worth the benefits because they're generally not on the receiving end.
|
# ? Aug 28, 2017 19:34 |
|
Content Warning: The Intercept HIT APP SARAHAH QUIETLY UPLOADS YOUR ADDRESS BOOK quote:SARAHAH, A NEW APP that lets people sign up to receive anonymized, candid messages, has been surging in popularity; somewhere north of 18 million people are estimated to have downloaded it from Apple and Google’s online stores, making it the No. 3 most downloaded free software title for iPhones and iPads. Teenagers lose again
|
# ? Aug 28, 2017 19:43 |
|
quote:“It’s not just, ‘Oh, this company can see my information and I’m OK with that.’ You now have to think about the security of that company.” thanks professor
|
# ? Aug 28, 2017 19:49 |
|
fivehead posted:Content Warning: The Intercept it's me. i'm the guy using a saudi messaging program. *HASSAN CHOP is heard in the background, head rolls*
|
# ? Aug 28, 2017 20:05 |
|
lmbo pulse vpns have a setting to enforce a minimum client version so that's nice but its entirely client side and if the client is two minor releases old it completely ignores the setting and stays connected indefinitely what a loving clown show
|
# ? Aug 28, 2017 21:33 |
|
Hi I'm here because yosslack is yosless. What security cert should I get other than CEH
|
# ? Aug 28, 2017 21:51 |
|
OSCP
|
# ? Aug 28, 2017 22:07 |
|
spankmeister posted:OSCP working on this now, it's hard - but worth it
|
# ? Aug 28, 2017 22:08 |
|
NevergirlsOFFICIAL posted:Hi I'm here because yosslack is yosless. What security cert should I get other than CEH just use let's encrypt
|
# ? Aug 28, 2017 22:10 |
|
Cocoa Crispies posted:just use let's encrypt
|
# ? Aug 28, 2017 22:16 |
|
Security+ is right in the name
|
# ? Aug 28, 2017 22:17 |
|
I don't know that much about networking but this seems absolutely wild, what http://www.nintendolife.com/news/2017/08/nintendo_affected_by_recent_online_issues_in_japan_google_admits_fault quote:Initially reported by The Japan Times, various transport companies, banks and the likes of Nintendo saw their services get disrupted due to issues with the networks of NTT Communications Corp. and KDDI Corp. Apparently the problem was caused when an "overseas network service provider that OCN uses suddenly switched internet routes". While it meant Nintendo gamers were affected for a short while, it also caused disruption for those travelling and trying to use smartcards on journeys, for example. Tech breakdown here: https://bgpmon.net/bgp-leak-causing-internet-outages-in-japan-and-beyond/
|
# ? Aug 29, 2017 10:58 |
|
Jewel posted:I don't know that much about networking but this seems absolutely wild, what BGP is hard and kinda relies on everyone not loving up their config (especially when you're as big as google)
|
# ? Aug 29, 2017 13:03 |
|
and you can't really trust google to not gently caress something up
|
# ? Aug 29, 2017 13:08 |
|
maybe they just got bored of doing it right and decided to just up and stop
|
# ? Aug 29, 2017 13:14 |
|
Isn't there a website that visualizes bgp routes and hijacking? And hasn't this been used intentionally by like Russia against Ukraine?
|
# ? Aug 29, 2017 13:18 |
|
ohgodwhat posted:Isn't there a website that visualizes bgp routes and hijacking? And hasn't this been used intentionally by like everyone at this point?
|
# ? Aug 29, 2017 13:25 |
|
Bgpmon
|
# ? Aug 29, 2017 13:29 |
|
Wasn't there a bgp fuckup a couple years ago where a huge chunk of traffic for Europe got routed to some nobody university in Pakistan or something? I'm honestly surprised bgp fuckups aren't more common.
|
# ? Aug 29, 2017 13:37 |
|
mrmcd posted:Wasn't there a bgp fuckup a couple years ago where a huge chunk of traffic for Europe got routed to some nobody university in Pakistan or something? Are you thinking of Pakistan attempting to null route YouTube Really there's too many to count.
|
# ? Aug 29, 2017 13:43 |
|
spankmeister posted:Bgpmon the worst digimon
|
# ? Aug 29, 2017 13:44 |
|
mrmcd posted:Wasn't there a bgp fuckup a couple years ago where a huge chunk of traffic for Europe got routed to some nobody university in Pakistan or something? I remember the time all internet was routed through Iceland, which IIRC would later be revealed by whistleblowers to have been a Tor deanonymization attack by the NSA
|
# ? Aug 29, 2017 13:48 |
|
Volmarias posted:Are you thinking of Pakistan attempting to null route YouTube BGP hijacks will never not be funny.
|
# ? Aug 29, 2017 13:54 |
|
hackbunny posted:I remember the time all internet was routed through Iceland, which IIRC would later be revealed by whistleblowers to have been a Tor deanonymization attack by the NSA There have been quite a few occasions for continental us IPs getting routed across a transcontinental link and back for a few days which just happen to put that traffic in the purview of the NSA. I do not trust those fuckers.
|
# ? Aug 29, 2017 14:18 |
|
Notorious BGP
|
# ? Aug 29, 2017 16:22 |
|
maskenfreiheit posted:working on this now, it's hard - but worth it " through an arduous twenty-four (24) hour certification exam." holy moly
|
# ? Aug 29, 2017 16:24 |
|
NevergirlsOFFICIAL posted:" through an arduous twenty-four (24) hour certification exam." ain't nothing worth a 24h exam
|
# ? Aug 29, 2017 16:35 |
|
especially when it's a transcription error away from OCSP
|
# ? Aug 29, 2017 16:35 |
|
|
# ? May 22, 2024 05:11 |
|
certified kali linux child
|
# ? Aug 29, 2017 17:23 |