Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Fixing other people’s crap because that’s the punishment for writing functional code
Submitted 1 year ago by shellsharks@infosec.pub to cybersecurity@infosec.pub
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Fixing other people’s crap because that’s the punishment for writing functional code
World domination.
On a more serious note… been trying to test various different tools I’ve found or read about and writing necessary scripts/programs.
At work, setting up windows server auditing in a way that doesn’t nuke the event viewer with millions of security entires. At home working on upgrading my proxmox.
Mostly working on getting over covid! In the meantime, I got MacOS running in a VM which was a bit of fun. Host system is Linux Mint 21 and the VM is running through KVM/Qemu. I’ve been wanting to play with it for a while but I’m way too poor to get the hardware. Not a bad system overall, the installer is a bit hinky but users aren’t supposed to see that anyway. Haven’t dug into it much yet but I will when I find some time. Interested to see how closely the experience matches some of the Mac-aligned Linux distros.
Interesting, this is something I’ve yet to do. I’ve been seeing some interesting news about Asahi Linux for M1 macs im interested in trying out though.
RedPhoenix@aussie.zone 1 year ago
A medium interaction SSH honeypot backed by a basic LLM that believes it’s bash.
I’m impressed at the ability to retain limited state, and respond ‘reasonably enough’ that it’ll probably allow first stage automated attacks to be captured… but at the moment, it’s way too easy to peer behind the curtain.
It’s quite jarring when your bash terminal starts telling you a story about a happy dragon in response to some weird command.
RedPhoenix@aussie.zone 1 year ago
Yep… sigh
mwguy@infosec.pub 1 year ago
Instead of giving it a LLVM based shell, can you give it an actual shell in a container? Maybe backed by AppArmor or SELinux to prevent breakouts
ComradeKhoumrag@infosec.pub 1 year ago
Bravo
kabobglance@infosec.pub 1 year ago
This sounds fun