Collaborate Disseminate
My environment has a variety of operating systems (Windows, Linux, etc.), servers and applications. Infrastructure scans are showing old versions of TLS that need to be disabled at the OS level, while DAST scans are likewise showing old ve… Continue reading Should old versions of TLS be disabled at the OS level and the server level?
I am on Ubuntu 22.04.
I noticed that the tty which runs the Ubuntu GUI periodically changes from tty2, to tty3, what is the reason for this?
I also noticed other UID changes, for instance tty1 has always been the login screen but I recentl… Continue reading Why does the UID of /dev/tty1, tty2 change preiodically on Ubuntu 22.04
I am trying to find out-of-support operating systems in my environment via logs. I can query log data to get installed OS, but I need to compare that to what is currently supported. Ideally I would have this auto-update and build a dashboa… Continue reading Official, Up-to-date List of Supported Operating Systems (Windows, MacOs, Linux, etc.)
I’m using the open source version of Tripwire on Ubuntu 22.04. Right now when a file is modified Tripwire will document this in the integrity check with an "Expected" vs "Observed" section, outlining things like md5 cha… Continue reading Can you configure Tripwire to produce an actual diff between modified files
When I say NAT I am talking purely of the Network Address Translation protocol (NAT Overload or PAT). NOT discussing combination devices that have security features.
With that out of the way,
How is NAT NOT a form of security?
Because you … Continue reading How is NAT NOT a layer of security? [closed]
Writing an operating system for a computing platform is one of those non-trivial tasks few people actually need to do, regardless of whether it’s for a small microcontroller or a …read more Continue reading KittyOS: Writing A Toy OS For The ATmega168 From Scratch
I am tasked with auditing the default configuration (system configuration, default applications…) that is set for some computers before they are given to users.
Though I have never seen it anywhere, I feel it would make sense to check wh… Continue reading System audit of hardened device regarding certificate handling
The question is mainly stated in the title. I was wondering what kind of attacks can be launched on such a setup, where someone has access to a running OS with locked screen (needs password for the user to enter). One possibility I can thi… Continue reading What type of attacks can be carried against an OS with FDE, if we assume OS and FDE are implemented correctly?
whats so special about kali? is there some suite that just run on kali and won’t on other distros/mac? is it just marketed better to the infosec community?
Continue reading Objectively, what can you do on kali that you can’t do on a mac?
I’m having an issue trying to find decent queries that system admins and penetration testers use.
I’ve tried googling and i’ve even taken a class to try to understand it better.
Here are some of the queries I’ve used and I hope you want to… Continue reading Easy to run DSquery’s for pentesting and etc [closed]