Random_N00b

I'll have to take a look! Thanks!

I'm very aware of the distinction between "hackers", "crackers", and other. I'll still give that a good google though, I may learn something. I think what I was remarking on was the knee-jerk reaction to the term "hacker". I think what a lot of people think of when they hear "hacker" is that guy who steals their bank account information, or dare I say it, "anonymous". What people fail to realize is a "hacker" is the guy who takes that piece of electronics and figures out how to do something the manufacturer and designer never would have never dreamed possible. Or the guy (or gal) who figured out that some protocol that was supposedly secure has a gaping hole in it, or that the password hashes are easy to break, etc. Now, the way I look at this site, and others like it, is simply presenting information. What you choose to do with the information is up to you. Just because you can break into someones system doesn't mean you should. Myself, personally, I'm just some random noob here who is interested in knowing where the weak points are, so I can make sure I don't leave those open on my professional networks that I'm responsible for setting up.

That's...sad. I'm interested in learning more, but I almost feel like I'm a criminal for going to "hacker" websites. I feel the government is cranking down on it's control of information. How long before they go, "Hmmm, you know China, we like what you got over there?" With DPI getting passed I know it's a matter time at this point...Maybe I'm just ignorant. Or haven't looked up enough. I thought my SSH tunnel was secure if that tells you anything.

Thanks for the responses. I'm just hearing about this for the first time. Not sure why they are making a big deal about it now, especially how long this threat has been around.

I get the Comp TIA Smart briefs, and one thing that recently caught my eye was a link to a Reuters article talking about how the US Government is apparently warning people to disable UPnP on network devices because of a security flaw. Now, I'm not in the best situation as far as news goes right now (Out of the US in a 3rd world country), so I'm not sure if this is all over the news, or is old news. Either way, have you in this community heard anything about this or are familiar with it and why UPnP is a big issue right now? Thank you.

For the purposes of security testing, and I really do mean that, I think I'll throw one of my password hashes into Cain and Able. The only problem is, I've never worked much with it, and never got it working. However, this isn't an issue for this forum. Actually, I think it's on Hiren's...

I'm going to put my 2 cents in on this. I just implemented a system to get around a restrictive DNS server that was being hosted on the default gateway, and simply setting a new DNS server in my internet options did not work. I think it can be used to help in this situation. If I'm not mistaken, packet sniffers like wireshark can pick up DNS requests that go over the network. While you may have your traffic encrypted and proxyed through an SSH tunnel/SOCKS Proxy, someone with a sniffer out would still be able to pick up on DNS requests. What I was able to learn through asking on this site was that Firefox has a great setting in it's "about:config" where you can tell it to put DNS requests through the proxy, allowing for those requests to be encrypted and handled by your remote server. (This is done by setting the value network.proxy.socks_remote_dns to "true") While this will not stop someone from stripping SSL, it will still deny someone with just a sniffer that piece of information. This may be common knowledge, and I didn't know that. If it is, my bad. Either way, that's my 2 cents, take it for what it's worth.

Did not know that. I mean, I was sure that it worked at one point, but for the time that I've been in the industry (about 4 years) I've never seen that tool work. Maybe on the default IOS's, but I've never tried it. Also, if you're to the point where you're trying to decrypt the hash, you can probably just do a password recovery. Probably be easier.

You could try and get in contact with user "plazmatron". I saw in his signature a couple linux certs, linux + being one of them.

You're from Michigan, aren't you? Didn't the State Government overrule that collective bargaining that the voters shot down, or something? Either way, my 2 cents worth, coming from a former Michiganer, is to take the money, job, and experience. While you may not agree with paying the Union dues and such, the thing I see is that while you are at this job, you will be able to demonstrate your skills and abilities, make new fiends and acquaintances, develop your skills and yourself, network to hopefully get a better job, and hopefully learn some new things from someone who knows more than you. At the very least, if you do well at this job and make those connections, you may be able to get some good recommendations and such from people you worked with. Sometimes, it's not who you know, it's who knows you. Hope this helps. Also, the job outlook in Michigan scares me, that's why I got out.

Now, I can't speak for my work, as I am not allowed access to the information on the automatons side of the house, but from being a user on the network, I know that a version of Bluecoat is used, and that a proxy server is used that we log in to (firefox and IE). The only problem I have with Bluecoat is that at times it is too restrictive. Sites that I've had to get to for school have been blocked, along with some legit news sites.

First off, OP shouldn't have to block out the password information. Username, maybe, password, no. The passwords are encrypted in the config by: switch(config)#service password-encryption in older IOS versions. I know the newest version of IOS for 3750 (all versions that I'm aware of in the catalyst series of switches) supports a new command which encrypts the password and is integrated into the user command. It is: switch(config)#username <user> privilege <1-15> secret <password> If you were to use the username of bob, and wanted him to be fully enabled upon login, and have the password of password123, it would look like: switch(config)#username bob privilege 15 secret password123 A "show run" command would show the line as: username bob privilege 15 secret @ts24%s0asr42siowd42$ or some other hash However, still probably not a bad idea to block that line out. I am aware of some tools (Solar Winds Engineer Toolset) that come with Cisco password decryptors, but I have never seen it actually work.

Thank you. I'll be sure to take a look at that.

I just got an offer to take a Comp TIA exam for free. It's the new Cloud Plus cert. I don't know anything about "The Cloud" in reference to what this exam is. Yes, I understand "The Cloud" is the internet. I just know nothing about cloud computing. Anyone know of any good resources for learning about cloud computing? Thank you.

Awesome. I have a project for after my CCNA. Thank you so much. Hopefully, I'll be able to Q you up later.

I'm going to piggy back on this forum and ask if anyone has any good resources for learning the material for getting a Technician license? I've heard of qrz.com. Anyone know of anything else?

Thank you again for all the replies and help. I'm still working out security risks and such. I now realize with just a web server on a VPS how much I'm in over my head. For example, I'm pretty sure the file permissions on my server are wrong, as I think I'm giving the "other" group read/write. Yeah, I need to take another look at that.

Thank you for the help. Now, before, when I had a server set up in my home, I only allowed access via password-protected keys. If I wanted to access it from the outside (like on my Android phone, or any SSH Session), I had to select my key and put in the password for it. I was still new (still am), was that a sound practice?

Sounds like I need to learn more about Apache, authentication, and certificate management. Thank you!

Actually, this is up the same ally as a question I was about to ask. I'd like to share some files on a CentOS server, but don't really know the best way to do it. I thought about a SAMBA share, but it's full of holes and not good practice. Ideally, I'd like to be able to go to a link, get authenticated, and allowed to browse files and download them. Is anyone aware of a good, mostly safe way to do this? Thank you.

That was exactly what I needed. Thank you. Now my DNS requests are going over my SSH Tunnel and bypassing the restrictive and filtering DNS on the Default Gateway. I was not aware of that feature in the config part of Firefox. Thank you for making me aware of it. Now, because I'm still new, did I miss something common or is this something I should have known? Also, question answered/problem resolved. Admins, please mark thread accordingly. Thank you.

Right now I'm trying to help someone who deleted their FB, then had someone create a new account as them, and are actually defaming the person by impersonating them on FB and spreading false information. The worst part is I can't report the fake account unless the real person makes a new FB account! Needless to say, FB is less than helpful in this situation.

The only hint I think I can give you is know how laser printers work. I remember the acronym "Charlie Can Walk, Dance, and Talk French" for "Cleaning, Conditioning, Writing, Developing, Transferring, Fusing". It wouldn't hurt to know the voltages associated with laser printers and what would cause different printing problems with laser printers. Also, know the upgrade paths. I'd go through upgrading from 98 to 7, just to be sure. I'm not saying that this is going to be on the test, but it probably wouldn't hurt to know that information.

I tried that. All DNS requests go to the default gateway regardless of the IP in my system. Thanks though. The problem with that is I still need to be able to get to 10.153.0.1 (default gw address) in order to log into the system. Think of it as a coffee shop network that I have no choice but to use. I put the block in my hosts file to 10.153.0.1, but I don't think it worked. I'm still getting blocked by the DNS. Do you think tunneling through DNS would solve this problem? Sorry for an odd kind of problem.

The ISP I'm buying internet from has 3 DNS servers listed when I do an ipconfig /all (I know, Windows.), 2 OpenDNS servers and a server on the Default Gateway. I'm trying to bypass their DNS servers, which block some sites due to restrictive policies, and I'm sure they're doing some snooping. I thought about DNS tunneling, but I think that would still be seen by the DNS on the default gateway. I currently have a VPS running SSH and a web proxy set up that I'm tunneling my web traffic through. However, DNS requests are still being handled by the Default Gateway. Is there any way to completely tunnel my DNS traffic to avoid using their DNS Servers? Thank you in advance.