Wanna bet they expose SSH on port 22 to the internet on their “critical” servers? 🤣
Sure, but the author makes it sounds like thats its their standard way of doing things, which is insane.
And if you do have a misconfiguration, the rational thing is to fix that, not dump the entire platform.
If the hypervisor or any of its components are exposed to the Internet
Lemme stop you right there, wtf are you doing exposing that to the internet…
(This is directed at the article writer, not OP)
deleted by creator
Its still pretty common in wedding services to announce the couple as “Mr and Mrs [Man Name]”. Even seen it when the bride isnt taking the husbands surname.
My partner and I hate it as well.
If your goal is to interrupt her usage to avoid excessive usage, would a pomodoro timer help?
I dunno if that can be setup to force lock the screen or something, but maybe its helpful? Depends if its easy to override?
The claims are well into the “I found a unicorn” territory, I’m tipping its either “If you misconfigure this, its unsafe”, or its a real vuln, and its significantly harder to exploit that they are claiming.
Not all Linux’s have SSH enabled, especially out of the box.
They have some other posts about IPv6 parsing (also not universal), but that doesnt sound like an “easy” RCE.
For free? Probably not.
Wireguard has been audited by some University groups, maybe contact one of them:
There really is 2 NSA’s, with conflicting goals. Keep Americans secure, and collect everyone elses data. Its a difficult line to walk. The first half does produce really good advice and tools, but is undermined by the second halfs image.
I fortunately never learnt Ida due to cost, so I have no idea what is missing, but ghidra was a godsend for CTFs. Suddenly reversing challenges were accessible and easy.
https://code.nsa.gov/# - Lots of useful stuff here.
touch
😏
If the mother lives, she wasn’t truely in danger, doctors go straight to prison. If the mother dies, she was in danger and they failed to act, doctors go straight to prison.
Should work swimmingly.
Ghidra. Boom, here is 90% of ida pro. Enjoy.
The malware argument is a bit weak, if your router is vulnerable to something it’ll likely be found and pwnd in a matter of minutes, so turning it off a night won’t really save you. And once a patch is released, it’ll be reverse engineered in a few hours/days, so ideally you want patches as soon as they are released.
Using your own device is usually a good idea anyway, telco stuff is usually pretty mediocre. And as soon as your device is slightly custom, it becomes a less valuable target.
Yeah, we’ll get into that right after we solve SQL injection vulnerabilities. Don’t rush us.
We missed this: https://lemmy.world/post/19803056
Consider me whooshed then. Didn’t see the first parts
You’ll definitely get lots of login attempts. I used to have a port 22 ssh, hundreds of attempts per day.
Would be interesting to see what post login behavior was.