Jump to content
Washington Football Team Logo
Extremeskins
Forum Rules and Guidelines

Random Tech/IT Thread

Gamebreaker

By Gamebreaker
in The Tailgate

 Share

Recommended Posts

tshile

tshile

Posted
Posted

Wtf are these HP machine commercials about?

Sorry if it's being discussed, I'm catching up and have no business in this thread.

Haven't seen them but a quick Google search, it looks like cloud computing.

Essentially a system with tons of data, storage capacity, and 'power' (processing and memory) that you access. Advantages would be having a lot of data to crunch, or a lot of power to do what you're doing.

Sounds like a competitor to IBM's watson.

I have little faith in HP anymore. I'm convinced they're run by people who get their knowledge from tech blogs. They have been a total mess for the last 6 years or so and it only seems to be getting worse.

Shame because I like their hardware.

  • Like 1
Link to comment
Share on other sites
Zguy28

Zguy28

Posted
Posted

Haven't seen them but a quick Google search, it looks like cloud computing.

Essentially a system with tons of data, storage capacity, and 'power' (processing and memory) that you access. Advantages would be having a lot of data to crunch, or a lot of power to do what you're doing.

Sounds like a competitor to IBM's watson.

I have little faith in HP anymore. I'm convinced they're run by people who get their knowledge from tech blogs. They have been a total mess for the last 6 years or so and it only seems to be getting worse.

Shame because I like their hardware.

Add NetApp to that same list. What a bunch of maroons.

  • Like 1
Link to comment
Share on other sites
tshile

tshile

Posted
Posted

Because sometimes you just need to know something existed
 
Microsoft Support - KB 261186

Computer Randomly Plays Classical Music

SUMMARY
During normal operation or in Safe mode, your computer may play "Fur Elise" or "It's a Small, Small World" seemingly at random. This is an indication sent to the PC speaker from the computer's BIOS that the CPU fan is failing or has failed, or that the power supply voltages have drifted out of tolerance. This is a design feature of a detection circuit and system BIOSes developed by Award/Unicore from 1997 on.

 

MORE INFORMATION
Although these symptoms may appear to be virus-like, they are the result of an electronic hardware monitoring component of the motherboard and BIOS. You may want to have your computer checked or serviced.

For aditional related information, please see the following DFI Technologies Web site:
http://www.dfi.org
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Link to comment
Share on other sites
tshile

tshile

Posted
Posted

I like being audited by people who aren't as smart as they think they are.

 

I could tell within 60 second so the "introduction" meeting how this was going to go.

 

"I need full admin rights to the system"

No you don't, and no you're not getting them. You're getting read-only rights, and only to the things your department has any business being in.

 

Person shoots first and asks questions later. Fires off inflammatory emails, CC'ing "higher ups", pointing out issues that don't actually exist and are only caused because she didn't bother to read the documentation I sent her. It's fun replying.. "Actually, if you had read the documentation, you'd see that you must <required steps to run the reports correctly>. Once you do that you get <correct results>"

 

I offered my hourly rate to train her to read through the documentation, but she didn't take me up on it.

 

I think she's sufficiently embarrassed herself enough to stop bothering me regularly.

 

There's just a right and a wrong way to go about things, especially if you're entering a situation where you're supposed to audit/oversee someone's work. Certain people just go about them the wrong way.

 

I can't wait until she asks to see the sql code required for some custom reports, i'll dump it to a notepad file, it's like 6 pages worth of stuff that targets generic tables in the system and uses references to other generic table names from another completely different system. I'd be she'd have zero clue what the SQL is doing, much less what data is being manipulated how. It'll be great.

  • Like 2
Link to comment
Share on other sites
tshile

tshile

Posted
Posted (edited)

This thing looks cool :)

https://threatpost.com/projectsauron-apt-on-par-with-equation-flame-duqu/119725/

“The actor behind ProjectSauron has a high interest in communication encryption software widely used by targeted governmental organizations,” Kaspersky Lab said in its report. “It steals encryption keys, configuration files, and IP addresses of the key infrastructure servers related to the encryption software.”

For persistence, a backdoor module is registered on domain controllers as a Windows Local Security Authority password filter, which is normally used to enforce password policies. “This way, the ProjectSauron passive backdoor module starts every time any network or local user (including an administrator) logs in or changes a password, and promptly harvests the password in plaintext,” Kaspersky Lab said in its report.

Most of the implants used in the attacks work as backdoors that either install new modules or run commands. Each implant is unique, the Kaspersky Lab report said, with unique file names and sizes and missions such as stealing documents, logging keystrokes or stealing encryption keys from local and attached disks.

...

The researchers also discovered a module that moves data from air-gapped machines via a removable USB that reserves space on an encrypted partition with its own virtual file system and two directories called “In” and “Out.”

Edited by tshile
Link to comment
Share on other sites
HOF44

HOF44

Posted
Posted
On 8/4/2015 at 5:18 PM, mcsluggo said:

2 unrelated questions:

 

1)   what "matters" in an external drive?   is there something to look for other than just number of terabytes?

MTTF, Mean Time to Failure.  Most if any won't list this though so I go with the longest warrantied drives.  I usually get 5 year drives.  

Link to comment
Share on other sites
Larry

Larry

Posted
Posted
3 minutes ago, HOF44 said:

MTTF, Mean Time to Failure.  Most if any won't list this though so I go with the longest warrantied drives.  I usually get 5 year drives.  

That's pretty much my thing, too. 

I don't know how long the drive is expected to last.  But the manufacturer does, and they budget for that when they decide which warranty to offer. 

Link to comment
Share on other sites
tshile

tshile

Posted
Posted (edited)
7 hours ago, Elessar78 said:

Nephew wants to go into cyber security field, any tips how he can get started? Is comm college a viable option or do you need a real school?

Here's my advice.

Keep in mind I don't work in "cyber security", i'm a system admin who deals with aspects of it and pays attention to the field. I had the option of going into it and I chose to get a computer science degree because I found that to have way more options and be future proof. My advice comes from my opinions based on what I know and have seen, and the people in the field I've talked to. It shouldn't be substituted for or even put on equal footing as someone that's actually in the field (and is good at what they do, more on that now...

There are two types of people in cyber security.

One type is someone with incredibly strong critical thinking skills, knowledge of technology not just in breadth but in depth, and a quick leaner. They are people who are fascinated by tearing things apart, destroying things, or putting things back together like a puzzle.  They get the cool jobs. They're the ones tv/movies glorify. They do the bounty programs in their spare time. They have strong coding/scripting skills, they understand how operating systems work, they understand machine code, they're able to take computer components and tear them apart and put them back together. They make the big bucks and will have job security for the rest of their lives. They'll get to pick their jobs along the way, once they establish themselves.

The other type is the one that got the certs, passed the classes for the degree, and knows how to use the tools. They're savvy enough with technology to be ahead of the average person, but they are ultimately limited to using well known, industry standard tools because... well, that's what they were taught and that's the extent of their ability. They get the **** jobs. They mistakenly go work for a (local) law enforcement agency, thinking it's a foot in the door, and they wind up spending majority of their time cataloging kiddie porn. Someone has to go through the evidence, write down everything that goes on, so it can be processed for court. Guess who gets that job? Ever talked to someone who's had to do this? It's a miserable job. Maybe instead they wind up being penetration testers - they run tools against a system, packages the reports, and ship it off to some other department and say 'fix these.' Maybe they'll wind up in a monitoring center for a company where they look at monitors all day. These jobs pay well, in the grand picture, but they're not high paying jobs except where security clearances are needed.

So which one is your nephew? Is he aware of this divide? If he's in the second group, is he ok with that? Or, like so many, does he think it's all about the first group even though he can't really make it there and will assuredly wind up in the second group?

Some of the best cyber security people are self taught, or have little school, so community college is just fine, especially as a starting point. Especially if he's weak the foundations of computing and gets a CS degree (not a 'software development' degree, he doesn't need to learn a specific language, he needs to know fundamentals and theories and machine code.)

I'm kind of painting a black/white picture, there's lots of shades of gray like everything else in life. My conclusion in terms of advice: If he's going to do it, go balls to the wall, because that's what its going to take to get to the upper levels.

And good luck :)

edit: Sorry. You asked for advice on how to start... which my little wall of text has little of. As far as specifically getting started, read some books, do some labs.

practice some OWASP stuff.

https://www.owasp.org/index.php/Category:OWASP_Project

This book was recommended to me by someone what knows their stuff... i haven't read it yet:

https://www.amazon.com/dp/B00DQSQ7QY/ref=wl_it_dp_o_pC_nS_ttl?_encoding=UTF8&colid=1S0WU1SZDUEPX&coliid=I1787SCBZWWSUE

tell him to get on irc, free node, ##security, start asking for some labs/books to start with. if he doesn't know what that means, then he needs to figure it out :) don't be obnoxious, they get 100 people like that a day in there, if you act 'right' you'll get some excellent advice.

call around to some of the defense contractors in the area, ask about internships. specifically ask about what their requirements are - then start doing things to meet them.

if he's going to go to school, my personal opinion is he'll get more out of a computer science degree than a 'cyber security' program. i'll leave it at that.

Edited by tshile
  • Like 3
Link to comment
Share on other sites
tshile

tshile

Posted
Posted (edited)

@Elessar78

Here's some fun resources I read:

Google's security blog. They post in depth stuff on here. It's not going to hold your hand, but if he's actually interested in this stuff it'll take him down rabbit holes looking up terms, tools, and techniques.

https://security.googleblog.com/

And another group from Google security

http://googleprojectzero.blogspot.com

If he's just looking for news to stay on top of things:

Threatpost, SANS Internet Storm Center (they post a daily aggregate of the bigger security news), darknet (recently started reading, not sure how much I recommend it ar this point), and thehackernews. These are news sites... most of the time it's just data breaches and vulnerability news with lots of clickbaiting but every now and then you get a really good writeup on something.

The follow tech companies have security teams that publish some really cool research to get a view on how the more sophisticated attacks work: dell security,trendmicro, sophos, Symantec (their products suck, their security research team seems pretty good)

Tell him to find some labs for setting up vm's and playing around. I'll have to see if I can find a link to a fun windows xp lab I was working in where you hook into the debugger and start playing with buffer overflows and evading Antivirus detection.

Also tell him to grab security onion and look for tutorials/labs. It's a vm that comes with tons of tools he could spend weeks playing with and just get his feet wet: https://securityonion.net

 

 

Edited by tshile
  • Like 3
Link to comment
Share on other sites
tshile

tshile

Posted
Posted (edited)

Hey, the good news about trying to get into cyber security is that you can take yourself as far as you want to go.

The bad news is, so can everyone else. It's highly competitive. So unless you want to be a report generator and distributor, you have to work hard to get to a level where the people that do the fun stuff want to hire you. There's nothing wrong with the lower level monitoring, report generating penetration testing, policy/procedure writing/auditing, etc. Those jobs probably aren't going away anytime soon. They pay well. You can do a good job there, enjoy it, and make a career of it. But there's a huge difference between the people that do those things, and the people that are hired to do hardcore testing on systems, or do research on the latest state-sponsored malware that was found, or even better do whatever it is our alphabet soup agencies do :)

You have to be careful how you 'play'... new interpretations of federal laws have made 'playing' something that can put you in jail if you do it wrong.

Here's some more resources, now that I had a minute to comb through my bookmarks... at least twice in the last 5 years i've seriously dug into teaching myself this stuff, with some reasonable levels of success, but for multiple reasons it's just hard to dedicate the time required to get to a point where i could look for a new job to *actually* switch into it full-time.

BackTrack Linux (sort of like security onion, more toys) - http://www.backtrack-linux.org/

Over the Wire's wargames - really fun tutorials, start with bandit and work your way up - http://overthewire.org/wargames/

HackThisSite - another training/wargames site - https://www.hackthissite.org/

Lena's Reverse Engineering tutorials - https://tuts4you.com/download.php?list.17

 

 

Edited by tshile
  • Like 2
Link to comment
Share on other sites
tshile

tshile

Posted
Posted (edited)

http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf

Quote
Off-Path TCP Exploits: Global Rate Limit Considered Dangerous
Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, Lisa M. Marvel
University of California, Riverside, US Army Research Laborator
 
Abstract
In this paper, we report a subtle yet serious side chan- nel vulnerability (CVE-2016-5696) introduced in a re- cent TCP specification. The specification is faithfully implemented in Linux kernel version 3.6 (from 2012) and beyond, and affects a wide range of devices and hosts. In a nutshell, the vulnerability allows a blind off-path attacker to infer if any two arbitrary hosts on the Internet are communicating using a TCP connection. Further, if the connection is present, such an off-path attacker can also infer the TCP sequence numbers in use, from both sides of the connection; this in turn allows the attacker to cause connection termination and perform data injection attacks. We illustrate how the attack can be leveraged to disrupt or degrade the privacy guarantees of an anonymity network such as Tor, and perform web connection hijacking. Through extensive experiments, we show that the attack is fast and reliable. On average, it takes about 40 to 60 seconds to finish and the success rate is 88% to 97%. Finally, we propose changes to both the TCP specification and implementation to eliminate the root cause of the problem.

 

Evey thing is fine, nothing to see here


*fire everywhere*

*sighs at the NSA office heard around the world*

it's surprising people working for an army research facility were able to release this report... if they were "allowed" then lol at what they must be exploiting now that they don't care about this :)

Edited by tshile
Link to comment
Share on other sites
tshile

tshile

Posted
Posted
Quote
2) perform TCP sequence number inference which allows the attacker to subsequently, forcibly terminate the connection or inject a malicious payload into the connection. We emphasize that the attack can be carried out by a purely off-path attacker without running malicious code on the communicating client or server. This can have serious implications on the security and privacy of the Internet at large

 

jesus....

this is bad.

Link to comment
Share on other sites
TheGoodBits

TheGoodBits

Posted
Posted

Solid post tshile. I see it all the time in my line of work (sales for a security company) with people trying out our software. Some guys will dive right in and get 90% of the configuration done before you even get them on a call. Others have to have their hand held through the entire process. In the end you can usually predict the overall success of a customer with the product just based on your initial impression of their level of expertise. 

 

  • Like 1
Link to comment
Share on other sites
Gamebreaker

Gamebreaker

Posted
  • Author
Posted

Great posts @tshile! (See we can agree about some things! :ols:

And thanks linking that Offensive Countermeasures book. Someone I know said it was a good resource for people looking to get into CyberSecurity( as well as the No Starch Press books) and seeing someone else mention it makes it a good deal to me. I like to learn as much as I can, and my company is slowly moving towards this industry in a lot of ways area. 

  • Like 1
Link to comment
Share on other sites
tshile

tshile

Posted
Posted
2 minutes ago, skinsfan_1215 said:

C U JO? 

it's more like the 34 second mark.

go to hackertyper.com

then watch it again.

twice they're showing a 'hacker' and i'm pretty sure he's just punching random keys into hackertyper.com.... :ols:

 

Link to comment
Share on other sites
tshile

tshile

Posted
Posted
3 minutes ago, skinsfan_1215 said:

I'm confused. :grumpy: 

Is it a real product or no? They've certainly gone above and beyond with their website and content.

It's a real product in the sense that someone is making it (or trying to solicit funding for it) and trying to sell it. That is a real commercial.

Whether or not it actually works or does anything close to what it is advertising is... well, it's being debated on the internet right now and it doesn't seem to be going in the favor of the company.

This company has a history of producing... shall we say... under-performing products.

my favorite part of the add, aside from the obvious use of hackertyper, is the part where they go "You've probably already been hacked"

the whole commercial sounds like something you'd see on SNL

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...