Is tnok good bruh
93 Replies
why does gen alpha feel the need to put "bruh" at the end of every sentence
it's as ass as when gen x was putting "tho" at the end of every sentence
or when gen z was putting "frfr ong" at the end of every sentence
this website screams "PLEEASE GIVE ME MONEY I NEED TO BUY A THIRD HOUSE PLEEEEEEASE"
it's probably safer to go with a proven technology
if you need a firewall you can use vyos
or pfsense, or openwrt, or even just a standard computer with ufw or firewalld or windows defender firewll
if you need port security you can just use standard 802.1X, so RADIUS shit like freeradius or windows network policy server
but this in particular just screams i-wanna-grow-a-hundred-million-dollar-startu0-then-sell-it
are you trying to say that you’re a millennial or what
well i was on a forum
they said it was good but
they had an addon for “ip rate limiting”
generations are meaningless but im either millenial or gen z depending on where you draw the line
but i identify as an old man, get off my fucking lawn whippersnapper
wait so what are you actually asking?
are you asking if tnok is worth using for you or are you trying to get around rate limiting
because we can't help you with the second thing
what no
tnok is a firewall for ports
the ‘rate limiting’ thing is a bug that tnok has
can't you just use ufw?
i mean yeah but lets stay on the tnok track
1st one
cuz im interested in tnok
“Next generation”
no i mean that why would you try to use tnok over ufw
Sounds cool if you ask me
yea every company says they're next generation and then none of them are
looking at you, IPv6
looking at you, Wi-Fi 8
i mean if you just want to try out of curiosity then why are you asking this server if it's worth using? just use it
have you heard of fwknop?
but i wouldn't recommend actually trying to protect critical infrastructure with this until it's more proven
no
also see IPX, AppleTalk, Token Ring, MoCA...
well
also see EIGRP! while im shitting on network protocols
fuck it i guess ill try it just to try it
but anyways
if not that
what would you say is ideal
as a firewall for ports
yea you can certainly try it but there really no reason not to just use ufw or firewalld
both are very proven techonologies, if you need something more robust or granular you should probably buy a dedicated firewall device
Is freeradius good
i.e. palo alto or cisco or even like an old laptop with some Ethernet adapters
wow you are typing a shit ton
oh
yes
what a small amount of word
so much type
...if you can get it setup because i couldn't figure it out :Whisperain_Sad:
I just dont want metasploit kids cominng into my firewall trying to break my windows 10
😒
...explain?
how would someone actually get into your network
are you inviting metasploit kids into your home regularly? or as in just from the internet
from the internet
obviously
ok
or
DCRat
yea you don't strictly "need" almost any of this then
is apparently
better than metasploit
i think you know why i want allt his
😭
your home firewall is a lot better than you give it credit for
have you heard of DCRat
i.e. the one your ISP gave you
‘
no im not really in the red team world anymore
damn
i am kinda confused
and when i did i barely knew how to use metasploit
but it did work pretty well!
I was watching a metasploit
video
but then someone said
“DCRat or WebRat is better”
and im like
tf is dcrat
meaningless
Apparently its “darkcrystal rat”
"better" means almost nothing in this context
they say
“metapsloit is outdated software and opens your ports in the process, dcrat is much safer”
yea metasploit isn't meant to be secure
most red teamers have terrible security on their side
but you have a lot more to worry about when it comes to accidentally downloading malware
than about any external threat randomly pwning your home network completely autonomously
all those botnets have already been purged
if any home router were that vulnerable, the company would know about it that hour
and release a patch that day
so as long as you keep your home wifi router updated (which often times it does automatically), you really don't have anything to worry about
damn
well
people still make new exploits in hidden
dont they
and new rats and shit
ngl dcrat has been interesting
but theres a shit ton of things
“dcrat” “dark crystal rat” “dark comet rat”
yes, people do create new RATs every day, but unless they're being used for exactly one person, windows defender catches that shit immediately and pushes it into a malware registry the next week
yes, hackers do move very, very fast, but the second largest company on the planet can pretty easily keep up with them, at least fast enough for 90-95% of the people in this server, no doubt including you
this is true, people do put bugs and sometimes exploits into critical code
but let me put it this way: do you remember the xz backdoor? we still don't know who Jia Tan is, but they did not put that backdoor in to spy on you
I wonder how they do that
do i like
have to read the kernel
lets say i know all window apis
and extra shit like that
tf is my next move
i have to do SOMETHING with the kernel drivers dont i
if it was the CIA, they probably put it in to spy on Iran or China, if it was China, they probably did it to spy on Taiwan or Israel or the FBI
no it's actually very easy to create a RAT
it's like trivial shit
like back when i was learning pentesting in college one of our assignments was to create a RAT
i wrote almost no code for that, [redacted]
actually i don't think i can say more because ToS but yea you can make a RAT very easily without seeing almost any of that
yeah yeah i get what you mean
but the problem is
how to deploy it
you have to cause an exploit to deploy it
through networks
no you don't
discover a vulnerability
build an exploit
a RAT can be delivered through social engineering, that's how most people do it
well yeah i meant on the internet
like how wannacry spread
this really doesn't happen anymore
or well, it does, but really only by very well-funded ransomware gangs in Russia or China or USA
https://exploitdb.com/
what about this?
or Venezuela or Chile and shit
the remote code execution one used through the SMB protocl
funny how its kind of similar to eternalblue (obviously not even close to being as powerful)
yes this does exist but the people who put those up there are the ones who don't exploit it, they post it publicly for the public to know or for a bug bounty
and when they do exploit it, they get discovered long before they get to you
yes, but to be able to do that to your computer they would first have to pierce your home router
unless you have your computer hooked up directly to the ISP line which I do not recommend
so wait
what if i become a bug bounty hunter
then ill be like them?
like in the rust red ops directory for apc injection
thats a pretty nifty exploit
tl;dr you can follow standard security policies, keep your shit up to date, use secure passwords and 2fa, be on the lookout for fishy/phishy downloads, and store your important documents in secure locations, you really don't have anything to worry about
if it's good enough for my mom to have never gotten a noticeable virus on her computer, it's good enough for you
yeah you’re probably right
damn
so wait
the only time you would need to do more is if you're a sys-admin at a small or large company, or if you've pissed off a ransomware gang or foreign government to the point that they are willing to expend time and resources on you in particular
back to the bug bounty shit
couldnt they hypothetically not sell it to the public
you can try :bceTrippy:
and just use it to spread payloads
yes you can sell it to the black market
I MEANT NOT SELL IT AT ALL
and RCE shit can often go for MILLIONS on the TOR network
but that's the thing, it goes for millions
ain't no-one wasting a million-dollar zero-day on you of all people
regardless
if you sunk weeks or months straight targeting a palo alto firewall or a vyos or ubiquiti device
would you use it on john smith down the street? for what? for fun? for kicks?
idk
sellcit
become a bug bounty myself
exploit developer
for the unated stamts of americams
yea that's what i mean you can get a pretty decent bug bounty for yourself, but why would someone use a bug bounty on you when they can get tens of thousands for it on the white market?
or millions on the black market?
sir
sir
i meant
i would become a bug bounty hunter
for the unated stats
you can try if you want
I don't recommend it
but it's your time to waste
r/masterhacker
whats the problem with doing the shit that the people on exploitdb do
you'd have a better time going to college ofr university
there's not necessarily anything wrong with it so long as you're following all the guidelines and laws
but i just don't recommend it because there are much better things to spend your time on
like id say it's more useful to look into something like ssh just for fun than to hunt specifically for exploits
like you can genuinely learn a lot from just studying open-source code
but if you're expecting a payday, you're better off working at starbucks
damn
hell you can even print out the code and study it at starbucks when you're bored
but at least you'll have a paycheck to show for it
but thats what red teaming is for
writing exploits sending payloads injecting shit
yk
https://github.com/joaoviictorti/RustRedOps a friend of mine showed me this directory
GitHub
GitHub - joaoviictorti/RustRedOps: RustRedOps is a repository for a...
RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀 - joaoviictorti/RustRedOps
im going at like creating exploits like he does in his dir
it is, but ive only discovered a few exploits and i haven't been paid for any of them
and honestly, im okay with that
you yourself have?
yes! i have been in the red team world
What were the exploits for?
i responsibly disclosed them immediately so you've never heard of them
one was for my uni and one was for an indie game i was beta testing
i think there were others but they were probably pretty minor
how often do you think it is
that someone comes across a vulnerability
i have no idea
regarding the windows kernel and the sevrers like
22H2
and such
windows kernel? the world will probably never know
because a large portion of those are discovered by nation states and then sat-on
could be 20%, could be 50%, could be 99.9%
yeah and those are
we won't know until the files get declassified, and even then we won't know if all of them are declassified
heavily funded by extreme professionals
remember eternalblue? yea
we would've never known about that zero-day if not for stuxnet
NO I WAS GONAN TYPE SOMETHING ELSE
😡
cope
‘
why does stupid cyber info not let me say . Instead of ‘ when im catching up to responses
foolish foolish cyber info
this conversation is too big
must delete it
tl;dr you can try tnok if you want to, but standard security practices are good enough for almost everyone: keep your shit updated, use secure passwords, and maintain just a little bit of skepticism. if you want to setup a device or port firewall, it's probably safer to go with standard ufw, firewalld, or windows defender, or you can try something like freeradius, or you can buy a standalone device like a palo alto or cisco or just make a firewall using vyos or pfsense or openwrt