Recent content by Lob

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  1. Lob

    OpenCanary: 197 Days in the Wilderness

    I knew this would fall into the tyranny of the default!! :D
  2. Lob

    OpenCanary: 197 Days in the Wilderness

    In May 2022, I experimented with putting OpenCanary into an Oracle Cloud Ubuntu VM. It was a quick and basic implementation with the following ports open: FTP (TCP 21) SSH (TCP 22) TELNET (TCP 23) HTTP (Synology DSM skin, TCP 5000) I left it to fester and, as I recently implemented a more...
  3. Lob

    Password managers

    LastPass seems to have had data lifted based on some secrets that were lifted when they suffered a breach in August. A little embarassing: https://www.bleepingcomputer.com/news/security/lastpass-says-hackers-accessed-customer-data-in-new-breach/ Quack quack oops! :o
  4. Lob

    TailScale

    Dear Tailscale friends. Update your Windows software.
  5. Lob

    Browser Isolation

    I know what you're saying, you can counter as well if the box is patched and the users have no elevation rights then something persistent would be in the user realm (barring zero day flaws of course). For free, I think it's better than nothing....
  6. Lob

    Browser Isolation

    After thinking about airgapping the browser some years ago and forgetting that idea (metaframe browsers are expensive), I built out a theory that everyone could use - for free: https://sc.ciso.pm/browserisolation TL;DR: Isolating the browser you use day-to-day from the environment your data is...
  7. Lob

    FYI A public service announcement: CPEs

    @Steve The CISSP Official Study Guide, 9th edition, features 3 Dumb Routers on page 384, chapter 9 about Security Vulnerabilities, Threats, and Countermeasures That's in addition to the chapter 8 mention of SN-646 :D You've arrived, at last :D :D :D
  8. Lob

    SN-896: Vulnerability scanning

    On the topic that @Steve mentioned of the UK NCIC scanning IP ranges in the UK for what lights up (no just web servers), this actually is a good thing and a monster task to perform. What is important to remember is the appliances will map the entire IP space and will record what answers on many...
  9. Lob

    what did they do?

    This is all I can see in this thread. Maybe they have been watching..... :D
  10. Lob

    The risk of being there and being caught

    Spurred on ny SN891 and the risk of an attacker being there and being possibly caught, it reminded me of this work by the Chaos Computer Club. https://www.ccc.de/en/updates/2022/chaos-computer-club-hackt-video-ident I had to assess this at work because we use video identification in certain...
  11. Lob

    Public VPN Security. I agree and I don't.....

    The latest SN (Episode #891 | 04 Oct 2022) has a mention of some assessment of what a "public" Wifi network could present as a risk to someone using it. Given the prevalence of TLS connectivity, I do agree that a random, boring nobody like you or me is unlikely to be at risk of some attacker...
  12. Lob

    FYI A public service announcement: CPEs

    @Steve .... I think I was in before the masses :;D It used to be the case until about 3 years ago that (certainly ISC2) podcasts were not categorised and you had to shoehorn your CPEs into a different category. I've been putting SN in for my CPEs on my CISSP since 2011 (when I did the exam)...
  13. Lob

    EvilProxy

    Looking more into this, it's not going to matter. You're not hitting their domain, you're hitting the scammer proxy.....so not clicking on links and using a password manager like Bitwarden - which will see the domain not matching - is a good defense. I work for a bank and our 2nd factor is...
  14. Lob

    EvilProxy

    and hope your DNS is your DNS and not someone else's ;) If your bank does pinning and HSTS, this will help a lot......once you've been to their site.
  15. Lob

    Which Sci Fi book to start with?

    Andy Weir's Project Hail Mary. A sci-fi story, a life story and very inspiring* *except to my wife who did not care when I told her about it :D