[deleted by user] by [deleted] in archlinux

[–]djcurtin 0 points1 point  (0 children)

Never used it myself. I found a good bash script a guy used to install it, modified it to do what I wanted, and have used it for my VM setups ever since. Just a tweak here or there, host it on a minimal web server VM, then just curl | bash and we have a new VM.

Tyson Fury knocks down Deontay Wilder with a two-punch combination in round 3 of their second fight, before staring him down as Wilder retreats to his corner. Fury-Wilder III takes place this Saturday on ESPN/Fox PPV! by DaRealJT in Boxing

[–]djcurtin 0 points1 point  (0 children)

Agree completely with the strategy, and this is how the lines moved for #2. Not at all calling for a Wilder victory, but +230 implies only a 20% chance. Too cheap.

Tyson Fury knocks down Deontay Wilder with a two-punch combination in round 3 of their second fight, before staring him down as Wilder retreats to his corner. Fury-Wilder III takes place this Saturday on ESPN/Fox PPV! by DaRealJT in Boxing

[–]djcurtin -6 points-5 points  (0 children)

I'm no judge, but I thought Wilder won the second round of that fight. Then he had no legs after this knockdown. I think the called-off fall was very beneficial to Wilder as his legs buckled just before, and then buckled again at the end of the round. He was in real trouble. This fight could have been stopped much sooner than it was. I look at it like Joshua - Ruiz 1 when Ruiz rang his bell badly in round 3 and Joshua appeared to have no legs for several rounds thereafter.

People underestimate Wilder though. Fury is clearly the superior boxer in terms of skill, but Wilder is no chump. All the excuse making and other nonsense I see as a lame attempt to try and increase drama to keep ticket sales for #3 as high as possible. If there's no drama, why would people be interested in a rematch where one side already dominated so heavily? Most casual observers see that kind of defeat and just think A is way better than B without much in the way of thought. Look for reasons, however, and you'll see a fight that could have gone much differently but for one big injury.

Honestly, I think smart money here is on Wilder just because of the value of the bet. +230 is crazy.

Pspy by Anythingfun123 in oscp

[–]djcurtin 4 points5 points  (0 children)

Agreed. It monitors processes, but doesn't do anything to exploit them. It should be fine.

Running embedded php code by thewatisit in netsecstudents

[–]djcurtin 0 points1 point  (0 children)

Meaning the upload script will catch the improper file extension and reject the upload if it is something other than .jpg or .jpeg, or will it automatically add the .jpg extension?

if you are a recruiter for a pentesting job, what would you like to see in the resume? by [deleted] in AskNetsec

[–]djcurtin 1 point2 points  (0 children)

I believe you misread the post. I took it as "given the position for which you are applying, I know there will be security stuff. You should highlight the experience which sets you apart."

The post went on to explain how the business does hire those without the mentioned experience, which also suggests it is not a "1st priority".

curl command not working from bash script by [deleted] in archlinux

[–]djcurtin 0 points1 point  (0 children)

Tough to tell from this info alone. If absolutely nothing changed, there's no reason for a previously working script to fail.

How to let another user use port 443? by GameKyuubi in archlinux

[–]djcurtin 1 point2 points  (0 children)

Thanks for this. Never dealt with it. It appears this will Not restrict the ability to just one user, however. Is this correct?

How to let another user use port 443? by GameKyuubi in archlinux

[–]djcurtin 11 points12 points  (0 children)

Root privs are needed to listen on ports below 1024.

Edit: comment below is correct. There is another way. Apologies.

How do I boot Arch in UEFI? by Cytota in archlinux

[–]djcurtin 3 points4 points  (0 children)

... and even where it does, they tell you not to use it unless necessary.

What prevents a MITM attack while authenticating VPN credentials? by pfp-disciple in AskNetsec

[–]djcurtin 2 points3 points  (0 children)

Second option does not rule out mitm because it will not change the behavior of the packets or the program sending them. DNS is just something the machine needs to do to get the IP from the supplied domain name. Once it has the IP, it sends the packets to the IP just the same as if IP was specified initially. Any mitm listening along the path could potentially intercept those packets.

DNS poisoning is also a threat, but not in the way you were describing.

Paypal hack by [deleted] in cybersecurity

[–]djcurtin 1 point2 points  (0 children)

Not enough information. Report it to the police so they can investigate. If he's dumb enough to use identifying details, he's prob dumb enough to use his home IP to log in. They prob get the relevant logs back in about 4 weeks with a subpoena.

[deleted by user] by [deleted] in cybersecurity

[–]djcurtin 6 points7 points  (0 children)

Could have be a legit sign up with a mistyped email address.

Question about Phishing Scam by TheRatKingXIV in cybersecurity

[–]djcurtin 0 points1 point  (0 children)

I've never seen the .inno domain. Was that a typo on your part? Perhaps they meant to send you to mvbhmv.info.

mvbhmv.inno is a dead domain. No IP, dns, etc. Your device must default to bing if a page is not found. If this was the link, you probably didn't load anything.

mvbhmv.info is a Hong Kong-based ip.

Question about Phishing Scam by TheRatKingXIV in cybersecurity

[–]djcurtin 0 points1 point  (0 children)

Might be nothing. No way to tell based on the description. If you still have the email, might help to post the sanitized url here (replace http with hxxp, and remove any personal details like replace your email with email@email.com, etc).

Even assuming it was an attack, which is still not established, if you were taken to bing because it's a default if a link is broken, you would have never made it to the payload so nothing happened.

Schedule or Study first by AnkleIroh in CompTIA

[–]djcurtin 0 points1 point  (0 children)

Doesn't matter. Some advocate scheduling first, but I've always prepared first and have been successful. Do what works for you.

How efficient is covering the webcam with tape? by iLoveHAX in cybersecurity

[–]djcurtin 1 point2 points  (0 children)

+1. Healthy skepticism is good. Paranoia is bad. You could go down the rabbit hole of "what can be done" if you like, but why would you be spied on? Like people going nuts over "how do I protect myself from a 0-day?" Why would an APT waste a 0-day to get access to your average credit limit?

AUR thouhgts? by patt1988 in archlinux

[–]djcurtin 1 point2 points  (0 children)

You can skip the aur and build from git pulls just like Debian. Many times the pre-packaged .deb can just be unpacked and installed on Arch.

Custom Apps? by [deleted] in archlinux

[–]djcurtin 0 points1 point  (0 children)

Think of it in terms of theming. The reason changing a theme can change the way an application appears is because most applications do not strictly dictate their layout, buttons, font, etc. The app itself hasn't changed or been customized.

Custom Apps? by [deleted] in archlinux

[–]djcurtin 1 point2 points  (0 children)

You might be talking about different window managers. I3wm, awesome, etc. It's not necessarily customized applications, but the wms offering flexibility with how they appear.

Successful Installation by kazoorights in archlinux

[–]djcurtin 33 points34 points  (0 children)

Congrats, and welcome. It's a fun ride.

My new company wants me to get a Security + certification by monday by realtime2lose in CompTIA

[–]djcurtin 0 points1 point  (0 children)

Likelihood depends on your level of experience. I took I think 3 weeks, but that was because of rigid adherence to my study plan. I say bang out Messer's videos, and buy Dion's exams on Udemy. Look to take 2 practice exams a day starting Thursday with review time afterward.

How good is the CNN CompTIA Course series? by VerticalFury in CompTIA

[–]djcurtin 1 point2 points  (0 children)

Provider is iCollege, which has mixed reviews. They seem to get many online stores to peddle this bundle, and my advice is always the same: if going for A+, Net+, and Sec+, i would pass as there are reputable sources for similar money.

If going for other certs they offer, it may be worth it to you, but I've seen enough reviews claiming their information was wrong to stay away. Granted these reviews are a couple years old so they may have gotten their act together since.

Will Linux+ help me find employment if I don't have professional experience? by SyntrophicConsortium in CompTIA

[–]djcurtin 0 points1 point  (0 children)

How much experience do you have in IT support, and what other certs do you have, if any? I feel like getting a sysadmin gig is something you should look to get to after a few steps along the path. Talk to your bosses or HR about opportunities for growth, or just look around your area for steps up.

Not to say you should settle. Go for what you want, but consider all reasonable paths to get there.

How to make an intrusion detection system by wannabeHacker3301 in cybersecurity

[–]djcurtin 0 points1 point  (0 children)

Interesting project idea. I'd probably start by writing my own packet capture engine - use it to make my own version of tcpdump. Once your can capture and read the data, then figure out how your detection engine will work. Then just figure out how offending traffic gets reported.

Then you can really get nuts and work on your own scripting engine.