[Politics_Observer]

@ckaihatsu

I wrote a host discovery and port scanning script with Python that you can run off a Linux system. You would need to make sure you have the Python 3 interpreter installed on your Linux system to be able to use and pip3 install the "colored" package (I think that's what it's called, but I can't remember for sure). When executing my Python script on your Linux system my script will only allow you to scan for IPv4 Private IP addresses within your own network. That means you can't use it to scan Public IP addresses you have no business port scanning anyway. You have to enter a filename that you wish to save your port scanning results to as an argument when executing my Python script. After you execute the script it will ask that you enter only a Private IP address range from a Class A, B, or C IPv4 address. If you don't, it will make you re-enter a valid Class A, B, or C Private IPv4 address range to scan and will not accept a public IP address. It also asks you if you just want to do host discovery or if you want to actually port scan those IP addresses.

If you do, it will ask you to enter a valid port range to scan and check to make sure the port range you want to scan is valid. Any open ports it finds in your scan on a specific IP address will show up as red on the display screen (though not in the text file) so that you can easily spot out which IP address has open ports and precisely what those open ports are. You can use my script to check for hosts that shouldn't be on your network (which is an indication of a rogue access point or an Evil Twin network) or for ports that shouldn't be open on servers or devices (which can be a vulnerability that can be exploited by hackers or is an indication that one of your devices or servers has been compromised and a hacker has opened a port to use to communicate with one of his command and control servers).

[Rancid]

Any tools that would help us hack the Kremlin?

[Politics_Observer]

@Rancid

The best tool a hacker has in hacking any organization or anybody is to know themselves, know their target, and social engineering like phishing. Smart hackers rely on open source intelligence and gather that intelligence with various tools in order to facilitate social engineering attacks like phishing, vishing, or SMShing for example. It also pays to know the culture, language, and people you are hacking, if you are a hacker. Social engineering attacks play off fear, greed, or the desire to help others, curiosity, a sense of urgency coupled with the use of very convincing deception. Anybody, I mean anybody can fall victim to a social engineering attack.

[Politics_Observer]

@Rancid

And in the case of Russians, if you want to hack Russians using social engineering attacks, greed is huge weakness a hacker can exploit and use to compromise Russian computers and networks. Enough is never enough with many Russians when it comes to money and greed. So, the bait a hacker could use to lure Russians with phishing email and social engineering attacks with very convincing deception would be greed. Know yourself and know your enemy man!

[ckaihatsu]

*no other* carriage returns exist anywhere else in the text file.

one line now equals one entry in this 'index' text file.

Another clarification:

Nothing from this mini-script is actually making changes to the 'index' text file itself.

The 'cat' command -- that sources / reads-in the text itself -- only *reads*, so what the user and script deal with is a *stream* ('standard input') of text, read from the text file, that ends up on the screen, in whatever processed form.

The user is effectively doing a *database search* -- which is definitely *non-destructive* / non-modifying.

If the results of any such retrieval should be *saved*, the lines / script can be ended with a 'tee' command, to stream that screen-displayed output into a specified new text file, like maybe '220328_index__4search', or something.

[BlutoSays]

All these "tools" to navigate around windows. How about just downloading Mint or Ubuntu Linux and installing it. So easy! No viruses to worry about, great support for just about every peripheral on the market and it's free. It runs much faster because let's face it, Windows is a pig (the Windows operating system is like 40+ gigs out of the box. Linux is 12 gigs and it's been refined for decades)

If you're not sure, burn an iso to a DVD and run it from the DVD player in live mode to try whichever browser you want, Open Office, and connect to other systems. When in doubt, but a cheap SSD HD, replace the one you have and throw it on the shelf in case you want to go back to it. Linux is rock solid today with no need to know command line programs, for those afraid of that. It just works out of the box.

[BlutoSays]

Any tools that would help us hack the Kremlin?

That you're asking is kinda cute, I must admit. Rancid takes on a capable nation state cyber actor and makes them drop their microphone like no one else has.

Kali Linux and OSCP training! Git 'er done!

[ckaihatsu]

@ckaihatsu

I have never tried puppy linux. Is it Red Hat or Debian based? I am assuming the operating system is loaded from mass storage it's just a very lightweight version of Linux. Is it lighter than Lubuntu? Do you know? I just finished using GParted to partition out a 500 GB external SSD drive. Half of it for backing up my Windows 10 partition on my laptop. I am using GPT partitions and then formatted the first partition in NTFS.

Second partition I formatted Linux ext4 file system. That second partition I will use to back up my Linux Ubuntu 20.04 partition from my laptop on my dual boot onto the second ext4 partition of my external SSD drive. That way I can maximize the use of the SSD drive for backing up both my Windows 10 and Linux Ubuntu 20.04 partition on my dual boot. I just got Linux Ubuntu 20.04 installed. I going to be customizing GRUB here in a minute so that it is an effective interface for choosing which operating system to boot into when I fire up my laptop.

Is Puppy Linux also supported? If it is lighter then Lubuntu and it's supported then it's an ideal candidate for laptops, desktops and devices that have older more slower hardware on them.

I got an SSH server running as a Lubuntu desktop but what I want to do is go ahead and use the external SSD drive, back up that server and then install ONLY the server (without any guis or desktop versions on the server ) of Ubuntu SSH with Fail2ban and Samba. I wish I could put Samba on a different old computer but I don't have another old computer laying around so I have to put both on the older laptop and run those three daemons off of it. Fail2ban is good to have with a hardened SSH server though. Samba is not a remote server, just an internal server I use in my home network.

Hey, PO, was looking through the thread and I thought I'd pitch-in that I found sshfs recently.

[Politics_Observer]

@ckaihatsu

I have never used sshfs. I have used SSH but not sshfs. What's sshfs about?

[ckaihatsu]

@ckaihatsu

I have never used sshfs. I have used SSH but not sshfs. What's sshfs about?

Just look into it. Report back on your degree of happiness. (grin)

[Politics_Observer]

@ckaihatsu

I looked it up here. Seems like a useful tool when you are writing code for a project:

In many cases it can become cumbersome to transfer files to and from a droplet. Imagine a development usage scenario where you are coding apps remotely and find yourself uploading a script repeatedly to your virtual server to test. This can become quite a hassle in a very short period of time. Luckily there is a way to mount your VPS file system to your local computer so you can make changes on the fly and treat your droplet as local storage. In this article, we will show you how to do exactly that.

https://www.digitalocean.com/community/ ... s-over-ssh

[ckaihatsu]

@ckaihatsu

I looked it up here. Seems like a useful tool when you are writing code for a project:



https://www.digitalocean.com/community/ ... s-over-ssh

And you're *not* jumping for joy right now -- ?

[Politics_Observer]

@ckaihatsu

And you're *not* jumping for joy right now -- ?

New tools come out all the time. I am not going to "jump for joy" at every new tool that comes out in IT given that technology is constantly changing. This tools appears to just use SSH to securely and remotely mount file shares so you can more easily access them in a secure manner from your current location. Not a big deal. At least not to me.

You can use NFS, Samba, OpenLDAP, LDAP to communicate with servers or bind file shares or directory binds in an insecure manner. If you want to communicate with them securely, you can simply use LDAPS (Lightweight Directory Access Protocol Secure, which also uses TLS or SSH to securely communicate with file shares and securely bind directories) if you are using a network that authenticates users first before allowing them to communicate with various servers within that network.

Microsoft's commercial version of LDAP, which is Active Directory, also uses Kerberos to securely identify devices and prove their identities to each other while communicating over an Active Directory Domain, plus it can limit the time frames in which users can remain active on a LDAP network. To enhance security further, using LDAPS protocol allows for the encryption of LDAP data in transit during any communication with a server or authentication server, thereby protecting communications. It also allows for secure directory binds within that LDAP, OpenLDAP or Active Directory network.

[ckaihatsu]

@ckaihatsu



New tools come out all the time. I am not going to "jump for joy" at every new tool that comes out in IT given that technology is constantly changing. This tools appears to just use SSH to securely and remotely mount file shares so you can more easily access them in a secure manner from your current location. Not a big deal. At least not to me.

You can use NFS, Samba, OpenLDAP, LDAP to communicate with servers or bind file shares or directory binds in an insecure manner. If you want to communicate with them securely, you can simply use LDAPS (Lightweight Directory Access Protocol Secure, which also uses TLS or SSH to securely communicate with file shares and securely bind directories) if you are using a network that authenticates users first before allowing them to communicate with various servers within that network.

Microsoft's commercial version of LDAP, which is Active Directory, also uses Kerberos to securely identify devices and prove their identities to each other while communicating over an Active Directory Domain, plus it can limit the time frames in which users can remain active on a LDAP network. To enhance security further, using LDAPS protocol allows for the encryption of LDAP data in transit during any communication with a server or authentication server, thereby protecting communications. It also allows for secure directory binds within that LDAP, OpenLDAP or Active Directory network.

Well, to me, anyway -- this is the *promise* of Linux, that ultimately one wouldn't *have* to depend on proprietary and/or commercial formats, and (iconically) over the networking itself.

So that's what *this* does, all transparently and effortlessly for the user, once set up (the 'sshfs' mounting command itself). And all *that* (command) takes is a specification of a remote network address, and a local directory mount point (location). That obviates all of *your* conventional protocols, no offense.

So, yeah, obviously I *like* it.

[Politics_Observer]

@ckaihatsu

You can transform a Linux server using OpenLDAP to authenticate users into a Linux network similar to the way Microsoft does so with their commercial implementation of LDAP. You can also use Kerberos with a Linux OpenLDAP network. Moreover, you can encrypt and secure your communications using TLS with a OpenLDAP Linux network as well. You don't have to use Microsoft's commercial version of LDAP to get the same results. I like Active Directory. It's a great product that Microsoft has. It's easier for people to use, especially if they are not familiar with Linux.

You have to bear in mind, for companies, using Linux comes with hidden costs such as training users on how to use Linux and the vast options that come with Linux. The learning curve is much higher when you use Linux even though it's free to use. Training costs a lot of money too. Whereas, the cost of using Microsoft products is paid up front and those costs are not hidden from the perspective of a company.

Plus, they don't have to train their employees as much when using a Windows Active Directory network. This is why, in some cases, a company might opt to go with a Microsoft Active Directory domain rather than setting up their own Linux OpenLDAP network. You gotta have people with a lot of technical expertise to setup a Linux OpenLDAP in a secure fashion and then perhaps to use it afterwards or make necessary changes to it as time progresses.

[Politics_Observer]

@ckaihatsu

Here, I found this link for you: https://www.openldap.org/doc/admin24/tls.html

[ckaihatsu]

@ckaihatsu

Here, I found this link for you: https://www.openldap.org/doc/admin24/tls.html

It's easier [OpenLDAP] for people to use, especially if they are not familiar with Linux.

Filesystems sharing / networking, is fairly *generic* and fairly low-level -- so the rest is basically *implementation*, meaning the 'front-end' windows and menus (GUI), and any institutional corporate culture over the same, etc.

Over the *network* everything is interoperable, which is the *point* of (TCP/IP) networking. A remote drive on your file directory sidebar could be attached there by any *number* of networking protocols, as we've been outlining, and it *should* ultimately be effortless and transparent in operation to the user, for maximum utility.

Implementations *on top of* these networking protocols could be any kind of *groupware*, as with cloud services, or whatever, which is where I think *your* concern lies-with -- *UI* and/or usability.

[Politics_Observer]

DuckDuckGo search engine is a good search engine for those who value privacy. However, DuckDuckGo does not return as good of results as the Google search engine. The tradeoff to using the Google search engine is the fact they track what you type in the search engine. Given that is the case, if one wishes to obscure what they type into the Google search engine to assure their privacy much better and make it difficult for Google to ascertain exactly what you typed in the search engine, a good extension to use is the "TrackMeNot" extension.

When using the extension, you want to have it run in the second tab of your browser for it to work correctly. You can also use the extension in various other search engines too like Yahoo, Bing, and Baidu. However, personally, I only have Google selected since that is really the only search engine I like to use. You will see in the second tab where the extension will constantly type in various searches. I merely use it because I am a student of cybersecurity and enjoy my privacy. Not that I am typing anything crazy in the search engines or anything. To me, it's just a new and interesting tool. Here are the Google Chrome and Firefox extensions for this tool.

https://addons.mozilla.org/en-US/firefo ... rackmenot/

For the Google Chrome TrackMeNot extension, I do not use the Google Chrome browser given you get better privacy and security with Firefox (though the tradeoff is that Chrome is more lightweight and performs better). It appears that you could download the Google Chrome extension perhaps directly from the TrackMeNot website. Doesn't look like Google Chrome really welcomes the TrackMeNot browser extension for their browser, which is understandable because it makes it harder for the Google search engine to track what you actually typed into their search engine. Here is a possible browser extension for TrackMeNot for Chrome directly from TrackMeNot's website: https://trackmenot.io/

[ckaihatsu]

Introduction

rootkit

viewtopic.php?p=15161660#p15161660

Noticed that I used the term 'rootkit' incorrectly. Apologies for any inconvenience.

[Politics_Observer]

For those who wish to upgrade their desktop or laptop computers and know how to properly do it without frying their motherboard (make sure to always use an anti-static mat, anti-static bags, and anti-static wrist band), there is this website you can use. You can use the freeware CPU-Z and this particular website. The website offers a tool where you can download it on your computer, it scans the computer and then lets you know the maximum upgrades as far as a hard disk drive, SSD, or RAM and exactly what kind of upgrades they are. Here is the website: https://www.crucial.com/