#askinfosec — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #askinfosec, aggregated by home.social.
-
Anyone open to share some good papers about #CGNAT infrastructure? I am trying to read more and more into this, and I am happy for anyone sharing resources and/or papers on it.
-
Anyone else heard about the sourvereign, and alternative #DNS #TLD
chn.? There is a #Wikipedia article in Chinese. I am unsure if it is actually something actively pursued in #China to step up their #Internet #control game. Or if it was merely a financial asset to attract venture capital?Would love some insights from more knowledable people.
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Just scraping the #IANA assigned TLDs and the corresponding documented #nameservers. What I don't get is, why so many companies apply for a #TLD. It's not particularly cheap to apply for one of those ngTLDs, yet compared to the company sizes, it's probably pennies. Is it a prestige investment? Is it a digital resource to grab, before someone else does it?
Other than #Microsoft, #Google, and #AWS, I've rarely seen any ngTLD representing a corporation's name to actually be used in practice.
Does anyone in the #infosec community share their view?
-
Is there any great book on #AlpineLinux ? I love the concept, and love the considerations of the operating system. Yet, I usually opt for #Debian since I am much more familiar with it. It would be great to change that in the mid-term.
#Alpine #Linux #Sysadmin #askfedi #askmasto #askinfosec #unix
-
Is there any great book on #AlpineLinux ? I love the concept, and love the considerations of the operating system. Yet, I usually opt for #Debian since I am much more familiar with it. It would be great to change that in the mid-term.
#Alpine #Linux #Sysadmin #askfedi #askmasto #askinfosec #unix
-
Is there any great book on #AlpineLinux ? I love the concept, and love the considerations of the operating system. Yet, I usually opt for #Debian since I am much more familiar with it. It would be great to change that in the mid-term.
#Alpine #Linux #Sysadmin #askfedi #askmasto #askinfosec #unix
-
Is there any great book on #AlpineLinux ? I love the concept, and love the considerations of the operating system. Yet, I usually opt for #Debian since I am much more familiar with it. It would be great to change that in the mid-term.
#Alpine #Linux #Sysadmin #askfedi #askmasto #askinfosec #unix
-
Is there any great book on #AlpineLinux ? I love the concept, and love the considerations of the operating system. Yet, I usually opt for #Debian since I am much more familiar with it. It would be great to change that in the mid-term.
#Alpine #Linux #Sysadmin #askfedi #askmasto #askinfosec #unix
-
Posted about it yesterday already. But it looks like
archive.todayshows the default page of #Apache #webserver on #Ubuntu. The alternative domain namearchive.isinstead redirects with a301 - Moved Permanentlyto a new domainkrola.org, a website apparently comparing pet rabbit species?? It's also interesting, that the redirect to the new domain responds with an #HTTP headerserver: nginx/1.18 (Ubuntu). Apparently, the default Apache landing page also returns the same HTTP header information on the server. Perhaps the landing page is a decoy/deflection?Anyone on #infosecexchange has any speculations on the website?
#InternetArchive #ArchiveOrg #ArchiveToday #InfoSec #AskFedi #AskMastodon #AskMastodonMondays #AskInfosec
-
Is it just me or is every demo/overview of the #FlipperZero extremely unimpressive (especially those for a mainstream audience).
I regretfully watched one such video earlier and one of the features highlighted was the ability to copy TV remote signals :blobcatgoogly2: ...I get it was aimed at a non-technical audience but I literally had a watch that could do that when I was a kid and to this day grandparents around the world have universal remotes with this capability...
So I want to put it out there to the #infosec community - where are the cool flipper zero #projects? And I don't mean installing #DOOM or some other quirky play thing. I want to see legit #RF #hacking, or at least using the #GPIO!
#askfedi #askinfosec #rfhacking #pentesttools #hackingtools -
Is it just me or is every demo/overview of the #FlipperZero extremely unimpressive (especially those for a mainstream audience).
I regretfully watched one such video earlier and one of the features highlighted was the ability to copy TV remote signals :blobcatgoogly2: ...I get it was aimed at a non-technical audience but I literally had a watch that could do that when I was a kid and to this day grandparents around the world have universal remotes with this capability...
So I want to put it out there to the #infosec community - where are the cool flipper zero #projects? And I don't mean installing #DOOM or some other quirky play thing. I want to see legit #RF #hacking, or at least using the #GPIO!
#askfedi #askinfosec #rfhacking #pentesttools #hackingtools -
Is it just me or is every demo/overview of the #FlipperZero extremely unimpressive (especially those for a mainstream audience).
I regretfully watched one such video earlier and one of the features highlighted was the ability to copy TV remote signals :blobcatgoogly2: ...I get it was aimed at a non-technical audience but I literally had a watch that could do that when I was a kid and to this day grandparents around the world have universal remotes with this capability...
So I want to put it out there to the #infosec community - where are the cool flipper zero #projects? And I don't mean installing #DOOM or some other quirky play thing. I want to see legit #RF #hacking, or at least using the #GPIO!
#askfedi #askinfosec #rfhacking #pentesttools #hackingtools -
Is it just me or is every demo/overview of the #FlipperZero extremely unimpressive (especially those for a mainstream audience).
I regretfully watched one such video earlier and one of the features highlighted was the ability to copy TV remote signals :blobcatgoogly2: ...I get it was aimed at a non-technical audience but I literally had a watch that could do that when I was a kid and to this day grandparents around the world have universal remotes with this capability...
So I want to put it out there to the #infosec community - where are the cool flipper zero #projects? And I don't mean installing #DOOM or some other quirky play thing. I want to see legit #RF #hacking, or at least using the #GPIO!
#askfedi #askinfosec #rfhacking #pentesttools #hackingtools -
Is it just me or is every demo/overview of the #FlipperZero extremely unimpressive (especially those for a mainstream audience).
I regretfully watched one such video earlier and one of the features highlighted was the ability to copy TV remote signals :blobcatgoogly2: ...I get it was aimed at a non-technical audience but I literally had a watch that could do that when I was a kid and to this day grandparents around the world have universal remotes with this capability...
So I want to put it out there to the #infosec community - where are the cool flipper zero #projects? And I don't mean installing #DOOM or some other quirky play thing. I want to see legit #RF #hacking, or at least using the #GPIO!
#askfedi #askinfosec #rfhacking #pentesttools #hackingtools -
Does anyone know how booting Linux in FIPS mode gains any use or security from the `.vmlinuz.hmac` file? The interweb has no info at all.
It's a basic SHA of the vmlinuz file, but it has no way to verify authenticity or integrity of the hash, and is distributed with the thing it supposedly verifies. How does that have any purpose?
#cybersecurity #security #infosec #InfosecCommunity #askInfosec
-
OK, so #AskFediSec seemed to win that particular round but many people offered up the suggestion #AskInfosec which I also really like, so here's a run-off. For the folks that liked the idea of having a *dedicated* hashtag for this kinda thing, what is your preference below?
I'll also note that some variations of #AskInfoSex were also floated and tbh could be quite popular 😉🤣.
-
@shellsharks Great idea! - As some others before me I'd prefer something like #AskInfoSec / #AskSec - you know, something like this
-
looking back on my personal challenge for 2023: #AskAppSec | A Tester's Journey: AskAppSec - Finding Closure https://www.lisihocke.com/2023/12/askappsec-finding-closure.html #AskInfoSec #AppSec #InfoSec
-
what do you do to practice your security skills? | A Tester's Journey: AskAppSec - Capturing Flags https://www.lisihocke.com/2023/11/askappsec-capturing-flags.html #AskAppSec #AskInfoSec #AppSec #InfoSec
-
what do you do to make keeping dependencies up to date work? | A Tester's Journey: AskAppSec - Dependency Updates https://www.lisihocke.com/2023/11/askappsec-dependency-updates.html #AskAppSec #AskInfoSec #AppSec #InfoSec
-
@gvwilson 👆 @wehackpurple and #AskInfoSec is a great community to turn to with these questions
-
#BSidesMunich23 was awesome as my first security conference - what are your recommendations for the next? | A Tester's Journey: AskAppSec - BSides Munich 2023 https://www.lisihocke.com/2023/10/askappsec-bsides-munich-2023.html #AskAppSec #AskInfoSec #AppSec #InfoSec #BSides @BSidesMunich
-
what makes security champions programs effective? | A Tester's Journey: AskAppSec - Security Champions https://www.lisihocke.com/2023/10/askappsec-security-champions.html #AskAppSec #AskInfoSec #AppSec #InfoSec
-
what's your approach to move towards painless, usable security? | A Tester's Journey: AskAppSec - Painless Usable Security https://www.lisihocke.com/2023/10/askappsec-painless-usable-security.html #AskAppSec #AskInfoSec #AppSec #InfoSec #usability #ux
-
I've received feedback on my #AskAppSec question "should BFFs validate input?" - check out the updated blog post for community insights! 💡 https://www.lisihocke.com/2023/09/askappsec-input-validation.html #AskInfoSec #AppSec #InfoSec
-
should BFFs validate input? | AskAppSec - Input Validation https://www.lisihocke.com/2023/09/askappsec-input-validation.html #AskAppSec #AskInfoSec #AppSec #InfoSec
-
I'm eager to connect with more #security folks. Are there any online communities around #InfoSec, #AppSec, #DevSecOps you can recommend or heard others recommend? I've joined a few already, yet any pointers on good ones are much appreciated. 🙏🏻 #AskInfoSec #AskAppSec