|
Those new Chromebook Pros might be nice to throw Kali onto as a quick laptop to do some wireless pen testing and whatnot when I don't feel like carrying a MBP.
|
# ¿ Jan 5, 2017 17:04 |
|
|
# ¿ May 2, 2024 14:00 |
|
So water dispensers, huh https://twitter.com/find_evil/status/816846566799470593?s=01
|
# ¿ Jan 6, 2017 02:42 |
|
Achmed Jones posted:I'm a founding member of my company's new security team. A week ago, I was a hobbyist with an OSCP certification. We're starting on risk assessment, prioritization, and all that, but I'd love any links y'all might have (or books to read) that'll help us out. I don't currently have the link (on mobile and too lazy) but it's called "Security Risk Assessment" and it's a Syngress Press book. It's pretty much my risk assessment Bible for audit stuff and basically what I used to write the closing on what a company needs to focus on and do at 30 days, 90 days, etc based on what was found during the audit.
|
# ¿ Jan 6, 2017 05:12 |
|
Subjunctive posted:are background checks reliable in Russia anyway? In Mother Russia, you run in the background towards a check
|
# ¿ Jan 7, 2017 20:43 |
|
Captain Foo posted:snype reminder that when I met him he told me that I reminded him a lot of himself and wasn't sure how to take that.
|
# ¿ Jan 8, 2017 02:51 |
|
Tayter Swift posted:Security
|
# ¿ Jan 8, 2017 07:32 |
|
Wheany posted:our tester was trying to connect to a server with winscp. it gave a warning about changed fingerprint and posted a screenshot "the new fingerprint is wh:at:ev:er:th:ef:uc:k" screenshot or didn't happen I believe you I just want to see it
|
# ¿ Jan 9, 2017 10:22 |
|
Wheany posted:yes, the fingerprint wasn't literally whateverthefuck, i'm not going to transcribe some screenshot for a yospost why have a thought this whole time the fingerprint was stored on your end after the first connect, and you could just compare that to whatever was in some Linux file (its 5am and I'm high).
|
# ¿ Jan 9, 2017 11:43 |
|
uncurable mlady posted:wait, I'm high, isn't that literally just the pubkey? and the thing that's displayed is the md5 hash? YES! it's stored in ~/.ssh/authorized_keys I thought? see, that's why I only run scripts at night, and write them in the daytime. The strength of weed I get from my friend ranges from "nice realizing high" to "I might be in a coma so I'm gonna watch Oceans Eleven on repeat".
|
# ¿ Jan 9, 2017 12:27 |
|
Storysmith posted:authorized_keys stores client keys for authentication. you're thinking of the known_hosts file, which stores server keys you've connected to, and is implemented as a flat file (that you need to use ssh-keygen to interact with on modern openssh installs because they hash hostnames to make the files less useful for folks who hack a box and pivot) that's why you use mobaxterm on windows and stop using putty and winscp like it's 2004.
|
# ¿ Jan 9, 2017 14:59 |
|
Fergus Mac Roich posted:i use extraputty with awful lua scripts right now. there's even a portable version of this. thank you for pointing out this program and ending my nightmare. it was pointed out to me in 2013 and a coworker was like "yeah I know about it, but I'm gonna stick to putty, it's reliable, and I've been in sysadmin 14 years, so trust me" he's still a junior sysadmin at a poo poo tier hosting company, so no, don't trust him. Use Mobaxterm. jre posted:gently caress, that looks good. How long has that existed ? at least 2012. It's basically having actual Linux on windows. You can run a scary amount of Linux commands on there and sometimes I forget I'm on a windows box.
|
# ¿ Jan 9, 2017 15:32 |
|
Ur Getting Fatter posted:why do all of these sites about tools to connect securely to your server via SSL refuse to implement https on their loving geocities website? Ur Getting Fatter posted:why do all of these sites about tools to connect securely to your server via SSL refuse to implement https on their loving geocities website? not sure what you're referring to.
|
# ¿ Jan 9, 2017 15:35 |
|
Heresiarch posted:the mobaxterm site is http and their download is http oh yeah. I don't know when that happened. at one point as far as I can remember it was https, and then when I went back in summer 2016 it was http and I was 🤔 but I had a portable version from like December 2015 that's fine, so I use that.
|
# ¿ Jan 9, 2017 15:49 |
|
jre posted:If you are using this professionally why would you even blink at $50 for something that will improve your productivity yep. I don't even notice it (probably because it comes out the same time as Burp Suite and I make sure wherever I work compensates me for using my personal licenses).
|
# ¿ Jan 9, 2017 16:07 |
|
Wheany posted:i'm not that sure that a better ssh client would improve my productivity very much. if you don't think mobaxterm isn't leaps and bounds ahead of fuckin putty, I don't know what to tell you.
|
# ¿ Jan 9, 2017 16:24 |
|
OSI bean dip posted:i dunno about you but i can get mobaxterm's cygwin terminal by installing ubuntu for windows, x11 support by installing xming, and ssh support by either using ubuntu for windows or using kitty, which is a better version of putty (which by default does have an https download) No it doesn't.
|
# ¿ Jan 9, 2017 17:16 |
|
If you have more than 12 sessions open you either need to start using config management or screen sessions there buddy.
|
# ¿ Jan 9, 2017 18:09 |
|
I have VMs for that there, good sir.
|
# ¿ Jan 9, 2017 18:20 |
|
Wheany posted:i thought that it meant that you can only have 12 saved sessions, not 12 sessions open at the same time. that's what it means, but I'm letting him have his fun. I've had more than 20 sessions open at once on the free version before.
|
# ¿ Jan 9, 2017 18:28 |
|
|
# ¿ May 2, 2024 14:00 |
|
ate all the Oreos posted:yeah but you had to, like, know what a linux is for that
|
# ¿ Jan 10, 2017 17:36 |