Collaborate Disseminate
If we have a private network connected to the Internet with NAT, how can an attacker estimate the number of host computers in network using port scanning?
For both possible modes, the attacker inside and outside the private network.
Continue reading Estimate the number of host computers on the private network by port scanning
A few weeks ago I wrote an ISC diary about a piece of malicious code that used ngrok.io to communicate with the C2 server. Just a quick reminder about this service: it provides a kind of reverse-proxy for servers or applications that people need to publish on the Internet. I
The post What’s Hosted Behind ngrok.io? appeared first on /dev/random.
Does normal network traffic sent out by software or anything else use port scanning for legitimate reasons?
I’m using psad on my linux server and am unsure if setting the auto-ban IP feature on danger level 1, which equals to 5 sent packet… Continue reading Is port scanning used by software for legitimate reasons?
Is there a way to bypass filtered ports with nmap? If the port is blocked by a firewall or other obstruction is there any way to bypass it and get information about the port. Here is an example:
Host is up (0.036s latency).
Not shown: 997 … Continue reading Is there a way to bypass firewall/ obstructions with nmap?
I published the following diary on isc.sans.edu: “Mirai-alike Python Scanner“: Last week, I found an interesting Python script that behaves like a Mirai bot. It scans for vulnerable devices exposing their telnet (TCP/23) interface in the wild, then tries to connect using a dictionary of credentials. The script has been uploaded to
The post [SANS ISC] Mirai-alike Python Scanner appeared first on /dev/random.
For quite a long time, I’ve been calculating hashes for files locally on my computer and then made requests such as:
https://www.virustotal.com/ui/files/681957ff1329e862362c074866ac1d1365739a9cd8baa9fc946cc2cf9dc052e3
That normally return… Continue reading Is there a non-Google VirusTotal alternative which actually works and doesn’t harass me? [closed]
I am pushing my way through some beginner level security readings and exercises (ECSA 1 & 2) without much of a networking background. I happened upon an interesting suggestion or command: to use nmap -sU -p 23 target to find out if a t… Continue reading Are there reasons to match the target port/service protocol when doing a scan?
Sometimes, using the original version of a software (i.e. untranslated) would be more practical as I get updates more frequently. In that case, it would be a japanese software.
However, my researches so far show that (Windows 10, latin ver… Continue reading Can antiviruses handle non-latin symbols? [closed]
I got a Trojan today and so installed Bitdefender Free version and started a System Scan. Why is it stuck at 4% for the past 1 hr 21 mins?
Continue reading Why my Bitdefender scan is at 4% after 1 hr 20 mins? [closed]
How do I test an mp4 for the whatsapp buffer overflow attack CVE-2019-11931?
I downloaded the mp4 file via https://web.whatsapp.com/ in a sandboxed browser on a test vm.
Android WhatsApp Version: 2.20.197.17
Continue reading How to test an mp4 for whatsapp buffer overflow attack CVE-2019-11931?