[kali linux practice, how to]

For anyone curious about doing network stuff, I'd recommend doing a basic CCNA class in person. I did it years ago and even though networking isn't my thing, the act of building up networks, loading routing tables and then pulling cables to see what happens was really good fun. I'm sure you could do it all online and use virtual machines but the act of plugging one box into another, configuring it, then yanking the cable out really helps cement things in place, or at least it did for me.

[How to get started in Cyber Security?]

34 minutes ago, UsPdSr said:

for my part don't think that Pc's with Windows Installation are Linux compatible or let's say Linux-friendly.

Can you explain what you mean by this? How is a PC a Windows one or a Linux one? If you build your own, which is it?

[robber ducky usb]

Because the RUBBER (not Robber) Ducky is just a keyboard, all it can do is type things. Think about it this way, unplug the keyboard from your PC, plug it into the safe and then what would you do? That is what you get with the Ducky, all it is is a keyboard that can type things automatically. If you can't do it yourself by plugging a keyboard in then a Ducky won't be able to do it.

[robber ducky usb]

All the Ducky is is a glorified keyboard that types commands for you. It sounds like the safe needs some type of computer device to interact with it rather than just a keyboard to type commands on it. Therefore, "no, unlikely the Ducky can help you."

[robber ducky usb]

That sounds like much more than it acting as a keyboard and entering a password so no, unlikely the Ducky can help you.

[robber ducky usb]

It all depends what the USB port is used for. If it expects a keyboard to be attached and a code entered then yes, it probably can, if it mounts it as a USB disk and looks for a file, then no it can't.

And to preempt the next question, read your manual to see which it is.

[Will a VPN protect me on public Wifi?]

Like with a lot of things, it would probably depend on a cost/benefit analysis of you and your activities. If all you are doing is arranging to buy 100 biros from a Chinese firm, then they probably wouldn't get much from doing it so may not bother, if you are discussing arms details with some shady organisation, then they will probably do it and more.

Due to the cost of labour and the way their government works, I'd guess that they would have more coverage than somewhere like the UK, but don't know for sure, all organisations have their limits.

[Will a VPN protect me on public Wifi?]

Yes, no, possibly and maybe.

Yes, it will protect at least some of your network traffic as it goes from your device through to the FastestVPN server, at that point, the server decrypts the traffic and sends it on its way. That is what is mean by between the end points, you to them, what happens from them onwards depends on the type of traffic you are sending. This should at least get your traffic through the Chinese firewall.

No, the Chinese have some very strict rules in place and may block the VPN or mess with the traffic in order to be able to decrypt what they see, for example swapping out encryption certificates. When doing this, if the client has been written correctly, it should warn you that something bad is happening so you will be able to make a decision as to what to do.

Possibly, without knowing something about how FastestVPN works, it isn't possible to say how well they configure the service, done well and all your traffic should go across the VPN, done badly and all sorts could leak out around it.

Maybe, without fully testing it in an environment where you can monitor exactly what is going on then it isn't possible to know for sure.

Something to remember, if you are using public wifi and they have a captive portal (a web login page), then you'll probably need to have the VPN off to reach it meaning all your traffic is flowing in the clear till you've logged in. Also consider "Evil Maid" attacks and general surveillance. A VPN is good, but a camera pointed at your screen watching everything you do will defeat the protections to a degree.

[So I pissed off the feds ...]

I think by reading this you've dragged me as well. Last night I was watching TV when all the power in the neighborhood went out except my TV which switched to showing reruns of the X Files. Went on for 2 hours then the power came back on but none of my neighbors could remember it going off. There is also a van parked up the street pretending to sell ice cream but every time I walk by they are out of Nobbly Bobbly lollipops. No real van would ever sell out of those, something is wrong.

[So I pissed off the feds ...]

Have you considered going to a publisher with all this? They wouldn't dare touch you if you made it all public and became famous.

[kali linux practice, how to]

In which case look for live box CTF challenges such as Metasploitable and the boxes available on https://www.vulnhub.com/ .

And as for network stuff being the core, not really, there is no core. I'm currently dumping a client's full database through a web app vulnerability, on some networks you need to know wifi skills to gain access and softer skills such as analysing network design and segmentation also come in very handy. That is why I say to anyone who asks this question, pick what you are interested in and learn that. Don't try to jump in to areas that others say are sexy, fun, well paid, if the area doesn't interest you as whatever area you choose will probably also be sexy, fun and well paid once you are good at it.

[kali linux practice, how to]

First question, what are you interested in?

And if you are running Mint, stick with that and install the tools you want to use in there. It is more work but believe me, it will work out better in the long run.

[kali linux practice, how to]

Slight correction first, you don't learn Kali, Kali is just a collection of tools that could be installed on any Linux distro.

For learning the different tools, it all depends on what area you are interested in. I'd get on securitytube.net and find videos or tutorials on those areas and then play.

There are also a whole bunch of different CTF challenges out there, again, depending on your area of interest depends which you choose.

I'd also suggest not using Kali and going for something like Ubuntu or Debian instead and learning to install all the tools you want yourself, that will give you a much better idea of OS level stuff than just using a tool that someone else has already installed and configured for you.

[Malware distribution technics?]

Homework question?

[Offline app with 2FA]

Your original question was about licencing your software, 2FA is about authenticating users, they are two different things.

Anything you do that is purely client side can be cracked, whether it is a basic password, USB token, 2FA codes (which are just passwords if you think about it), anything. They are cracked either by modifying the software and disabling the check or by working out how codes are generated and creating a code generator. If your 2FA codes are just MD5 of the current timestamp then I can create an app to generate a code whenever I want to.

My suggestion for fingerprinting for licencing is just as vulnerable as a USB token except it requires one less USB port and can't get lost in a desk drawer or pinched by your kids to play with.

- Do not copy/reuse any code (especially authentication part) from other softwares, this will make you more vulnerable.

I'd disagree with this, find a project which is specifically written to do whatever you want and use that. No offence meant, but it doesn't sound like you are an expert in this area and so trying to roll your own authentication or licencing is probably going to end badly. It might not get hacked as no one might care, but the code probably won't be the best.

[Offline app with 2FA]

Give us some more information, who mentioned it, is there some context?

[So I pissed off the feds ...]

I'd burn it all down and move house, sounds like they've got you well and truly in their grasp and are unlikely to let go.

With pin hole cameras there could be one in every nail and screw head in your apartment and you'd never know unless the doors fell off the cupboards because they used cameras instead of nails, that might give it away.

I'd also stay off the Raspberry Pi, did you know that if you sum up the ASCII values of all the letters in the name you get 745 which is the year Kulun Beg died and I think we all know what that means.

[Offline server authenticating method]

Most solutions like this will take a fingerprint of the installation then require an initial internet connection to sign that fingerprint. The app checks the fingerprint when starting up and fails if it doesn't match.

If you can't get that initial internet connection you give the user a text file with the fingerprint in it and they then have to get it onto the internet where they send it to you, you sign it and send back the hash, they input the hash and all is good to go.

You just have to be careful about what you fingerprint, too little and it can be cloned, too much and small tweaks to the machine break it.

You can also build expiry dates into this so the app expires but that relies on them having a working and up to date clock on the machine.

[Pen Testing]

Have you tried going back to your testers? They should give you full support after the test not just deliver a report and walk away.

You can ask if you want though.

[OSINT on individuals]

Find @webbreacher on Twitter, he is king of OSINT and regularly publishes stuff about it.

[I found a Pineapple in landlord's utility closet]

A different way to look at this, call the device X.

Is X the main AP for the building? Easy way to tell, look for an alternative AP, if there is, turn it off and see if you still get wifi. If X is the main AP, then bad things could be happening.

If X isn't the main AP, try connecting to an open network that doesn't exist, if you can, then something is running that shouldn't. If you can't, then it is unlikely X is spoofing APs.

If X isn't the main AP and isn't spoofing things, is it on the network? Turn off all other devices, except the main AP, and then do a network scan. See what is left, if there is a Linux box with 22 and maybe 80 or 1471 open then browse to it and see what you get. If it isn't on the network then it could just be doing passive things and there is nothing you can do to detect that.

With whatever normal access you have, try connecting to a HTTPS site you've never connected to before which doesn't do HTTPS preloading (google it all), my site would be one. If you get a valid certificate then it is unlikely that there is any odd SSL man-in-the-middle attacks going on.

Try a traceroute to the main AP and to external sites, see if you get an unexpected additional hop before the AP or directly after it.

If the room it is in has a door going to the floor, pick up a cheap ring and roll it under the door then call the landlord and ask him to come and open the door so you can retrieve it, while doing it, get a proper look at the device.

My guess would be that it isn't a Pineapple and that nothing odd is going on as that is the most usual way things work out.

[Hacking phone that connect fair wifi]

If your boss won't listen to "it's illegal" tell him "it's not possible", he can't force you to do it if you don't know how.

If it's your fair, you set the rules ban any recording devices.

[What security precautions do you take?]

I use one of these:

https://www.pcengines.ch/apu2.htm

Before that I had one of their Alix boards, both work really well. I added an SSD drive so there was space to work on it and store logs, I found that using an SD drive sometimes mean problems upgrading as there wasn't enough room to run the upgrade script.

[What security precautions do you take?]

I said if you weren't already running everything through the VPN things would be leaking. If you want to do it the easy way, my setup is a pfsense box sat in front of my modem which can be set up to connect to my VPN server and run everything through the VPN. That way I don't have to worry about individual machines, the firewall does it all for me.

[What security precautions do you take?]

I can see the hosting company the VPN is running through, is it one you set up yourself or a commercial offering? If you built it yourself then that is easy to track back as they talk to the hosting company and get a list of IPs who connected to the box and the details of the person paying for it. If it is a commercial offering then there are ways of monitoring traffic content and meta data to tie inbound traffic to outbound and work back from there.

It would all need warrants but then so would doing it at your ISP level.

If you aren't currently running all your devices through the VPN then you will be leaking at least some info to the ISP.