In the digital era, the ability to share and manage files efficiently over networks is crucial. The File Transfer Protocol (FTP) is a long-standing tool that enables users to transfer files between systems on a network. This article explains what FTP is, how it works, and its relevance in today’s online world. What is FTP? Read More …
Tag: tmack
UPnP :: Its Role in Modern Online Gaming
Universal Plug and Play (UPnP) is a set of networking protocols that simplifies the process of connecting devices on a network. While its primary purpose is to streamline device discovery and communication, UPnP plays a significant role in enhancing the online gaming experience. This article delves into what UPnP is, how it works, and its Read More …
HTTP: The Foundation of the World Wide Web
The Hypertext Transfer Protocol (HTTP) is a cornerstone of the internet and the World Wide Web. It enables the seamless exchange of information between devices, making web browsing, data sharing, and online interactions possible. This article explores what HTTP is, how it works, and why it is essential for the modern internet. What is HTTP? Read More …
Quick Note :: Attribute Based Access
We then end up with two main classifications of access control: Role-Based Access Control (RBAC). Define the role for the access to data, eg Policy = Subject (AND/OR) Role –> Permissions. Attribute-Based Access Control (ABCL). Define attributes eg Policy = User (role, nationality) AND/OR Resource (department, owner) AND/OR Action AND/OR Context (time, IP, location) -> Read More …
NOTES :: Retrieval Augmented Generation (RAG)
A solution model pattern in how to leverage large language models. Systems that use LLM but on their own content. Start Large language models can be inconsistent. Sometimes they nail the answer to questions, other times they regurgitate random facts from their training data. If they occasionally sound like they have no idea what they’re Read More …
Hacker Video – Fyodor – Nmap: Scanning The Internet – Defcon 16
Oldie but one of my favorites The Nmap Security Scanner was built to efficiently scan large networks, but Nmap’s author Fyodor took this to a new level by scanning millions of Internet hosts as part of the World scan project. He presents the most interesting findings and empirical statistics from these scans, along with practical Read More …
Some fun AWS reads
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources https://www.aquasec.com/blog/bucket-monopoly-breaching-aws-accounts-through-shadow-resources/ Capturing Exposed AWS Keys During Dynamic Web Application Tests https://www.praetorian.com/blog/capturing-exposed-aws-keys-during-dynamic-web-application-tests/ AWS Network Firewall egress filtering can be easily bypassed https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/
Hacker Video – SIEGECAST: Kerberoasting & Attacks 101
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Media walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …
powershell code – Find computers
To find a single machine and the date it last logged on Get-ADComputer -identity SRV-DB01 -Properties * | FT Name, LastLogonDate -Autosize Find all the machines Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate -Autosize
News :: AT&T Breached again…..
article Another example of sprawling clouds maybe? Security 101 – You have to know what you have. /snark over