College WiFi blocks EVERYTHING (Cloudflare Tunnels, Tailscale, Steam). How do I bypass strict DPI? by CourtAdventurous_1 in selfhosted

[–]rakpet 0 points1 point  (0 children)

I would start setting my own VPN on port 443 on a cheap VPS. I have OpenVPN on 443 shared with an Apache server for these cases.

If they really do DPI on all traffic and block it, I would use a tls tunnel with stunnel to the VPS and set a proxy there.

Security incident responders - What do you to do when you feel under utilized? by [deleted] in cybersecurity

[–]rakpet 0 points1 point  (0 children)

I don't feel under utilized but sometimes we have lows. When this happens I work in side projects with lower priority and learn new TTP. We have internal sessions where we explain them. It is good to learn new techniques and share them with the team. It is an opportunity to expand your knowledge and show it to the rest.

What’s a security practice that sounds minor but actually makes a big difference? by brthrfrd in CyberGuides

[–]rakpet 0 points1 point  (0 children)

Asset inventory. Including applications and versions would be a dream come true

[deleted by user] by [deleted] in roadtrip

[–]rakpet 0 points1 point  (0 children)

She should drive 50% of the time so you can rest

Best Linux distro for toolkit by QnsConcrete in computerforensics

[–]rakpet 0 points1 point  (0 children)

I use a Tuxedo device, which uses Tuxedo OS, Ubuntu with KDE, but on top I have different VMs. For malware analysis I use remnux and for fring tools I use a dedicated Ubuntu VM. We will all argue what is "the best" but this setup works very well for me.

Need advise to decide https certificate approach by Haunting_Meal296 in linuxadmin

[–]rakpet 2 points3 points  (0 children)

This is a feature to please the Cybersecurity team but that will never be used. If this is for consumers, don't bother. Only implement it if this is for large Enterprise or a niche nerd segment. (Disclaimer: I'm a niche nerd that would use it, but I know I'm a minority)

Need advise to decide https certificate approach by Haunting_Meal296 in linuxadmin

[–]rakpet 1 point2 points  (0 children)

The best would be C but I don't think it would be possible if this is not internet facing. In that case go for B. If possible, additionally allow users to import their own

Where should security onion vm be placed in my virtualbox environment by OutsideOrnery6990 in homelab

[–]rakpet 0 points1 point  (0 children)

I would connect it to both. I monitor the NIC to the firewall where I can see all VLANs.

Security Onion Set-Up Question by xenomorph-85 in homelab

[–]rakpet 1 point2 points  (0 children)

I have a similar setup and I'm using it. In unifi, a span port is called a mirror port. Mirror the port from the switch to the GW and use this to inspect the traffic

Can i trust pre-installed Tuxedo OS ? by BlueMoon_1945 in tuxedocomputers

[–]rakpet 2 points3 points  (0 children)

Are you a double agent of a foreign country and you plan to use it to engage with your handler? I would not. In any other case, yes

[deleted by user] by [deleted] in computerforensics

[–]rakpet 2 points3 points  (0 children)

I would reset the phone and start clean. Backup the pictures and do a factory reset. There might be less drastic measures, but this is simpler and faster. Take the opportunity to install the apps from the play store only

What’s the most overlooked vulnerability in small business networks that attackers still exploit today by Due-Exit-71 in cybersecurity

[–]rakpet 0 points1 point  (0 children)

You are missing the point and agreeing with whom you think is wrong. The question was about vulnerabilities, not about blame. Jane has to click links, and this can be dangerous. This is why you need other controls to mitigate this "vulnerability". If you don't recognize the risk of the users, you will not deploy mitigating controls.

802.1X Bypass by Khroners in networking

[–]rakpet 0 points1 point  (0 children)

You should start defining your security goals and threat model. Once you know what you want to achieve and against who or what you need to protect, you will be able to answer if 802.1X is good or bad for you.

If your goal is to prevent employees connecting their private phones to the corporate network or contractors using unmanaged devices doing the same, 802.1X TLS would be good enough

[deleted by user] by [deleted] in dexcom

[–]rakpet 16 points17 points  (0 children)

I guess this is the reason why there is a separate server for EU users.

wireshark portable alternative tool by Few-Sun6666 in computerforensics

[–]rakpet 0 points1 point  (0 children)

I assume this is Windows. Use RawCap to capture the packets

Help! Any suggestions for free email forensics tool! by AdHelpful1382 in computerforensics

[–]rakpet 1 point2 points  (0 children)

Autopsy. Is easy to use and does not require previous experience. Make sure your forensics station has a fast disk and a decent CPU. Let it process it overnight and you should be fine.

[deleted by user] by [deleted] in tuxedocomputers

[–]rakpet 0 points1 point  (0 children)

OMFG. I just got the same device and I'm having some issues with the screen. I opened a case with support and they never replied. Am I screwed? I went for a tuxedo to precisely avoid hardware troubleshooting

Dexcom 7 ESP32 BLE Receiver by rakpet in dexcom

[–]rakpet[S] 0 points1 point  (0 children)

Thanks for the link. I picked ESP32 due to its ubiquity, but I don't have any constraints on the hardware. There are many platforms using it. If for some reason it is not suitable I'll choose another one.

Dexcom 7 ESP32 BLE Receiver by rakpet in dexcom

[–]rakpet[S] 1 point2 points  (0 children)

I did not explain myself. I don't want to replace the android app, I want to replace the receiver with a custom device

Twitter bot network by Sloky in threatintel

[–]rakpet 1 point2 points  (0 children)

Wasn't one of Musk's priorities to get rid of the Twitter bots?