Lost In Cyberia
-
Posts
117 -
Joined
-
Last visited
-
Days Won
3
Posts posted by Lost In Cyberia
-
-
Ehh... but Systemd doesn't use init, as I'm aware of...
-
Hi everyone,
I have a question about the process management, and deep level system functionality of system calls between SystemD and SystemV?
Does SystemD use the same system calls (fork(), exec(), bind() etc...) as SystemV? or Vice Versa?
If they both use the same or very very similar sys calls, do they handle them the same way? If a sys call is made in systemd, is it generally handled the same way on sysv?
I know SystemD uses unit files for processes now, do these come into effect with system calls?
Or are the differences between SystemV and SystemD more "higher level" than the low kernel level sys calls? -
thanks digip, but I already have multiple vms and even my laptop is completely Linux based. I'm asking more for scripting ideas and practice problems, and ideas of things to script.
-
Hi everyone, I've recently come to the sad conclusion that my Bash and overall shell scripting could use some work. While I can create very basic routines, I still have to make use of my notes that I create for correct syntax, and formula. I'd like to get to the point where I can craft and be pretty competent and not have to make such heavy use of my notes.
I've picked up the Bash Scripting Bible text book, which really is an amazing read. but I learn by practice. Does anyone know of any good sites that offer practice scenarios, idea's and projects? Something that tests knowledge section by section, and increases in difficultly etc..
I guess I'd love to have something like Codcadmy but I guess that's asking too much. Any recommendations would be vastly appreciated!
-
I couldn't finish it....it was just too cliche... typical socially inept hacker genius..? I mean applaud them for trying to give him a more human down to earth side... with problems etc.. but it just came off as too archtypical. Plus you know where the story is going, where this kid is going to outsmart everyone cause he's *that* good... Meh, I wouldn't say I hated it, but it just seems like I know what's coming, and have little interest in seeing it unfold
-
I had no idea the ISP had such a 'hand in my cookie jar' so to speak...So if I put my outward facing ISP router into bridged mode, it will basically just turn into a Switch? passing the traffic to my own personal 'inside' router?
-
You'll need to have the isp put their router in bridge mode. Basically it will just hand your internet ip address to your personal router. All it's job to do in life is to make the connection to the internet. Dual nating will cause all kinds of problems.
Wow, wait, I have to request the ISP to put the router in bridge mode? Isn't that something I can do from my router's management gui?
-
Thanks for the replies everyone! Sorry for the late reply myself. Okay so the general consensus is that it's best to just keep the ISP router that they provide for me in place. And "underneath" it.. or "down stream of it" hook up a router of my own choosing.
Now my questions are,
1. If I plug this 2nd router into my ISP's router, how do the two communicate? Will it be a PPP connection? Can I choose which method, or protocol of communication they use? I don't know the level of detail you can perform with cheapo home routers....
2. How will router two, know that router 1 is the "outward" facing router?
3.How will both handle DHCP? Surely one will have to deactiviate DHCP supplying.
4. Will the communication between the two routers be using Ethernet to communicate back and forth?
I'd love to have a second router as it seems to open up a bunch of possibilities of creating two 'tiers' of networks. One lan network attached to the ISP router and one lan network attached to the downstream router...
As always thanks everyone for the responses, and of course, a shout out to Cooper who I'm starting to suspect is a google robot... :D
-
Hi everyone, as someone who has Verizon FiOS, I have Verizon's stock "Actiontec Wireless Modem/Router". While this router gives me a decent level of support and customization, I'd like to keep my options open.
So from my limited research there seem to be three options. You can either buy a new hardware device to replace your ISP provided one, wipe out the firmware/OS on the router you already have from your ISP, or buy an additional router/modem and put it 'downstream' of your current ISP provided router. (chaining them).
So my main question is which is more advantageous? Should you completely replace the ISP device that was given to you? Or if you're lucky enough, and firmware such as dd-wrt or tomato, run on your device, should you just put these open source images on the router you already have?
If replacing your router with a new device, do you have to call your ISP, and will they "see" something on their end that would alert them that a change was made?
Any pitfalls, or perils or warnings to doing any of these?
-
Thanks everyone! I just wanted to verify this... lol at Cooper...You always have a way of crafting such a complete and comprehensive explanation... You ever think about being a teacher?
@ Cooper, are the ISP provisioned names linked to our IP addresses, is there any regulation to this? What types of names and infomation are applied to our IP's?
Also @ Cooper, not to digress either, but how can someone have and receive a static IP address when using Dial-up? Does it remember which customer had which IP via it's MAC address or something?
-
Hey everyone. I have a pretty random question today. Is it possible for you to have a website, that's fully functional, and publically accessible, without a domain name attached to it? So let's say you have a dedicated web server running apache or iis, it has a publically facing IP address, and the router it's behind can pass port 80 traffic to it, no problem. If people knew the IP address for this host, can they access the website and bypass a domain name, and therefore bypass any sort of DNS resolution?
I know you can get to a website by using it's IP address, but I'm wondering if it would work without ANY domain name attached to it. This address would not be listed in the local DNS records right? Is this possible?
Thanks guys!
-
There is a reason why I specifically 'rang' for you cooper.
You are a gentleman and a scholar! -
Been away for a while, thanks for the response Cooper! The first option you gave, is is a probably a very basic proxy. It checks domain names, ip's etc, but can't peer into ssl connections right?
The 2nd option you gave, the proxy that you connect to (this makes sense because when I'm at work I have to switch my internet browser to use 'local proxy settings") That proxy that you connect to should have it's own pair of ssl keys correct? Also the proxy will install a cert on your OS cert store...but for a browser like firefox which doesn't use the OS Cert store ( Firefox has it's own store of certs) does the act of me selecting the "use local proxy setting" then switch firefox to use the certs on the OS?
Lastly, I'm currently on my work network now, and when I look at the cert heirarchy for SSL sites, the heirarch checks out, I'm seeing top CA's like verisign, equifax, and digicert. Can these be faked? What about the original cert fingerprint? will that be the same rather you're using a proxy or not?
-
In light of the recent Komodo fiasco, I was curious as to how SSL connections work with regards to proxies. In my company, when I'm at the desk or I vpn in from home, and I browse to an SSL connection... I look at the corner of my browser and ssl certs are all still unique. Meaning if I go to chase from behind the company proxy, chase's verfsign ev cert is given. Like wise if I go to say hak5, their geotrust cert is displayed.
Having thought about this, isn't the proxy supposed to hide these from me, and display to me a cert that the IT staff at my company created? So instead of seeing the Geotrust site, I may see our IT department's self signed cert? Is this not always the case?
So, because I still receive the "real" certificate from amazon or chase or something, what does this imply? What is the proxy actually doing then? Is it still even intercepting the SSL connection?
My thoughts on how it worked was that your browser makes the SSL request, which unbeknownst to your broswer it goes to the proxy instead. And the proxy makes the connection, and then passes down to you a certificate that is just for inside the company or something.
Like I said, since each ssl connected site I go to, appears to have it's original certicate path displayed, I don't think my companies proxy is actually doing any intercepting and changing. Anyone (Cooper) care to shed some light on this?
-
Ha, my first time hearing about the OOM killer. Is it a process itself? Does it work before resorting to using Swap space, or is it the very last ditch effort to recover address space, even after Swap has been given out?
-
heh, ok cheers to both of you, that all makes sense... Last question for now... If two processes are running concurrently, is there any way for one process to get "priority" (first dibs if you will), on memory? Let's say both are memory hogs and are requesting more and more, from a programmers point of view can you do anything to have your program take priority to avoid running out of memory first?
-
First of all, I want to say thanks Cooper. You always seem to give a detailed and thought out answer to my questions. I really appreciate it...
Moving onto my question, http://en.wikipedia.org/wiki/Virtual_address_space This actually was what I was digging for more though. I may have worded my question poorly.
The article here says on a 32 bit Windows machine, a program or process is always given 4 gigs of Virtual address space, and By default, 64-bit processes have 8TB of virtual address space. So this is going to sound silly, but obviously no machine has anywhere near that. So why even give programmers the option of using that much? If your average user has let's say 16 gigs of RAM, isn't this just asking for trouble? The programmer coud write something that takes up far more than 16gigs, and the program when executed will think everything is OK, because it 'see's 8TB's of available address space?
Do I have this wrong?
-
Hey everyone, hopefully this is the right area to post. I was poking around in my /proc directory tonight, and began thinking. (Usually this leads to massive amounts of questions). When a program is executed, how does the OS know how much total memory to give to the program? And is the the total memory even divided 50/50 for it's heap and stack? What determines rather the application have more stack memory or more heap memory?
I'm sure this is answered somewhere, but I can't get a clear answer, thanks in advance!
-
This is bizarre...Ok, I may not be the most well versed person in hacking, telephony and really deep knowledge, but I've read plenty of 2600 to know who C.C was...And I find this so odd.. you'd think some one so smart, talented and obviously creative would have had a very well paying job...
I feel I need to donate, but I really hope this is legitimate.
-
Cooper, you know with all my certification questions I've been asking in the 'security' forums, I was all over this... but yea crap timing... I know they're at defcon, but no one else pays attention to the site's maintenance?
-
Holy Crap, what a comprehensive explanation! Thank you! That definitely makes sense, logically.
-
Hey everyone, another question on certificate chains...
When a site applies for an ssl certificate, do they have to apply to a root CA? or can they apply to a root, or one of the many smaller CA companies? Then once they obtain a cert from that smaller CA, the company gets it's cert signed by a real root? Is evidence of this, when you look at the certificate viewer in a browser and it says something like
VERISIGN CLASS C ROOT CA
SomeSmallerCA inc.
example.com
The company, example.com applied for their cert at SomeSmallerCA, inc, which in turned got it's cert signed by Verisign?
Now if I see something like :
VERISIGN CLASS C ROOT CA
VERISIGN CLASS C EXTENDED VAL.
example.com
The above means that the company, example.com applied directed to the root CA, but they then signed their main cert with an intermediary cert?
So one is a bottom up application and the other is a top down application process? Can there be a mixture of both? Where you apply to a smaller company which goes up to a root, but the root signs an intermediary, before then finally signing to the smaller CA?
Thanks! -
Hey everyone, Have you guys heard about this?
For the TL;DR version. Google's domains where found to be signed to an unknown person. The Signer of the certificate was a CA in India. The CA accidently issued 45 SSL certs for domains that were owned by google and yahoo. My question is that, how can the google certs be signed, and then the same domain signed again by the Indian CA? Can a domain be signed twice? It seems like this shouldn't be the case...
Also is revoking a certification the same thing as removing it from the Cert store? I know that Chrome doesn't really check for revocation.. So does that mean they just relay on "bad" ssl certs to be removed completely from the store?
-
I actually got to the bottom of this. Very anti-climatic though. So as it turns out my initial description was wrong. Even on 3G data I'd still get a certificate not valid. So I'm assuming that the Apple certificate store's list of trusted CA's doesn't include the one who signed my school's cert. (Digicert). I don't know why they wouldn't trust digicert, they seem like a pretty popular and reputable CA to me...Cooper if you're still with me, is there any way to test other digicert signed certs on my phone? Without randomly picking ssl sites and hoping that one is signed by digicert?
You are a gentleman and a scholar!
What are you listening to?
in Everything Else
Posted
I love industrial/goth/ebm when i'm doing all of the hackin'. One such track that I'm listening to now:
If you like it, let me know, I have plenty to share. Industrial is really great running music as well