Skip to main content

Logo

CIS 75 - Principles of Computer Security - Shared screen with speaker view
kyle b
47:20
your brain corrects it
kyle b
47:58
we are symetricall (for the most part) on a vertical division
Sam Strelitz
48:50
Left and right are relative to which way you're facing, but up is the same direction regardless?
Luis Ayala
49:12
yes
Chris Copus
49:14
I did
Chris Copus
49:19
How?
Luis Ayala
49:25
yeah how?
kyle b
49:43
in the participants window
Ivers Spivey
49:44
participants
Joseph Calcagno
49:58
whats the static sound
Sam Strelitz
50:04
I hear it too
Jacobs Otto
50:08
yup
Sam Perez
50:08
yeah
Sam Strelitz
50:08
Yeah when you're not talking
kyle b
50:08
yes
Chris Copus
50:11
I still don't see it
Sam Perez
50:14
I thought my computer was broken
Chris Copus
50:17
But I did take role
Garrett Gordon
50:19
yes
Sam Strelitz
50:30
Is it Ivers?
kyle b
50:33
ground that mic!
Joseph Calcagno
50:35
its only when youre not talking
Edgar Austodillo
50:49
Are other people having trouble hearing mike?
Chris Copus
50:51
Found it
Joseph Calcagno
50:57
mike its your mic
kyle b
51:00
*applauds*
Jacobs Otto
51:01
Rip Ivers mic
Kevin Cameron
51:06
Text chat it is, then.
Joseph Calcagno
51:08
nvm gj
kyle b
53:30
yes plz
Kevin Cameron
56:46
fly naked!
kyle b
58:42
dang it bobby
kyle b
59:35
authenticity
Kevin Cameron
59:40
authenticity
kyle b
01:10:00
"while a breach of configdentiality always results in a breach of confidentiality, a breach of possesion doesnt always lead to a breach of confidentiality" - the book
kyle b
01:10:12
*sorrypossesion
kyle b
01:10:19
wrote that wrong
kyle b
01:15:05
network extortion
Luis Ayala
01:20:50
ATM’s
kyle b
01:21:31
most are iunternal
kyle b
01:21:47
nm
Kevin Cameron
01:22:53
I found a minor vuln.
Ryan Mock
01:28:29
what's an example of a not well know top domain?
Ryan Mock
01:28:42
known*
Sam Strelitz
01:30:40
Then router gives you an ip address
Edgar Austodillo
01:31:21
That was at Stanford right?
kyle b
01:34:51
can you give false information?
Jacobs Otto
01:35:23
https://whois.icann.org/en/lookup?name=lifealgorithmic.com
Garrett Gordon
01:36:00
.ru
kyle b
01:36:44
someone attack my site: kbruder.info/cis
Tony Farrell
01:37:14
How do you ask a top level domain if .cabrillo is there? and then how do you ask .cabrillo if .cis is there?
Garrett Gordon
01:37:17
my DNS registration through gsuite is private if you run who.is
Sam Strelitz
01:37:55
I figured out an attack against Kyle.
Jacobs Otto
01:38:05
Is it visiting his house?
Garrett Gordon
01:38:26
I want 0day.ru
Garrett Gordon
01:40:19
can I run openvas on www.cis.cabrillo.edu from AWS
Garrett Gordon
01:40:23
?
Jacobs Otto
01:40:59
Just write up a contract and claim you're an intrusion detection company. They'll pay you to hack them.
Garrett Gordon
01:41:13
lol.
Garrett Gordon
01:42:19
dig CNAME zerodaymasters.co
Garrett Gordon
01:46:27
so when we go IPv6 only there will be no more private addresses AND public addresses?
Garrett Gordon
01:47:10
*under normal circumstances
kyle b
01:48:24
got no answer from the outside
Jacobs Otto
01:52:17
I ran dig on opus-ii for opus-ii.cis.cabrillo.edu with +trace and got a few results that were NSEC3 and they have what look to be encrypted keys as names, what are those?
kyle b
01:52:31
no answer
kyle b
01:54:36
sweet!
garrett gordon
01:54:37
postfix?
Sam Strelitz
01:55:03
gmail!
Sam Strelitz
01:55:09
:)
kyle b
01:55:47
amazon
garrett gordon
01:55:51
lol
Ryan Mock
01:56:47
russia?
kyle b
01:57:00
the pentagon
garrett gordon
01:57:11
Shame on you mike, no AAAA for www.lifealgorithmic.com
garrett gordon
01:57:47
lol!
Jacobs Otto
01:57:50
haha
kyle b
01:57:52
lol
kyle b
01:57:57
dont tell graziani
garrett gordon
01:58:33
all my hosts are dual stack but ddns clients suck for ipv6
garrett gordon
02:00:19
ive only had my prefix reordered once in the last year so perhaps ddns wont be so important in the future?
garrett gordon
02:01:26
thats why you disbale snmp
garrett gordon
02:01:30
*2.0
Jacobs Otto
02:02:35
207.62.187.225 is cabrillo
garrett gordon
02:02:47
thats the gaeway
garrett gordon
02:02:51
*gateway
Jacobs Otto
02:03:00
ah
garrett gordon
02:04:54
opus is a vm i see
garrett gordon
02:05:22
Palo Alto, nice.
kyle b
02:05:48
firewall?
garrett gordon
02:06:02
Palo Alto firewall yes.
kyle b
02:06:08
$$$$
garrett gordon
02:06:13
$$$$$$$$
garrett gordon
02:06:41
too $$$$$ for me im afraid
kyle b
02:06:51
thats where my tuition is going
kyle b
02:10:02
thats great!
Sam Strelitz
02:28:34
With permission of the admin of the network?
bruce hartrman
02:28:43
asset inventory
kyle b
02:28:44
red team
Kevin Cameron
02:28:46
red team
bruce hartrman
02:28:53
(for uor company
Philip Lawrence
02:28:56
permission, your own eq
kyle b
02:28:57
*high fives Kevin*
Philip Lawrence
02:29:09
blueteam too
kyle b
02:29:17
never nmap your amazon VMs
garrett gordon
02:35:02
nmap scans are best thru torsocks
garrett gordon
02:36:26
tfw attacking PLCs listed on shodan with stock passwords
garrett gordon
02:37:28
I said this in aother class but as an IT consultant I would never open an IP cam to the net
garrett gordon
02:37:43
they should be innaccesible ecept thru a VPN
garrett gordon
02:38:16
prolli need active x
garrett gordon
02:38:49
dude!?!!
kyle b
02:39:05
shut down that nazi cam!
garrett gordon
02:40:08
many webcams the password doesn't even matter.
garrett gordon
02:40:20
LTS cams will dump the hash thru the right request
garrett gordon
02:41:00
thats why only my NVR can see my IP cams and I have to VPN in to see my NVR
garrett gordon
02:41:17
the cams are on a private swtch to where they will never see the internet
Jacobs Otto
02:41:23
ART 75
garrett gordon
02:41:59
hack me! vpn.zerodaymasters.co
garrett gordon
02:42:52
> having uPNP as an option on your firewall
garrett gordon
02:43:49
enterprise firewalls dont do upnp
garrett gordon
02:44:18
at least not sonicwall, zywall or sophos
garrett gordon
02:46:32
whats reverse nat? hows that work?
garrett gordon
02:47:54
ive scanned the entire ipv4 net in about five days
garrett gordon
02:49:28
comcast gives me a /60
garrett gordon
02:49:55
(0-f subnets)
Jacobs Otto
02:50:25
A bit greedy
garrett gordon
02:50:47
how'd you get a /48 wut isp?
garrett gordon
02:52:15
no need to be frugal with ipv6
garrett gordon
02:52:44
use a entire /64 for links between routers
garrett gordon
02:54:45
Ive found that most consumer routers dont allow you to open ports for ipv6 using stock firmware
kyle b
02:54:58
so when every fiber in every textile and building material on every planet and space station in every human inhabited galaxy has an IPv6 address the might run out
garrett gordon
02:55:51
use the privacy extension for global routes
garrett gordon
02:56:14
**GUA
garrett gordon
02:57:12
EUI-64 is the default on IOS
Chris Copus
02:57:32
hoo boy, flashbacks to linux networking class...
garrett gordon
02:58:51
priv extension
garrett gordon
02:58:58
is default on winblows
kyle b
03:01:39
dont most large manufacturers have more than one OUID?
garrett gordon
03:01:47
many
kyle b
03:02:39
still wouldnt take too long
garrett gordon
03:03:47
shenzen? how much you wanna bet that is in many, many devices
garrett gordon
03:06:05
gopher
garrett gordon
03:06:50
telent over serial is fine
garrett gordon
03:12:08
My webserver uses UFW directly off the net with Security Onion for IDS. Bad idea?
garrett gordon
03:14:53
need sudo tho
garrett gordon
03:16:20
thankfully I have couple kali vms in your network
garrett gordon
03:16:54
(tells rich parrot is better)
garrett gordon
03:17:06
*tell
garrett gordon
03:26:19
how to you setup ldap over ssl?
garrett gordon
03:26:25
I want that @ home.
garrett gordon
03:30:09
vnc advertises the user?
garrett gordon
03:31:03
these must be vms
garrett gordon
03:31:11
probably vmware vnc
garrett gordon
03:32:40
its scarry what Spiceworks can come up with
garrett gordon
03:33:07
in terms of what patches are available etc
garrett gordon
03:34:02
i have to do an nmap scan everytime i add a new static device
garrett gordon
03:34:14
so i dont step on addresses
kyle b
03:34:27
maybe someones outside in a van connected to your wifi..
garrett gordon
03:34:52
having your wifi on the same subnet is a bad idea
kyle b
03:35:28
Krack
garrett gordon
03:35:37
exactly
garrett gordon
03:36:10
don't use wifi for sensitive data
garrett gordon
03:36:35
static route
garrett gordon
03:36:55
nothing normal works at my home
garrett gordon
03:37:16
using enterprise equipment @ home has its drawbacks
kyle b
03:37:18
I wish i had some sensitive data to protect....:(