TheGoodBits Posted August 11, 2016 Share Posted August 11, 2016 Got it. I was thinking there was some underlying joke with the entire ad that was completely going over my head. But C U JO as in "see you jerk off" is a really awesome name for the product. 1 Link to comment Share on other sites More sharing options...
The Evil Genius Posted August 11, 2016 Share Posted August 11, 2016 (edited) Can (and is it easy) to hook up a spare router to an existing cable modem/router? I want to be able to bring internet access to my old 360 but in order to do so I need a hardline into it (and don't want to spend the money for the wifi adapter). I've looked at powerline extenders, but being cheap I thought that using a spare router might make the most sense. Is it possible/difficult to hook up it as a wireless access point? edit..I should note that I would want to connect the spare router to the existing primary router wirelessly. Edited August 11, 2016 by The Evil Genius Link to comment Share on other sites More sharing options...
Gamebreaker Posted August 11, 2016 Author Share Posted August 11, 2016 @The Evil Genius Yeah, you can find a cheap DLink router for home use to do that for you. Set the WAN IP to DHCP, use an ethernet cable to connect to the 360 and you should be good to go. I'd probably go with using a different LAN subnet than the one you're using for WiFi. 1 Link to comment Share on other sites More sharing options...
NoCalMike Posted August 11, 2016 Share Posted August 11, 2016 So looks like my "printer issue" I inquired about a month or so ago was actually a computer issue. The computer was on the fritz and for some reason it wasn't properly communicating with the printer. Once I switched it out with a new PC, everything has been working fine ever since. 1 Link to comment Share on other sites More sharing options...
Elessar78 Posted August 17, 2016 Share Posted August 17, 2016 chromebooks? yea or nay for basic functions like word processing and internet surfing? Will MS Office run locally on a chromebook or does it have to all be cloud-based? Link to comment Share on other sites More sharing options...
HOF44 Posted August 17, 2016 Share Posted August 17, 2016 Tshile, could you have some fun with this toolkit?? https://www.washingtonpost.com/world/national-security/powerful-nsa-hacking-tools-have-been-revealed-online/2016/08/16/bce4f974-63c7-11e6-96c0-37533479f3f5_story.html?hpid=hp_rhp-top-table-main_nsa-0755pm%3Ahomepage%2Fstory 1 Link to comment Share on other sites More sharing options...
Gamebreaker Posted August 17, 2016 Author Share Posted August 17, 2016 31 minutes ago, Elessar78 said: chromebooks? yea or nay for basic functions like word processing and internet surfing? Will MS Office run locally on a chromebook or does it have to all be cloud-based? Hmm, I'll say yea for internet surfing but nay for basic functions like word processing. It is harder for them to get compromised since the hard drive isn't used for user data, just the OS. It does not run MS Office, but you could put MS Office documents on Google Drive and edit them from there. 1 Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 4 hours ago, HOF44 said: Tshile, could you have some fun with this toolkit?? https://www.washingtonpost.com/world/national-security/powerful-nsa-hacking-tools-have-been-revealed-online/2016/08/16/bce4f974-63c7-11e6-96c0-37533479f3f5_story.html?hpid=hp_rhp-top-table-main_nsa-0755pm%3Ahomepage%2Fstory The interesting thing is theyre all from 2013. I'd be curious how many still exist. I wish I was retired or rich and just doing nothing, so I could find time to play with that stuff. I'd love to just dig through the code and see what they're doing. I'm real curious how long they were in the NSA's network and how they got in. Link to comment Share on other sites More sharing options...
Gamebreaker Posted August 17, 2016 Author Share Posted August 17, 2016 I was under the assumption the NSA stuff was exposed because someone got careless and mishandled it outside of their network, and not that the NSA was hacked itself. But I'd believe either scenario honestly. Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 I haven't read much since the initial story broke. The initial story said there were multiple versions with development style documentation, including help strings, and other items that made it sound like it was a copy of a repository, not just random scripts thrown together. So my assumption was access to the repository inside the network, though it could also be someone just had a copy of the repository outside the network. Been swamped lately so I haven't read much. 1 Link to comment Share on other sites More sharing options...
TheGoodBits Posted August 17, 2016 Share Posted August 17, 2016 (edited) 32 minutes ago, tshile said: I haven't read much since the initial story broke. The initial story said there were multiple versions with development style documentation, including help strings, and other items that made it sound like it was a copy of a repository, not just random scripts thrown together. So my assumption was access to the repository inside the network, though it could also be someone just had a copy of the repository outside the network. Been swamped lately so I haven't read much. I'm going to try to dig up the article I read earlier but there was speculation it was something as simple as an someone on the inside loading it on an USB and taking it out as opposed to the NSA actually being breached. The assumption was the Russians are the ones selling/leaking this in retaliation for possible incursion attempts by the NSA over the DNC hacks. I believe (this is what I have to check) that the article said there was nothing in there more recent than 2013. Meaning it very well could have been Snowden. Which leads me to speculate that the Russians have had it all along (part of the deal for his asylum). Edit- yeah, this isn't the same article but references the same info about the files being from 2010 to 2013. https://www.google.com/amp/s/techcrunch.com/2016/08/17/cisco-and-fortinet-say-vulnerabilities-disclosed-in-nsa-hack-are-legit/amp/?client=safari Edited August 17, 2016 by skinsfan_1215 Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 The one I read from Scheiner said it doesn't match anything else Snowden took/released (which was just documentation and presentations of capabilities) and that it's likely the nsa shut down whatever the access was when the Snowden thing happened. Link to comment Share on other sites More sharing options...
TheGoodBits Posted August 17, 2016 Share Posted August 17, 2016 1 minute ago, tshile said: The one I read from Scheiner said it doesn't match anything else Snowden took/released (which was just documentation and presentations of capabilities) and that it's likely the nsa shut down whatever the access was when the Snowden thing happened. Yeah that's possibly the case as well. Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 Haha holy crap, I'm just catching up. That dump has some crazy stuff in it. All those cisco devices Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 Couple links here about it. Looks like it's a group linked to (ie:paid by) the NSA: https://threatpost.com/shadowbrokers-leak-has-strong-connection-to-equation-group/119941/ https://threatpost.com/cisco-acknowledges-asa-zero-day-exposed-by-shadowbrokers/119965/ Schneier's article when it first dropped and the analysis at the time (the only one I had read until now): https://www.schneier.com/blog/archives/2016/08/major_nsaequati.html Link to comment Share on other sites More sharing options...
TheGoodBits Posted August 17, 2016 Share Posted August 17, 2016 4 minutes ago, tshile said: Haha holy crap, I'm just catching up. That dump has some crazy stuff in it. All those cisco devices How many millions of ASAs are out there? Nuts. 2 Link to comment Share on other sites More sharing options...
tshile Posted August 17, 2016 Share Posted August 17, 2016 (edited) "Cisco said its Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco ASA 1000V Cloud Firewall, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA, Security Module, Cisco PIX Firewalls, Cisco Firewall Services Module (FWSM) are affected." For the people reading who dont know what that stuff is, they are firewalls/switches, and they are used for core networking traffic and to protect your network from the Internet (firewalls) And those aren't models. They're series of models. They have many generations, iterations, etc. That is a huge list. Edited August 17, 2016 by tshile Link to comment Share on other sites More sharing options...
Gamebreaker Posted August 18, 2016 Author Share Posted August 18, 2016 The gloating from one of my directors is going to be nauseating. He hates Cisco, but particularly the ASAs. Link to comment Share on other sites More sharing options...
tshile Posted August 18, 2016 Share Posted August 18, 2016 (edited) 1 hour ago, Gamebreaker said: The gloating from one of my directors is going to be nauseating. He hates Cisco, but particularly the ASAs. I hate Cisco because they destroyed their small business stuff. It's just become terrible. They're still among the best for enterprise grade stuff, though palo alto juniper and others are pretty good too. The real issue here is that CISCO (especially in 2013 and before, which supposedly this stuff was developed) dominated the market. We're talking domination the way Microsoft dominated the consumer and (still dominates) the business markets. So... they wrote the stuff to work against the ones most likely to be used. Fortigate, Cisco, Juniper... It's like Apple people gloating about lack of viruses. Congrats, you're < 10% of the market share so no one targets you. You sure are better. They sure as **** don't have trouble breaking into obscure proprietary equipment when they need to. They just need a reason. When they get one, they typically have zero issues. Their biggest issue is jumping air gaps, followed closely by finding a way to purchase the equipment to practice on without creating an easy to find link between the attackers and the attack (oh NSA purchased this scada system 2 months before the nuclear plant was hit? gee i wonder if they're linked.) See: all the recent manufacturing equipment that's been compromised, the nuclear plant control systems issue, etc. Edited August 18, 2016 by tshile 1 Link to comment Share on other sites More sharing options...
Renegade7 Posted August 19, 2016 Share Posted August 19, 2016 (edited) I agree this looks more like the tools got out (either carelessness or malicious) as opposed to someone breaking into the NSA for their tools. Need to read more on this, but this is another one of those "can't have it both ways" trying to make networks more secure while at the same time Government is sitting on that many tools and exploits without telling the effected companies / vendors. Edited August 19, 2016 by Renegade7 Link to comment Share on other sites More sharing options...
tshile Posted August 22, 2016 Share Posted August 22, 2016 I'm creating an audit for the new guy to go through on our systems. This way he'll get to see everything at least once, so when he goes to fix something at least it's not the first time he's seen the setup. it's currently 3 pages long. *sigh* Link to comment Share on other sites More sharing options...
Renegade7 Posted September 6, 2016 Share Posted September 6, 2016 Watching Mr. Robot now. The more I think about it, especially after those NSA tools ended up public, there's no way the Government can protect us if they insist on hiding zero-days they find from us. That's very different from making targeted attacks from scratch like Stuxnet and Flame. Link to comment Share on other sites More sharing options...
dfitzo53 Posted September 6, 2016 Share Posted September 6, 2016 My elective this grading period is game design. We'll get some kids practice in Unity 2D and then hopefully send a team to the Game Jam downtown. I'm pretty happy about it. Link to comment Share on other sites More sharing options...
Springfield Posted September 6, 2016 Share Posted September 6, 2016 4 minutes ago, Renegade7 said: Watching Mr. Robot now. The more I think about it, especially after those NSA tools ended up public, there's no way the Government can protect us if they insist on hiding zero-days they find from us. That's very different from making targeted attacks from scratch like Stuxnet and Flame. ELI5 please Link to comment Share on other sites More sharing options...
Renegade7 Posted September 6, 2016 Share Posted September 6, 2016 42 minutes ago, Springfield said: ELI5 please A big problem right now is that companies don't like admitting they've been hit by a cyber attack, or better yet, sharing that information with other companies so they don't get hit, too. I think you just want me to elaborate a little, and I'll try before I end of up falling asleep. How can the government possibly hope to facilitate those conversations and information sharing when they're not only hiding the "zero day attacks" they find, they are actively using them? Worse, they are making hacking tools around these exploits they aren't telling anyone exist (that effect a helluva lot of people) and can't keep them from leaking to the public. Stuff like this is having manufacture's like Cisco scrambling to clean their house in a way that could've totally been avoided (a lot of trust in Cisco and the US Government has been eroded since PRISM was made public, and this certainly doesn't help). I get that its a dangerous world, and that's why I still support advanced, state-built cyber weapons when dealing with other nation states. US Government's hands are tied in the amount of red tape and congressional approval needed to truly focus on helping the public sector play defense in the cyber security world (and big reason federal agencies are still getting hit as well). It just feels like the emphasis is too much on Offensive Cyber Security from a government perspective via things I read like SANS newsletters. At the end of the day, there's too many targets getting hit to not make defense a higher priority, and a lot of that starts with communication with what's out there and how the attacks are being carried out / being used. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now