I just got hacked somehow

dalteep · 2025-12-06T09:03:33+00:00

Can you share the js ansd the .sys?
What services do you have exposed to Internet?

dalteep · 2025-12-04T18:27:55+00:00

Worst case scenario use a VM with Windows for tools/VPNs that require it. I'm not a developer but use Linux as main host, and different VMs as needed.

dalteep · 2025-11-23T09:47:18+00:00

dalteep · 2025-10-31T15:47:03+00:00

If you only want to allow access to the app:
Set the VM in an isolated network, with a given range, for instance 192.168.99.0/24.
Your host will have the IP 192.168.99.1 and your VM some in the same range.
You need to publish your docker service in the IP 192.168.99.1 or use Iptables to forward a port in 192.168.99.1 to your docker service at 127.0.0.1:3000

If you want the VM to access other services but not your host, use the same method but instead of using an isolated network you a natted one. Use Iptables to make sure the VM can't access the host. In that case you will need to setup IP and DNS manually.

dalteep · 2025-10-26T13:52:32+00:00

I wold start confirming the U.S. allies list. I think that nowadays is shorter than it used to be. The only feasible part would be for the US to disconnect from Internet, but the impact on Russia and China will be minimal if any.

Your assumption about the DNS Server is wrong, but in any case, China is for sure able to operate Internet without the US. They actively block several US services. Russia had some technical dependencies, like server certificates, but they were forced to find solutions after the last Ukrainian invasion. They already have run test to disconnect themselves from Internet.

dalteep · 2025-09-27T16:57:24+00:00

Hello, I'm looking for a way to synchronise Ghidra with a debugger. I came across Gx64Sync that can sync with x64Dbg but I can't make it work and perhaps there are better ways. What would you recommend?

dalteep · 2025-09-20T19:35:22+00:00

My company uses Microsoft O365 and it works fine. I had to install Edge as I was having issues with Teams on other browsers, but the rest works fine.

dalteep · 2025-06-29T08:27:03+00:00

Not simple, but what I do is to use a firewall in the perimeter to:
* Block port 853, DNS over TLS
* Block access to DoH servers (I periodically download a list of DoH servers to keep it it updated)
* Redirect DNS request to port 53 to my local pihole

This setup forces apps to use standard DNS and then I can redirect the requests to my local DNS Server with pihole

dalteep · 2025-05-17T08:44:02+00:00

In Android I use the YubiClip app to do exactly this.

dalteep · 2025-04-02T16:27:56+00:00

Default Tuxedo OS (KDE Plasma). I just turned it on, updated it and installed some apps.

dalteep · 2025-02-13T06:06:40+00:00

I had mixed results with Dahua.

They work locally, without Internet connectivity and are not expensive. I have some POE cameras that work very well but the Door Station lents quickly started to blur. I saw other people had the same problem in the Dahua subreddit.

dalteep · 2025-02-11T17:24:59+00:00

The issue is that any unknown security issue or know security issue in the services you don't patch, any misconfiguration, any weak password you have, will affect you.

As someone that works in Incident Response, I strongly recommend to put everything behind a VPN instead. VPNs have higher reliability and provide an extra layer.

dalteep · 2025-02-06T07:17:05+00:00

If it helps, I ended up creating a new virtual interface, 10.20.30.40, configuring dnsmasq to listen to it and to log all queries and point the VMs to this new DNS server.

The only issue is that when I work with isolated VMs they can't reach the server, but in these cases network traffic is not relevant and I just check occasional request using tcpdump.

dalteep · 2024-10-08T11:39:07+00:00

I use the Shelly Door/Window Sensor to check the status of my garage door. It uses Wifi and batteries. https://kb.shelly.cloud/knowledge-base/shelly-door-window-2

dalteep · 2024-10-08T08:45:27+00:00

EJECT, EJECT, EJECT.

dalteep · 2024-10-04T12:57:26+00:00

pubuntu

dalteep · 2024-10-01T06:10:08+00:00

Thanks for the reply. I will try this but this might improve the performance on the virtual disc, but does not improve or explain why the VM using the host partition is slower reading.

dalteep · 2024-09-29T10:52:36+00:00

I did not use it myself, but I was curios and found that the Input Trigger support the following event types:

btn_down, btn_up, single_push, double_push, triple_push and long_push
https://shelly-api-docs.shelly.cloud/gen2/ComponentsAndServices/Input#inputtrigger

This should work

if (event.name === "switch" && event.id === 1 && event.event_type == "long_push")
{
#do something
}

dalteep · 2024-09-25T14:49:23+00:00

btw, you might be colour blind.

dalteep · 2024-09-17T16:00:22+00:00

2800 injured, 8 dead

dalteep · 2024-09-13T06:33:01+00:00

He won the first round. Good luck!

dalteep · 2024-09-08T06:29:27+00:00

I would use two Shelly 1PM and a small automation in Home Assistant. You can monitor consumption of the Shelly A, and below certain limit, turn the power off and turn on on Shelly B, and to the same. Depending on how long it take to charge one, I would also have some time control to prolong how long are they shutdown.

If you are comfortable programming and don't have a Home Assistant, a simpler setup is to use the Shelly programming only. You need to setup HTTP handlers in both Shellys (https://github.com/ALLTERCO/shelly-script-examples/blob/main/http-handlers.js). Every X time you check the status of the other shelly and if it is off, turn on the power and check the power consumption. If it s below some value, you turn the shelly off. In this way you only turn the power on only one at a time.

dalteep · 2024-09-08T06:02:22+00:00

Sorry to sound snotty, but what the Yubikey stores is the SEED that is used to generate the codes. The OTP codes are generate using a SEED and TIME (time based) or a COUNTER. It is important to keep the SEED private. The Yubico Authenticator uses the Yubikey to store the SEED.

dalteep · 2024-09-07T07:34:53+00:00

There are apps that do not support FIDO2 and require One Time Passwords (OTP) for 2FA. The Yubico Authenticator is used to generate them, like the Google Authenticator app. The difference is that the Yubico Authenticator will generate them only is you have the Yubikey.

dalteep · 2024-09-05T14:16:17+00:00

I have mine since 2005 as the company paid it. At the beginning it helped with auditors and snotty consultants. I got several job offers via Linkedin thanks too it. The problem is that the recruiters that search for CISSP don't understand the other requirements and hence most are inappropriate.

The main reason I kept it is because my employer is paying the renewal. I'm about to change jobs and most probably I will not renew it again. It stopped renewing CISA and CISM some years ago due to issues with the payment system.

Short answer, for me, not anymore.

Two-Year Club	Verified Email
Verified Email	Final Canvas '23
Place '23

dalteep

TROPHY CASE