/cyb/ + /sec/ - Cybersecurity and Information Security General

>Blackhats will tunnel through certain wargame/CTF servers via SSH
obviously. But SSH requires more work and you'll need to know what you're doing.
For personal use openvpn is much more convenient

Correct.

Same here, had a long day and couldn't get back here in time.

>Hey could you tell me about "Thing"?
>Why aren't you just using "Other thing" instead?

user didn't sound like he has the backgound for that.
literally stated why it's a bad idea in the next sentence - but hey, let's go ahead watching newbs shoot themselfes in the face because they're in a false sense of security

I may have misread what the user asked for, but I think I just responded with the SSH stuff/SSH ramble because I thought he was inquiring abiout SSH functionality.

I mentioned the SSH CTF/Wargame example because it wasn't something I had thought aboutt until a couple years ago when I stumbled on resources for what many of the Russian carders and dudes selling access into backdoored hosts were doing to add obfuscatiing layers to their approach toward the VPS they did business from.

Your absolutely right about OpenVPN...it is the easiest resource for someone looking to establish a quick, secure access point...I just tend to nerd out around you guys.

Of course he doesn't. And he never will if he doesn't get the chance.

>I have been working on this concept for awhile now:
>ivpn.net/privacy-guides/onion-ssh-hosts-for-login-chaining
>sshmenu.sourceforge.net/articles/transparent-mulithop.html
Something for the /sec/ FAQ?

I see a lot of job opportunities in intelligence agencies including reverse engineering and network ops. The requirements posted might be of interest here.

For instance a job in malware analytics required OllyDbg, WinDbg, GDB, IDA Pro, extensive experience in C/C++ and Python.

I'm looking into pentesting and need a new windows laptop anyway. Any recommendations?

>large screen/keyboard, don't care how much it weighs
>none of this "air" bullshit. I want a removable drive
>partitioned (I can do this myself of course)

I need it soon. Can't wait for a new chipset.

Cyberpunk has everything to do with security.

Was at a UNI-conference thingy and speaker there was hyping OSCP. It looks good on paper but the website is disturbingly unprofessional. Is it legit and worth your money?

I used to use my computer at home as an ssh tunnel to get past site filters on public wifi

Not him, but I've never used a VPN and I find ssh pretty simple to use.

If you are looking to focus your InfoSec career toward becoming a Penetration Tester and maybe eventually a Red Teamer, then I'd say the OSCP is a great cert (Red Teaming is my vocation).

It is a fun course and alot of valuable experience can be gleaned from it regardless of your destination in InfoSec; you just have to remember that if you are not going toward a career where methods/means of manual penetration is going to be your focus, then the price of the 90day lab/exam retakes for the OSCP/PWK equals a full 16 credit semester of community college where I live, and much/many of the experiences/lessons can be had elsewhere with some more effort/.

I love the PWK/OSCP virtual lab; it is worth way more to me then the cert. However, I am planning to Red Team till the wheels come off.

FAQ editor here. There has in the past been a few discussions about servers, in particular with emphasis on security and special applications. I browsed through >>Jow Forumsserver (now at >>Jow Forums66700867) and they have some pasta but seem to be in need for some love. I hope they can also put the FAQ in the FAQ framework we use here, it helps in readability and also searchability.

I'll add a link in the /cyb/ FAQ but more input is needed, especially in terms of securing and also applications. My interest is in particular knowledge management.

Attached: ff_walker_f.jpg (630x495, 71K)

The demand for sex bots appear to come also from alpha males:
bbc.com/news/entertainment-arts-44819116
What is the world coming to?? Sure, I can see this will drive the demand for sex bots but generally speaking I am not entirely convince about technical solution to human problems.

OSCP is an amazing cert for pentesting. So if you plan on being a oentester, get it.

Who's going to defcon?
What's the plan Jow Forums

Attached: download.png (224x224, 5K)

Well, I've been thinking of making more guides directed to a small server, the problem is where to start. Firewalls? Yeah, maybe iptables is a good start, also nftables if I can get the kernel to cooperate.

Anyone know if there are some capture the flag challenges with VM machines?

Like finding and using exploits in metasploitable to get into root kernal and finding the flag

iptables isn't hard, it boils down to a handful of lines - the hard thing is wrapping your head around it.
I usually use the guides in archlinux' wiki for service configuration because they give a lot of hints security wise.

do you know vulnhub?

I am.
Plan is to party alot

How do I even get into the field without knowing networking. I'm taking intro to networking next quarter but I wanna get a headstart

Networking is easy. What the fuck.
What is there you think you need to know about?
Do you understand what a firewall does, what a router does, what a subnet is, a vlan, an ACL, a port?

take a paket analyzer and watch a vm (that is not windows) get a IP via DHCP, ping stuff, perform DNS, opening a simple non-https website, ...
theory is all good and well but seeing what actually happens is more fruitful imo

Is wireshark any good? I've heard of people who use that.

All these acronyms are cool, but is there any resources you'd recommend to approach the from the ground up? Assume for all intents and purposes that a 5 year old wanted to learn networking. Where would you start him off?

wireshark will do.
as for acronyms you don't know, just ask wikipedia. just read it one time so you'll have a rough understanding. Get in-depth knowledge when you need it, rather play around with stuff

Thanks. I'll look into it, and good advise on not getting too entrenched in a subject. I feel like I've done that a lot while trying to self study

You're telling me. It's easy to lose yourself in books but theoretical knowledge is worthless if you don't know how to apply it

Google, and a home lab.

Had a really bad scare, and still not totally finished with it.

My gmail got hacked and someone was able to change the password. They did this on my machine, when I was not present. I saw my mouse moving. But I do not save any passwords. They guessed several passwords incorrectly for other accounts, but somehow were able to guess my gmail password correctly in order to change it.

How could this be possible?

open a network+ book

If I use:

computer A
router A
account A
at site A

then I reset my IP and use

computer B
router A
account B
at site A

can site A tell that these two accounts are related? IP addresses will be different, machines will be different, but router will be the same.

Are you sure you got the IP to change? What did you do to force it?

If you actually did, I don't think site could know for sure, but keep in mind panopticlick-style metrics. If you have a similar config for browsers, they might be able to guess. Depending on site traffic, if your two accounts are the only ones constantly signing in from your ISP, they might be able to guess. Even if you use a VPN, your timezone can be pulled from Javascript (I think) and that could help narrow it down.

Angry ex.

Or if statistically, B signs in on the same days as A, that could also narrow the guesswork down.
It really depends on what normal traffic you have to hide in, and whether the site is actively looking for duplicate accounts.

If they are both going through router A, then most likely yes. How dod you plan on resetting the IP your ISP gives your router? Sometimes those are static.

>the problem is where to start.
Any start is a good start. Working on something that overcomes a problem you feel yourself is often the best start.

Maybe start big and get small. From best distros for X to specific options to Y command or setting.

>large screen/keyboard
has nothing to do with it's "ability to pentest"

>none of this "air" bullshit. I want a removable drive
again, no impact

>partitioned
Do they even sell those pre-partitioned? maybe some custom made ones are but definitely not in your average electronics shop.

the only two things that would really make a difference are a gpu for cracking passwords, and a network interface with packet sniffing/injection capabilities.. But you should try to avoid having to calculate passwords in the first place...
Just get one that can run win10 and you're good.

Attached: dream_apartment.jpg (1500x800, 310K)

Fully equipped thinkpadder p70

>win10
>pentest
Might want something that's a little more quiet on the network
I mean, Win10 literally can't shut up

I hate to be the guy who suggests Reddit but there's a lot of good info for hobbiest server stuff over on Jow Forumshomelab

I used the win10 example to set a performance bar.
As in: "if it can run win10, it's good enough."
But yeah, I agree. A proper os+setup is the whole base.
I can recommend ParrotOS. It has a lot of pre-installed tools but compared to Kali it actually looks and feels nice.

Attached: lain_tech.gif (500x354, 461K)

Attached: 1452114862.jpg (1600x880, 701K)

>run a packet sniffer I wrote on my own adapter
>packets are being sent from IP 0.0.0.0 to an outside Chinese IP address in Beijing

WTF is going on?

Attached: The-Matrix-4-Reboot-Plot-Keanu-Reeves.jpg (1200x632, 188K)

youre in

>he cant mindhack

Attached: 1493979417260.gif (260x289, 1.57M)

W...what do you mean?

Attached: 1510159397463.jpg (657x387, 39K)

Which e-reader does not track me?

would playing overthewire games make be atlesat intermediate in cracking ?

>cant for sure know
>hey google what is my ip

>parrotOS
My nigger. Haven't seen a lot of love for parrot, but it's actually fucking good. Enough tools to be useful for pentesting, but stable nd lightweight enough for other uses as well. Truly the white man's distro.

>them quads
nice

Just get on HackTheBox

>Haven't seen a lot of love for parrot, but it's actually fucking good. Enough tools to be useful for pentesting, but stable nd lightweight enough for other uses as well. Truly the white man's distro.

Parrot OS has been a favorite of mine forever; I am using a live USB to aid in building OuterHeaven pic related)

Attached: Iconcurron ParrotOS.png (1810x1076, 711K)

I'm afraid to join their network and have all my files deleted or sth

>>run a packet sniffer I wrote on my own adapter
> >packets are being sent from IP 0.0.0.0 to an outside Chinese IP address in Beijing

>0x00sec.org/t/tyrannosaurus-reproduced-fast-and-died-young-a-malicious-host-ip-c-c-from-china-2016-to-present/6691/7

I've been tracking and reporting on a China telecom server that has been leveraged for widespread atatcks for years with the actors using little to no obfuscation to beat the GFW or throw off authorities....one actor attacking from this IP hasn't changed /spoofed their MAC, NIC type, user agent, hostname or OS for years...

AFter gaining access to a client's LAN during a Red Team engagement, I began to monitor traffic to begin strategizing lateral movement, I saw the unmistakable signs of domain fluxing, UPnP traffic entering the network/exiting the network for RAT C2 and SMB piping...

SIgns of likely malicious tresspass foind...cue long echoing sound of a vehicle grinding to a halt accompanied by screaming breakpads...Red Team shifts more towards Purple Teaming/Red Team Analyst duties for remainder of billed engagement...,

Ever since I have been studying this server and the tactics being used by the attackers utilizing it for years...When I first started watching the server, it had no open ports outside one filteretd SSH and eight NTP, and it looked like they were tunneling out via that service/UDP implementation to pivot into some exploited hosts right from home...

I just started making my reporting on the evolution/acti9vity of the s3erver ina report linked to the URL I posted at the start of this post....I think the WHiteHat "good Guy!!! BadGuy mentality" is childish; just like training with other fighters in a good combat sports gym, you can learn from eachother, help eachother, respect eachother and occasionally fight eachother when business calls for it.

Cool story bro.

>Iridium Satellite Hacking - HOPE XI 2016
>youtube.com/watch?v=cvKaC4pNvck

Watching the video above while I work; fuck hacking the Gibson, I am looking to go Ahab on some Low Space Orbit whales in the hopes of harvesting some of that sweet, sweet Wintermute-like multihop.

just finishing up the JIS-CTF from vulnhub. got root, doing a system wide recursive grep for the last flag.
what ctfs have you guys done recently?
what ctf should i do next? need to study for OSCP

So hey, i had a question about the method of securing email from the above faq

Openpgp is mainly for communicating between two individuals right? Is there any way (or reason for that matter) to set up email so that all incomming stuff is encrypted as well?

Bottom line, how would one go about optomizing thunderbird for security and privacy?

The sender/owner of any data needs to be the one encrypting it, i.e. you cant make unencrypted emails arrive as encrypted.

With opening, anyone with the public key can open the data encrypted with the equivalent private key, so not necessarily two people, but both those people need to have the public key.

>Bottom line, how would one go about optomizing thunderbird for security and privacy?
I don't know, i don't use thunderbird. the main thing is to request that the people that send you emails use encryption.

I believe I just found OuterHeaven's new home...

ebay.com/p/Server-Sun-M4000-2-X-SPARC-64-VI-16-GB-Rack-5u/808150454?iid=232011737180#ProductDetails

fujitsu.com/global/products/computing/servers/unix/sparc-enterprise/products/m4000/spec/

I fucking love Sun Microsystems....the price is unbeatable and woth a road trip.

Attached: Home.jpg (640x480, 67K)

What would someone even be able to do with root access to space?

Jesus what's that going to do to your power bill? You sure you don't want something newer?

I turn off my modem overnight and in the morning my IP address is different to the night before.

The first account is old and I'm not using it. I have previously simultaneously used both accounts from the same city. So my main concern is if they could see hardware info on the router and know it's the exact same router.

I know this is probably a joke but realistically nobody knows the gmail password. They also don't know the passwords of three other sites. But they successfully changed the password for the gmail, while trying to request password changes for all the others.

If you're already logged in to gmail, can you request a password reset and receive the email to that same gmail address?

I pretty much destroyed overthewire in ~4-6 hours (not really sure how much time it took). I had to search for the solution to the last level, though, because I couldn't do what I wanted to, but turns out the solution I had thought was correct, just not the way, and my problem was my shitty console.

it's basic shit, satan. IMO, it teaches you a lot more about linux commands than "hacking"/"cracking" in general

I used a web ssh console because muh privacy

>What would someone even be able to do with root access to space?

I have plans for OuterHeaven ; for example, hosting services such as anonymized Linux/BSD desktops, shells, etc that I know we/I/the community can trust,

>Jesus what's that going to do to your power bill? You sure you don't want something newer?

Your probably right user; however, ot's likely I will buy iy anyway due to the trustworthy architecture, the quality of Sun Micro, and the fact that we can control our own destinies via the digital spaces we choose to gather /work in.

I busted my balls to get the capital necessary to due this right; half measures are destroying freedoms and thye common persons right to demand greatness of themselves.

I can afford the electric bill; I cannot afford doubt as to whether our community is secure/safe.

Just wait until sex botnets.

can firefox addons read cookie data from all websites I visit?

Wouldn't most sexbots, by default, come preinstalled with backdoors anyway?

>the quality of Sun Micro, and the fact that we can control our own destinies via the digital spaces we choose to gather /work in.

Holy shit dude you just skipped plausible and went straight to raspberries and pointing your finger in the air as you leaned back far enough to lose your ballance.

Time to get back on your meds.

The easiest way is don't use email, use Signal App desktop or some other encrypted async chat program and just use it like it's email.

But yes you can easily run a script that encrypts all incoming email with a GPG public key but it's kind of pointless since emails get bounced around everywhere in plaintext before getting to your inbox.

>They did this on my machine, when I was not present.
>not present
>not present
>not present
>I saw my mouse moving

what.

Like 99% sure the guy that creates these threads is schizo and on SSI.

still better than being a tripfag that's known for their obnoxiousness

That's a cool analogy and a good material for a novel.

As someone that regularly visits western state and hospital psych wards, I can suggest very strongly that you are fucking wrong. I have my mental health, which is a fucking precious sparse commodity to people like you. Its better.

Sounds nasty as fuck, also a bit deviant. Imagine all those digital STDs.

why is cypherpunks.to always down

What the fuck is going on with that subject? Are you trying to stealthily turn the general away from /cyb/ and back to pure /sec/?

it's just /cyb/ bullshit speak they love so much

how do I hack someone's phone. thanks.

wasn't intentional - I just copied the last one. Looking at the recent ones, some other OP sneaked it out
you're welcome.

what do you mean exactly?
I suspect you're referring to intercepting messages/voice from a phone?
Then, what kind of phone are we talking about?
Is it a dumbphone, or a smartphone? Is it an android or iPhone?
If it's a smartphone you have the options between normal SMS/call and whatsapp/etc.
each one of these requires a different attack vector.
Please specify your question better next time so maybe we can actually give you a useful answer.

My apologies. It's some sort of iPhone, not sure which. I'm hoping to get as much information as I can from the phone. First and foremost I would like to acquire all previous messages sent on various applications, such as iMessage, instagram and snapchat. I would also like to be able to acquire new messages sent on these apps and location data if possible. Attack vectors I have looked into are 1) interception of radio waves, 2) network spoofing (either WiFi spoof, LTE spoofing, or GSM). The problem is most communications are encrypted so this is all difficult if not impossible. I will be within 10 meters of the target phone.

Sup brothers!

I am going to focus all of my time today on the release of Heavy Coat and a stood up OuterHeaven implementation (with some missing variables due to hardware of course)...I am excited to see what you all think of or can improve upon.

I will provide a link to the materials/IP in this or the next thread by 01:00am EST tonight (I am overestimating just incase).

>skipped plausible and went straight to raspberries and pointing your finger

A report detailing why I am leaning toward use of the M4000 will also be release with the other componets of the project.

Most of the best secured environments I have ever faced as a Red Team Operator were energy/ industrial sector environments where US military/inteklligence had some interest or real estate.; thse were the places I most often saw technologies like Sparc/VAX/Sun dumb terminals still in wide deplymnet, so I have been studying the M4000/M5000 for awhile now.

I am interested in what your issues are with my reasoning.

Have a good onje anons

>wasn't intentional - I just copied the last one. Looking at the recent ones, some other OP sneaked it out
As old OP during the "war" between /sec/ and /cyb/+/sec/, I would like to say I don't necessarily dislike the move. Only that when it was last tried, /sec/ required constant bumping, whereas /cyb/+/sec/ survived on its own.