|
Shuu posted:How will we ever stop these highly sophisticated attacks?? Watch for hackers by vigilantly using Tracer T. https://www.youtube.com/watch?v=SXmv8quf_xM
|
#
?
Aug 10, 2021 19:50
|
|
|
|
| # ? May 26, 2024 10:27 |
|
|
Fun talk from DEFCON 29 I was waiting to watch. Its good stuff https://www.youtube.com/watch?v=7DXF7YDBf-g
|
|
#
?
Aug 11, 2021 21:58
|
|
|
Ian Coldwater is a pro follow
|
|
#
?
Aug 11, 2021 22:17
|
|
|
Happiness Commando posted:Ian Coldwater is a pro follow honk
|
|
#
?
Aug 11, 2021 22:19
|
|
|
The Fool posted:honk honk the planet.
|
|
#
?
Aug 11, 2021 22:39
|
|
|
https://twitter.com/pancak3lullz/status/1425221181058306050
|
|
#
?
Aug 11, 2021 22:51
|
|
|
https://twitter.com/atrupar/status/1425495109798354951?s=20
|
|
#
?
Aug 12, 2021 03:30
|
|
|
Which of you hackers made a batch file and boot rom?
|
|
#
?
Aug 12, 2021 03:30
|
|
|
What are you, a cop?
|
|
#
?
Aug 12, 2021 03:37
|
|
|
Internet Explorer posted:What are you, a cop? Good play, if he's a cop now he has to tell us.
|
|
#
?
Aug 12, 2021 04:35
|
|
|
A cop can’t write batch files
|
|
#
?
Aug 12, 2021 05:05
|
|
|
Please speak into my beautiful lapel flower so I can hear you better.
|
|
#
?
Aug 12, 2021 05:36
|
|
|
https://twitter.com/ErrataRob/status/1424878450867847181?s=20 Edit: this whole thing is batshit insane. It's like some dystopian sideshow playing out in Branson. cage-free egghead fucked around with this message at 05:48 on Aug 12, 2021 |
|
#
?
Aug 12, 2021 05:45
|
|
|
Defenestrategy posted:Good play, if he's a cop now he has to tell us. yeah, if you ask a cop his favorite movie he has to tell you it’s entrapment (1999)
|
|
#
?
Aug 12, 2021 05:47
|
|
|
cage-free egghead posted:https://twitter.com/ErrataRob/status/1424878450867847181?s=20 holy poo poo, this is unreal
|
|
#
?
Aug 12, 2021 06:14
|
|
|
goddamn rob graham is tedious
|
|
#
?
Aug 12, 2021 06:19
|
|
|
he is so so bad
|
|
#
?
Aug 12, 2021 06:20
|
|
|
|
|
#
?
Aug 12, 2021 06:32
|
|
|
if only they knew that infosec jobs was basically to stop us looking at porn
|
|
#
?
Aug 12, 2021 07:50
|
|
|
jaegerx posted:A cop can’t write batch files
|
|
#
?
Aug 12, 2021 09:33
|
|
|
Achmed Jones posted:goddamn rob graham is tedious Yeah, he is an expert in the field, but he's also a centrist to a fault. But yeah he's tearing this apart really well.
|
|
#
?
Aug 12, 2021 16:47
|
|
|
Print Nightmare is back, and it does indeed bypass EDR controls https://twitter.com/GossiTheDog/status/1425193153691279365?s=20
|
|
#
?
Aug 12, 2021 16:53
|
|
|
I had every leader in operations fight me tooth and nail over my request for long term planning of turning off print spoolers. This is never going away.
|
|
#
?
Aug 12, 2021 17:01
|
|
|
If you loved the original you'l go nuts over the sequel.
|
|
#
?
Aug 12, 2021 17:01
|
|
|
OSU_Matthew posted:Print Nightmare is back, and it does indeed bypass EDR controls lol
|
|
#
?
Aug 12, 2021 17:07
|
|
|
I for one am really shocked that Windows printing is a nightmare. Signed, A Citrix Admin
|
|
#
?
Aug 12, 2021 17:07
|
|
|
Simply don't print 
|
|
#
?
Aug 12, 2021 17:24
|
|
|
Thanks Ants posted:Simply don't
|
|
#
?
Aug 12, 2021 17:28
|
|
|
Internet Explorer posted:I for one am really shocked that Windows printing is a nightmare. sup EUC buddy  your euc product is way more loving stable than mine!
|
|
#
?
Aug 12, 2021 17:30
|
|
|
Thanks Ants posted:Simply don't print I was promised a paperless office, time to deliver.
|
|
#
?
Aug 12, 2021 17:47
|
|
|
CommieGIR posted:I was promised a paperless office, time to deliver. But I NEEEEEED to be able to print from my domain controller! It's the only system we have hooked up to the Fujitsu copier we bought in 2004, after all!
|
|
#
?
Aug 12, 2021 20:39
|
|
|
Exchange On-prem exploit chain being actively scanned for and targeted. Happy Friday!
|
|
#
?
Aug 14, 2021 02:12
|
|
|
Dumb question from a mostly naive person: Is DNS over HTTPS/TLS worth it? I've heard conflicting reports that it should either be considered a necessity in 2021 or that it's mostly just smoke and mirrors that creates a lot of headaches.
|
|
#
?
Aug 14, 2021 19:39
|
|
|
Craptacular! posted:Dumb question from a mostly naive person: Is DNS over HTTPS/TLS worth it? I've heard conflicting reports that it should either be considered a necessity in 2021 or that it's mostly just smoke and mirrors that creates a lot of headaches. Depends on context, are you asking about personal / home setups, or the corporate networking security perspective?
|
|
#
?
Aug 14, 2021 21:22
|
|
|
Klyith posted:Depends on context, are you asking about personal / home setups, or the corporate networking security perspective? Personal setups. I've taken to running Pi-Hole recently, but when you talk in communities around that app you eventually reach the people who think that simply filtering out bad requests isn't enough and that you should take extra steps to route everything as discreetly as possible.
|
|
#
?
Aug 14, 2021 22:22
|
|
|
Craptacular! posted:Personal setups. I've taken to running Pi-Hole recently, but when you talk in communities around that app you eventually reach the people who think that simply filtering out bad requests isn't enough and that you should take extra steps to route everything as discreetly as possible. Are the same people asking you to install the brave browser?
|
|
#
?
Aug 14, 2021 22:28
|
|
|
I use it, it's not a requirement, but I don't see why not. Multiple US providers currently do or previously have hijacked port 53 and transparently redirect traffic toward their own spam resolvers that redirect you to ad filled fake search pages. IIRC, T-Mobile used to static route 8.8.8.8 to their own resolver.
|
|
#
?
Aug 14, 2021 22:42
|
|
|
Craptacular! posted:Personal setups. I've taken to running Pi-Hole recently, but when you talk in communities around that app you eventually reach the people who think that simply filtering out bad requests isn't enough and that you should take extra steps to route everything as discreetly as possible. On your own home network, if you aren't super concerned about your ISP seeing which websites you visit*, it's a question of do you want to do the effort for a good setup. It definitely makes stuff like the PiHole more complicated. And you're not really gaining anything security-wise. *which is like, they can figure out even with DoH if they really wanted to. if you're  you need a VPN.On a public/unsecured network that you don't control, secure DNS is an extremely good idea. Spoofing DNS to redirect you to a fake website is an easy attack. Personally, at home I run DNS-over-TLS from my router to the outside world, and the router provides regular unencrypted DNS caching to the network. That was about as much  as I felt like it warranted. It works with the router-based adblock I use, and the way I've got it set is pretty transparent for setup -- guests don't have to configure anything, and when I take my laptop elsewhere it'll try to use DoH. I know the pihole can be set up to do DoH to the inside of the network as well if you want, but I kinda don't see the point on a home net.I don't think I've gained much security from this setup, and what privacy I've gained is mostly a "lol gently caress ISPs" because google sees everything I do. I mostly did it because I wanted to figure it out.
|
|
#
?
Aug 14, 2021 23:25
|
|
|
Sickening posted:Are the same people asking you to install the brave browser? Brave is actually my "backup browser" option to Vivaldi right now, since I want to use Chromium but don't want to be rolled into FLoC. Klyith posted:Personally, at home I run DNS-over-TLS from my router to the outside world, and the router provides regular unencrypted DNS caching to the network. That was about as much I'm not comfortable replacing the firmware on my router because it costs too much for me to be willing to gently caress up, but it doesn't have any kind of encrypted DNS rolled into the factory settings. I run Pi-Hole in a container already, and by making Podman's ability to run Kubernetes-style pods I can run it and cloudflared with shared networking and do public DNS with 1.1.1.1 over HTTPS instead of HTTP. I was trying to gauge how important this is, since I've seen a few Linux sysadmin guide types roll their eyes at going as far to install a DNS adblock and then not bother to encrypt it. I have it up and running right now as a trial and it seems stable enough and doesn't seem to have slowed anything down. I just wanted to find out whether it's totally worthless concept before deciding whether it's worth using permanently. Craptacular! fucked around with this message at 00:10 on Aug 15, 2021 |
|
#
?
Aug 15, 2021 00:02
|
|
|
|
| # ? May 26, 2024 10:27 |
|
|
Craptacular! posted:I'm not comfortable replacing the firmware on my router because it costs too much for me to be willing to gently caress up, Yeah if you have the Pi and don't have a fancy router it's easier to just use the Pi. I do it on my router because a) I've got an asus router and can do asus-merlin firmware, which installs just like stock and has extra poo poo built in b) this way I don't need another pi Craptacular! posted:I was trying to gauge how important this is, since I've seen a few Linux sysadmin guide types roll their eyes at going as far to install a DNS adblock and then not bother to encrypt it. I have it up and running right now as a trial and it seems stable enough and doesn't seem to have slowed anything down. I just wanted to find out whether it's totally worthless concept before deciding whether it's worth using permanently. I think it's worth doing primarily because browsers are moving in that direction and I fully expect that at some point if you aren't doing DoH or DNS-TLS then the browser will bypass it and you won't have the pihole adblock. But the pihole & adblock community also has a lot of people who take a super dogmatic approach where any form of data collection is a violation. Calibrate your own scale for privacy, ignore the people who say things like "you don't block all microsoft telemetry? why do you even have a pihole then!"
|
|
#
?
Aug 15, 2021 03:22
|
|