1) Open source isn't more secure. This is an old assumption. 2) There is no such thing as closed source anymore. Everything is chocked full of open source.https://twitter.com/hackerfantastic/status/1072533649411751937 …
-
-
Almost every IR responder I know tests open ports using telnet (as opposed to netcat as it differentiates between refused||wrapped. You can be sure that I'll have the exploit sitting on my pen box in my next engagement...
-
I think we're talking about different things, I'm saying very few people use telnet from inetutils (more likely, you use netkit). What exploit are you talking about?
- 3 more replies
New conversation -
-
-
telnet has been removed as a URI handler from modern browsers, there are plenty of embedded devices with restricted shells though.
-
Yep, I've never seen any telnet:// URI handler that would invoke telnet from inetutils. Do you have an example of an embedded device that allows you to invoke it in such a way? I think most would use BSD variants, I'm surprised to hear "plenty".
- 3 more replies
New conversation -
-
-
I did consulting for a major FI a decade ago that used encryptionless SSH. I didn’t believe it until I saw the config myself. They did it because the sysadmin gangsters were worried about performance of the toolset (ie UID 0 everywhere) they used to manage the entire environment.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The whole risk statement of potential versus probability.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I once used None between two boxes on my home LAN because I was transferring lots of data and one of the boxes was super slow at encryption.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.