Why is it so empty? >It is a rough copy of curated resources. As we have seen how well 400GB ebook torrents work, it was decided to make something easier for everyone to digest. More will be added.
IRC: >There are none that are reputable. Start your own and invite only people you think are serious, lest you become like the old channels. It's not recommended to interact with anyone from the overarching Sup Forumsentooman community. >This general is a tool, not something to substitute as your identity.
Communities: >There are many, none public are worth the time. Look for individuals with aptitude.
What? About the general, congrats, I like the idea. Just don't forget to mention DNScrypt. Everyone should install that in their computers and routers.
Landon Sullivan
>Security Focused Operating Systems OpenBSD LibertyBSD Parabola GNU/Linux Arch Linux Gentoo Alpine Linux QubesOS Whonix
Ive finished taking notes from the first CCNA Cyber Ops exam book (SECFND) and will now parse my notes over and over until I have all the concepts embedded into my skull. Should sit this exam in 6 weeks, assuming work stays as quiet as it does.
At home I am going through >penetration testing by georgia weidman >hackers playbook 2 >slowly building a real virtual data centre That one is for two reasons; to get my sysadmin skills up, and so I have something real to target; doing SMB exploits on unpatched windows boxes has lost its charm. I want to get my automation skills up so I can rapidly deploy a domain.
>runoff for Sup Forumspunk What? Please detail a bit further.
Cameron Morris
Oh for fucks sake. The cyberpunk LARPers.
Cameron Edwards
looking to purchase the most secure and private smartphone (out of the box) budget for £500 what should I get? blackberry keyone?
Joshua Jackson
Yes I get the part about them being LARPers but I don't get the part where they ran off to #Sup Forumssec.
Blake James
/sec/ was a thing on Sup Forums about a year back, had a much better OP
Blake Diaz
OPSEC and malware analysis. Currently following up on a large archive of advice dumped by the ew crowd.
You should post your notes if they're digital, they might help out others. See: It's a holding pen for Sup Forumspunk when it gets too crowded. No one knows anything.
>out of the box None. Get as low-tech as possible, flash and disable unnecesary hardware, and replace kernel.
I'll find and set it up.
David Hernandez
The cyb/sec general would list ONE irc for both, separate topics. Part of the reason why the demerge is occurring. To reclaim and have our own space.
Angel Myers
>You should post your notes if they're digital Negative ghost rider. I do on paper notes. Something about reading then WRITING it down makes it stick in my head. It does make it awful to hold onto later on though. I have manilla folders filled with loose leaf paper for random topics.
>None. I'm asking whats the best out of the box option for a smartphone, not a good option, but the best available
Dylan Edwards
I really don't understand your point, the channel is devoid of discussion because barely anyone springs up one, not even the LARPers.
What the fuck are you even talking about, #Sup Forumssec was made when /sec/ springed up back again.
Daniel Reed
>secure iphone >private literally nothing. genuinely, and unironically, no smart phone is private. ios exploits are the most sought after thing in the goddamn world. because its not a flaming pile of dogshit like android
Liam Rivera
Generic tracfone, bought in area with no CCTV, paid in cash, activated with fake info 1000km+ away from anywhere you visit.
Smartphones are by design terrible. If you want breadth of features, any android phone without SD. Install f-droid and have fun. Others have issue with the IRC. The main problem is it's not good, that is all.
Anthony James
whats the tech word for people trying to get you, attack group or red group or something?
Connor Ramirez
>attack group or red group or something Red team and APT
Noah Peterson
Read Team for offense. Blue team for defense.
Aaron Young
that doesn't seem right, think it was scope something sorry for being so vague
i would like to voice my opposition to the forceful de-merger by a handful of anons who took it upon themselves to do it, as someone who started with the cyb, and made my way to sec. but i suppose i might as well lurk and see how it shakes out.
Joshua Cox
Please stop pushing comptia. It was you in the other thread who wanted that n+ to be put in the pasta didn't you. Their certs are literally useless. Just wait until your exam.
Michael Ortiz
Kino. As long as there is shit throwing from either side, it is a free market.
Liam Martinez
This isn't a democracy. Bask in the irony all you like.
Noah Sullivan
>Kino W-wut
Parker Stewart
>Others have issue with the IRC. The main problem is it's not good, that is all. Then make it good? Owner of the channel here, I'll take any suggestion that I feel is good. Joined the #Sup Forumspunk channel for first time and for a second and saw a lot of common people in both, I could purge everyone if I feel that's what people want, I don't want quantity but quality of people in the channel, and some discussion if possible.
Could also put a password on the channel that needs to be unlocked as a flag or something.
Also people having severe issues with IRC are just mongoloids that don't even deserve into /sec/ and you can't prove me wrong, and the IRC guide was a mistake.
Cameron Kelly
Sup Forums vernacular that has devolved into "nice."
Changing the name and removing the Sup Forums so larpers don't join is a good start. Removing voice from anyone that doesn't have a certain amount of flag points/ isn't verified to know what they're talking about is better. >Could also put a password on the channel that needs to be unlocked as a flag or something. This is good. I know a discord server for CTF uses this. They have a bot and ranks. >Also people having severe issues with IRC are just mongoloids that don't even deserve into /sec/ and you can't prove me wrong, and the IRC guide was a mistake. Yes.
>Q: How can I get the password for someone else's account? >A: This is cracking. Go away, idiot. >Q: How can I break into/read/monitor someone else's email? >A: This is cracking. Get lost, moron. Kino.
Daniel Davis
>Owner of the channel here >Also people having severe issues with IRC are just mongoloids that don't even deserve into /sec/
Improperly setup is useless. Properly setup is good. Most likely if you need to ask you don't have the resources to setup properly. Is it terrible? I skimmed and it seems like regular jaron file.
Austin Gutierrez
People who tell you not to use a vpn are mildly retarded, and people who tell you to use a vpn without also telling you need to combine it with Tor to be of any effect are more than likely just as retarded.
A vpn is for privacy, not anonomity. That is what tor is for. A vpn is not a magic bullet, and the people saying not to use one, are the sorts who found out that's it's not a be all and end all.
Evan Harris
>Is it terrible? Typical >cracker not hacker! type thing. That grinds my gears so fucking badly.
Jaxson Russell
I've tried some out but never bought any or used one permanently.
What does set up properly mean to you guys? The ones I've tested worked well, just looking for more clarification.
William Martinez
Yeah. I'm not doing anything illegal. I just want to have privacy when connecting to a public wifi or at school, on a plane. etc.
William Evans
>I just want to have privacy Oh, well you're sorted then. Vpn it is.
Tyler King
>"Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does." Besides some historical shit, it seems pointless to have in a general anyway. Regular VPN is fine for your usecase. Better to state intent with your question too next time, some are autistic and will go off on tangents.
Hudson Davis
The reason I named the channel #Sup Forumssec was just for the Sup Forums "naming convention" of IRC channels, I could for sure just nuke this one and swap to #/sec/ but I actually like the name.
I seriously don't have much time this week, but could start doing some stuff if I could get some help it would be amazing, never gotten much help from anyone really. Could start with nuking everyone from #Sup Forumspunk, although that will take some time, because obviously some sort of filtering should be done, namely just me filtering those that were actually more /sec/ than /cyb/.
People voiced were already those that had done stuff in CTFs, I was just keeping them voiced to give that sort of feeling that the channel had some sort of life and for people to start discussions or something.
Also I have the hacking.moe domain, could use that for the CTF to join the channel and finally give it a proper use.
Y-you too.
It all ends up in trust issues with those saying no to VPN, you could just route through tor too like said.
It's the MIT term of hacker.
Parker Wood
Thanks guys... I appreciate the help. I might go with Trust.Zone VPN, still debating on buying a one month.
Isaac Morris
>The reason I named the channel #Sup Forumssec was just for the Sup Forums "naming convention" of IRC channels, I could for sure just nuke this one and swap to #/sec/ but I actually like the name. There is no problem with keeping Sup Forumssec as the name, except a larger flow of users will need to be filtered. Sup Forums also doesn't mean what is used to five years ago, this is just another shitposting board.
I'll be glad to help with the site and IRC. I'm busphere on Rizon.
Juan Hill
Trust.zone is cheap, but most recommend is PIA. If it's regular browsing, it doesn't matter, but trust.zone keeps logs.
Nathan Walker
I've heard a lot more negative about PIA..
I've heard the best about NordVPN. I used trust.zone trial and it worked well, I know they log bandwidth. According to that chart.
Ian Peterson
>I've heard a lot more negative about PIA.. This. I rolled my own VPN with alibaba for $30 a year.
Jaxson Rogers
how to disappear completely from the internet/freeze what is being stored?
Ethan Thomas
Start by obscuring all of your info on current accounts.
Aaron Cox
You can't. The best you can do is abandon all your previous online presence. The internet is forever. You should know that, unless you're a newfag
Parker Sanders
What do you guys think about njal.la/ ? Been considering them a while. Any experiences to share?
William Nguyen
Does PRISM still even work anymore now that ICANN isn't a government organization?
Xavier Flores
that's cause /cyb/ is pretty much an overlap with lainchan (the mlg h4xx0rgz fr33d0m fighters lul)
Jordan Lopez
It's called XKEYSCORE now. Muh sci-fi bookclub, so soykaf.
David Harris
No experience, but seems like a gimmick. WHOIS Guard is good enough if you're not doing anything illegal.
Chase Cox
What is this, the 5th time we've tried to seperate? We need the larpers to bump the thread. Asking "what does cyb have to do with sec" became so pointless it was a meme. You'll see. Also their OP pics were better.
Nathaniel Rodriguez
t. butthurt /cyb/ larper Go to /tg/
Gabriel Kelly
Lol nice meme defense, I'm an IT Sec Analyst out of Vegas I've been here lurking forever. I've seen the thread split before. Always goes back. You guys need to just give it up. We barely had 40 active posters as it was, if that.
Jose Perry
This time it'll be different.
Jacob Moore
>security focused systems >arch fucking what?
Christopher Parker
History is not with us.
Kevin Lopez
Don't know if it's been posted already but I want to contribute to the first /sec/ thread so
Linux distros without systemD
4MLinux Absolute Linux Amazon Linux Bedrock Linux Calculate Linux Cromnix Dragora Dynebolic Funtoo Linux Kwort Linux Legacy OS Linux Console Mate or LXDE desktop Milis Linux NuTyX Openwall OviOS Linux Pentoo Pisi Linux Plamo Linux Plop Linux Porteus Porteus Kiosk PostX Redcore Linux SalentOS Simplicity Linux Spark Linux Star Linux Tiny Core Linux TLD Linux Vector Linux Void Linux Window Maker Live Zenwalk
Feel free to add any I forgot.
Hunter Gomez
Security is not privacy. Those are two different things.
Asher Robinson
Greater control. They were another's recommendation. Thanks, user.
Carter Cruz
Forgot Source Mage and Gentoo I think it's only an option to use systemd
Aiden Gonzalez
Ok sure. Security is a tool and privacy is a problem security solves. What's the point?
Angel Campbell
i don't think arch has any place on that list. you have no more control over arch than you do over ubuntu or gentoo or debian etc. also why is hardenedBSD not in the list? literally a fork of freebsd designed for security
Isaiah Green
I believe Alpine Linux doesn't use systemd.
Aiden Edwards
I dislike putting this directly tied to CTF points like ctftime if that's what you are talking about. It's bad enough we are making hacking an esport, people still need to be able to ask the occasional stupid question. /r/reverseengineering (plebbit) manages to get by fine with very few barriers to entry. You need to create a culture of excellence in the channel rather than just exclude retards. If you focus on exclusivity the channel will eventually die because old fags will leave and no one wants to jump through hoops for a Mongolian shadow puppet boards /sec/ thread.
Asher Perry
HardenedBSD is just OpenBSD with lesser code quality. This is a good point, but how do you achieve it without turning into freenode 1000+ user mess? I have some ideas, but using them with IRC will be heavy.
Bentley Scott
First don't frame it as a hacking channel. Keep the focus on stuff like upcoming ctfs, industry news, sharing research etc. Hacking channels bring all the morons out of the woodwork. Kicking retards asking for how to hack their friend is fine but if everyone in chat is talking about sha2017 or something it sets a tone.
Liam Phillips
Thank you.
Ayden Johnson
Who says the CTF stuff will be hard, it's just as an entry barrier. And the occasional stupid question can usually be answered in the thread or in another more proper place.
Silly questions are usually asked by skids that can barely breath and type at the same time anyway.
>First don't frame it as a hacking channel. Keep the focus on stuff like upcoming ctfs, industry news, sharing research etc. That was literally what #Sup Forumssec was trying to accomplish, but it had barely any activity.
Jonathan Flores
How can I use Fiddler for Malware Analysis? Do I need to be in a VM to be safe?
James Price
Fiddler checks HTTP traffic on webapps. You don't need to use a VM, but it's pretty much mostly for browser work.
Robert Perez
Wrong it works on any application not just browsers.
Logan Gonzalez
I asked something similar here a few weeks ago and the guy reccommended vm with windows + procmon + netmon.
Nathaniel Carter
Yeah, I forgot the uses of HTTP in non-browser malware.
Jayden Edwards
>Encryption key distribution via chaos synchronization
That's why it's being compared with OpenBSD, not FreeBSD.
Evan Clark
My bad hombrè, misunderstood
Charles Ortiz
It's no big deal, दोस्त
Alexander Hall
Ty
Jordan Martin
Anytime, compadre.
Jace Wright
security focused OS, not one pentesting distro amongst them..baka
Nicholas Cooper
>An empty OP. >Don't interact with anyone! Whoa, I'm sure this'll last long.
Easton Barnes
>pentesting >not half a step above a cracker kiddie ...
All jokes aside, you can cross-compile many tools that are in Kali Linux, Pentoo, and BlackArch (+ BackTrack, etc.) for whatever distro you're using, bud.
Looks like you're in the wrong place, amigo.
Charles Evans
>Looks like you're in the wrong place, amigo. You don't own the Internet, nor Sup Forums.
Hunter Jackson
Install DNScrypt, isolate your network (don't let devices see each other). Hide your modem, if you type 192.168.0.1 or 192.168.100.1 you shouldn't see the modem login or info page. Install dnscrypt in the router. Only one computer should be able to log into the router. Create a separate vlan to log into the router. Ideally you must physically move to the router to plug the Ethernet cable into the right port. Don't manage your router while being online.
Gavin Bell
I work for the masked men they call Sup Forums.
John Ward
This is interesting, where did you learn this?
Kayden Hall
ive been using backtrack since forever, done me good so far..cant see why ide want to use another distro when everything is already there in one OS?
Jace Morales
It's up to user choice. I don't use backtrack because it's linux. BSD works well for me.
Brayden Jackson
wouldnt checking for DNS leaks once connected to vpn show if anythings amiss?