[00:00:55] *** Joins: johnfe (~johnfe@47.216.197.3) [00:01:19] any whitehats on? [00:04:01] i might be able to help [00:04:47] awesome. i would like to see how secure my setup truly is. how would i go about that? [00:05:02] what is your "setup" [00:05:09] my pc [00:05:18] describe it [00:05:54] it is a dell inspiron 530 running linux mint 17.3 mate using an rca tablet for wifi [00:06:50] do you have any external services running on it? [00:06:54] i.e. ssh? [00:07:02] what are external services? [00:07:07] `netstat -tlpn` is what I usually run [00:07:18] services you can connect to from outside your network [00:07:19] ill check [00:07:56] shit ton of tcp [00:08:33] and tcp6 [00:08:35] are any of the IP addresses 0.0.0.0 [00:08:44] 2 [00:08:53] what processes are running on those [00:08:58] it should say on the right [00:09:03] just a - [00:09:10] run it with `sudo` [00:09:48] 1513/dnsmasq [00:09:58] 1919/cupsd [00:10:06] cupsd is for printers [00:10:06] 804/smbd [00:10:16] smbd is a file share service i think [00:10:28] dnsmasq is exactly what the name says [00:10:41] can smbd be hacked? [00:10:49] it doesn't work like that [00:10:53] usually what happens is: [00:11:02] 1. you have an external facing service [00:11:08] 2. someone finds a bug in it. [00:11:12] 3. you don't update [00:11:19] 4. someone exploits the bug [00:11:34] sometimes even if you do update, it's not a publicly known bug [00:11:45] your best bet, is 1) for all service you don't use, turn them off [00:11:56] and then 2) use a firewall [00:12:04] on linux you can use iptables to setup a firewall [00:12:10] can i safely shut the smbd off? [00:12:12] but the easier way is to use a program called ufw [00:12:24] yes [00:14:09] awesome. i gues linux mint came with ufw so im downloading the gui [00:14:27] kk [00:14:31] it's pretty easy without the gui though [00:14:54] !ping [00:14:54] woodruffw: pong 1457928894 [00:15:02] my firewall was off! [00:16:27] thanks [00:18:06] np [00:18:15] the last thing is to just make sure you update regularly [00:18:47] definitely. as soon as a stable update comes out [00:19:26] i'm kind of confused on why dnsmasq was running in the first place [00:19:32] that's usually on like routers [00:19:56] probably because my tablet is my internet adapter [00:20:13] maybe, i'm not sure how any of that works [00:20:45] in any case im glad you were able to help [00:21:01] *** Quits: johnfe (~johnfe@47.216.197.3) (Quit: Leaving) [01:26:20] wow I read that late, but smbd is the samba daemon [01:26:42] basically the windows networking workgroups jawn [01:27:08] if you forgot gsingh93 [02:01:22] vishwin: yea i knew that [02:01:46] iangcarroll: you there? [02:01:58] i'm curious what kind of queries you're running on threat exchange [02:04:40] :-P [03:15:29] *** Quits: sivoais (~zaki@unaffiliated/sivoais) (*.net *.split) [03:16:06] *** Joins: sivoais (~zaki@unaffiliated/sivoais) [03:37:07] *** Joins: CMac (~CMac@70-91-248-93-BusName-Illinois.hfc.comcastbusiness.net) [03:38:01] *** Parts: CMac (~CMac@70-91-248-93-BusName-Illinois.hfc.comcastbusiness.net) () [06:31:16] *** Joins: r0bby_ (~wakawaka@guifications/user/r0bby) [06:31:26] *** Quits: robbyoconnor (~wakawaka@guifications/user/r0bby) (Ping timeout: 248 seconds) [07:47:57] *** r0bby_ is now known as robbyoconnor [16:01:29] heh gsingh93 today in 388: malware on medical devices :p [16:01:40] haha [16:01:52] do you have a guest speaker? [16:02:06] sorta--one of the GSIs [16:02:38] he doesn't run a discussion section, just office hours, so he's only semi-affiliated with the actual course? [17:06:33] gsingh93: do you know why resumes are a hard requirement for the ctf? :/ [17:09:41] or alternately, what's the most minimal resume that counts? :) [17:23:13] *** Joins: DarkNova (~DarkNova@146.229.255.21) [17:30:11] *** Joins: DarkNova_ (~DarkNova@146.229.255.21) [17:30:12] *** Quits: DarkNova (~DarkNova@146.229.255.21) (Read error: Connection reset by peer) [17:35:37] Clinteger: it's a requirement because that's how we justify doing this to managers [17:35:50] you think they're going to give us thousands of dollars to pay for food and flights for nothing? [17:36:25] just submit your normal resume, and if a recruiter contacts you and you don't want the job, just decline [18:19:17] *** Quits: DarkNova_ (~DarkNova@146.229.255.21) (Remote host closed the connection) [18:25:44] *** Joins: DarkNova (~DarkNova@146.229.118.20) [18:29:11] *** Joins: DarkNova_ (~DarkNova@146.229.118.20) [18:29:11] *** Quits: DarkNova (~DarkNova@146.229.118.20) (Read error: Connection reset by peer) [18:39:38] *** DarkNova_ is now known as DarkNova [19:53:22] *** Quits: DarkNova (~DarkNova@146.229.118.20) (Remote host closed the connection) [20:08:15] *** Quits: woodruffw (~yossarian@unaffiliated/cpt-yossarian/x-8375832) (Quit: And then he took off.) [20:08:47] *** Joins: woodruffw (~yossarian@unaffiliated/cpt-yossarian/x-8375832) [20:08:48] *** Quits: woodruffw (~yossarian@unaffiliated/cpt-yossarian/x-8375832) (Excess Flood) [20:09:17] *** Joins: woodruffw (~yossarian@unaffiliated/cpt-yossarian/x-8375832) [20:14:40] *** Quits: woodruffw (~yossarian@unaffiliated/cpt-yossarian/x-8375832) (Quit: And then he took off.) [21:21:42] *** Quits: wolfcore (~wolfcore@unaffiliated/wolfcore) (Ping timeout: 246 seconds) [21:29:49] *** Joins: wolfcore (~wolfcore@unaffiliated/wolfcore) [21:35:24] yeah makes sense [21:35:46] I wasn't sure how much of it was being done by Facebook vs MH [21:39:40] well, it's not so much that I don't want them to have my resume ever [21:40:01] but I'm already going somewhere this summer and in the future I don't want them to have an old one