Lost In Cyberia
-
Posts
117 -
Joined
-
Last visited
-
Days Won
3
Posts posted by Lost In Cyberia
-
-
Hey everyone. I was at my local star bucks, which has open free wifi. And I (against my better judgement) deceided to check my school email. I was using their wifi network. when I went to go login, I was presented with the safari prompt "Can not Verify Server identity". I clicked 'details' and apparently safari does not trust the *.njit.edu certificate. The signing authority is digicert.
Now what's odd is that if I switch to 3G. Using the 3G network, safari has absolutely no problem accepting it, and doesn't prompt me or anything. So what's the deal? I've done this multiple times, in multiple locations. Any idea's? -
I'm loving the OpenBSC site! A lot of information to go through. What type of radio/transmitter would this need? Would the pineapple work?
-
Well Cooper, I'd say it is definitely worth the price if you have really valuable data on the dying drive. My thoughts are this...Steve never says that SpinRite is a magic pancea for a drive. Yes if the heads go bad, or the platters are shot to sh*t then definitely, no amount of spinrite is going to fix that. But there are occasions where a sector or two just won't read right. This is where I think spinrite should be used. I've heard from multiple people that it has actually recovered data. Albeit it could take hours. I think more than anything spinrite is good at just having the drive attempt to read the failed sector so many times, that pure odds is what makes it work.
-
I haven't used usenet, but I am part of the grc newsgroup. I use thunderbird (icedove) for my newsreader
-
I really, really don't think Spinrite is a joke, or is hokey. I'm a huge fan of Gibson (no not in a cult..
) He's very smart, even just listening to him talk, when he gets on a roll, you get the sense that he's put a lot of time into whatever he's speaking about. He wrote Spinrite in Assembly Language...writing anything in assembly already gets respect from me. It's been on the market for over a decade... I'm pretty sure if the thing wasn't real, or a hoax, it'd have disappeared. In fact as we speak he's working on an update for better support for SSD's and some speed increases.I read the technical details of how it works, and from someone who's still an intermediate IT guy, I can't say for certain, that YES it'll always work, but I think for 90 bucks. it's darn worth a try. Check out the pdf of how it works before passing judgement :
https://www.grc.com/files/technote.pdf
By the way...I think you really have it backwards...Leo Laporte is a jerk. Yes he may know stuff, and able to translate it well, but the guy is rude, arrogant and is very two faced to the public.
-
Hmm that would make sense. Anyone else concur? I'm inclined to believe it sense in my firefox directory I don't see anything in regards to a CRL set
-
True... lol this feels like a philosophical question, like the existence of god or something.
-
I could be way off, but isn't this where 'intermediate certs' come in? https://support.globalsign.com/customer/portal/articles/1217450-overview---intermediate-root-certificates
Where the intermediate can be changed, revoked etc.. but the root stays the same?
-
Hey everyone. So when checking certificates, a browser will usually check to see if OCSP is enabled, if not, it falls back on using the CRL method. It checks to see if the CA has issued an updated CRL (Certificate Revocation List) more recent than the one in it's cache. If so it downloads it, and checks if the certificate it was just issued, is on the list...
Most CA's update these CRL's about once a week or so. My questions are:
Does anyone know the path/location to the CRL? (in linux specifically)
Can you edit these CRL's? It seems to me, editing someone's CRL could provide a easy way to get your certificate accepted if you have access to their machine
-
Hey, welcome aboard! I'm still finding my way through as well.. I'm, as we speak finishing up my Bachelors Degree in Information Technology/Security. If you're good in mathematics..(something I really envy) why limit yourself? Keep going! I'd love to have a degree in something like Applied Mathematics or Electrical Engineering, but the math would kill me.
I work at a jr. unix admin, for a Data center, and having the certs that I do, may have helped me. I have a few (see below) but I'll say this... having certifications DOES NOT mean you know things. After all my certs, my first day on the job was a harsh slap in the face..it really woke me up. I didn't know crap... about anything. Experience is seriously the best proving grounds.
There is a website that lists employers in the US that hire convicts or people with records, I forget the name though.
This is a smaller list: http://exoffenders.net/employment-jobs-for-felons/#axzz31jwp9Hke
Also, these guys cost a bit, but check out
-
Ah! I looked in my filesystem and saw the same set of files. So this is most likely F.F's CA list. Do you think Chrome uses something similar or does it use the /etc/ssl/certs list that comes with linux?
On Linux my Firefox has these 2 interesting files:
~cooper/.mozilla/firefox/<junk>.default/cert8.db
~cooper/.mozilla/firefox/<junk>.default/cert_override.txt
The cert_override.txt file has a header that reads:
# PSM Certificate Override Settings file
# This is a generated file! Do not edit.The .db file is half a meg in size (as opposed to 27kb for the txt file) and I don't have a clue what might be capable of reading it but going by the strings in there it's pretty much all certs I've even had on this box, including the root CA ones automagically acquired and all the certs mentioned in the .txt file.
I might have more certs on my system than is typical because I develop websites for healthcare where non-https URLs simply don't exist and outside of production sites everything used self-signed certs. The only way to make them work with FF is to add them to your cert store.
-
Well firefox doesn't use the MS trusted root ca store, it comes with it's own list. My question though is if the OS and application don't provide a store (Linux and Android don't apparently), and a certificate is presented, how does the application know it can trust it? It's got nothing to reference? Doesn't this completely by pass SSL?
-
Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right?
If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox will only check the validity of certificates on it's own store, and not ever reference the Microsoft Store.
As opposed to using internet explorer in Windows where it exclusively uses the Microsoft CA store.
This is something I'm unsure of, does iOS, Linux and Android provide a trusted suite of CA's? Where is it in the File system? It's my impression that these OS' use the SSL command suite to verify certificates? Or do these OS' offer no store, and just hope that the application is doing the checking of certificates? So that whatever application must be written to somehow check for a certificate?
For instance, right now I"m using google chrome in linux. When I go into the browser settings and advanced settings, to certificates, I get a list of trusted CA's. Where is this list coming from my Linux OS, or the browser itself? -
Hey everyone, I'm looking to do some research into, at a very low level, how cell phones operate. I'm aware of the general stuff... They talk to towers, sending data to let the towers know where they are etc.. But I'd like much lower level help. Is there any way to get at the lower level operating system on a phone? (I believe called the baseband OS) And to see what information is being sent back and forth?
Also does anyone have any resources for what SMS packets look like? We have plenty of powerpoint slides describing TCP/IP packets, but I can't find too many resources in regards to telecommunication layouts.
If anyone has any resources, reading material, slides, notes, white papers regarding telecom, please share here! Any information is welcome!
-
I honestly don't think it's going to be that big of a deal... MS essentials will still be updated, 3rd party antivirus software will still be updated.. the world isn't going to collapse
-
Ok, lets drop the air of elitist... Yea we here like to know how things work. My friend is becoming a medical doctor, knows more about the human body than anyone I know. But he doesn't care for computers. It's not about having no idea how to do simple tasks, it's what interests you. I'm sure you don't know everything or even a good amount about human physiology, yet you ARE human. That's an even bigger crime than not knowing how a computer works. People don't HAVE to know about computers, it's not 'depressing' as long as they are interested in something that's what counts. I hate it when the people in this field this this elitist feel just because we know more about something than others. If everyone had this mentality, it'd be a pretty cruel world to live in. Why is it people in IT are so full of themselves?
-
Hey everyone,
I was curious as to why browsers like Firefox have their own list of trusted certificate authorities? Internet Explorer, Chrome, and Safari don't have their own list of trusted authorities right? Are these trusted lists stored on the OS then that they use? Why does FF have it's own list?
-
I had one heck of a good laugh this weekend. The company I work for provides data hosting and web hosting for the company eccouncil.org. They are the same company that issues the "Certified Ethical Hacker" certificate. For years I've thought that this certification was not really necessary. Now, as I'm older and have more experience...I see this as a joke.
Not only that, but they plagiarize A LOT of their work. Not to mention some hilarious broken english on their site. (Unfortunately I wasn't quick enough to get a good screen shot)
Well their site was hacked and defaced. and this was put up in it's place:
Here's some reading material about this joke of a "school"
http://attrition.org/errata/charlatan/ec-council/
Do yourself a favor, don't fall for this crappy certification or it's "cool" and "edgy" name. If anything study the material they offer, but don't bother spending the cash on the cert, it's really not recognized as useful. -
That is a pretty awesome find! Gotta zoom in like crazy to see all of them xD
-
Why / how is learning a scripting language a bad idea? If anything I'd say go lower level and learn something like C
-
Thanks digip! I appreciate the lengthy post, and it was answered earlier by hexophrinic, that the 243/0/2 response was
the number of records that was returned, from 0 authoritative and 2 non-authoritative responses
-
Alright... so the "attacked" IP, the 64.147.113.139, had a flood of records (243 apparently) sent to it, by the most likely spoofed IP of 203.113.165.27. Most likely this IP sent out a whole bunch of DNS requests to recursive name servers, telling them all to give a response back to 64.147.113.139? Do I have this right?
Now did the attack specify which IP's it wanted the DNS servers to send, it seems like a huge range or did they just do something like 204.46.43.* to grab the entire range?
-
Thanks for the response digip. We are behind NAT, but this range is not used by use. So it's definitely an external IP. The segment of traffic I posted was a mere drop in the bucket of the traffic that was flooded to the client's machine. (We're an ISP and saw a ton of traffic slam the client)
Another tiny snippet:
19:44:50.708965 IP 203.113.165.27.53 > 64.147.113.139.33526: 52313| 243/0/2 A 204.46.43.172, A 204.46.43.173, A 204.46.43.174, A 204.46.43.175, A 204.46.43.176, A 204.46.43.177, A 204.46.43.178, A 204.46.43.179, A 204.46.43.180, A 204.46.43.181, A 204.46.43.182, A 204.46.43.183, A 204.46.43.184, A 204.46.43.185, A 204.46.43.186, A 204.46.43.187, A 204.46.43.188, A 204.46.43.189, A 204.46.43.190, A 204.46.43.191, A 204.46.43.192, A 204.46.43.193, A 204.46.43.194, A 204.46.43.195, A 204.46.43.196, A 204.46.43.197, A 204.46.43.198, A 204.46.43.199, A 204.46.43.200, A 204.46.43.201, A 204.46.43.202, A 204.46.43.203, A 204.46.43.204, A 204.46.43.205, A 204.46.43.206, A 204.46.43.207, A 204.46.43.208, A 204.46.43.209,
So is the 64.147.113.139 machine the actual DNS server? What's the meaning of the "243/0/2" ?
-
Hello everyone, so I'm getting this tcpdump, and it looks like..quite a mess... Can anyone decipher this? I can tell that one IP is requesting DNS info? but I'm having trouble finding out what some of the fields actually mean..
19:44:50.707637 IP 66.81.1.252.53 > 64.147.113.139.28638: 52313 243/2/7 SOA, A 204.46.43.46, A 204.46.43.47, A 204.46.43.48, A 204.46.43.49, A 204.46.43.50, A 204.46.43.51, A 204.46.43.52, A 204.46.43.53, A 204.46.43.54, A 204.46.43.55, A 204.46.43.56, A 204.46.43.57, A 204.46.43.58, A 204.46.43.59, A 204.46.43.60, A 204.46.43.61, A 204.46.43.62, A 204.46.43.63, A 204.46.43.64, A 204.46.43.65
I know the first set of numbers if the time stamp...the 2nd is the IP address..and the next is the destination IP...with the port number after the last octet of the IP What comes next the '243/2/7 is what confuses me... I know SOA is the start of authority but what does it all mean together? I have a huuuge flood of traffic with these type of output.. I know the A's represent A records, but are these being requested or sent? Can some one break this down for me in what is actually happening here?
) He's very smart, even just listening to him talk, when he gets on a roll, you get the sense that he's put a lot of time into whatever he's speaking about. He wrote Spinrite in Assembly Language...writing anything in assembly already gets respect from me. It's been on the market for over a decade... I'm pretty sure if the thing wasn't real, or a hoax, it'd have disappeared. In fact as we speak he's working on an update for better support for SSD's and some speed increases.
Safari Certificate Acceptance/Rejection depending on Wifi or 3G
in Security
Posted
Thanks for the reply! This is a possibility. So let me see if I got this right. The AP forwards the request to my school to it's outward facing router. The router gets the real certificate and hands it off to the AP to give to me. The AP though then presents me with a 'middle' certificate, possibly signed by itself? Does this in effect side step SSL? Because I'd be presented with a cert NOT from my school, but from the AP?
Wouldn't this mean though that this would invadlidate ANY SSL cert? I have to go back there to test and to take a screenshot of the image. This seems to only happen at that starbucks.