User Controls
Posts by Sophie
-
2020-09-15 at 3:08 PM UTC in Tech/IT is full of lefty faggots
Originally posted by Speedy Parker And other true stuff too…
In all seriousness, it really comes down to what area of IT we're talking about and at what level. Your average network engineer at a medium sized business isn't any part of an externally funded group. However cyber security start-ups for instance, often times get seed money from INQTEL, the CIA's Venture Capital arm. Especially if they are developing tools that can be leveraged by the intelligence community.
Then you have academicians, the people who actually practice Computer Science in the true sense of the concept and the research that goes along with that. Those people often times receive grants from special interest groups or the government.
Those are some examples i can think of, off the top of my dome(head). -
2020-09-15 at 11:16 AM UTC in I no longer able to conceal the fact I'm a reactionary IRLImagine not being a big name in IT, i do it as a hobby and i'm pretty well known in cyber security circles.
-
2020-09-15 at 9:34 AM UTC in Data centers and related security.
Originally posted by aldra how powerful are the two servers? generally speaking a security server does not require all that much power so if your two servers are roughly equal I'd use them to simulate and test failover or something instead. It's not too hard to set up in something like VMware/VSphere.
In terms of network security I would want that set up on the gateway/router; I personally like pfsense and you can set that up on a literal $50 computer. I think there's a raspi build but you probably want a little more power than that if you're interested in packet inspection or anything relatively heavy-duty. Monowall/smoothwall/etc are even lighter.
In terms of internal security, IDS/anti-malware etc. I'd set it up as a VM; there's no real need to have that completely external to the VM cluster
They're powerful enough and yeah normally you'd set something like that up on your router, but since hidden services will be involved(No CP just a project i wanted to include), i wrote a script that cycles through cracked APs every N interval of time. So i am working off the assumption that the routers are not secure at all. That's why i need a security server. These two boxes will be the only two that are hopping AP's. As not to jeopordize my other network assets. When i get more servers i plan on making a VM Lab with VMWare ESXi and vSphere and such.
VMWare is one of my favorite companies when it comes to VM stuff. But i'm using the latest Parrot 'Home Edition' as base OS for the servers. This is because in contrast to Parrot's peen testing distro, the 'regular' variety, is a heavily modified, secured and hardened version of Debian, it's designed to be secure out of the box, but it is highly customizable as well and with Snap deploying Ubuntu Core VMs which then in turn allow me to deploy containerized web apps within those VMs, i think i have a very good set up. The virtual appliances combined with Ubuntu Core 18 LTS and the special LXD variety give me near Enterprise capabilities.
Now ProxMox-VE would give me Enterprise level capabilities and if it's feasible, i might put ProxMox on my security server if i can integrate it with my set up as it stands but i don't know if that's realistic. If it is, it would be more of a hybrid solution somewhere between physical and virtual 'data center'. Where i was going with this though is that Proxmox and Parrot use QEMU-KVM integrated with a containered approach to deploying all manner of assets. Besides all of this is OSS. Which is great. -
2020-09-15 at 2:47 AM UTC in Data centers and related security.
Originally posted by aldra not sure I follow what you're trying to accomplish
are you meaning to offer shared hosting/vps services (or just simulate end users)?
so you want to set up one server as a VM controller and the other as security?
I want to deploy some web applications on a couple of homemade 'VPS' clusters. The VPS are hosted on a bigger physical server, i have another physical server, but i have enough storage capacity and resources on the web app cluster, that i want to devote my second physical server to things that will make my little data center more secure.
I am just wondering what the best way of doing that would be. My security server, which i'll just call the security orchestrator or orchestrator from now on, would ideally monitor all traffic that comes into the network, and goes out of it, make a regular backup of the mission critical stuff. And it would also read application logs sent by the web apps, and automatically start incident response like suspending the container or VM that has the web app where suspicious activity occurs, or just block all in and outgoing traffic from the associated vHost.
It would kind of be like a MitM sort of situation where traffic comes in, gets logged and then forwarded to the appropriate host. At the same time, the security orchestrator could run a number of honey pots, and serve as an IDS and IPS. The idea behind the honey pots is that they'll look like interesting targets, on the face of it. While what i am actually concerned about is the security of the vHosts with the web apps, if a honey pot detects activity that is out of the norm, the offending IP would either be blacklisted, or more satisfyingly think they'd hit some intel on a file server lets say, like a bucnh of PDF documents that seem significant but will only serve to deliver malware as a MalDoc to anyone that downloads said documents and opens them.
The orchestrator is an extra layer of security. It will be hardened and made as secure as possible, the only way to the vHost cluster is through the orchestrator.
That's the general gist of it. I am however open to suggestions. -
2020-09-15 at 12:44 AM UTC in Data centers and related security.
-
2020-09-15 at 12:13 AM UTC in Data centers and related security.I downloaded ProxMox-VE just to mess around with, even if it turns out i won't use it for this particular project. It's pretty fucking awesome.
-
2020-09-14 at 11:49 PM UTC in Data centers and related security.I have been fortunate in that i have the opportunity to build some cool network infrastructure, however networking isn't my strongest suit and while i am reasonably good at security i almost exclusively play as the red team. So this should be interesting and potentially disastrous. The latter is of course the exact opposite of what i want to accomplish. I want to make it secure to the level of just a tad over what would be acceptable for the kind of set up i have to make.
I need data storage and backup, i need to facilitate web app deployment(Containerized and/or Virtualized) i need to have some sort of IDS and ideally IPS. I need to have some capability for automated incident response. And really a way to securely manage/maintain/operate this entire system in a relatively straightforward manner.
The good news is that i have two physical servers to work with, that doesn't seem like much at first glance but together they can hold a lot of data and have the resources between them to set up a virtualized data center quite effectively. I can do whatever i see fit as long as i accomplish the things i outlined in the above paragraphs.
Ideally i'd use Proxmox because it's an awesome piece of kit. But i have this vision in my head where one server is like the main security mechanism with some redundancies built in of course. The 'security' server, would have a set up that monitors(And more) the server that's hosting the web resources but also has some services running that look vulnerable, like SSH/VNC/ADB/DNS you name it, except these would be honeypots, and i might just include an isolated File Server purposefully vulnerable, where i will put MalDocs.
The software solution i had in mind for the honeypots is called HoneyTrap and you can read about it's features over at https://docs.honeytrap.io If you have any experience with this tool i'd love to hear about it.
In any case, i'm no network architect and if you happen to be i would love to hear from you. It might be interesting to note that i will also be hosting a Tor Relay node on the network just because. For that reason as well, i'd like the security to be tight.
So far i have decided to deploy the web apps as containers on what amounts to virtual instances of servers for the one box, and i think i'll use the second box as a hybrid, hosting the honeypots on one hand, while simultaneously monitoring, logging and launching automated incident response scripts when necessary. Every component will be specifically isolated with a container or through virtualization or through chroot et al and accounts i will set up that only have permissions set to execute the active counter measures.
In any case, like i said, if you have experience with this sort of thing i'd love to hear about it, that said, i'll conclude by saying thank you in advance. -
2020-09-14 at 5:58 PM UTC in Creating a natural language generation news bot.... ermThe more the better obviously but you should scale to the infrastructure you have available. Which language are you employing for this project? Python?
-
2020-09-14 at 5:51 PM UTC in Any pythoners in here know how I can speed up this code?Use the threading lib, and i don't mean the multiproc lib, the actual threading lib. IIRC if you have the requests lib, which you do you should probably have the requests_toolbelt also.
https://toolbelt.readthedocs.io/en/latest/threading.html -
2020-09-14 at 1:22 PM UTC in The Retarded Thread: Get off that bus edition
-
2020-09-14 at 11:40 AM UTC in Should child molesters get raped in prison?
-
2020-09-14 at 11:32 AM UTC in So ... why exactly DO the Russians keep trying to kill people with Novichok?
-
2020-09-14 at 10:42 AM UTC in The Retarded Thread: Get off that bus edition
Originally posted by Sophie When God sees my D he's going to have to rethink the whole 72 virgins thing, if i ever end up martyring myself. Oh wait that's Islam.
Guys... GUYS! You're not going to believe this i just found out where the 72 number comes from in relation to God, or Allah and such. It's from the Egyptian Mythos. Earliest reference i could find was in the story of the murder of Osiris, as you might know; Osiris is the king of the gods and his brother is Set. Osiris is rightfully king as his lineage traces back to Ra the primordial creator and god of the sun. As such he has primae noctis, which means he can bang whoever he wants even though he is married to Isis and his brother Set is married to Nepthys. Long story short, Osiris bangs Nepthys and in revenge Set conspires to murder Osiris with 72 accomplices.
I'm not kidding. The reason the number is, and in the text specifically states 72 is to do with the Egyptian concept of Ma'at. That is to say, the divine balance, principles of harmony and the natural laws that govern all things. Two, three, four, seven and their sums and multiples are significant in this regard. The 72 figure comes up in measurements taken at the Pyramids at Giza and such too. They were definitely on to something there because the pyramids align with the constellation of Orion, their true entrances facing due North while the Sphinx faces due East. During the Equinox, if you happen to be looking the way the sphinx is looking from behind it you will see the sun crowning the sphinx.
Bonus Armchair Egyptology: I also happened to learn that the name Tutankhamun actually is more of a title than a name. Since it means In The Image of Amun. Or more plainly: After his likeness.
Bonus Abrahamics: I suspect the story of Osiris and Set influenced the creators of the story of Cain and Able. Except in the Bible God favors Able because he does his sacrifices right and such and Cain kills him because he's mad at God for favoring Able over him. -
2020-09-14 at 9:33 AM UTC in The Retarded Thread: Get off that bus edition
-
2020-09-14 at 1:13 AM UTC in I like LannyHe's alright, for a commie.
-
2020-09-14 at 1:12 AM UTC in How does this make you feel, bigots?I feel nothing.
-
2020-09-14 at 1:09 AM UTC in Zoklet orginals represent
Originally posted by Sudo I remember that was one of the gimmicks you used on an alt account that got me demodded because the mods were too stupid to realize it was you. Fuck the mods on zoklet were a pathetic bunch of victimy circlejerkers. That culture helped kill it. Plus zok was a fucking faggot, the foremost people were zok who hid out on IRC and Panny who hid out on TC.
I don't mean to be a downer but you used to be a mod at some point too. That said, the mod culture was toxic as fuck. And i mean across the board. Pun intended. -
2020-09-14 at 1:05 AM UTC in Should child molesters get raped in prison?
Originally posted by Bugz I want to say yes. but I think someone should blow their fucking brains out.
If they were molested as kids then perhaps a hospital and years of therapy with chemically or surgically castrated before being offered to go back out into society. letting them know not to take anger out on kids. find some other way to direct anger at. ruining the lives of shitty people out there by recording them and telling them "Stop or I will send this to TMZ, The Sun, The Globe, or any other trash magazine that will post it"
that sounds like fun actually.
You're getting your types of abuse confused. I know it's hard to grasp but pedophilia isn't about inflicting anything on anyone. That's what sadists do. -
2020-09-13 at 9:59 PM UTC in I woke up today.
Originally posted by MORALLY SUPERIOR BEING 2020 IV: Intravenous Soyposting I think America is done too. I mean look at the arsons, the looting, the political division, the people just living on different mental planets, people like the orange fruitters going literally mental. You can't make a country work like that.
https://bluelivesmatter.blue/police-arrest-multiple-suspects-in-connection-with-west-coast-wildfires/
Look at those pictures.
I like the merch they're rocking. Or selling rather. -
2020-09-13 at 9:57 PM UTC in Should child molesters get raped in prison?
