Binrev Financier
  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by tekio

  1. What are some Linux desktop application you cannot live without? I am really amazed at how Linux has come over the past few years as a desktop operating system! No more than 5 years ago I had to run OSX to get the best of both worlds: a decent core computing platform with good productivity tools. However, in the last few years it is now a reality: Linux easily can match MacOS as a productive desktop platform. So apps making this possible for me: Productivity: - LibreOffice or OpenOffice - Google Keep (Chrome App) - Simple Note - Makagiga (todo manager a little more robust than what Google Keep can offer) - Draw.io (chrome app) pretty polished, robust and free diagramming app - Journey (Chrome App) Journal app that is pretty polished - Caret polished cross-platform markup editor (simplenote just too many features for professional use) - Dropbox is cross-platform and the free storage plan is good enough to sync important files across systems Development: - JetBrains IDE's PHPStorm, WebStorm, and Pycharm (community) - Komodo Edit - offers a code runner, RegEx Toolkit and HTTP Debugger. Pricey but every few years it will go on sale for about 99 us - SublimeText - worth 75 bones for me. Atom just takes too long to load. - RazorSQL - about $99 for a cross-platform SQL swiss-army knife. - MySQL WorkBench - Virtual Box - VMWare Workstation (this supports level-1 nested hypervisors better for learning Hyper-V and vSphere) - CMD tools of course is where Linux is a powerhouse: phpbrew, Python, GIT (dropbox works well for small repositories :-) ), Vagrant, PHP, MySQL, etc... - Leptop code snippet manager Web / Internet / Networking - Chrome - Firefox for its dev extensions - HexChat - FileZilla - WireShark (duh) - nLoad - nTop Media: - VideoStream (Chrome Plugin for streaming to Chromecast) - Gimp - VLC - Pix image viewer
  2. EDIT: to further elaborate in computer science terms: let's pretend we work for a law-firm needing to search contents of PDF files. They have thousands. We index PDF files on Micoshift. Then all of a sudden notice nobody can login into the domain. Since everything is centralized authentication and it costs an average of 5000.00 per server in licensing the these files were put onto a Domain controller. We are finally able to get in and see the Windows Search Service is taking 100% resources indexing PDF files. This is fine for three hours or more, But these PDF files are edited daily and tie up our Domain Controller all day long Like most MCSE Microshift experts, we ignored best practice of leaving Domain Controllers to handle AD only. Besides, we already have separate licenses for SQL Server and Exchange running on two separate Windows Server Virtual Hosts with client access licenses for 500 users (5 grand or more each). So with our Domain Controller acting as a file-sever, nobody can login? Our slow searching, but easy to find file-system for end-users is needing to index all day long. So now we have a huge task: meeting to secure another 5000 in IT resources. Moving Terabytes of files to something with a more efficient file system in the sort-term (like a 500 dollar NAS running what kernel? (either BSD or Linux). As well as the immediate problem that Windows does not control tasks like Linux. So before we can even troubleshoot, more than likely we need to reboot the Winshaft server for any Admin access.. The admin could an extra CPU socket to try and pick up the slack, but that involves an upgrade path to Server Enterprise with new CALs. That is a scenario I've dealt with before. Linux? Much for efficient and a shell script can written to find whatever some CEO who cannot name files needs.
  3. They need to be more specific, re-write the application outputting file names, or learn to name files better "Hoigy & Spymler" You would run a case insensitive search with built-in logic "WHERE company_name is LIKE Hoi% OR company_name LIKE hoi%" That will be handled at the application layer, not the file-system level. Issues are in procedure if you're not storing this in a database. Even though case-sensitive provides both faster search and sorting with extensive searches at the file-system level (looking at bits) we have been using databases for optimizing searches like this since the 1960's. In your case when storing client files as text you'd need to fully use find, grep, egrep or awk with RegEx. With much power comes responsibility. So like I stated, if you're a computer science person you want case-sensitive - if you just need to find file names and not be worried about optimization Fat-32 or NTFS is fine and dandy. It all comes down-computer science: there are 100 ways to do anything. But only a few to do it right, MS chose something more user friendly.
  4. May I please handle this? Thank you! We are mostly Developers, System Administrators, and Analysts. Linux can send a 3000 page Office Document like a champ. Bits are transparent moving across the physical wire. I'd wager one year's professional salary Linux boxes move more Word Documents than Windows platforms. Are you Recptionist? My GF is and can use Word and Excel like a pro. She is actually certified in Excel and Power Point, the certs hang above her cubical. When a Windows System Admin, I ran my Win10 Pro workstation in a VM (level2 hypervisor) on Linux. I could backup snapshots and have an IT workstation in case the worst happened and some CEO infected the entire Domain with some CIA Bitlocker MS-0Day variant. Simply boot Linux, put virtualized nodes on HA, and then run automated re-installs. I could also do simple but professional level I.T. things without needing a CAL for every other connection. but capitols are different letters. should ms revert to case insensative passwords? Really, this shows a serious lack of Computer Science knowledge. :-)
  5. "Well, sweet little sista's high as hell, cheating on a halo
    Grind in an odyssey, a holocaust, a heart kicking on tomorrow"


    Does the volume got to 15? Buahaha! :-)

  6. Unsure if this counts. I made an online digital footprint for a fictitious person. Subscribed to a bunch of random stuff online, submitted information with a the fictitious address, browsing history with Google, etc... etc... etc.. USPS still delivers mail to this person about once every few weeks. They have a Facebook, twitter, etc..... where posts and comments were made to put them in a specific demographic class. Every few days there will be mail for this person on the top off the mailboxes where I live because the postperson cannot find unit #1337. Buhahaha!
  7. Once they come up try re-scanning, then re-adding into your ARP Poisoning list. Perhaps they were not responding to Mac Address probes. Are they on the same broadcast domain as APR? Could the switch these hosts are on be preventing ARP Poison Routing? If I remember, a host may not be found for some reason when ARP scanning (like just came up or didn't respond ton MAC Scans). Then when ARP Poisoning it can be detected. However may not have been assigned in the ARP Poisoning Dialog where hosts are assigned to be "spoofies" of the "spoofed" They may be receiving Poisoned ARP requests/replies but not in Caine's table to route. Test this in a lab. It has been a while since I've played with C&A. Also, there are lots of other networking scenarios. What operating system are they? Windows sometimes would still allow ARP poisoning with static ARP entries, but Linux and BSD would not. Unsure if Windows has changed. It could be the TCP/IP stack getting confused and then sending traffic to the real gateway based on a host IPS. So many possibilities. But make sure these are being assigned after your MAC Address Scan. Then look for a host-based contingency, finally check network traffic in Wireshark to see what is happening on the LAN.
  8. "Half Routing" means you are probably DOSing hosts on the LAN. If you are in a "lobby" there will probably be a Sys Admin walking around with a shotgun looking for you (really, probably only a few security guards).
  9. Thank you Simple Note! For making a native Linux app with markdown you are AWESOME!  Good bye Evernote! Your web-app just sucks as do your mobile apps! Here is a hint: functionality over JavaScript blinking and sliding widgets!

  10. - cue Paranoid by B. Sabath.
    - Python DNS audit script running
    - scan for port 1723
    - scan results for open 21
    - admin:admin, admin:password,admin:1234,admin:12345,admin:123456
    - I pwn your PPTP and they cant find me........


  11. oh.... snap.  Didn't see that one coming. :-/

  12. Being Pythonic about things.

    1. TheFunk


      So long as you're being completely pythonic and not being 3-5 python 2.7 modules sprinkled into a larger project written in some other language like C.

    2. tekio


      from future export __past__  :D

  13. trojan

    I actually worked in tech support for AOL back in those days. At 19-20 something was the best job ever. Not only did I get free "all you can eat" Internet back in the early 90's; but they paid me overtime to browse the web all day/night long while helping people put a CD in a computer and configure a modem. There really was no downside until they finally went out of business.
  14. A noob could spend 10-15 years in sheer frustration, if they start out with coding exploits from scratch. :-P
  15. "Conjunction, junction - what's your function?".  Dang I loved School House Rock!

  16. This thread has inspired me to purchase a huge CRT Sony Trinitron from 1994. Then set it outside some apartments just to watch people try an lift up. The only flaw is, I will need to carry out there.
  17. Imagine if the Internet regressed back to 24.4, 33.6, or  56K for 24 hours?  Will never happen, but made the start up sound on meh Windows to a 56K modem connecting. The memories. :-)

    1. kc9pke


      Frontier's just as bad. 4 DSLAMs in a city of 36k and 45 Mbit/s in backhaul to each one of them, haven't been upgraded since Verizon's wireline glory days. Don't have to worry much about that since Comcast quietly launched gigabit DOCSIS here :D

    2. tekio


      I pretty much have a choice between Clink and Comcast. Clink is 1.5Mbs and limited because I am right at 5 1/2 Kilometers from the C/O. Had to have Clink set my speed at the C/O to about 850kbs,  stopping the modem from retraining every 45 minutes.


      Which really sucked on anything streaming or needing longer than 45 minutes to download. Also, didn't like the fact I had to tell the techs exactly what to do, "trust me, reseting my modem will not work. Let's set my link down until it needs stops retraining the modem, I am too far for 1.5Mbs.".



    3. kc9pke


      Have you tried service with Comcast? Out here they have a cable node hanging off a pole damn never every other block, so you're always close to the point where copper connections get muxed onto the fiber network. Internet is unironically great, customer service not so much

  18. I have been working on Facebook password, online generator. It makes a unique password that is hard to guess but easy to remember by permutating part the user's full email address and phone number. The funny thing is, people would actually use this with their Facebook email address. haha
  19. http://lifehacker.com/5505400/how-id-hack-your-weak-passwords?skyline=true&s=i Fairly basic stuff, but still interesting. Sorry, if this article has already been posted, did a quick search and couldn't find anything.
  20. Learning R. :-)

  21. DMZ on your Internet with exploitable services and an IDS in place to see if people are still scanning for these?
  22. Haha! Hardware and software condoms! If I am not mistaken, there is a pretty serious security issue with the way USB works. The firmware pretty much needs to be signed or read-only and signed. Not that I could exploit it. But underestimating cyber-criminals is how Admins get burnt, usually. :-( EDIT: apologies to BinRev for misuse of the term "hacker" on here.
  23. Seriously, sounds like a fun. But would need some kind of USB Condom. This is why Admins need to be a hardass with USB drives and personal computing devices plugged into a corporate LAN. :-P
  24. No. Before my tenure the entire company was down for 48 hours due to cryptolocker from a ThumbDrive. That was inconvenient for the owner who lost 48 hours worth of business. Of course Managers, Owners, IT people, and senior sales staff received training from IT and were in allowed security groups. Honestly, it worked out great for end users and IT. They had reliable systems for work and IT was able to provide better IT services w/o needing to worry every time Randsomeware was headlined.
  25. Mainly for booting Linux and repair utilities. Never bring them to work anymore unless they are property of my employer. Too much crossing lines with corporate computing policy. For moving stuff around between computers, an Android phone with a web-based file browser is the way to go at work, IMO. Never need to plug into a computer and is ok by most any corporate computing policy with employee wifi My last job as a sys admin, actually locked USB Storage in Group Policy for all but two or three privileged security-groups. Too much can go wrong, and if I saw someone who was not authorized plugging in a thumb drive, it was mine to interrogate for security including: virus, illegal downloads, or any other illegal activity or violating policy defined by corporate computing policy. Event Viewer would tell me who and where these were being denied by GPO as well. For personal use. I do always have a low-profile 32GB thumb drive plugged into my laptop, though. Gives another 32GB of storage that can be faster via sneaker-net than most crappy WiFi networks. Agree 100% with glitch on using non-trusted computers. Also, bonus points if those are 5" floppy disks.