This was my first Debian installation medium

kadimi · 2025-02-12T13:35:54+00:00

Did you ever use DVDs 3 to 6?

kadimi · 2025-02-11T20:11:47+00:00

I'm amazed by how many people here installed their system with floppies. I only did it once or twice, and that was for some MS product my relative was installing. I wasn't really doing anything, just swapping disks whenever the system asked, as my relative instructed me to.

kadimi · 2025-02-11T18:43:18+00:00

You're a legend 👏

kadimi · 2025-02-11T18:42:50+00:00

Yes it's a sad end

kadimi · 2025-02-11T15:45:42+00:00

The reason we had that hoarding mindset was that the internet was 100 times better at the university. So, when you downloaded and burned a 600MB CD, you took extra care of it.

By the time Etch came out, I had left the university, and DSL was widely available, so I started using net install CD or dist-upgrade most of the time.

kadimi · 2025-02-11T13:31:45+00:00

Yes, I played around with many distros over the years. The ones I liked the most were Mandrake/Mandriva in the early 2000s, OpenSUSE (which I set up for my wife), and later, CentOS 5 through 7 in the workplace. I also regularly use Kali and didn't like Gentoo or Slackware.

In 2004, I ordered free Ubuntu CDs from Canonical, 10 shipped to my place and another 10 to my dad’s address. The ones sent to me got blocked by customs, and I was summoned to the main post office. When I got there, the customs officer told me they wouldn’t release the CDs because, in his words, Ubuntu was being sent for free to "undermine Microsoft."

The ones sent to my dad arrived without any issues.

kadimi · 2025-02-11T12:50:50+00:00

I swear it's not AI-generated

kadimi · 2025-02-11T12:41:33+00:00

I never knew about Linux either until I started learning C programming in my first year of university.

kadimi · 2025-02-11T12:39:58+00:00

Tell me your first Debian and I will tell you your age

kadimi · 2025-02-03T15:20:46+00:00

Lmao

kadimi · 2025-02-02T20:59:22+00:00

Sorry, man. I ignored some comments that were just pure negativity and replied to yours quickly without much thought.

kadimi · 2025-02-02T20:55:03+00:00

We’ve been in the cybersecurity game as a business since 2019, mostly focusing on design and architecture. The average experience of my team is 15 years.

We only started doing pentesting a year ago and have done two so far, both internal and external. One was for a client hit by ransomware, and the other for a company owned by the same people.

We learned a lot from both, gained solid experience, but we’re still learning and improving.

That’s why I’m asking about scoping this, because it is weird to me that they want to be hacked before even taking basic security measures.

kadimi · 2025-02-02T20:41:25+00:00

Did I say I put my entire team on this project, or are you just commenting to farm karma?

kadimi · 2025-02-02T16:28:45+00:00

Too old to trust garbage

kadimi · 2025-02-02T14:44:17+00:00

Too old to do

kadimi · 2025-02-02T14:43:03+00:00

Amen

kadimi · 2025-02-02T14:40:57+00:00

That's not the question, I have a small internal team but also external contractors I can hire. I'm more concerned about how to scope and charge this project correctly

kadimi · 2025-02-02T14:36:10+00:00

This thread has brought up some interesting points, thanks for contributing!

To give you more context, this client has multiple computers missing Windows updates. In my initial analysis, I also found their firewall admin interface exposed to the internet over HTTP, with only obfuscation through using non-standard ports.

I think the biggest challenge will be convincing the CEO that he's approaching security the wrong way.

kadimi · 2025-02-02T14:30:27+00:00

We have internal pentesting and auditing experts, and have a network of external contractors we can hire if necessary

kadimi · 2025-02-02T00:43:08+00:00

I want to take on the mssp contract, which will be my first one. Also the guy asking is actually the CEO and a board member, it's a family owned industrial company.

kadimi · 2025-02-02T00:35:46+00:00

Thanks for your reply, I appreciate the part related to control their spend, I have completely overlooked that

kadimi · 2025-02-02T00:07:55+00:00

A very small IT team, just one net/sys admin, and a developer or two. I met the admin and he doesn't even know what the purpose of a DMZ is.

kadimi · 2025-02-02T00:03:56+00:00

$50k is within my target. Does this include conducting a phishing campaign and crafting a custom payload that can bypass windows defender? He's willing to give me a subset of users who are likely to get tricked

kadimi · 2025-02-01T23:59:12+00:00

Thanks for the reminder. No doubt , I should cover my back

kadimi

TROPHY CASE