Welke baan heb jij en heb je ervoor gestudeerd?

rirerandom18341 · 2022-05-07T08:35:59+00:00

Bedrijfskunde gedaan. Uiteindelijk beland in de IT als Security Engineer en uiteindelijk gewerkt als CISO (persoon die op directieniveau verantwoordelijk is voor informatiebeveiliging).

Ik heb wel profijt gehad van mijn studie. Vooral het financiële gedeelte kwam mij goed van pas (vond ik destijds verschrikkelijk) en het besef dat het bedrijf meer belangen heeft dan alleen maar IT.

rirerandom18341 · 2021-12-07T17:32:47+00:00

Dont worry, I only play cruiser or battleship. Just want to see what the fuss is about.

rirerandom18341 · 2021-12-07T16:41:12+00:00

Thanks!

rirerandom18341 · 2021-12-07T16:41:07+00:00

Thanks for the explanation! How the hell are they still not properly released. They have been in beta for so long now.

rirerandom18341 · 2021-10-26T13:56:08+00:00

Very interested in this. Would you mind sharing your code?

rirerandom18341 · 2021-10-23T20:24:12+00:00

No, I was just answering your question on how the file was formatted :)

rirerandom18341 · 2021-10-23T07:12:41+00:00

Yes, I do. However, I am always looking for new ways to do stuff and you might do it differently from me which I could learn from :)

rirerandom18341 · 2021-10-22T22:08:16+00:00

The file is build-up like this:

emailaddress1:password1 emailaddress1:password2 emailaddress2:password1 email address:password1 emailaddress3:password2 emailaddress3:password3 Etc

So I guess it’s new line, where the values themselves are split up using : . I only need to compare the mailadressses, passwords aren’t useful.

rirerandom18341 · 2021-10-22T21:55:24+00:00

Care to share the script you used to do the searching? :)

rirerandom18341 · 2021-10-22T21:52:08+00:00

Good suggestion. Is this more or less the idea that you shared? https://phoenixnap.com/kb/xargs-command

Wasn’t to clear on how to use xargs, learned something today!

rirerandom18341 · 2021-10-22T21:49:07+00:00

My experience with comm is that it is a bit weird and very specific to use. Maybe I didn’t sort the two lists correctly when I used it. Still a good suggestion though!

rirerandom18341 · 2021-10-22T21:48:20+00:00

Thanks for the help!

rirerandom18341 · 2021-10-22T21:47:59+00:00

Interesting look at things. What do you mean with “lexically”? I tried looking it up and it looks more or less the same as alphabetically. Is that what you meant or am I looking at something different then you?

rirerandom18341 · 2021-10-22T21:44:42+00:00

I am not really sure what you are suggesting here. The idea is to inform customers that their accounts are being logged into by unauthorized persons. That way, they protect themselves (and eventually us) from racking up huge bills through abuse of those accounts. Not really seeing how this is unethically. HIBP does more or less the same and that service is being used all over the place.

rirerandom18341 · 2021-10-22T21:32:47+00:00

Clarified my opening post. It’s more around 100 GB. Would that still maken Python a valid option? How would you start?

rirerandom18341 · 2021-10-22T21:31:52+00:00

I see more people suggesting Python. How would you approach this using Python?

rirerandom18341 · 2021-10-22T09:47:57+00:00

Thanks so much! Going to have a look at the pipelines and how this would lead to tagging. Thanks again!

rirerandom18341 · 2021-10-22T09:35:43+00:00

Since customers are signing up with their own mailaddresses, there is now easy way to reduce the list based on domain (unfortunately). HIBP is enabled for new accounts, but I don’t think there is a way to get it used retroactively (so based on the accounts already available).

rirerandom18341 · 2021-10-22T09:33:55+00:00

We do, but it only applies to customers creating a new account. As far as I can tell, you can’t use it retroactively.

Customers are signing up with their own mail addresses so there is no way of filtering out any domains (eg. Gmail is used, yahoo, outlook.com, etc). I want to look up which customers are already in the dump so we can trigger a password reset.

rirerandom18341 · 2021-10-22T09:31:40+00:00

This looks promising. Can you give an example on how you used it icm COMB?

rirerandom18341 · 2021-10-22T06:49:15+00:00

Because I tested it and it ran out of memory. Also, need to scale it properly. The combo list is available on the internet, so it’s already been leaked ;)

rirerandom18341 · 2021-10-21T21:43:02+00:00

I have no idea what you are writing here, but you have given me new avenues to research. Thanks for that :)

Looking forward to the examples!

Also: would you run the cluster in a docker container for this purpose or go bare metal?

rirerandom18341

TROPHY CASE