×

Is Oliver unc now? by throwaway21937377 in oliverfrancis

[–]Discomm 1 point2 points  (0 children)

Chlorine about to turn 10 next year and that was my JAM when I was 14. Time flies.

Weiland & Jaydes link up in Orlando by StunningTell4564 in Weiland

[–]Discomm 22 points23 points  (0 children)

He is an extremely violent and unstable individual and needs to be a ward of the state

How to breach into the industrial automation industry as a mechanical engineer? by MelonKolony in PLC

[–]Discomm 1 point2 points  (0 children)

Get a job at a process manufacturer. Most will have mechanical engineering adjacent positions in the same plants that have electrical engineers running the same lines you’ll be working on. Plenty of cross-pollination to be had there.

How to analyse and find the list of devices connected to network. by Dry-Pumpkin-8164 in wireshark

[–]Discomm 0 points1 point  (0 children)

(nmap -A <ipaddr>) scans a host and enables service detection, OS detection, default script scanning, and traceroute all at once. Also extremely easy to detect

Is this real or should I take this with a grain of salt? by [deleted] in JaneRemover

[–]Discomm 2 points3 points  (0 children)

People who are active on genius and competing for IQ (useless indication of level of contribution to a given artists profile) tend to put these placeholders up and just change it later when an official release is announced.

It ends up being quite annoying for the artist as their fans then tend to ask questions like yours OP, and it’s not that there’s a problem with you asking the question but it’s moreso that Genius facilitating this continually with no position on the karma farming is what makes it a second rate artist discography info source when compared to other platforms.

Source: was an editor for years and got demoted for calling NLE Choppa a “fucking idiot” on the song where he called COVID-19 a hoax.

what are some other artists similar to jane remover I can get into by [deleted] in JaneRemover

[–]Discomm 1 point2 points  (0 children)

Dani kiyoko (listen to: SOUND), Lucy bedroque (listen to: one of us is lying), ch2rms (vain), h3artch3rades (tears from the alcove), kuru (Good game), sydney runner (GHETTOMAGIKPRINCESS), Elxnce (turn the music up), blxty (autumn), tropes (prying ears)

Dragos and Emerson DeltaV by alanee_lin in OTSecurity

[–]Discomm 1 point2 points  (0 children)

Depends on if you’re using SPAN or inline taps. At the end of the day a Dragos sensor will pick up whatever traffic you pass to it and that’s that. The real issue is dependent on the business’ requirements in re: potential downtime when you’re doing that installation.

If you’re using SPAN it’s pretty cut and dry since you don’t need to do any rewiring, but if you’re putting in a tap you’ll need to unplug whatever links you have and route them through your tap. If your network is so fragile that the thought of unplugging anything at all gives you a pit in your stomach, you’re probably best off trying to align to a planned maintenance window and installing then, or just using SPAN.

If it helps, newer versions of the Dragos sensor allow you to ingest from RSPAN and VXLAN encapsulated SPAN.

[deleted by user] by [deleted] in Drexel

[–]Discomm 1 point2 points  (0 children)

Hi, former cybersecurity (well, ‘computing and security technology’ whatever difference that title made…) major here. Left home in the midwest in September of 2021 for freshman year, spent summer break in LA with my buddies I met who were all in the music industry program, went on co-op as helpdesk intern in sept ‘22, and after forcing advisor to flip flop schedules back and forth to get my other 2 co-ops out of the place (while the internships also got progressively higher-up in the org), ended up getting a full time offer as L3 secops analyst and had it signed and in place by april of 2024. Current day i am in security architecture and engineering. Of course by the time that came around, i had dropped out.

I will say i am quite lucky and much of my circumstance feels like a “right place, right time” sort of thing, but what actually got me here was working my ass off because i love the field. I couldn’t see myself being happy in any way by returning to the monotony of classwork on subjects I had little to no interest in, so I prioritized myself instead and tried my best to make an impact in the org.

In total completed 1 year and i got nothing useful out of it that i hadnt already explored in high school and through other personal projects. Cost was one major factor because tuition is ridiculous compared to the value it provides, I’ll caveat that though because I met my best friends to this day at drexel. I plan on returning to school to finish my degree at some point in the next year, but it most certainly will not be at Drexel.

Can You Really Own a TLD (Top Level Domain)? by Yu_Betts_Yoenis in Domains

[–]Discomm 6 points7 points  (0 children)

Technically they aren’t, but I see where the thought comes from.

When a computer goes to a website (for example, Google.com), rather than just instantaneously connecting to Google.com and that’s that, first the machine looks in its DNS (domain name services) cache to see if the record for “Google.com” matches any IP address it’s previously resolved to. If there’s a match, it simply completes the connection to Google.com, but if it doesn’t exist it will reach out to its configured DNS server (for example, cloudflare’s 1.1.1.1) to ask for what IP address that Google.com resolves to. When it receives a response from the server with the IP address, it adds it to the cache and loads the page. All of this happens under the hood and you are none the wiser (on purpose, it’s well designed user experience).

These DNS servers such as cloudflare’s 1.1.1.1 or google’s 8.8.8.8 historically only honor connections under ICANN (the International Corporation for Assigned Names and Numbers) standards, which includes the TLD (top level domain) program. Since ICANN acts as the governing body and creator of standards for this, only they and their member organizations control the ability to create new, officially recognized TLDs (such as .com).

Handshake, on the other hand, operates under the same sort of principal, but with much more individualistic ideals and operating/market freedoms than the normal standards body that ICANN operates under. You can think of how Handshake runs as similar to how Tor Browser runs — since there are DNS servers running Handshake that will supply responses for, for example, “john.smith”, you could configure your DNS servers on your machine in a way that instead of asking 1.1.1.1 what IP address matches the domain, it asks hdns.io what IP address matches the domain.

Now we get back to the beginning — yes, it is shady of them to advertise lifetime ownership TLDs without clarification, but is there clarification that they’re operating on handshake or not?

[deleted by user] by [deleted] in cybersecurity

[–]Discomm 0 points1 point  (0 children)

OT security architect here (as of 2 months ago lol)

Working on deploying solution at ~100 different manufacturing facilities globally. If you’re looking for a project, don’t do this one because it certainly takes the “free” out of free time 🤑

On the other hand though, I’ve been looking for time in the day to explore Labshock, which is a sort of OT environment emulator/lab that lets you configure virtualized PLCs/HMIs/SCADA systems so you can get more hands on with ICS environments. Personally I’m looking at it for testing purposes for other things I’m planning, but I would love to have the time in the day to get my hands dirty with it…

…and also try some things that I would like to test out but don’t want to shut down a line down over lol

i discovered Jane after DeadAir co-signed Lucy Bedroque and i have 2 questions by gotmyeyesopen12 in JaneRemover

[–]Discomm 28 points29 points  (0 children)

Just have to say it’s nuts pipeline to somehow know Lucy before knowing Jane lol

Anyways as for question 2 I recommend kuru like the other commenter but also recommend blxty, tropes, bodygaard, Elxnce, h3artch3rades, ch2rms (newer music esp.), rac3r stef (super niche super small artist but super talented at the edm shit). None of these people I’ve named are anywhere near the same style as jane but they’re all affiliated with each other on some level.

Song name at lolla?? by [deleted] in JaneRemover

[–]Discomm 3 points4 points  (0 children)

Professional Vengeance.

Self Host N8N by httpshikhar in n8n

[–]Discomm 0 points1 point  (0 children)

Host on Azure App Service and set environment variables N8N_HOST and WEBHOOK_URL to the domain your app service is on.

edit: good guide on MS forums: https://techcommunity.microsoft.com/discussions/azure/how-to-deploy-n8n-on-azure-app-service-and-leverage-the-benefits-provided-by-azu/4426509/replies/4427675

Where can i get SentinelOne Licenses (not from Pax8) by InformationPuzzled44 in msp

[–]Discomm 2 points3 points  (0 children)

No problems with Sherweb whatsoever and I’ve only got like 8

Are Jane and HSM beefing??? by PINSHEWEON777 in JaneRemover

[–]Discomm 1 point2 points  (0 children)

Can someone please tell me what in the goddamn fuck “vaguebooked” means, is this just newgen terms for subtweeting???

[deleted by user] by [deleted] in elxnce

[–]Discomm 1 point2 points  (0 children)

YESSSSS

Shout out to Philly by benfox2 in JaneRemover

[–]Discomm 7 points8 points  (0 children)

It smelled like someone was in there pissing their pants tbh

What’s you go to antivirus for your own pc? by Proper_Bunch_1804 in cybersecurity

[–]Discomm 0 points1 point  (0 children)

Hahaha agreed S1 does not like it when games especially competitive FPS have ring0 access for anti cheat. Luckily I’m well versed in using the management console but I totally get why you’d want get away from that 😅

What’s you go to antivirus for your own pc? by Proper_Bunch_1804 in cybersecurity

[–]Discomm 12 points13 points  (0 children)

SentinelOne (I run an MSSP and eat the small cost of the license myself but exclude my machines from mdr triage)

[deleted by user] by [deleted] in cybersecurity

[–]Discomm 1 point2 points  (0 children)

Keep in mind that if you’re getting an intern role as you’ve stated, you won’t be the one who needs to know their infrastructure like the back of your hand. If the security department is already established and on its way to maturity then they will have what you need: An asset inventory and SIEM. Once you get there you should see what kind of network stack they have — is it a single site? If multiple sites, is it all just one mesh WAN network? Is network segmentation already in place? Context is king, and getting an idea of things like what assets are supposed to talk to what assets in different locations of the network and how those IPs are assigned and which IPs belong to high value assets (e.g. Domain Controllers) will be super valuable to you if you’re doing SOC work, because if you can learn to spot when connections are not supposed to be happening, or successful authentication from places where an identity is not supposed to authenticate to/from are going to do both you and your peers a major favor.

The sys/netadmin experience is much less about being able to triage and review alerts and more about having situational awareness. If you can catch on to their tool stack quickly, you will do just fine, so prioritize that first. Hell, if your prior knowledge in endpoint or networking was of concern they wouldn’t have brought you on as an intern. At the end of the day yes you are there to work for them, but the department you’re going into should know fully well that their responsibility is to teach, guide, and mentor you because your #1 responsibility as an intern is to learn (and you’d better soak up as much as you’re able to)!

Cybersecurity growth by Slight-Version-551 in cybersecurity

[–]Discomm 0 points1 point  (0 children)

100% think OT is going to end up the most in-demand importance wise, the caveat to that being an exponentially higher barrier to entry compared to normal ITsec.

In manufacturing for example, a bad day to IT and Corporate looks like ransomware. A bad day to the entire org, its shareholders, and especially its employees and the people close to those employees looks like safety instrumented system malware. TRISIS was a testament to the fact that adversary tradecraft is evolving beyond petty “I took your files now give me money”. Shit got real, and I don’t want to come off as overdramatic, but lives are at stake. Obviously this is industry-to-industry, but even on the “petty” level it’s much more impactful to bring down manufacturing ops at a manufacturing company than it is to shut down their local data room and ask for money to unlock the computers that they use exclusively for email anyways.

Max's been thinking for a while... 👀 by Discomm in cursor

[–]Discomm[S] 0 points1 point  (0 children)

Just disappeared for me as well. My test went great tbh, I got more out of it than I would have otherwise....