This is a general thread for discussion, questions and help about cybersecurity and related topics. Before asking questions, consider these helpful resources:
Hello, I've got an Intel Centrino 6300 Ultimate and I'd like to use aircrack-ng with it. Which patch would I need for injection with aireplay-ng? patches.aircrack-ng.org/
Ryan Sanders
Where to get the LinkedIn db?
Mason Diaz
google "site:thecthulhu.com "linkedin data dump"
you can get most of pic related from thecthulhu.com, except the patreon one
Xavier Walker
How good are jobs in netsec? Both pay and "fun". Currently going for my masters, and I don't wanna become a programming drone.
William Adams
Anyone else going to the cisco security conference in toronto
feb 9th.
Cameron Lewis
netsec jobs will make your hair turn grey before you're 30. super stressful. always on the defensive, trying to defend against things like zero days you didn't even know were possible.
Jaxon Murphy
>tfw no botnet
Aiden Flores
I hope you guys don't mind me asking real quick:
Sup Forums doesn't think the "election hacks" were actually organized by russia/putin, right? As I recall, Podesta fell for a phishing attack that a motivated high schooler could have set up.
Or am I falling for some double-think here?
Jason Sullivan
>As I recall, Podesta fell for a phishing attack that a motivated high schooler could have set up. yeah, the "hack" wasn't even a hack, Podesta literally gave away the password through the phishing attack even if Russia did orchestrate it, it could have been done by anyone with a little bit of knowledge about hillary's campaign and social engineering
Adam Cox
After reading through the report it was a a 6 year long targeting phishing campaign so not something a motivated high school kid could do could do unless he started in middle school. So more then likely it was some sort of state sponsored attack but there isn't any giant glowing neon sign in pointing to Russia being that state although they are definitely high on the list of people who would do it.
Oliver Reed
These threads will never do well...
Leo Murphy
I like these threads tho
David Harris
OP here, I'll just keep making them for a while until I get bored, there's been some decent discussion yesterday. I realize it's not the most popular kind of thread though.
Andrew Sanders
expect it to be very hard to get a job out of college you most likely going to need years of experience doing normal network maintenance
Gabriel Sanchez
i find the main problem with these threads is that Sup Forums in general is severely under experienced and uneducated on security topics in general most of the time when you see a security topic pop up it turns into a philosophical/political debate and everyone is on their high horses rather than discussing the technical aspects of what happened
Lucas Stewart
The one time Sup Forums is like the general population. Security is so fucking important, yet not even all Universities teaching CS have mandatory cryptography/netsec courses.
Ryan Hughes
i understand why a university would not teach cryptography since is it far more math intensive and is almost mandatory to major in math but i thought by now network security would at bare minimum be offered
Ryder Walker
It's not that math intensive. If you get modular arithmetic you have a lot of ground covered already. Throw in some basic group theory and you'll be able to understand most block ciphers and some asymmetric encryption standards. Elliptic curves and shit are higher level though, I give you that. But I agree with you, at least some netsec training, ffs.
right now it is not too math intensive but i believe learning more would help improve what we have already also you are going to have to learn some basic statistic for cracking ciphers
Alexander Morales
Right, forgot about differential cryptanalysis. The necessary statistics knowledge was kinda taught along the way in my course at least.
>this isn't in the OP >ssd.eff.org/en Just shoot yourselves
Adrian Taylor
also do not forget linguistics of English and foreign languages
Kayden Flores
Gonna add those links/polls to the next OP as well, thanks!
Consider me dead
Brody Richardson
that information is dated but is not a bad start
Luis Howard
Here is more
opensecuritytraining.info Beginners.re
Levi Clark
I love my work and the pay is great. Do something so you stand out from the other applications. Example: Get OSCP.
William Bell
if someone drew them with a 328-PU i would immediately nut in my trousers
Juan Ross
Your mother is dated and bad
Jace Sullivan
Gentoomen... I have a question.
If you knew your computer had been compromised with Stuxnet style malware, how would you go about retrieving your data without infecting a clean computer?
I assume, the malware is loaded into memory at boot, and infects any storage device that's plugged in?
Would if have the ability to write itself to firmware of USB drives, harddisks, DVD drives? Or, is this impossible?
Evan Edwards
AFAIK "Stuxnet-style malware" is Windows-only, so if you have physical access to the machine, you can simply load up any non-Windows OS and recover your data (carefully).
As long as you don't boot into Windows, you should be fine.
Thomas Bailey
I am new to Sup Forums, about 3-4 month I've been lurking (on imageboards since 2009 though, always was fond of tech-themed boards). I've first seen /nsg/ just yesterday, and today's thread is way better than those I've looked up in warosu/g catalogue, thanks guys.
So, if you're going to do netsec games, may a beginner fit for a team (these are done in teams, right)? I have just over a month of python experience and am familiar with all the tech buzzwords cause buzzwords were my only interest on chans due to my dedication to not-tech-related degree. Well, I had been running Ubuntu on laptop for several years and have 1 year experience of Arch desktop back in 2011.
Andrew Butler
certcollection forum has some things umight be interested in
Daniel Cooper
[email protected] op email me so we can talk and improve this thread anyone else wants to help is open to email me here too
Samuel Collins
ctf can be done in a team but most of the over the wire games are for single people but they are very beginner friendly like offering recommend reading material to solve each problem
You guys got any ideas for things a cyber security club can do besides CTF competitions and practicing for CTF competitions?
Henry Long
basic cryptography challenges and maybe after some time to build trust auditing each others system
Charles Adams
also auditing software someone has wrote kind of along the lines of a bug bounty
John Long
I'd be wary of letting people run audits on personal computers but setting up some host machines we practice exploits on to be audited would be a neat idea and cryptography challenges sound like a great idea that I feel stupid for not thinking of thank you.
Jaxon Lee
yes running audits on personal computers can lead to terrible things but what about running vms?
Bentley Hall
we can run cyber war game which is basically a ctf but with a defending team but the defensive team does no have prior knowledge of what they are defending
Jace Powell
Please set up an IRC or xmpp for cyber warfare game, I want to discuss and participate.
No discord bullshit.
John Richardson
The some thousand dbs you don't have that you can get with just a little basic hunting.
