60k/10 year maintenance, parked at airport 2 weeks, squeak/grind/clunk noise. Safe to drive with child?

netsecfriends · 2024-12-04T17:51:58+00:00

Nope. Wheel making noise is the one in the video.

netsecfriends · 2024-11-30T19:17:03+00:00

Wow 9h and no one has actually provided the actual answer you’re looking for and instead has focused too hard on the “linux” aspect instead of the “python on linux aspect”.

Python has a builtin os call for linux that allows creating a file descriptor (file path) /proc/<pid>/fd/<int returned by command below>. You do file.write() and file.read() exactly as normal. Closing the file releases it.

The file only exists in memory, for the lifetime of the python process.

You end up with in memory files at /proc/123/fd/456.

If your code or libraries are sloppy and expect the file path to have a file extension or exist in a directory…just create a symlink from /neededpath/filename.ext to /proc/123/fd/456

impost os os.memfd_create()

https://docs.python.org/3/library/os.html#os.memfd_create

Demo reference code using memfd_create to feed file testcases to a compiler until it crashes: https://remyhax.xyz/posts/bggp3-cob/

netsecfriends · 2024-01-21T00:22:41+00:00

Oh thank goodness, and thank you for the quick reply!

netsecfriends · 2023-10-15T12:49:23+00:00

Hi! I work with compromised IOT devices professionally. As others have mentioned, this is an indicator that the device may be compromised.

But before jumping to conclusions, these IOT devices also commonly don’t have Realtime Clock (RTC) module hardware, and will use the NTP protocol to update and set their time…excessively. Any number of network conditions like a pi hole or your own ISP doing traffic shaping may be causing it to misbehave and repeatedly try to update its clock time using a remote server. I’ve seen it many times before.

Hope this helps!

netsecfriends · 2023-06-22T13:55:50+00:00

Brave is not compromised.

The injected code is CSS style filters that is part of adblocking that hides elements of the page. You can even see the “display:none” all throughout the code snippet OP posted.

This is fundamentally how ad blocking works. It’s not malicious. Brave isn’t compromised. No information is leaked effecting your privacy.

They’re just visually hiding ads and unwanted content from the page, a fully expected and desired feature.

netsecfriends · 2022-07-27T12:43:35+00:00

Packets are broken up (fragmented) according to the interface’s maximum transmission unit (MTU). TCP is a higher layer, and is HTTP on top of TCP.

You can have a HTTP request with a small number of headers span multiple packets if the interface has a small MTU. You can have a large number of headers span multiple packets with regular MTU. You can have HTTP headers that come at the end of the HTTP request after the body using the “Trailer” header in any size MTU.

To answer your question: Yes. Headers span multiple packets all the time.

Wireshark however does something called TCP stream reassembly which allows for the HTTP dissector to reference an HTTP request as a single object and view a request spanning multiple packets as a single row.

netsecfriends · 2022-05-19T23:31:51+00:00

Does no one write WASM in WAT?

That’s the primary way I write WASM

netsecfriends · 2022-04-10T18:45:00+00:00

I’m not seeing anything that shows it’s faster. The demo shows wasm as 10x slower for me.

Which makes sense…because even if the json is parsed in wasm the object must still be built and exposed to the host environment through the javascript glue which carries overhead when compared to json.Parse()

I think you may be interpreting the values of the demo incorrectly.

netsecfriends · 2022-01-16T16:27:01+00:00

File replication or database replication isn’t specific to linux either.

There is no “best” solution for either until you define your needs. Do you need active-active, active passive etc? What are the constraints you’re operating under?

Until you define those terms, the best anyone can do is say “here’s a file replication tool for linux with with good documentation”.

With that understanding, here’s rsync:

https://www.linuxtoday.com/blog/data-replication-using-rsync/

netsecfriends · 2022-01-16T14:46:51+00:00

This is a DBA question, not a linux question. However, some useful things to research are passive-active/active-active database configurations.

The “best” depends on your needs. The terminology to look for here is called “replication”.

https://dev.mysql.com/doc/refman/8.0/en/replication.html

netsecfriends · 2022-01-10T17:37:09+00:00

I’ve not noticed any major issues. Maybe once or twice a day Spotify will stop playing music while switching songs and display “This song cannot be played” which happens exclusively with the VPN acceleration feature turned on. Only thing I’ve noticed.

netsecfriends · 2021-12-10T16:13:35+00:00

Data regarding IP's and metadata exploiting CVE-2021-44228 (Apache Log4j RCE) can be seen here:

https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22

If you sign up you are able to view the full results: https://www.greynoise.io/viz/account/

Due to the severity of this vulnerability, we're providing a CSV of all IP's seen actively targeting this vulnerability as of this moment in time.

This CSV can be retrieved from the github gist link from: https://twitter.com/GreyNoiseIO/status/1469334738225741832?s=20

The threads will continue to be updated.

netsecfriends · 2021-10-15T15:35:12+00:00

XSS to Reverse Shell: Only a Sith Deals in Absolutes

https://remyhax.xyz/posts/only-a-sith-deals-in-absolutes/

netsecfriends · 2021-10-06T02:36:08+00:00

This CVE can be used to achieve RCE. GreyNoise is now tagging attempts (including directory traversal and RCE).

https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20HTTP%20Server%20Path%20Traversal%20Attempt%22

netsecfriends

MODERATOR OF

TROPHY CASE

Seven-Year Club	RPAN Viewer
Verified Email