Here's a list of attack vectors I made. Which ones did I forget? >JavaScript (Spectre/Meltdown/Browser Exploits) >Open ports with services running which can be exploited >Networking card and router exploits >Man in the middle attacks (DNS and ARP poisoning) >Routing table attacks >Amplified DDoS attacks >Social engineering (avoiding opening unsafe documents/other attachments)
Trojans Virus - optionally with root kits Backdoored equipment such as - motherboards (including ME and various interfaces) - microcontrollers in disk drives, flash drivers, Ethernet- and SCSI interfaces - infrastructure such as hubs, routers, switches, wireless units (optionally physically intercepted in mail)
Daniel Cook
First year EE here, how do I get started in cybersecurity? I don't think I can take additional courses for cybersec minor as there's too many to fit them all in. Do you recommend any books, math courses, or have any guides on getting started?
Michael Cruz
attack vectors for what ?
Austin Taylor
Hate to be that guy but it's really a mindset and a whole lotta googling/research. I graduated with a cybersecurity degree and the most important thing I can tell you is that if I don't know how to crack a system/network or get what I want from someone, then I sure as shit know how to find out. You don't just "go and hack stuff" you learn about all the rules so that you can either circumvent them or break them or work with them to do what you want.
I recommend no books, courses, or guides. Just google everything. Look into intro attacks like MITM, clickjacking, code injection, and traffic sniffing, hash cracking, etc. Just keep googling. This shit changes so fast that books and courses and guides can become outdated within years.
Ayden Ross
It's a wide field. For at least cryptograpby, Bruce Schneier has two great books, "Applied Cryptography and Cryptography Engineering". Also getting a good background in networking is important. Network+ books tend to be a good place to start. Do these and learn C or Python, and you'll have a good foot in the door. >Don't read books Really bad advice
Ethan Young
Downloading and trying to package a bunch of anti-virus/anti-rootkit/ant-malware programs, and trying to get them to run mobile. I have SAS, Spybot, and Kapersky. What others should I grab? Recommendations on how to convert Malwarebytes to mobile?
So do you think all the cybersec courses in uni was useless? Also, do you recommend getting any cert?
Thanks for the advice, ill check them out. Do you recommend getting any cert?
Easton Rogers
Courses can be useful. The best schools are ones accredited by the NSA. For certs there are a few to consider: >Sec +, SSCP, or GSEC Each of these are a good starting cert for infosec. The first cert I was going to get was Network +, but I got my minor in Networking instead. >CISSP This is currently the "king" of infosec certs. This is more than likely get you through an HR filter. It technically requires 4-5 years of experience, but the associate is also fine. >OSCP This is currently the best pentesting cert. DoD directive 8570.1 has a list of certs they feel are important for infosec. So anything in there is technically valuable in that sense.
Ryder Harris
attacking network protocols by james forshaw is probably the best recent read I can reccomend. If you are looking for a beginner resource i would start with Hacking the art of Exploitation aka the Vuln research beginner bible
Caleb Wilson
The guide on how to connect to the IRC is terrible.
I've: >Configured Hexchat >Configured my ID >Generated a Certificate.pem file, and put it in hexchat/certs >Joined the rizion IRC
I'm stuck figuring out how to join the #Jow Forumssec channel.
what are some good programs to practice Reverse Engineering that wont land me in jail?
Jose Robinson
I think I will start off with the first list of certs. Is network+ or any of them in the first list doable while studying in uni??
Joseph Robinson
Freeware. I was going to start looking into nirsoft tools for reverse engineering, so I can run them from a command line. It's not like the FBI is going to go into your house and look at what you're working on, unless you've been really naughty.
Nicholas Rodriguez
Definitely possible. Sec+ and SSCP are the cheapest of the two. SSCP is pretty much the pre-CISSP.
Brayden Parker
Just got the hacking the art of exploitation 2nd ed Ill check it out and the other book too. Thanks for the info
Juan Kelly
Thanks for input. The /Sec/ FAQ is now updated to Preview7
Zachary White
I was thinking of doing malware reversing to retool it but im paranoid that ill get my host infected somehow
Noah Perry
I have to choose a major between CS, EE and CE, how can my choice affect my prospective career paths in sec?
William Lee
Get your hands on a cheap Thinkpad, that's what I did. I do all my risky shit on it, because I'm not afraid to wipe it.
Zachary Garcia
Do you want to be more involved with hardware or firmware?
Hudson Price
i meant software, oops
Hunter Wilson
I'm not completely sure. What interests me the most is network security, but I want to understand how things work on a fundamental level.
Robert Martin
The hardware is relatively simple compared to network software. Start looking at Network Protocol. It's complicated stuff.
Oliver Morris
Alright thanks. Are there any fields of security that require an actual EE background anyway?
Christopher Wright
Hey guys,
I need a starting point for a security incident response dashboard that I can feed logs and data into from a number of sources, primarily AWS infrastructure and some other services like auth0. I think I can do a lot of whats needed with a tool we already have (sumologic), but I need to at least evaluate some alternatives.
Anybody here have experience with enterprise level security in AWS environments?
Context: I work for a pretty lean startup, and we're about to lose one of our core staff.
As a result, I've gotten a bunch of new shit dumped in my lap by our CISO (who has real brass, I honestly don't know how we recruited him out of the big player he was with before). I don't have much experience in this field, and he knows that, but he's grooming me into the position by giving me tasks like this and enough time to learn as I go.
Xavier Nelson
Cyberpunk has nothing to do with cybersecurity.
Noah Powell
gud idea user
Jacob Cruz
Circuit design, obviously. Making sure that someone can't execute an attack that will fry hardware. I dunno. Software is more interesting to me, and I'm biased. I also don't know much about EE.
Always worth having a workstation you can just mess around with, consequence free. Having two systems side by side lets you do a lot more experimenting and pen-testing than just one.
Alexander Jones
CS and CE are good options for a higher level knowledge. Definitely. I work in FIPS which also deals with physical security of devices, such as zeroizing all keys if you open a cover and ensuring nothing can be probed. Our physical security guys typically have an EE background.
I don't get the difference between cyber ops and regular cyber defense.
Jack Murphy
I think CO is more technical in the CS, CE, EE sense and typically have a minor in CO and CD is more focused on direct infosec. At least looking at the degrees. That's a pure guess though.
Cooper Phillips
Anyone here remember the site or hacking challenge Stockfighter/Starfighter? Is there an offline version of it? I finally get some time to give it a try and the site is ded
Nolan Fisher
>EE EE might be more interesting for SIGINT, TEMPEST, EW and similar fields.
Which is going to be bigger in the future, the EE side of things or the software side? Or are both presumably going to keep growing a lot
Bentley Richardson
The EE side has much less people but is high demand.
Justin Clark
I'm having difficulty finding learning resources for that particular field. It's easy to find a bunch of stuff on software sec or netsec or w/e but not this. Do you have any pointers or a place to start?
Thomas Butler
Where's the hardware? Where there is hardware, firmware is sure to follow, heh... Almost like having the physical, amirite?
Juan Carter
Everybody I know that got into it started with school or wireless communications. I'm a netsec guy personally.
Chase James
>school or wireless communications Since I'm not in school right now would you say getting into netsec then branching out to the more 'physical' aspects would be a good way to go about it then?
Brody Ross
Sure. You'll end up learning higher levels then what EE focuses on, but that isn't a bad thing
Robert Moore
I'm mostly interested in things like what you can do with custom electronics, copying or spoofing data on chips or phones, remotely bypassing physical security and so on. If you have contacts in the industry would you say SIGINT and the like deal with such things or are they usually more broad in scale?
Michael Morris
Night has fallen. Stay safe everyone.
Ethan Nguyen
I haven't dealt with sigint, mainly information assurance, but your description doesn't strike me as sigint. That's mainly data collection. They'll use exploits to gain access to data and comm lines though. In the MEG general in Jow Forums there is an NSA sigint bro though It's dark and lonely
Jack Ramirez
>your description doesn't strike me as sigint. That's mainly data collection. I thought whatever involved circuit designed was closer to sigint than cyber I'll ask on MEG later, thanks
Xavier Adams
I doubt sigint would be involved with circuits. At least going by 35N Army operations.
Jonathan James
I'll answer any cryptography questions in the morning.
Thomas Sullivan
In terms of volume the software side will be the largest until they find a fundamentally new way to eliminate bugs. Some talk about AI driven security inspections but that is Sci Fi so far.
The EE side is growing, a look around the net shows that many NATO countries are increasing their recruiting and have more funding, probably because of increased tension. Demand is therefore high but as stated the supply is limited.
Dylan Rogers
Thank you user. Your really get stuff done
Brandon Adams
Eeeeeeyoooooooh, wouldn't believe how dark it is tonight...
Coming to you live Uhh haha From a hole In the dark
>tfw my favorite cartoon is "Tom 'n' Jerry"
Many thx
Luke Baker
Time for our threadly "what are you working on" post. Share what projects have your attention right now.
Parker Richardson
What are the best cyberpunk communities?
Hunter Jackson
In the virtual world? Here and Usenet News when active (which is a while ago now). In the real world I don't know.
Gavin Stewart
Bump
Easton Cooper
just had my webserver scanned by a huge cybsec company and can now answer one of the questions that's been popping up here every now and then. Yes, Go is used by sec personnel :^)
Samuel Lee
getting a /sec/ job x.x
Hudson Gonzalez
Did you ask for a scan or did they just crash your door?
Jack Powell
What type are you working to get?
Ayden Howard
the latter. Said webserver doesn't have content because it's my testing machine. They just queried / twice and that's it. That reminds me, I wanted to scatter some hidden links so I can tell if it was crawled
There's something soulless about the modern fascination with cyberpunk that's really killed the genre to me. It's almost infantile now. It's getting as bad as steampunk
Julian Carter
Have you worked on any certs?
Isaac Fisher
I wish I was smart enough for an A+
Jacob Torres
none so far. Guess I'll have to start... I'm currently getting angry because of a sec+ mock test. I'd probably get most of them right if only I read the questions completely
Carter Thompson
Just keep working on it. Are they any specific areas you're struggling with? I'm a network/crypto guy.
Cameron Reed
How do I get an A+
Blake Wood
Thank you. Based on the questions I've been through so far it only requires basic network knowledge but focuses on reading comprehension and focus. Apparently I lack the latter.
Some answers are questionable, let's take the following: An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?
A. Review past security incidents and their resolution B. Rewrite the existing security policy C. Implement an intrusion prevention system D. Install honey pot systems
Answer was C. Explanation: "A: If the incidents have been resolved, the system would be configured to deal with those incidents. It is the new incidents that are the issue."
As I read it, the task was to review. Don't think a customer would be satisfied if you go "I don't care what already happened, but here's an IDS"
Blake Hernandez
That's just a poor question, shit. It should really be A out of those options. If you are trying to review it's effective, you obviously aren't going to add more security measures before assessing it. The cert? That's pretty entry level, what are you having problems with?
Most of the manifestos are old, this one is 21 years old. It was a different world back then and these show how much things have changed.
If you prefer a manifesto with more zest and moxie you could try Pixiefuel's manifesto. I think it was written in rage.
Christian Thomas
I don't know how to get an A+
Xavier Baker
Are you okay?
Gabriel Morgan
How get an A+
Jacob Collins
Pixiefuel's was pretty good. We ought to pastebin it and add it to the OP. It's nice to have a perspective on times past. makes you think a little more than "society has rejected us buuuhhhh I'm so angry"
Eli Garcia
Wat tools are you using to study with?
Benjamin Nelson
>Exactly, because our computers are open source and we have full control of everything, we can easily crack everything that goes to our computer, the worst case scenario is that someone needs to buy the game and emulate what was missing from our code, but it is always possible. >Console games don't have DRM because the gaming console itself is the anti-tamper device, differently from cracking games, hacking a closed source hardware is not always possible, there is proof that hardware/software can reach "unhackable" status, quote marks because you can hack it the device if you have unlimited resources(electron microscope, microprobing and silicon fab machinery), for the average user it is impossible. Can anyone tell me if this is correct? especially this part: >there is proof that hardware/software can reach "unhackable" status, quote marks because you can hack it the device if you have unlimited resources(electron microscope, microprobing and silicon fab machinery), for the average user it is impossible.
Matthew Reyes
None I don't know how to get an A+
Jackson Jones
Night has fallen comrades, stay frosty.
Nolan Long
As an EE, you should be able to take low-level CS/computer engineering courses like operating systems and networks that will teach you how things work as electives. You're probably going to have to take a class on assembly anyways, so learn that very well. You can set yourself up to be a network security engineer or something in reverse engineering or malware analysis. There's also hardware security, but I have no knowledge of it and, thus, no advice on it. Other anons have good advice too.
Thomas Morgan
does any1 have a decent pdf/epub/mobi copy of Mirrorshades? the only english one in libgen is pretty fucked up
>Explanation: "A: If the incidents have been resolved, the system would be configured to deal with those incidents. It is the new incidents that are the issue."
Yeah, some of the Sec+ questions have weird answers and justifications, but you're eventually meant to unlearn those once you get a real job.
This is one of them because 'resolved' is not necessarily the same across companies. Even if it did, someone may have incorrectly or dishonestly resolved it to get it off of their plate.
Technically, it doesn't say how new the administrator is, but if they are brand new to the company, you absolutely don't start at "here's a new IPS system, have fun".
It also doesn't say how much security experience the admin has, but you still don't start at setting up an IPS even if they have experience.
Also, the question gives you no hint that the company doesn't already have an IPS.
If that situation actually ever came up, people would laugh if you went straight to an IPS unless there was a very obvious need from the top to install one.
