Jump to content

VaKo

Dedicated Members
  • Posts

    7,713
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by VaKo

  1. ESXi (which is the name of the Hypervisor, vSphere is the enter platform) is a good choice if your hardware is compatible. This is a big-if, as it is designed for things like Dell/IBM/HP servers rather than white boxes. Check out this site. There is also HyperV, which is the Microsoft equivalent and is pretty good, plus has the same level of hardware support as Windows 7/2008 R2, which means it will run on pretty much anything. And finally, there is Xen, but I've never used it before.

  2. I think you missed what I was saying. If I teach you how to toast bread, that is educational material.

    Don't get me wrong, I like the Def con stuff, I do. But if you were "educated" by the rest, okay educate youself in fucking off. In the words of Bill Hicks "Go back to bed America".

    Get a grip, this forums knows I'm an idiot. Don't show yourself up.

    You recently asked what the Warn function was for. Congratulations, you've just found out. While constructive criticism is always welcome, flaming people over nothing is not. Drop the act and chill out, or close the browser and go do something else.

  3. Alas no, today governments are all about COTS (commercial off the shelf):

    COTS Policy – Past and Present include

    • Former Secretary of Defense William Perry recognized the benefits of dual use processes and products in 1994. His directive, known as the “Perry memo,” outlined the use of performance and commercial specifications over military unique requirements.
    • Federal Acquisition Streamline Act of 1994 (FASA), removed many rigid acquisition regulations and allowed DoD to implement management best practices. FASA reform provisions pertaining to acquisitions include: commercial buying practices for COTS and preference for Commercial Off the Shelf (COTS) and Non-Development Items (NDI).
    • Clinger Cohen Act streamline IT acquisition processes to manage risk and to get the most advantage from incremental acquisitions and COTS products.
    • Federal Acquisition Regulations, Part 12 (FAR)…organizations should perform market research to determine whether commercial items or non-developmental items are available that could meet the agency's requirements and should purchase them when they are available
    • DoD Instruction 5000.2 requires the use of COTS Information Technology solutions to the maximum practical extent.

    Gotta love bureaucrats :)

  4. Not really, but it turns out that USB Hacks were kinda ninja after all. All is forgiven Darren, you were indeed right.

    In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.

    This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy.

    Over the past ten years, the frequency and sophistication of intrusions into U.S. military networks have increased exponentially. Every day, U.S. military and civilian networks are probed thousands of times and scanned millions of times. And the 2008 intrusion that led to Operation Buckshot Yankee was not the only successful penetration. Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans, and surveillance data.

    As the scale of cyberwarfare's threat to U.S. national security and the U.S. economy has come into view, the Pentagon has built layered and robust defenses around military networks and inaugurated the new U.S. Cyber Command to integrate cyberdefense operations across the military. The Pentagon is now working with the Department of Homeland Security to protect government networks and critical infrastructure and with the United States' closest allies to expand these defenses internationally. An enormous amount of foundational work remains, but the U.S. government has begun putting in place various initiatives to defend the United States in the digital age.

    WILLIAM J. LYNN III is U.S. Deputy Secretary of Defense.

    A top Pentagon official has confirmed a previously classified incident that he describes as "the most significant breach of U.S. military computers ever," a 2008 episode in which a foreign intelligence agent used a flash drive to infect computers, including those used by the Central Command in overseeing combat zones in Iraq and Afghanistan.

    Plugging the cigarette-lighter-sized flash drive into an American military laptop at a base in the Middle East amounted to "a digital beachhead, from which data could be transferred to servers under foreign control," according to William J. Lynn 3d, deputy secretary of defense, writing in the latest issue of the journal Foreign Affairs.

    "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," Mr. Lynn wrote.

    The incident was first reported in November 2008 by the Danger Room blog of Wired magazine, and then in greater detail by The Los Angeles Times, which said that the matter was sufficiently grave that President George W. Bush was briefed on it. The newspaper mentioned suspicions of Russian involvement.

    But Mr. Lynn's article was the first official confirmation. He also put a name — Operation Buckshot Yankee — to the Pentagon operation to counter the attack, and said that the episode "marked a turning point in U.S. cyber-defense strategy." In an early step, the Defense Department banned the use of portable flash drives with its computers, though it later modified the ban.

    Mr. Lynn described the extraordinary difficulty of protecting military digital communications over a web of 15,000 networks and 7 million computing devices in dozens of countries against farflung adversaries who, with modest means and a reasonable degree of ingenuity, can inflict outsized damage. Traditional notions of deterrence do not apply.

    "A dozen determined computer programmers can, if they find a vulnerability to exploit, threaten the United States's global logistics network, steal its operational plans, blind its intelligence capabilities or hinder its ability to deliver weapons on target," he wrote.

    Security officials also face the problem of counterfeit hardware that may have remotely operated "kill switches" or "back doors" built in to allow manipulation from afar, as well as the problem of software with rogue code meant to cause sudden malfunctions.

    Against the array of threats, Mr. Lynn said, the National Security Agency had pioneered systems — "part sensor, part sentry, part sharpshooter" — that are meant to automatically counter intrusions in real time.

    His article appeared intended partly to raise awareness of the threat to United States cybersecurity — "the frequency and sophistication of intrusions into U.S. military networks have increased exponentially," he wrote — and partly to make the case for a larger Pentagon role in cyberdefense.

    Various efforts at cyberdefense by the military have been drawn under a single organization, the U.S. Cyber Command, which began operations in late May at Fort Meade, Maryland, under a four-star general, Keith B. Alexander.

    But under proposed legislation, the Department of Homeland Security would take the leading role in the defense of civilian systems.

    Though the Cyber Command has greater capabilities, the military operates within the United States only if ordered to do so by the president.

    Another concern is whether the Pentagon, or government in general, has the nimbleness for such work. Mr. Lynn acknowledged that "it takes the Pentagon 81 months to make a new computer system operational after it is first funded." By contrast, he noted, "the iPhone was developed in 24 months."

    By BRIAN KNOWLTON

    Published: August 25, 2010

  5. If anything, Uni is a safe environment to learn not only course specific skills, but life skills in a group of people who are all in the same boat. So yeah, uni is worth it, but what you study is a small part of the worth.

  6. The switch won't count as a device unless its a fancy managed device. So your just left with your 2 desktops, the 360 and your storage unit (which will either need way more security added or to be connected via USB rather than IP). VM's can be run using a virtual NAT device rather than bridged connections, which will mitigate the need to register/un-register MAC's. Not sure how your going to manage wireless unless your halls has it, when I worked for a Uni's IT team we took rather a dim view of people running there own WAPs. So if you do run one, look for a business near your halls and set the SSID to something with the same name.

    As for NAT, if you register your main PC on there system, then get a router and use the same MAC for the "WAN" connection you will probably be able to get away with it. I don't know what system they will use to police this but if it looks legit, and your not doing anything dodgy (p2p, viruses, portscans etc), you will probably just be able to keep your head down.

  7. "googlemail.com"……

    this is the highlight.forgive my ignorance,is that a copy of "gmail.com"?

    Some already owened the rights to gmail in the UK, so anyone from the UK who created a GMail account after the rights holders sued google until some time this year when they settled got @googlemail.com, however the @gmail.com part worked fine.

  8. Yeah, in a marriage there might be a certain level of access to each others email accounts. However, this isn't an ethical or moral question, this is a legal question. As such, you need to consult a lawyer. If this access could alter the divorce (i.e. the wife was having an affair) then you might be able to submit it under evidence but this depends on the laws your friend is divorcing under. Also, how it was hacked will change things, if the password was guessed, or brute forced will change things.

    Most importantly, CONSULT A LAWYER, we're not lawyers and this is a legal question.

  9. I have a Nexus One, probally the best phone I've had. If you don't mind delays for updates (N1 is the google dev phone and gets updates 1st), there is the EVO 4G (on sprint), HTC Desire (on most EU networks, very much the same as the N1), HTC Incredible, Motorola Droid X and Droid 2. Motorola lock the boot loaders, so no custom roms on them, but the hardware is a little nicer than HTC. HTC is more hacker friendly.

  10. Ahh, the horrible North problem when it comes to IT jobs. I had that, spent 8 months looking for work back in 2007, then gave up and moved down to the South and got a job within a month of posting my CV online. For far more than I was interviewing for back in Derby (not technically the north I know). I would recommend looking at the South, around the M4/M3 area. Cheaper than central London (but still commutable) and where the bulk of the UK IT industry is located.

    There is also Manchester, which seems to be kinda the same but far smaller.

×
×
  • Create New...