Skip to main content

Logo

CIS 75 - Principles of Computer Security - Shared screen with speaker view
Ciaran Farley
35:37
haloween candy is 30% off at target in capitola, just spent $15 there before coming to class
Ciaran Farley
36:21
I was at school till 11pm last night doing theater tech so I didn't get to do haloween
Jacobs Otto
37:13
Uh oh
Ryan Mock
38:02
Do you have an example project we can see?
Ryan Mock
47:42
Do you have an example of a risk assesment and report from a professional that we can see?
Sam Perez
49:19
it took us about four hours to get OpenVAS functional
garrett gordon
49:31
Kali and Parrot make it super easy
garrett gordon
49:41
apt install open-vas
garrett gordon
49:45
openvas-setup
garrett gordon
49:47
done
Sam Perez
50:06
^^^
Jacobs Otto
50:29
I really like the idea behind this project but I’m in the same boat, a total newbie to any of this
garrett gordon
50:48
whoops; **apt install openvas
bruce hartman
53:23
where is the delineation of CIS lab vs the network?
luis ayala
53:38
nessus is another scanner that can be used along with openvas
Jacobs Otto
01:02:50
No worries, there’s always a semester or two of figuring stuff out. Thanks for the reassurance
Philip Lawrence
01:04:00
nmap -T4 -A -v 172.30.5.0/24 -oX [filename]
Philip Lawrence
01:04:15
.xml
bruce hartman
01:04:36
I was able to save the scans to .xml
bruce hartman
01:05:13
which is great for reloading into zenmap... but how do I get it into an xls :)
Philip Lawrence
01:05:37
no idea. lol
Chris Copus
01:09:21
Make backing up and upgrading VMware a lab for all classes. Boom, free manpower.
Sam Strelitz
01:10:05
We might break something...
Chris Copus
01:10:10
I don't think you want ME doing it
Jose Garcia
01:10:45
breaking things is fine as long as you learn
Jacobs Otto
01:10:46
Keep it under 20 cans and you’ll be fine
Kevin Cameron
01:11:08
Ugh, I've got enough VMware from 174, thanks.
Jose Garcia
01:11:20
second that
Ciaran Farley
01:20:05
are there any non cs or cis teachers that have opus accounts ?
Ciaran Farley
01:26:59
when I was setting up my web server it said to use "chmod 755 *" what are the numbers ?
garrett gordon
01:29:23
same as +x pretty much
garrett gordon
01:29:48
kind of
garrett gordon
01:30:00
makes it executable and chages some other persmissions
garrett gordon
01:30:37
would be rwxr-xr-x for all files in the directory
Chris Copus
01:30:59
Whoa, when did Rich Simms get here?
garrett gordon
01:32:21
for the chmod 755 question I suggest you rad stackoverflow
garrett gordon
01:32:25
*read
Ciaran Farley
01:38:59
how do you change a users "main" group?
Ciaran Farley
01:43:10
can you make it so a user can exicute a file but not read it? so like they can run it but not know what it is they are ruinning ?
Ciaran Farley
01:50:33
what is the difference between users and everyone ?
Jose Garcia
01:50:43
there can also be share permissions
Ciaran Farley
01:50:48
how are people connected over samba permed ?
luis ayala
02:01:47
you can use maltego to go through facebook post and gather info for a tailored password list
Sam Perez
02:04:51
i read a story today on twitter that a girl got expelled from her university because she was posting racist remarks about her roommate and what she would do to her personal belongings when she wasn't there
Sam Perez
02:04:58
so yeah... beware of social media
Kevin Cameron
02:09:16
The real way you sway an election is to keep people who should be voting from doing so.
Jose Garcia
02:09:20
I don't think trump cares
kyle b
02:22:10
absolute power corrupts absolutely
kyle b
02:22:15
-lord acton
Ciaran Farley
02:25:10
is a fingerprint a have or an are ?
Jose Garcia
02:25:40
an are
Jose Garcia
02:26:54
we use toe prints at our work
Ciaran Farley
02:27:05
so if you like crash on your bike and have gnarly road rash face id probably wont work anymore
luis ayala
02:27:42
iPhone X
Jose Garcia
02:28:07
I can open my phone with my drunk face
Sam Strelitz
02:28:17
password + fingerprint
Chris Copus
02:28:28
Having a code sent to your phone to log in to your email
Jose Garcia
02:29:09
computer cert and password
Ciaran Farley
02:29:33
how would you implament someone being able to log into your website by plugging in a usb fingerprint reader and scanning their finger ?
Chris Copus
02:30:10
Something useless you have
Kevin Cameron
02:30:24
If someone stole your fingerprint records or a picture of your face, would it be something you are anymore?
Sam Strelitz
02:31:17
Use the fingerprint reader to make a hash code, that is then used as a key used as a challenge repsonse from the web server?
Sam Strelitz
02:32:45
It's a response to the web site fingerprint question
Ciaran Farley
02:35:25
could you use the hash of your fingerprint read as your password or would it change if you put your finger on in a slightly different possition
Sam Strelitz
02:44:01
The algorithm of fingerprint reading would have to handle that, and it's likely it already does in current fingerprint systems.
Sam Perez
02:44:48
coca cola has motion sensors on their vault for a reason...
Sam Strelitz
02:44:58
Actually you could just set up a secure connection and send the fingerprint data, although hashes tend to be more secure.
Sam Strelitz
02:53:09
Janitor?
Jose Garcia
02:53:39
sally is a half time janitor
Jose Garcia
02:54:16
give us a deal or hold it
Ciaran Farley
02:56:22
a visual representation ?
Alejandro Jara
03:03:42
yaaaaaay!