A scammer called me today. They were saying that harmful files were moved to my computer and they needed to remove them. I don't think they are ever going to call me again.

S = scammer; M = me;

S: this is tech support we need access to your computer because we detected harmful files and need to remove them.
M: oh my! Hold on, let me go to my computer now. How can you access it?
S: we can just use RDP and delete the files. They are in a hidden folder that is encrypted so this Is the only way.
M: oh ok I believe you. Hm... it looks like my son only allows certain IP addresses to access our computers.. I don't know how to disable this so can you just email me your IP address?
S: Sure...

He then sends me his actual IP address... it doesn't even look like a proxy or VPN.

M: oh my I forgot that you need my password to login. It's really long and complicated... can I just email it to you?
S: Sure!!

I then tell him to hold on I have to find it that my "son" stored it somewhere.

At this time I'm taking a photo of my bare ass and attaching it to the email. I then say in the email "Please note what my job title is in my signature.. I just sent the FBI your name, phone number, email, and IP address. Please enjoy my bare ass, you'll see a lot of it in prison."

*client calls in*

Me: good morning, how can I help you?
Client: my ip is blocked, could you unblock it for me?
Me: certainly! What's your ip address? Then I'll have a look.
Client: I'm not giving you my ip?! That's too privacy sensitive.
Me: 😶
Me: 😶
Me: 😶
Me: sir, I'm very keen on my privacy myself but without that information I can't do much for you 😬
Client: ah so you're refusing to help me?
Me: not like that, it's just very hard to lift an ip block for me when I don't know the ip address.
Client: you just don't want to help, fine.

*click*

😶

Someone on the IP 127.0.0.1 has been creating a lot of bugs in my code, please beware of you notice any connections from that address.

Me: so, ifconfig, what is my gateway?

ifconfig: [ip address]

Me: nmap, what is this IP address?

nmap: it's a network switch with an open telnet port.

Me: what happens if I connect to it?

switch: WHAT IS THE PASSWORD?!?!

Me: is it blank?

switch: correct. what do you want to do?

Me: can I look at all the IP and MAC addresses on the network?

switch: WHAT IS THE ADMIN PASSWORD?!?!

Me: is it... admin?

switch: correct. Here's everyone that's connected to the network: [400+ IPs and MACs]

Me: ok python, would you filter through these and tell me what manufacturer each one belongs to?

python: sure.
[~50 manufacturer lookups later]
python: there's a bunch of apple product, a bunch of miscellaneous laptop and printer manufacturers, and some raspberry pis.

Me: raspberry pis?

python: yep. about 20 of them.

Me: What happens if I connect to one?

rpi: WHAT IS THE PASSWORD?!?!

Me: raspberry?

rpi: correct. what do you want to do?

Me: can I make you do my bidding in the background when you aren't being used?

rpi: sure, sounds fine.

I love ignorant sysadmins.

Guy called in because he wanted to get an IP white listed on a server. He wasn't authorized so i told him to send an email from an authorized email address.

He didn't like that very much and asked if another engineer was available (he talked to him more often so he thought that engineer would just do it. We need those kind of requests by email.)

Walked over to my colleague and explained what that client asked for.
'let him send an email!'

Told him i ready told the client that but that the client wanted to talk to him instead.

'sure, connect him through and then come back so you can hear him after i ask him to mail us!'

Connected him through. Client explained the situation.

Then he says with the sweetest voice and a 'get rekt' face: 'could you send me an email about that? 😊'

Let's just say that the client sounded everything but happy xD

Me Visiting a new location...

*Device found a new wi-fi signal:
worldsMostSecureRouter

*Enter password:
worldsMostSecureRouter123

*Authorizing...
*Obtaining IP address
*Connected

Today, I learned the shortest command which will determine if a ping from your machine can reach the Internet:

ping 1.1

This parses as 1.0.0.1, which thanks to Cloudflare, is now the IP address of an Internet-facing machine which responds to ICMP pings.

Oh, you can also use this trick to parse 10.0.0.x from `10.x` or 127.0.0.1 from `127.1`. It's just like IPv6's :: notation, except less explicit.

Websites that only display the language based on IP address (geolocation data) can go fucking fuck themselves.

THE FACT THAT I'M USING A VPN SERVER IN GERMANY DOES NOT MEAN THAT I CAN FUCKING READ GERMAN. AT LEAST GIVE ME THE MOTHERFUCKING COCK SUCKING OPTION TO CHANGE THE FUUCKING LANGUAGE YOU FUCKING FUCKING FUCKING FUCKING COCKSUCKERS.

MOTHERFUCKER.

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

A client called today because their email wasn't arriving at the receipants inbox but bouncing back with a 'poor MTA rating' error.

Checked about every blacklist I know and our server was definitely not blacklisted. Must be the receipants host which for some reason was blacklisting his specific email address.

Told the client that it wasn't a problem on our side and that he had to request a whitelist himself (we'd do it but it wasn't a specific server problem so we're not going to spend time on that).

Fair enough, he'd do that.

Calls back. "Well, the other party says that your server definitely has a poor rating, it's on your side!!"

Alright, this is getting annoying. Gave him a few blacklist checking sites links and told him to run his domain AND our server IP through it. Indeed came back completely clean.

"But the other party said it's poor rating on your side so I'd think tha........"

YEAH WHY DON'T YOU SHOVE THAT OTHER PARTY UP YOUR FUCKING ASS. I'VE SHOWN YOU PROOF THAT IT'S DEFINITELY NOT ON OUR FUCKING SIDE, EXPLAINED IT TO YOU AND SO ON. MAYBE, FOR ONE FUCKING SECOND, TAKE INTO CONSIDERATION THAT THE OTHER PARTY IS FUCKING LYING?!?!?

FUCK OFF.

Funny story about the first time two of my servers got hacked. The fun part is how I noticed it.
So I purchased two new vps's for proxy server goals and thought like 'I can setup fail2ban tomorrow, I'll be fine.'

Next day I wanted to install NginX so I ran the command and it said that port 80 was already in use!

I was sitting there like no that's not possible I didn't install any server software yet. So I thought 'this can't be possible' but I ran 'pidof apache2' just to confirm. It actually returned a PID! It was a barebones Debian install so I was sure it was not installed yet by ME. Checked the auth logs and noticed that an IP address had done a huge brute force attack and managed to gain root access. Simply reinstalled debian and I put fail2ban on it RIGHT AWAY.

Checked about two seconds later if anyone tried to login again (iptables -L and keep in mind that fail2ban's default config needs six failed attempts within I think five minutes to ban an ip) and I already saw that around 8-10 addresses were banned.

Was pretty shaken up but damn I learned my lesson!

Someday my toaster is going to have an IP address. A bad automatic firmware update will most likely cause it to get stuck on the bagel setting until I plug a usb key in and reflash the memory.

Grandma's refrigerator will probably get viruses, lock itself and freeze all the food inside, demanding bitcoin before defrosting.

My blender will probably be used in a massive DDoS attack because Ninja's master MAC address list got leaked and the hidden control panel login is admin/admin.

Ovens will burn houses down when people call in to have them preheat on their way home from work.

Correlations between the number of times the lights are turned on and how many times the toilet is flushed will yield recommendations to run the dishwasher on Thursdays because it's simply more energy efficient.

My dog will tweet when he's hungry and my smart watch will recommend diet dog food in real-time because he's really been eating too much lately--"Do you want to setup a recurring order on Amazon fresh?"

Sometimes living in a cave sounds nice...

Reinstalled my dedicated server and realized (afterwards) that I just erased my entire openvpn/mysql auth setup and I don't have an entirely working copy.

FUCK.

Okay, nothing I can do about that afterwards, setup csf right away, monitored the auth log for a minute and noticed one ip which had just connected and found it weird somehow. Blocked the ip.

Then, one second later, as my console stopped responding and that ip address suddenly looked veeeery familiar, I realized I just blocked myself. (the blocks persist across reboots)

😐

Went to the control panel and hit the reinstall button. Confirmed, and two seconds later I realized I could just have connected to any of my own fucking vpn services to unblock myself.

What in the living fuck is wrong with me @_@

Came home to visit my mother for mother's day. Signed into wifi, couldn't hit steam. Thought it was odd so I Googled it.
Clicked on the first link, DNS doesn't exist. Hit the second link... Okay No way serverfault is no longer a valid DNS. Went to stack overflow, can't hit it. In fact, the only website I am allowed to hit is google, Yahoo, and Netflix. Okay, that's clearly a breach of her rights, they're filtering her. Gonna login to the router and fix it.... NOOOPEEE
`arp-scan` tells me I need to have an IP address... Wait, I'm not being given an IP address? That's odd... Okay only MAC addresses... Okay, I can hit the router using 10.0.0.1... Nope, blocked IP. Can't hit it.
I told my mother she should abandon this ISP and find a new one, but she won't budge...

Welp, I'm breaking into XFINITY wifi and resetting whatever shit provisioning they did to this machine and undoing all the damage...
The only tool I have is my phone...

Wish me luck devRant...

I work in a scrum team of 6 persons.
We have the same IP address and we get ads based on what everyone else was searching. Sometimes shit just gets akward

Apparently they didn't want to hear about my vulnerabilities I found because they blocked my IP address.

Seriously? I just wanted to do a disclosure of potential exploits / security issues

When I was in high school, the IT had the bright idea to use the same username/password for each machine in our site, and there was this jerk who knowing this, would occasionally SSH into the computers of the other classmates and wget porn mp4s to their home directory to embarrass them, as some sort of weird-ass prank.

So, in order to give him a lesson, I one day had logged in and set a rule on the class' router to forward all port 22 traffic back to his own IP address, and had SSHed into his machine, aliasing wget with a full-screen kiosk mode chrome, followed by a force disable of the USB HID devices.

It might have been less awkward and he might have seen less scared, if it wasn't for the fact that I had also remotely set his machine to maximum volume, and the teacher wasn't in the middle of a lecture. 😏

To this date, his expression is the most precious reaction I have ever seen.

Meanwhile in CSI Miami.

User Ip Address is too long (maximum is 30 characters).

Okay, dear third-party API, I guess users with IPv6 don't deserve the service... And wtf is 30-char limit for an IP address, when IPv4 can be only 15 characters long, and IPv6 can be up to 39 characters? Did you calculate a weighted average of IP length to get that number?

Ping me when you're free 😂😂

When you send someone an IP address and say "go here" and they try phoning that number fml

HO. LY. SHIT.

So this gig I got myself into, they have a whitelist of IP addresses that are allowed to access their web server. It's work-at-home. We just got a new internet provider, and it looks like I get a different public IP address everytime I disconnect and connect to the WIFI. And since it looks like the way they work on their codebase is that you either edit the files right on the server or you download the files that you need to work on, make the changes, and then re-upload the file back to the server and refresh the website to see the changes, now I can't access the server because I get different IP addresses. And it's highly inconvenient to keep emailing them to add IP addresses to the whitelist.

No source control, just straight-up download/upload from/to the server. Like, srsly. So that also means debugging is extremely hard for me because one, they use ColdFusion and I've never used that shit before and two, how the hell do you debug with this style of work?

I just started this last Tuesday, and I already want to call it quits. This is just a pain in the ass and not worth my time. I'll be glad to just go back to driving Lyft/Uber to make money while I look for a full-time, PROPER job.

By the way, can I do that to a contracting job? Just call it quits when you haven't even finished your first task? How does this work?

Not exactly a security bug, but there was a company that made a Django app for some internal work and later open sourced it. I was browsing through the code and I saw that the config file had an IP address and a hashed password for the database credentials

When I tried to use them, I was able to login directly to their read replica RDBMS, I had access to all their customer data (including phones & home addresses)
Being the saint I am, I informed them of the ignorance made by their developer and was presented with some cool swag.

I think about adding a "We don't use cookies"-popup to our upcoming website rework.
Why not list other things? "We don't store your IP-address"-popup? Or "We use HTML"-popup?

Network-connected train displays, failing and displaying their IP address, on a train that has WiFi on board. That's just begging to be hacked.

Overheard a phone call between the Senior Network Engineer and a contracted Printer-company at 9am this morning. Photocopier was giving a 'functional error' message on-screen and not printing;

N.E:
I logged this call last
Thursday afternoon. Thats 1.5 days of the photocopier not working on our busiest site! Where's the engineer??
.... yes, that's the error message.
Yes, i can log into it, you should have the IP address from the call.
Yes, it's obviously pinging too.
Yes.... we've power-cycled the printer multiple times...
yes, tried that too...
yes, I've unplugged the network cable as well... left it for 15 minutes.
... sorry. What?
What did you say?
Are you f***ing kidding me?
Would you also like me to rub the side of the f***ing machine, and say a prayer while I'm at it??
*takes a deep breath*
Fine, I'll do that but when it doesn't work, i want someone out on the site before lunchtime today!
*slams phone down angrily*

N.E to me as he stomps out of the office;
He wants me to get the user to unplug the network cable and do a power cycle. How the f**k is that going to help? Idiots! Don't know why we have a contract with them, i could do a better job!!!

*comes back into office 5 minutes later*

Me: did it fix it?
NE: yeah. Damn.
*leaves room again to make apologetic phonecall*

I just can't understand what will lead an so called Software Company, that provides for my local government by the way, to use an cloud sever (AWS ec2 instance) like it were an bare metal machine.

They have it working, non-stop, for over 4 years or so. Just one instance. Running MySQL, PostgreSQL, Apache, PHP and an f* Tomcat server with no less than 10 HUGE apps deployed. I just can't believe this instance is still up.

By the way, they don't do backups, most of the data is on the ephemeral storage, they use just one private key for every dev, no CI, no testing. Deployment are nightmares using scp to upload the .war...

But still, they are running several several apps for things like registering citizen complaints that comes in by hot lines. The system is incredibly slow as they use just hibernate without query optimizations to lookup and search things (n+1 query problems).

They didn't even bother to get a proper domain. They use an IP address and expose the port for tomcat directly. No reverse proxy here! (No ssl too)

I've been out of this company for two years now, it was my first work as a developer, but they needed help for an app that I worked on during my time there. I was really surprised to see that everything still the same. Even the old private key that they emailed me (?!?!?!?!) back then still worked. All the passwords still the same too.

I have some good rants from the time I was there, and about the general level of the developers in my region. But I'll leave them for later!

Is it just me or this whole shit is crazy af?

My girlfriend thinks I can hack her laptop if I know it's IP address.

How do IP addresses work?

So is it fashionable now to have an IP address on the side of your trousers? This was in primark?!?!

Prologue
My dad has an acquaintance - let's call him Tom. Tom is an gynecologist, one of the best in Poznań, where I live. He's a great guy but absolutely can not into tech of any kind besides his iPhone and basic PC usage. For about a year now I've been doing small jobs for him - build a new PC for his office, fix printer, fix wifi, etc. He has made a big mistake few years ago by trusting a guy, let's call him Shitface, with crating him software for work. It's supposed to be pretty simple piece of code in which you can create and modify patient file, create prescription from drugs database and such things. This program is probably one of the worst pierces of code I've ever seen and Shitface should burn for that. Worse, this guy is pretentious asshole lacking even basic IT knowledge. His code is garbage and it's taking him few months to make small changes like text wrapping. But wait, there's more. Everything is hardcoded so every PC using this software must have installed user controls for which he doesn't have license and static IP address on network card.
Part 1
Tom asked me to build him a new PC that will be acting like a server for Shitface's program. He needs it in Kalisz (around 150 km from my place). I Agred (pun intended) and after Tom brought me his old computer I've bought parts and built a new one. I have also copied everything of value and everything took me around three hours.
Part 2
Everything was ready but Shitface's program. I didn't know much about it's configuration so when I've noticed that it's not working even on the old PC I got a bit worried. Nevertheless I started breaking everything I know about it and after next three hours I've got it somewhat working. Seeing that there's still some problems with database connection (from Windows' Event Viewer) I wrote quick SMS to Shitface asking what can be wrong. He replied that he won't be able to help me any way until Monday (day after deadline). I got pissed and very courteously asked him for source code because some of libraries used in this project has license that requires either purchase of commercial license or making code open source. He replied within few minutes that he'll be able to connect remotely within next 10 minutes. He was trying to make it work for the next hour but he succeeded. It was night before deadline so I wrapped everything up and went to bed thinking that it won't take me more than an hour to get this new PC up and running in the office. Boy was I wrong.
Also, curious about his code, I've checked source and he is using beautiful ponglish (mixed Polish and English) with mistakes he couldn't even bother to fix. For people from Poland, here's an example:
TerminarzeController.DeleteTerminarzShematyDlaLekarza
Part 3
So I drove to Kalisz and started working on making everything work. Almost everything was ready so after half an hour I was done. But I wanted to check twice if it's all good because driving so far second time would be a pain. So I started up Shitface's program, logged in, tried to open ANYTHING and... KABUM. UNHANDLED EXCEPTION. WTF. I checked trace and for fuck sake something was missing. Keep in mind that then I didn't know he's using some third party control for Windows Forms that needs to be installed on client PC. After next fifteen minutes of googling I've found a solution. I just had to install this third party software and everything will work. But... It had to be exactly this version and it was old. Very old. So old that producent already removed all traces of its existence from their web page and I couldn't find it anywhere. I tried installing never version and copying files from old PC but it didn't work. After few hours of searching for a solution I called Mr Shitface asking him for this control installation file. He told me that he has it but will be able to send it my way in the evening. Resigned I asked for this new PC to be left turned on and drove home. When he sent me necessary files I remotely installed them and everything started working correctly.
So, to sum it up. Searching for parts and building new PC, installing OS and all necessary software, updating everything and configuring it for Tom taste took me around what, 1/3 of time I spent on installing Mr Shitface's stupid program which Tom is not even happy with. Gotta say it was one of worst experiences I had in recent months. Hope I won't have to see this shit again.
Epilogue
Fortunately everything seems to work correctly. Tom hasn't called me yet with any problems. Mission accomplished. I wanna kill very specific someone. With. A. Spoon.

A mate couldn't remember a IP address so asked me to make him a domain to make it easier for him. His new domain is xxx.xxx.xxx.xxx.somewebsite.com (xxx.xxx.xxx.xxx is the IP)

Sometimes I wonder how compromised my parents online security would be without my intervention.

My mom logged into her gmail and there was an red bar on top informing about Google preventing an attempted login from an unknown device.

Like typical parents / old people, that red bar didn't caught her attention but I noticed it immediately. I took over and looked into it. It showed an IP address and a location that was quite odd.

I went ahead with the Account security review and I was shocked to find that she had set her work email address as the recovery email!!

I explained her that work email accounts cannot be trusted and IT department of the workplace can easily snoop emails and other info on that email address and should not be related to personal accounts.

After fixing that issue, me being a typical skeptic and curious guy, I decided to find more info about that IP address.

I looked up the IP address on a lookup website and it showed an ISP that was related to the corporate office of her workplace. I noticed the location Google reported also matched with the corporate office location of her work.

Prior to this event, few days ago, I had made her change her gmail account password to a more secure one. ( Her previous password was her name followed by birth date!! ). This must have sent a notification to the recovery mail address.

All these events are connected. It is very obvious that someone at corporate office goes through employees email addresses and maybe even abuse those information.

My initial skeptism of someone snooping throguh work email addresses was right.

You're welcome mom!

Boss insisted that verification link needs to be clicked from same IP address as account registration. Many arguments later, decision is final, we will ignore the numerous ways that this will be a burden to our users.

*Code code, test test, deploy*

We're getting a lot of traffic, we need this bitch to scale! *auto-scale and load balance all the things*

Account creation begins breaking at random, some people receiving the "Your IP address doesn't match" error. Look at login history table, what the shit... All recent logins coming from internal IP addressohfuckmylife need to look at X-Forwarded-For header for actual IP behind load balancer.

IP address matching feature stays. I am sad, drink away sadness.

A third party manages access to a web application I’m supposed to begin using. While accessible from the Internet, they whitelist IP addresses, so it rejects the login credentials if not coming from a whitelisted address.

I provided my external IP address to their support team but the application was not letting me in, so I called their help desk. A support technician said that my IP address was 10.x.x.x, a private IP address. I’m not on the same network as this application, so I did a quick check and realized they are reading my internal IP address from my X-FORWARDED-FOR (XFF) header (yes, my employer exposes this).

I explain to him that the application is incorrectly reading my external (connection) IP address and is instead reading my internal IP address from my XFF header. I also explain that it’s not a good idea to add a private IP address to their whitelist as it somewhat defeats the point as anyone can assign that IP address within their network and expose it via an XFF header.

After talking to numerous support personnel, I came to the conclusion that not a single support person on their team understands basic networking and private IP address ranges.

I finally just said, “Fine. Go ahead and add my internal IP address but keep in mind it will change a lot.”

He then proceeded to “explain” to me how my IP address is assigned by my ISP and should change very infrequently. I explained to him that the IP address their application is reading is actually assigned by DHCP inside my network, but I was clearly wasting my breath.

I think I've got a working searx instance which I'd open up for the public.

NOTE: I cannot prove that I don't store anything because for that you'd need root access to the server which I won't give obviously. If you're not comfortable with that, just don't uses it.

I still have to do something for ip address logging anonymising or stripping, though. (nginx + CSF provided enough abuse prevention).

Tips on that?

Weekend projects are fun! Although front end is still a challenge, it looks good enough.

Suddenly got the idea to do something with letsencrypt/nginx wildcard subdomains (*.example.com) so created a project around that now through which you can check what your ip address/user agent/operating system/ip version is (maybe more to come) but due to the wildcard part you can enter quite a number of subdomains which all show the related info.

I'd find it very useful myself, not sure if other people would but oh well!

Dear namecheap, I honestly love your service and prices but how in the hell can I see an ip address in the dig of a new domain (url shortener) which I never put or saw there and which doesn't even belong to any server I own/operate?!

DNS cache after the last chance of three days ago, nah, don't think so.

Fucking hell.

I starten when I was 12 years old. I got bullied and got interested in computers. One day I crashed my dads computer and he reinstalled it. After that my dad made two accounts. The regular user (my account) and the Administrator user (my dads account). He also changed the language from Dutch to English. Gladly I could still use the computer by looking at the icons :')

Everytime I needed something installed I had to ask my dad first (for games mostly because there was no cable internet at that time). Then I noticed the other user account while looking over my dads shoulders. So I tried to guess the password and found out the password was the same as the label next to the password field "password".

At that point my interest in hacking had grown. So when we finally got cable internet and my own computer (the old one) MSN Messenger came around. I installed lots of stuff like flooders etc. Nobody I knew could do this and people always said; he is a hacker. Although it is not.

I learned about IP-address because we sometimes had trouble with the internet. So when my dad wasn't home he said to me. Click on this (command prompt) and type in; ipcondig /all. If you don't see an IP-address you should type in; ipconfig /renew.

Thats when I learned that every computer has a unique address and I started fooling around with hacking tools I found on internet (like; Subseven).

When I got older I had a new friend and fooled around with the hacking tools on his computer. Untill one day I went by my friend and he said; my neighbor just bought my old computer. The best part was that he didn't reinstall it. So we asked him to give us the "weird code on the website" his IP-Address and Subseven connected. It was awesome :'). (Windows firewall was not around back then and routers weren't as popular or needed)

At home I started looking up more hacking stuff and found a guide. I still remember it was a white page with only black letters like a text file. It said sometime like; To be a hacker you first need to understand programming. The website recommended Visual Basic 6 for beginners. I asked my parents to buy me a book about it and I started reading in the holliday.

It was hard for me but I really wanted to hack MSN accounts. When I got older I just played around and copy -> pasted code. I made my own MSN flooders and I noticed hacking isn't easy.

I kept programming and learned and learned. When I was 16/17 I started an education in programming. We learned C# and OOP (altho I hated OOP at first). I build my own hacking tool like "Subseven" and thats when I understood you need a "server" and "client" for a successful connection.

I quit the hacking because it was getting to difficult and after another education I'm now a fulltime back-end developer in C#.

That's my story in short :)

Attempting to access my colleague's NFS directory on his VM, don't know the VM's IP address, hostname or password:

- 2 minutes with nmap to narrow the possible IPs down to ~30

- Ping each and look for the one with a Dell MAC prefix as the rest of us have been upgraded to Lenovo. Find 2 of these, one for the host and one for the virtual machine.

- Try to SSH to each, the one accepting a connection is the Linux VM

- Attempt login as root with the default password, no dice. Decide it's a lost cause.

- Go to get a cup of tea, walk past his desk.

- PostIt note with his root password 😶

FYI this was all allowed by my manager as he had unpushed critical changes that we needed for the release that day.

thought I'd type:netstat -atn on my server and the result was a bit scary, found a Russian IP address with state of: FIN_WAIT1
Either Fail2ban was closing his connection or that dude was able to access my server :/

Checked /var/log/auth.log
and found this for his IP: Failed password for root from ----- port 37635 ssh2

I hope I'm still safe :)

Instantly disable password login and make it only SSH
but now I need to carry my SSH keys or else I'm blocked out lol

Me: so the ip address does not correspond
Him: ok. What's an ip address?
Me: well it's how the name of a website gets translated after you click enter in the browser
Him (looking puzzled): bbbbrowser?
Me (thinking): should I mention Firefox or play it safe and go with IE???

Damn explaining stuff to non tech people is hard!

My school just tried to hinder my revision for finals now. They've denied me access just today of SSHing into my home computer. Vim & a filesystem is soo much better than pen and paper.

So I went up to the sysadmin about this. His response: "We're not allowing it any more". That's it - no reason. Now let's just hope that the sysadmin was dumb enough to only block port 22, not my IP address, so I can just pick another port to expose at home. To be honest, I was surprised that he even knew what SSH was. I mean, sure, they're hired as sysadmins, so they should probably know that stuff, but the sysadmins in my school are fucking brain dead.

For one, they used to block Google, and every other HTTPS site on their WiFi network because of an invalid certificate. Now it's even more difficult to access google as you need to know the proxy settings.

They switched over to forcing me to remote desktop to access my files at home, instead of the old, faster, better shared web folder (Windows server 2012 please help).

But the worst of it includes apparently having no password on their SQL server, STORING FUCKING PASSWORDS IN PLAIN TEXT allowing someone to hijack my session, and just leaving a file unprotected with a shit load of people's names, parents, and home addresses. That's some super sketchy illegal shit.

So if you sysadmins happen to be reading this on devRant, INSTEAD OF WASTING YOUR FUCKING TIME BLOCKING MORE WEBSITES THAN THEIR ARE LIVING HUMANS, HOW ABOUT TRY UPPING YOUR SECURITY, PASSWORDS LIKE "", "", and "gryph0n" ARE SHIT - MAKE IT BETTER SO US STUDENTS CAN ACTUALLY BROWSE MORE FREELY - I THINK I WANT TO PASS, NOT HAVE EVERY OTHER THING BLOCKED.

Thankfully I'm leaving this school in 3 weeks after my last exam. Sure, I could stay on with this "highly reputable" school, but I don't want to be fucking lied to about computer studies, I don't want to have to workaround your shitty methods of blocking. As far as I can tell, half of the reputation is from cheating. The students and sysadmins shouldn't have to have an arms race between circumventing restrictions and blocking those circumventions. Just make your shit work for once.

**On second thought, actually keep it like that. Most of the people I see in the school are c***s anyway - they deserve to have half of everything they try to do censored. I won't be around to care soon.**

Ah, I've finally finished my "h4x0r" website. I'd love to hear what my fellow devRanters think :)

edit: the information you see in the introduction paragraph (IP address and stuff) is private. No one except you can see it (not even me) :)

* Colleague asks how to make a alias for IP address
* Open up notepad++ w/ admin rights and load C:\Windows\System32\Drivers\etc\hosts in
* add a new entry to map IP to the alias
* hit sequence [ENTER][ESC]:wq[ENTER]
* wonder why is notepad window still there... Did it freeze again?

... happens to me all the time :(

he: checkout my crazy FUD hack (a token stealer which turned out to be far more malicious than i anticipated)
me: executes it (yes in a VM)
windows defender: lemme delet this
he: ooh i forgot the word stub in there. microsoft detects that lemme fix that sends new file
me: here we go aga..
ms defender: nononono virus 117% delet this
he: i forgot it still!!

later i deactivated ms defender and analysed the traffic of the vm. in addition to stealing my fake tokens he also tried to read my Firefox/chrome history, IP.
when i asked him (2 days later) what this was all about in his "educational only" "token stealer" he threatened to
a) publish my IP
b) publish my browser history and with that my real name and address
b.0) when i asked him for proof he said he knows that my real name is "Roman Gräf" and i live in Frankfurt. (btw i do live in Frankfurt and that is in the profile of the discord server where he found me and i have the same username on discord as i have here)
c) to kill my machine and all my projects
got bored, blocked him, shut VM down.

This rant has been one that I've been wanting to rant about for a while now. Me being drunk as fuck right now (mind, stay awake!) doesn't really help, but meh.
At least Wanblows was able to install its "features" properly... Except it wasn't, being the featureful ShitOS it is.

I want to rant about privacy. Not about "nothing to hide, nothing to fear". That's been ranted about plenty by the MIcroshaft-loving folks as well as the privacy-aware opposition. Rather, I'd like to rant about the privacy-concious.

I am a privacy-concious-person, with his current status quo being that he doesn't yet know a privacy-concious solution to every data-intrusive "common solution" out there. So I tend to value privacy next to De Lijn while sharing location data to Google with Google Maps. Point is, I do not know privacy-concious solutions to everything out there yet. So I use the convenient over the privacy-aware.
(after review while drunk I was unable to make sense of this)

In the privacy-aware circles I tend to see that it seems to be black and white. You share your data with Google, yet you oppose data collection by local institutes? WRONG!!! YOU MUST BE A TINFOIL HAT!!!
No, seriously I don't want to share my data with Google. Just that they're the only realtime navigation platform with decent UI out there that I know of right now.

Privacy isn't all black and white here. I block any intrusion that I'm able to, anything else I abide to, while awaiting a good alternative that does respect my privacy which I would gladly use instead. That does not imply that "I have nothing to hide". I do, and I have a lot to hide.

So that makes up the black and white nature of privacy, which is a fallacy. Another one is the whole idea of "I have nothing to hide" to begin with.

If you have nothing to hide, would you be comfortable with sharing your location data (IP address, habits, common trends, etc) with me? To share your information with me, to have your contacts share your info with me, without your consent? Of course you wouldn't. But that's what's happening right now.

Occasionally i got my badass moments at work.
But that one bachelor party in Barcelona where about 10 of my pals and I came back from a soccer match topped it all.

As we got back to our AirBnB apartment i went to the bathroom and scanned the WiFi.
I found the IP address of the bachelor's party man of honor and MITM attacked him.

So each image from any http server would automatically get swapped with a picture i took just an hour ago from the game we were at.

5 minutes later i hear the screams "OMFG WE ARE ALL ON THE NEWS GUYS!!!" and "LOOK AT SPORTS SITE X AND NEWS SITE Y!!"
The saga continued with some cheers in the beginning and some confusion, but ended when another friend rat on me..

But boy it was glorious 😂

Discord and captchas can go get fucked in the ass by a rusty, tetanus ridden 2m pole....
I changed my discord-password yesterday and, naturally it prompted me for a login today. So I enter my new password and that motherfucking spawn from satans anus himself with the name of captcha threw itself at me... I seriously had to select fucking street signs for about 5min before Discord let me know that I apparently logged in from a new IP (thanks VPN) and therefore needed to confirm my e-Mail address. Alright, so off to my inbox I go.
SURPRISE, I also changed my password there yesterday (LastPass Security Challenge, I changed like 30 passwords yesterday) and guess what was waiting for me?... If you guessed a captcha, you just got full fucking marks. So I was busy selecting busses and streets for the next 3min again before I could finally log into that piece of trash and autorize my IP-address and log into Discord

Tomorrow our informatics teacher wants to teach us Java, but half the class doesn't even understand what an IP address is.

Who here is programming with React Native and is crying about it?

It's so volatile. Shit it has done so far:

- Randomly changed my IP location that it serves to and npm start that shows the welcome information keeps the old IP address, so I spent way too long trying to figure out why it wasn't working.

- Constantly having to rm -rf the node modules and npm i them because Expo randomly starts loading so slowly that you want to scream.

- Downgrading my react-native-scripts version in the package.json because it hangs forever on the starting packager.

- I also had to downgrade my expo dependencies because during one of my node module reinstalls, it would update the version and apparently Expo is incompatible with its own updated version.

And now I'm randomly getting an error that's apparently a known bug in one of the react dependencies and now I have to downgrade that as well.

Just. Why.

Someone is trying to launch a brute force attack on one of my servers that I set up for an old project. According to the logs, they've tried Jorgee, they've tried directly accessing the MySQL database (with the laziest passwords), and they're now on day 4 of their brute force attack against my SSH server. I'm fairly certain that they won't be getting in (not that there's anything worth getting in the first place), but what's the standard protocol for this? Do I just wait this out, or is there something I can do to break their bot? I have fail2ban enabled, and it is doing its job, but the attacker is changing their IP address with every attack.

What should I call this IP address?

A dev posts a link to his website on a dev group I admin, first thing said site does is ask for my location. I look, no map not logically apparent reason for it, so I close the site.

Ask they guy why he is asking for such private info and he responds to tell me that he does not think a person's exact location is that private, and if he really wanted it he would just use the IP address.

Like how many fucking levels of dense is that.

Was forced to do some work on Windows this week (CAD tools that runs only on Windows). I spent a few days just setting up the tools. There were quite a few things I realized I forgot about Windows (as compared to Linux).

1) Installation times are down right horrific. What exactly are the installer doing for 10 minutes?
2) .NET is a cluster fuck. Not even Microsofts repair tool can fix it, but rather just hangs. I ended up using another tool to nuke it and reinstall.
3) Windows binary installs are insanely huge, thus, takes forever to download.
4) The registry is a pointless database that must have been written in hell with the single intent of destroying users will to live. The sole existence of the registry is another proof that completely incompetent engineers designed Windows.
5) Rebooting is the only way to solve many problems. This is another sure sign of a fundamentally fucked up OS design.
6) What the heck is wrong with the GUIs designers? The control panel must be the worst design ever. There are so many levels to get to a particular setting I'm getting dizzy. Nothing gets better by the illogical organisation.
7) Windows networking. A perversion of the tcp/ip stack that makes it virtually impossible to understand a damn thing about the current network configuration. There are at least 3 different places that effects the settings.
8) Windows command prompt. Why did they even bother to leave it in? The interpreter is as intelligent as retarded donut. You can't do anything with it, except typing "exit" and Google for another solution.
8) Updates. Why does it takes hundreds of updates per month to keep that thing safe?
9) Despite all updates that is flying out of Redmond like confetti, it is still necessary to install antivirus to keep the damn thing safe. That cost extra money, and further cost you by degrading performance of your hardware.
10) Window performance. Software runs like it was swimming in molasses. The final stab in the back on your hardware investment, and pretty much sends performance on your hardware back a few hundred bucks more.
11) Closed source is evil. If something crash consistently, you might find a forum that address the issues you have. Otherwise you're out of luck. On the other hand, it might be for the better. I imagine reading the code for Windows can lead to severe depression.

I'm lucky to be a Linux dev, and should probably not complain too much... But really, Windows, go get yourself hit by a truck and die. I won't miss you.

Master Foo and the Script Kiddie
(from the Rootless Root Unix Koans of Master Foo)

A stranger from the land of Woot came to Master Foo as he was eating the morning meal with his students.

“I hear y00 are very l33t,” he said. “Pl33z teach m3 all y00 know.”

Master Foo's students looked at each other, confused by the stranger's barbarous language. Master Foo just smiled and replied: “You wish to learn the Way of Unix?”

“I want to b3 a wizard hax0r,” the stranger replied, “and 0wn ever3one's b0xen.”

“I do not teach that Way,” replied Master Foo.

The stranger grew agitated. “D00d, y00 r nothing but a p0ser,” he said. “If y00 n00 anything, y00 wud t33ch m3.”

“There is a path,” said Master Foo, “that might bring you to wisdom.” The master scribbled an IP address on a piece of paper. “Cracking this box should pose you little difficulty, as its guardians are incompetent. Return and tell me what you find.”

The stranger bowed and left. Master Foo finished his meal.

Days passed, then months. The stranger was forgotten.

Years later, the stranger from the land of Woot returned.

“Damn you!” he said, “I cracked that box, and it was easy like you said. But I got busted by the FBI and thrown in jail.”

“Good,” said Master Foo. “You are ready for the next lesson.” He scribbled an IP address on another piece of paper and handed it to the stranger.

“Are you crazy?” the stranger yelled. “After what I've been through, I'm never going to break into a computer again!”

Master Foo smiled. “Here,” he said, “is the beginning of wisdom.”

On hearing this, the stranger was enlightened.

Our new IT support college (I've been the support for like almost 2 years into the company and then I moved onto another project) asked me about how to configure a printer over LAN. I explained him the whole procedure and after he asked me what does the gateway IP means, I explained him that it's a router, switch or another device that know how to forward packets on to other networks and gave him an example like 192.168.100.1 and told him that usually is the router's/switch IP address and is the same IP address as the static IP of the printer but with .1 at the end instead of the last number set. After that he asked me: "Like this? 192.168.100.25.1?"

You build a system to integrate into an API to save the client hours of data-entry per day and reducing the number of fields needed to be filled manually by 75% and querying for the rest of the data and filling in the blanks. It took weeks of building and researching and bug fixing and when you're finally done the client looks at you unimpressed.

The same client gets a small piece of js that gets users location(by ip address) and uses it to customize a hello message on the home page and they think 'yer a wizard, Harry!' and jump for joy over the "cool factor" of this simple hack.

Network Security at it's best at my school.
So firstly our school has only one wifi AP in the whole building and you can only access Internet from there or their PCs which have just like the AP restricted internet with mc afee Webgateway even though they didn't even restrict shuting down computers remotely with shutdown -i.
The next stupid thing is cmd is disabled but powershell isn't and you can execute cmd commands with batch files.
But back to internet access: the proxy with Mcafee is permanently added in these PCs and you don't havs admin rights to change them.
Although this can be bypassed by basically everone because everyone knows one or two teacher accounts, its still restricted right.
So I thought I could try to get around. My first first few tries failed until I found out that they apparently have a mac adress wthitelist for their lan.
Then I just copied a mac adress of one of their ARM terminals pc and set up a raspberry pi with a mac change at startup.
Finally I got an Ip with normal DHCP and internet but port 80 was blocked in contrast to others like 443. So I set up an tcp openvpn server on port 443 elsewhere on a server to mimic ssl traffic.
Then I set up my raspberry pi to change mac, connect to this vpn at startup and provide a wifi ap with an own ip address range and internet over vpn.
As a little extra feature I also added a script for it to act as Spotify connect speaker.
So basically I now have a raspberry pi which I can plugin into power and Ethernet and an aux cable of the always-on-speakers in every room.
My own portable 10mbit/s unrestricted AP with spotify connect speaker.
Last but not least I learnt very many things about networks, vpns and so on while exploiting my schools security as a 16 year old.

I have a server. I want to filter connections to that server so only people on my work network can access the server. A quick search yielded my public IP address.

"Is this static?" I asked IT. "Do we have static IP address?"

"What do you mean? What do you need that for? You better know EXACTLY what you are doing before we release that information to you!!!! This needs to go to my manager. My manager is demanding to know why you want that information - we are having Network Engineering look into this request, someone will be in touch to find out more."

I have now been waiting for 3 hours. I think I will just go ahead and assume my IP is not going to change...

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

When your ISP forces a refresh of your IP address in the middle of git push... 😕

Opening up IE11 to test HTML in local development.
Entering local IP to URL bar and IE decides to look for that IP address in Bing... 🤬🔫
No that's not how you do it IE.

Me: Hey girl, what's your address?
Girl: 5.15.126.4
Me: No man, your local address.
Girl: 127.0.0.1
Me: Oh, you geeky nerd! I mean your physical address!
Girl: 40:37:0E:6A:A7:AD

*Explaining over the phone how to connect an iPad to the internet
Me: "Select the wifi network and put the password in"
Them: "It says here something about the IP Address - is that the postcode?"

😩

"I'm so sick and tired of these extortionate IP address lease prices! I need you develop our own system that doesn't rely on IP."

I hate IT managers, how on earth some become ant form of manager is beyond myself.

I have a server with a hardware firewall. A client, based in the UK, with French offices is saying the server blocking their new French IP. I white-listed their IP address, still no luck.

That was a week ago.

After 4 international phone calls and nearly 30 emails I resolved the "issue".

Their so called "IT Manager" sent over the wrong IP. Instead of it starting with 46.* he sent over an IP starting 42.*, which was in fact being correctly blocked.

Suffice to say I charged the client a lot of money for the wasted time and international rate calls.

Me: The IP Address on your public mail server cluster has been blacklisted.

Supporter: What is the IP? You can get it from whatismyip.com

Me: *has left the chat*

How to be stupid, be like this idiot who keeps on insisting that electron is a "compiled" and and that is a solution to the "vulnerable" browser app.

By the way this proposed solution is to "hide the ip address displayed on web app" which can be easily done by few teaks on the hosts file instead of developing again. Also mention that everyone in CA uses electron. What an idiot.
Also don't level electron with "compiled" native apps in the desktop.
Translation:
"To all developers out there, there's a way to compile web apps and make it stand alone. We need to upgrade the IT's in the government"

I went to uni for CompSci with knowing no prior knowledge.

In my first year of uni I created a DigitalOcean droplet to host an SQL server. I didn't change the root password or disable password login out of convenience and as I didn't think anyone would be able to find the IP address to be able to hack it.

Within 3 hours DigitalOcean had locked my account for using my droplet to send DDoS attacks. Support contacted me to ask what was going on. I knew nothing at the time so I was a bit 🤷‍♂️.

And that's when I learned the importance of changing your root password.

I changed IP address of the domain A record to point to his new site. Told him it could take a day to propagate, but usually fine in a few hours. 2 hours later... "Microsoft is pointing to new site but Google isn't". I have to make some assumptions here, who else calls a browser by its fucking parent company, that is if he is talking about that or search engines. Anyway just sent him my favourite wiki link on how to clear browser cache and hopefully he will fuck off indefinitely.

"Our system has detected that this message is[nl]421-4.7.0 suspicious due to the very low reputation of the sending IP address"

Oh shit..

Note to self: Don't test on production servers. Gmail has now blocked my ass.

TL;DR my first vps got hacked, the attacker flooded my server log when I successfully discovered and removed him so I couldn't use my server anymore because the log was taking up all the space on the server.

The first Linux VPN I ever had (when I was a noob and had just started with vServers and Linux in general, obviously) got hacked within 2 moths since I got it.
As I didn't knew much about securing a Linux server, I made all these "rookie" mistakes: having ssh on port 22, allowing root access via ssh, no key auth...

So, the server got hacked without me even noticing. Some time later, I received a mail from my hoster who said "hello, someone (probably you) is running portscans from your server" of which I had no idea... So I looked in the logs, and BAM, "successful root login" from an IP address which wasn't me.

After I found out the server got hacked, I reinstalled the whole server, changed the port and activated key auth and installed fail2ban.
Some days later, when I finally configured everything the way I wanted, I observed I couldn't do anything with that server anymore. Found out there was absolutely no space on the server. Made a scan to find files to delete and found a logfile. The ssh logfile. I took up a freaking 95 GB of space (of a total of 100gb on the server). Turned out the guy who broke into my server got upset I discovered him and bruteforced the shit out of my server flooding the logs with failed login attempts...

I guess I learnt how to properly secure a server from this attack 💪

You're so basic. I'd use you to create a UI to track the killer's IP address.

Fucking windows
I just had to setup a simple point to point network via Ethernet wire on two machines
- one running windows 7 and the other the 10
- scenario:
1- connect the wire
2- setup the ip address for the first machine
3- setup the ip address for the second machine
4- ping the first machine from the second one: (unreachable host)
5- check the fucking firewall state on both machines
6- redo 1 to 4 about 3 times: (unreachable host)
7- I decide to test with my machine and ping my machine works. (but the inverse don't work)
8- redo 1 to 3
9- start a web server with php and it works (the ping still not working)

the fucking ping is not working

Who the fuck comes to the idea of printing the local IP address on the Fucking screen?

Yes, I know that it is not remotely accessable (only when there is no port forwarding set for that ip), but think of that this way: Someone manages to get in that network. Without scanning the network, you would have your first victim. You could analyzer the traffic of that victim and find more victims. And so on

When I was young I'd play games and around age 11 received an Xbox for my bday. Hated the case, so I painted the case. Since I had it open looked into getting a replacement fan.Thats when everything changed. I discovered the modding scene and without having any computer background/literacy got to studying.

The program that caught my eye ran on Linux. *shrugs thinking how hard can it be? * Read about Linux and discover dual booting. To do that I needed to resize windows partition. Learn more about partitions and get to it. Finally prepped... Backup in case of the worst, resized windows partition, working Ubuntu bootable USB, and printed install tutorial. Check, check, and check. Install was good. Sort of.

While Ubuntu worked, the broadcam wireless chipset driver did not. Fast forward a week and I feel that i had mastered the terminal basics. And WiFi worked! Go download the aforementioned program and FTP into the Xbox and BOOM... It doesn't work. More days and hours spent researching. In the end it all chalked up to not setting a static IP address on Xbox.

After all was said and done I had a bitchin Xbox. I think the only thing I didn't put on it was some gold spinning rims.

Sad part about that Xbox is that I never used it after. Instead I just kept messing around with Linux and learning more about computers. Taught myself HTML/CSS. Learned more about shell scripting. Then Windows cmd basics. Tried programming languages but felt a little overwhelmed. Only messed with <10 lines of code to tweak existing programs.

Now I'm learning C# and loving it. Planning on C++ or Java next!

"Wifi does not have an ip address"
I hate being the family "tech" person.

got first assignment on my first meet on Network Security. it require to pentest one unsecured specified website. yet they don't tell me shit about anything just try it.
i need to :
1. Footprint
2. Scanning
3. Enumeration
4. Gaining Access (previledges raising?) (bonus)

suppose : <target-website> is x
i've done this:
1. whois x
2. got the ipaddress via :
host x
3. nmap -F ip.of.x

my head is already spinning, i need to know what BASICLY each of what i've done. i only get that 'whois' get the information about that domain, 'host' is used to know the target ip address and nmap to find what are the open ports. i don't know what else should i do. need help :(

Last week I wired up my home network (including custom modem and routers) myself, because the stuff my ISP wanted me to use was garbage.
Luckily Germany has "router-freedom" so ISPs are not allowed to force us to use their device to dial into the network.
I did everything myself, because the 'technicians' they kept sending me were just idiots who didn't know anything, considering the highly paid job they are doing. Usually they told me, to get the device from my ISP, because my "Router" (actually a business grade, standalone Modem by Cisco, to feed my Router) didn't even have WiFi ( lol ). Also all Technicians didn't arrive at the agreed date but at some other time. I wasn't able to wait any longer.
So I did it myself.

Consider me something more like a student of theoretical computer science. Not actually supposed to be experienced with hardware stuff.

The ISP is serving me with a DOCSIS 3.0 Network based on the television cable network in my city. For some reason they are providing the internet-access to only one socket in the apartment, which has a rather uncommon "WICLIC" connector. After having trouble getting an adapter for WICLIC to common coaxial F-Connectors (used by every DOCSIS-Modem), I made one myself.

After setting up everything (not that hard, once the connectors fit) my modem told me, that, while I'm perfectly connected to the ISPs internal Network, I still can't access the internet.

So I called the ISP...
After getting ranted at, about that what I'm doing is illegal and only certified employees are allowed to do this and I will break more, than actually do good and that I can't just connect my own "Router" (again I needed to correct her: Modem) I hang up the phone.
Also she accused me of hacking their devices because I'm not supposed to see my IP address... (My Modem told me on its web interface. I didn't even need telnet for that.)
I went to the ISPs head office, told the first desk as many technical terms as I could remember and got forwarded to something like the main technician.

He was a really nice guy. The only sane and qualified person I dealt with at this company. He asked me for my Address and Device Model, I told him my MAC and last internal IP, I had seen and he activated my internet access within a minute.
We talked a while about the stupid connector that ISP is using in the homes and he gifted me some nicer adapters to connect my modem to the wall.

Why do ISPs hate their customers that much?

Who the fuck thought that carieer grade NAT would be a great solution instead of just switching over to IPv6 and have functioning internet?

I don't want to share my IP with some bastard who fails every reCaptcha so that pictures take 5 fucking seconds for me to fade out and in again.

Neither Chrome nor Firefox have a reliable way of forcing IPv6 if possible so Google still thinks I'm an evil bot.
I'm waiting for my PayPal to be frozen because of "suspicious actions from 'my' internet connection".
I don't want to share my IP. I want to be responsible myself for everything that happens to it.

Please replace that old switches that are too slow to manage serious traffic anyway and are just wasting their power for being turned on so that I can have an IP address to myself

Told to sanitize a large collection of PowerPoints of customer data. Found one resolvable IP address and about 200 typos and other mistakes. Deleted the IP address.. mission successful!

Me: "Yeah so I have this problem, I generated an environment and setup a NodeJS docker image on it and it returns "Cannot find public IP address", help"

SO: "Yeah but what are you trying to achieve? Here is a link of the documentation everyone saw and that didn't help at all."

Me: "I just want to... reach the fucking server? Without trouble? Please?"

Some people need some cocaine in they morning coffee, if it can help then open their fucking eyes

You can connect to Docker containers directly via IP in Linux, but not on Mac/Windows (no implementation for the docker0 bridged network adapter).

You can map ports locally, but if you have the same service running, it needs different ports. Furthermore if you run your tests in a container on Jenkins, and you let it launch other containers, it has to connect via IP address because it can't get access to exposed host ports. Also you can't run concurrent tests if you expose host ports.

My boss wanted me to change the tests so it maps the host port and changes from connecting to the IP to localhost if a certain environment variable was present. That's a horrible idea. Tests should be tests and not run differently on different environments. There's no point in having tests otherwise!

Finally found a solution where someone made a container that routed traffic to docker containers via a set of tun adapters and openvpn. It's kinda sad Docker hasn't implemented this natively for Mac/Windows yet.

I remember someday from a few years ago, because i just got off the phone with a customer calling me way too early! (meaning i still was in my pyjamas)

C:"Hey NNP, why si that software not available (He refers to fail2ban on his server)
Me: "It's there" (shows him terminal output)
C: " But i cannot invoke it, there is no fail2ban command! you're lieing"
Me: "well, try that sudoers command i gave you (basically it just tails all the possible log files in /var/log ) , do you see that last part with fail2ban on it?
C: "Yeah, but there is only a file descriptor! nothing is showing! It doesnt do anything.
Me: "That's actually good, it means that fail2ban does not detect any anomalies so it does not need to log it"
C:" How can you be sure!?"
Me: "Shut up and trust me, i am ROOT"

(Fail2ban is a software service that checks log files like your webserver or SSH to detect floods or brute force attempts, you set it up by defining some "jails" that monitor the things you wish to watch out for. A sane SSH jail is to listen to incoming connection attempts and after 5 or 10 attempts you block that user's IP address on firewall level. It uses IPtables. Can be used for several other web services like webservers to detect and act upon flooding attempts. It uses the logfiles of those services to analyze them and to take the appropriate action. One those jails are defined and the service is up, you should see as little log as possible for fail2ban.)

Have defective supermicro server, but the ipmi is working and could tell me what's going on.

Only problem is, I don't have access to it since the last owner didn't provide it to me.

So I thought let's try metasploit.

Setup local network with a second server, connect to local* address.

"Welcome to intel integrated BMC web console"

What? Its a Supermicro, did the owner reflash the ipmi? What the heck.

Msf: scan adress ....
ipmi found bla bla bla.

Msf: zero cipher scan.
... Voulnerable to zero cipher.

Was pretty happy but the doubt kept creeping in.

On my WS that isn't connected to the ipmi of my server, I go to that ip address.
Bam
"Welcome to intel BMC ......"

MOTHERFUCKER.

What are the odds that some fucker has his ipmi open to the public on that exact same address that my board was configured to.

Well, actually pretty high I guess.

Fuck. Shit.

That didn't go as planned.

After avoiding creating an account with the abominable Quora website for almost 5 years, I finally caved and decided that I wanted to answer a few questions that people had. I ended up writing many answers which were all helpful (not spam or anything).

And now whenever I go to the quota website I am greeted with a stop sign with the text, "You cannot write an answer", because some cocksucker decided to report my profile because I use my name 'Andrew' instead of my first AND last name.

Who the fuck do you think you are, quora? You are a question and answer website. You have no authority and you do NOT need my full name, nor do you have any valid reason to display my full name.

Displaying full names does NOT give any answer any more credibility or authority, only the appearance thereof.

Why do websites like this have so many dumb rules? Facebook is another great example of such stupidity. Did you know that I had to use a proxy and connect with an Indonesian IP address, and login to Facebook and change the language to Indonesian just to remove my last name and only display my nickname?

Idiots. I will always find a way around your petty rules and you will never win.

So, I move house with my amazing, already configured and stable router with built in VPN, DDNS, Port forwarding and DHCP addresses.

Received ISP shitty router at new address and want to use as modem only, so I go read the manual.

"Bridge mode requires you to configure your other router with PPPoE and the ISP's credentials"

Landline is not working, so I cannot call the number to retrieve my password. After 2 days of waiting, engineer visits, installs master socket, dial tone yaaay.

Call number to get password, automated voice message has such a bad sound quality that I cannot figure out if it's saying F or S, and there are two of those letters.

Put ISP router in bridge mode, set other router to PPPoE and put credentials, nothing. Try with F and F, S and F, F and S, S and S... Nothing. Put it back to dynamic IP address, it works.

I resign myself and manually configure everything I had on the good router to the ISP one. A few issues with my server and DDNS, but hey, internet works.

Start missing the other functionality, try the password idiocy again. Nothing.

Next day, go to work, talk to a colleague that lives close and has the same provider: "I just put it into bridge mode and it worked".

Go back home, bridge mode on ISP router, Dynamic IP on good router, no credentials. It works.

Why do I always overcomplicate stuff?

to;dr: I think I'm retarded. I don't know how to networking.

got Proxmox set up on my server... sorta. I suck at networking. I bought a domain name, and I'm trying to have each container have a subdomain of the domain name I bought. each container has a unique internal IP address, but they all share the host's public IP address. so after a couple hours of googling, I THINK what I need to do is run a reverse proxy server on the public IP and route each subdomain manually to an internal IP address with something like nginx..... or am I retarded?

Tip !

Never ask a Network Engineer for his/her address?

Its not what you expected

How do you prevent your software being vulnerable to IP address spoofing? Authentication? Certificates? VPN? Nah, just check the MAC address field of every packet. Nobody ever spoofed a MAC address before, that's just impossible. I thought that in binary there were only ones and zeros, but I guess nobody told me about the special tamper-resistant ones and zeros that MAC address fields are made of.

Oh, once you've done that, don't forget to tell the marketing people to put it in a brochure as an "innovation" for everyone to see.

I should post more of the crap the idiots I work "with" (quotes, because I am only here in body not mind) say. Especially when it comes to network stuff.

Today I wrote a python messenger bot which listens to only one command;
get ip
It then replies with its public IP address. I figured this would be the easiest hotfix until I fix my dynamic DNS client.

Now thinking of it I could also make an "update domain" command for doing the API call, and then link the two with a loop and minute delay. Marvelous.

>when a sysadmin sets his local Linux firewall (gufw) where one of the rules had the end of the cidr block as the first IP address and the beginning of the cidr block as the last IP address.

Needless to say nothing worked. But the server was secure because nothing could connect to it 😂

Website: what's your address?

Me: It's 192.168.1.7... Oh! Silly me! You meant my public address!! 89...

Networking Viva

External: how you specify the clients ip address to the server.

Me: Sir, we provide servers address to the client.

External: Where are clients IP addresses in server file

Me: Sir client goes to the server....

External: u know nthg...
😂😂😂

Finally set up my home server and port forwarded it so I can use linux everywhere even as a window pleb.

Now just to make a solution for not having a static IP address...

I have just slept for a minimum of 5 hours. It is 7:47 PM atm.
Why?
We have had a damn stressful day today.
We have had a programming test, but it really was rather an exam.
Normally, you get 30 minutes for a test and 45 minutes for an exam.

In this "test" we have had to explain what 'extends' does and name a few advantages of why one should use it.
Check.
Read 3 separate texts and write the program code on paper. It was about 1 super class and 1 sub class with a test class in Java.
Check.
Task 3: Create the UML diagram of the code from above. *internally: From above? He probably means my code since there is no other code there. *Checks time*. I have about 3 minutes left. Fuck my life.*
Draws the boxes. Put the class names in each of them. A private attribute for the super class.
Teacher: Last minute!
Draw the arrow starting starting from the sub class to the super class.
Put my name on each written paper. And mentally done for the day. Couldn't finish the last task. Task 3.
During this "test", I heard the frustrations of my classmates. Seemed like everyone was pretty much pissed.
After a short discussion with the teacher who also happens to be the physics professor of a university nearby.
[If you are reading this, I hope that something bad happens to you]
The next course was about computer systems. Remember my recent rant about DNS, dhcp, ftp, web server and samba on ubuntu?
We have had the task to do the screenshots of the consoles where you proof that you have dhcp activated on win7 machine etc. Seemed ok to me. I would have been done in 10 minutes, if I would be doing this relaxed. Now the teacher tells us to change the domain names to <surnameOfEachStudent>.edu.
I was like: That's fine.
Create a new user for the samba server. Read and write directories. Change the config.
Me: That should be easy.
Create new DNS entries in the configs.
Change the IPv6 address area to 192.168.x.100-200/24 only for the dhcp server.
Change the web server's default page. Write your own text into it.
You will have 1 hour and 30 minutes of time for it.
Dumbo -ANGRY-CLIENT-: Aye. Let us first start screenshotting the default page. Oh, it says that we should access it with the domain name. I don't have that much time. Let us be creative and fake it, legally.
Changes the title element so that it looks like it has been accessed via domain name. Deletes the url and writes the domain name without pressing Enter. Screenshot. Done. Ok, let us move to the next target.
Dhcp: Change lease time. Change IP address area. Subnet mask. Router. DNS. Broadcast. Optional domain name. Save.
Switches to win7.
ipconfig /release
ipconfig /renew
Holy shit it does not work!
After changing the configs on ubuntu for a legit 30 minutes: Maybe I should change the ip of the ubuntu virtual machine itself. *me asking my old self: why did not you do that in the first place, ass hole?!*
Same previous commands on win7 console. Does not work. Hmmm...
Where could be the problem?
Check the IP of the ubuntu server once again. Fml. Ubuntu did not save when I clicked on the save button the first time I have changed it. Click on save button 10 times to make sure it really is saved now lol.
Same old procedure on win7.
Alright. Dhcp works. Screenshot.
Checks time. 40 minutes left.
DNS:It is your turn. Checks bind9 configs. sudo nano db.reverse.edu.
sudo nano db.<mysurname>.edu.
Alright. All set. It should work now.
Ping win7 from ubuntu and vice versa. Works. Ping domain name on windows 7 vm. Does not work.
Oh, I forgot to restart the bind9 server on ubuntu.
sudo service bind stop
" " " start
Check DNS server IP on win7. It looks fine.
It still doesn't work. Fuck it. I have only 20 minutes left. Samba. Let us do this!
10 minutes in. No result. I don't remember why. I already forgot why I have done for it. It was a very stressful day.
Let us try DNS again.
Oh shit. I forgot the resolver!
sudo nano /etc/resolv.conf
The previous edits are gone. Dumb me. It says it in the comments. Why did not I care about it. Fuck it.6 minutes left. Open a yt video real quick. Changes the config file. Saves it. Restarts DNS and dhcp. Closes the terminal and opens a new one. The changes do not affect them until you reopen them. That's why.
Change to win7.
Ping works. How about nsloopup.
Does not work.
Teacher: 2 minutes left!
Fuck it.
Saves the word document with the images in it. Export as pdf. Tries to access the directories of the school samba server. Does not work. It was not my fault tho. Our school server is in general very slow. It feels like they are not maintained and left alone like this in the dust from the 90s.
Friend gets the permission to put his document on a USB and give the USB to the teacher.
Sneaky me: Hey xyz, can you give me your USB real quick?
Him: sure.
Gets bombed with "do you want to format the USB?" pop-ups 10 times. Fml. Skips in a fast way.
Transfers the pdf. Plug it out. Give it back.
After this we have had to give a presentation in politics. I am done.

I'm absolutely exhausted...
Just spent the past 2 days restructuring our SAAS products entire server network on AWS just so we can have a static IP address for all our server instances passing through an NAT....because we need to integrate with another service that only allows you to access their API if they whitelist your IP.

Got a scammer on my hook. Ideas welcome to fuck him/her over.

He/she confused me with someone else and messaged me acting as a support person of an exchange. I acted along and s/he is insisting on sharing account details.

Played along like a dumb internet noob and I think I got him to share his fake email id.

Now I'm thinking of ways to extract more details about him via email.

From top of my mind, these are some ideas I have:
- get his IP address
- zip bomb or something like that? But g mail is probably gonna detect that.

Ideally, If I could social engineer him to give his phone number, I could easily report him to police and find his identity.

Have you busted some scammers? Would appreciate some tips.

I know very little about networking.
So I've got this modem and I am trying to configure it, I am supposed to access to it through a web browser using its IP address. I pinged the broadcast to find the IP, but when I am trying to connect I have a nice "connection refused". So any ideas ?

Just when I thought I was free of previous clients, an advertising agency I worked with asked me to write an e-mail to their client to point him with instructions on how to set up the DNS servers for his website and specific subdomains.

I did it, 3 times, yet the guy did not understand that he should point his ".com" domain to an IP address and set up some A records.

The 4th e-mail I began with:

"Well, it seems you did not understand what I meant in previous e-mails, so here's a very detailed explanation for you, important stuff in bold, ok?

It should be easy enough even for a beginner to set up..."

Then I wrote tons of text detailing every single step for as long as I could as sincere as possible.

For some reason, both the client and agency didn't like the tone of my e-mail and sent me a complaint. 🤔

I recently became manager of the student radio at my university. Our servers are extremely old and insecure, so I am currently working on getting some new servers up hosted by the university’s IT department as a replacement.

Meanwhile, a few days ago someone unauthorized have fucking accessed our server, deleted /home folder and a bunch of other shit, then cleared the history of the user. Why the fuck what someone do that? What the fuck did they achieve? What is the fucking point? That fucking piece of shit left his IP address though when he signed out from the server...

I just don’t fucking get why the fuck someone would do that? They don’t achieve a fucking shit about it, only fucks with us trying to save the radio from dying.

Successfully wasted more than 12 hours in debugging SMTP issue. ColdFusion email script was throwing SSL error. What was real issue? The Web Server IP Address was blacklisted in the Email Server.

Actual validation message. I will omit the culprit to not shame them:

Your password must be at least eight (8) characters long and contain at least one letter,
one digit and three (3) special characters. No combination of any of the previously mentioned
requirements may be in a repeat success of one (1) or more. Special characters must be
separated by at least two (2) non-special characters, not including numbers. You may not
use more more than one (1) upper-cased and one (1) lower-cased letters in order together. You
may not begin or end your password with an uppercase letter or special character. You may use
no more than eight (8) special characters in your password.

If you need any assistance with this process, please send a message to our support staff.

Message: PASSWD-NG
Your IP Address: 50.202.37.133

Was slightly panicking at work today when I couldn't reach my server at home anymore, though it might have crashed or something. Turns out my isp changed my fucking IP address! It hasn't done that in years! WHY NOW? Ugh, time to update *all* the dns records I suppose...

My standard pattern for using 'time saving' things (frameworks, scripts, new technologies) seems to be:
1) Get excited by how easy <new thing> is to use.
2) Spend the next 12 hours trying to work out how to work with this new shit.
3) Realise I'm now further back than I started.

Today has been docker.

Easy to run my new Wildfly docker container.... can I find the IP address to connect to? Can I fuck.

It's time to reset all my passwords. Got the second Facebook password reset email this month and now even from Microsoft they doesn't even have the same email-pass pair...

And fucking Facebook doesn't tell anything about the reset attempt. Not even a fucking ip address.

!rant

Im going through my router config yestersay and realize that in the security part an ip address is set to permitted.

Iplocation its a company that owns this other company which is my ISP.

Is it normal for an ISP to provide a router with a permitted ip address set by default?

Is this not calles a “porte derobee” (sorry i just know the french terminology，“sneaky doorway”)???

After paying 3 years in advance to my host, some emails of the owner of a project I work with (very small thing, but still..) began to disappear. She doesn't receive the messages and neither the person who sends receives a error message. I've contacted them but no one could found out what is happening.

In this meantime, I had to change the PHP version (there is a version control in their cPanel). Just after changing, Mysqli and PDO stopped working. It took about 4 to 5 days for them to fixed it (shared host).

Back to today, I needed to send and receive lots of emails of this project. As we are losing tons of legitimates mails, we started to cc our personal emails to avoid misscomunication (deadlines are very important). Of course, exactly today, Microsoft's​ mail stopped accepting any emails of our host IP, as it appears someone has an Trojan hosted there. Of course, except me, everyone else personal email address are Outlook.com.

Worked until now on my private mac and used pymssql and freetds to connect and work with a MSSQL DB and Python

Two days ago I switched to an Ubuntu Machine and I couldn't get it to work.

As it turns out Ubuntu was not able to solve the DNS Name into an IP Address.

FML - 2 days wasted

my teachers says that ARP isn't used in IPv6 because the IP Address is unique enough...

Fuck domain re-sellers who don't know what they're doing, you fucking moron you do not need DNS if the Service provider is same as domain and hosting, all you had to do was to change A record with @/${Insert IP Address here} values, it's taking you ages to do that, fucking idiots.

I will probably ask to transfer the domain name to my account if that is possible.

Is there a way to dynamically change your IP address while scraping website so that you don't get blocked cojstantly

An old sysadmin configured the idrac interface of a company VMware server to get the IP address trough DHCP. Of course, without a valid IP, the server doesn't start. For you, where was hosted the VM with the DHCP server?

I've been selected as an amazon echo tester for my country.

to agree fill this survey and you will receive a free Echo:
*fine*

do you have WiFi?
yes (you already know that i have a fire tv stick so you know even the password)

what mobile os do you have?
android (you already know also this i have the amazon app installed in it)

where do you live?
*my city* (you know that from ip address & shipping addresses)

imagine what them will now that i will introduces an open in mic in my room....

(i think that i will keep it behind firewall when i am not at home and when i dont want use it)

I have found some subdomains of a specific domain.
I know the subdomains are up but when i try to load them , firefox says "unable to connect".

What might have caused this?
A static ip or mac address?

Hi!
I want to know if there is possibility to find a vulnerability on a .jar file.
I tried to install Kali on VM (for now) and tried to use metasploit but I found that it attacks the inter system on a indicated ip address.
There are many application or video (and so on) for my problem?
This .jar file is an application and I want to do pentesting...
Sorry for my poor english but it isn't my native language.
I'm new in pentesting wolrd 🤣

When you change a ip address in a production UPS and you wait for the best xD

Network management from the terminal is such a pain in the ass on linux! Far too many different config files in many different places, and I have no idea which works with which!
Just now I managed to fuck something up in my RPi's config, so I don't have wifi access anymore and I didn't have time to find its ip address while connected through ethernet :/
Fuck's sake

Me: I want to deploy a simple WCF Service in a Docker container on Windows Server....

Docker Whale: nah bro....

Me: but but but you have been working with Windows for about a year this should be a simple simple task

Docker Whale: here let me your IP address every time so you can't ping locally or guess what I'm going to next.

So I changed my FB account password and it gave me email notification with an ip address. And then when I logged in it gave me another notification email with a different IP address this time. Should I be concerned about my network security? This is just SO ANNOYING!!!

This shithead continuously wasted 2 lectures of CNS(Cryptography and Network Security) on debating: in a link to link encrytion if encryption and decryption takes place on every node, what if attacker attacks the node while the data is decrypted.

Though I couldn't care less about the lecture but this guy brings the same issue in every lecture

Do anyone have any idea about the link to link encryption?

I know already it encrypts the whole packet with header and on each hop the data is decrypted and the destination ip address is fetched and encrypted again, but i don't know if it's possible to perform an attack on the decrypted data.

Any disposable e-mail address service:
"FIGHT THE SPAM"
"THANK YOU FIGHTING THE SPAM"
"YOU DID GOOD BY FIGHTING SPAM"

The users of disposable e-mail address:
*creates another spam account*
*creates another multiaccount in order to exploit a system*

Companies actually fighting spam:
Now there is even more spam to fight against. (which is not good)

About 2/3 of the accounts created daily on our website are spam accounts. We have to waste our time with this shit instead of actually improving our services. Since we do not track IP-Addresses and there are countless amounts of disposable e-mail domains AND there is still the option to create countless spam e-mail addresses within legit e-mail providers, there is no easy way of stopping this madness.

"Fight the Spam", you could start by deleting your shitty service or at least give us a list of all the domains you're using, srsly.

If I'm at the library.

And there are Ethernet ports.

Desktop computers are connected to it and working fine.

But when I try to unplug it and connect my laptop with it it's just doesn't work, as if it says there is no Ethernet connection at all.

What are some of the reasons for such thing?

Do I have to look up specific IP configuration and configure it on my laptop?

Do these windows domain system matter?

How can I get started figuring why it says it's that there's no connection in the first place?

The librarians know Jack shit about why it's not working.

And I can't find the technician contact address to ask him/her/them directly.

WiFi works fine, but slow, Ethernet connections has a gigabit connection. (I believe that should explain why I want to use that instead)

&& rant

spent all fucking day fucking around with my server. installed gitlab to mydynamicdns.service.com/gitlab. but, gitlab still handles requests at mydynamicdns.service.com/ but it's just a 404. couldn't figure out how to host anything else. fucked around with it for like 5 hours, tried installing some shit called passenger, but by that point, I had already fucked up my environment pretty good so that didn't work at all. spent like 3 more hours fucking with it.

fuck it. time to learn about virtualization. someone here suggested Proxmox. how exactly does it work? is it running a fully blown vm for each server or is it running something like docker under the hood? and does each server then have it's own IP address?

Obtaining IP Address Error

Anyone ever tried Jelastic from Infomaniak? If so, what do you think of it? (UX, price?)

Currently struggling to test it in its free trial version, I can't reach anything because any browser I try can't find the IP address of the server name they generated. So, I don't know if I should keep pushing.