Dr. Michael Thomas’ Post

LibreQoS v1.4 Change Summary: Version 1.4 is a huge milestone. A whole new back-end, new GUI, 30%+ performance improvements, support for single-interface mode. #LibreQoS #bufferbloat #latency #jitter #ISP #WISP #InternetServiceProvider #FWA #FixedWirelessAccess #FixwdWireless #FiberInternet #QoE #QoS #QualityOfExperience #QualityOfService

Contemporary #simulators and #instrumentationandcontrol systems are developed using #github and other open source repositories which helps to develop application software (process models) and system software (instructor station). Considering the demand on cloud-based automation and training solutions as well as full-scope simulator and plant computer remote updating the user shall be aware of the methods that hackers use to gain access. This example shows how effective internet reconnaissance is for gaining access to your network domains

An interesting article:

Jupiter Challenge Write-up Introduction: In this write-up, I will be discussing my experience solving the "Jupiter" challenge in the Hack The Box virtual environment. Please note that sensitive information such as links, user IDs, and flag usernames will be either hidden or replaced with asterisks (*) to maintain security. Challenge Overview: The Jupiter challenge presented a unique set of tasks that required a combination of technical skills and creative thinking. The objective was to navigate through various stages and overcome obstacles to ultimately achieve the desired outcome. Stage 1: Initial Reconnaissance The challenge began with an initial reconnaissance phase where I gathered information about the target system. Using a combination of scanning tools and manual inspection, I identified the potential vulnerabilities and entry points. Stage 2: Exploitation Once the vulnerabilities were identified, I proceeded to exploit them to gain access to the system. Through careful analysis and experimentation, I was able to leverage the weaknesses and successfully gain a foothold on the target machine. Stage 3: Privilege Escalation Having established a presence on the system, the next step was to elevate privileges and gain higher levels of access. This required thorough exploration of the target environment, searching for vulnerabilities and misconfigurations that could be leveraged to escalate privileges. Stage 4: Capture the Flag After gaining elevated privileges, I focused on finding the flag, which was the ultimate goal of the challenge. I meticulously searched the system, uncovering hidden directories, examining configuration files, and deciphering encrypted data. This process involved a combination of manual investigation and automated tools to aid in the discovery. Conclusion: The Jupiter challenge in the Hack The Box virtual environment provided an engaging and stimulating experience. It required a comprehensive understanding of various techniques, including reconnaissance, exploitation, privilege escalation, and flag capture. By following a systematic approach and leveraging my skills, I was able to successfully overcome the challenges and complete the task at hand. Hint: sql>reverse>(pspy helped a lot)>user1>flag>(chisel helped a lot)>login>logs>token>reverse>user2>s**o -l>flag

Interesting application of the system.

Are software flaws inevitable? I thrive on the challenge of resolving them swiftly. Every software has its imperfections, and when issues arise, swift and easy access to support is essential ⛑. To facilitate this, we implement error boundaries within our application and provide customers with the appropriate links to submit support requests. A clear and detailed problem description is crucial. As a support engineer, understanding the issue and attempting to reproduce it before escalating it to the development team is imperative. Within the development team, the goal is to identify the root cause and provide a solution 🚀 . These tasks require as much information as possible to expedite the process. To gather comprehensive information 🔎 , we have created a concise guide: https://lnkd.in/ehSZCZbw. This resource enables customers to either resolve their issues independently or provide the necessary details, such as reproduction steps, screenshots, etc., and of course a link to our JSM portal to assist us in addressing their concerns effectively. How do you facilitate customer communication during challenging times?

Healthy and well-informed skepticism is the right sensibility to bring to this challenge of achieving a "fully realized" hybrid MILSATCOM/COMSATCOM architecture for the DoD. Just the same, between "fully realized" and a sort of tacitly accepted "escalating chaos of verticals," there is an aspirational and potentially achievable sweet spot to be found. It'll take serious DoD buying power, and, as is postulated in this article, at least one, probably a handful, of "anchor customers" across the DoD. As I've said in other threads on this DoD SATCOM EM&C topic, we're going to have to want this pretty badly, and put our money where our vision is, if we expect a consortium of leading commercial space and network management industry partners to band together to get started on this, and to converge upon and define the data and API standards that would be essential to sustaining such an ecosystem. Steve Nixon, quoted at the back end of the article, has it largely right: Industry (broadly defined here) has the chops to get something of this complexity and scope moving forward, with the potential that you'd grow it and improve it through time. The question is whether DoD has the chops, the strategic intent, the governance will and the staying power to fully incentivize industry to do it. Somewhat shooting for effect, I'd suggest time is of the essence here (chaos stops and waits for no one), and leaders need to get about leading on this front, and PDQ. OSD should be triangulating the critical requirement for this, at at least a broad level of approximation, with CJCS, MILDEP/Component 4-stars and Combatant Commands, resulting in resolute JROC-vetted/sponsored investment. From there, accept the reality that v1.0, even designed and fielded at a relatively small and achievable scale, will likely suck. From there, we can self-assess our sincere fealty to DevSecOps/AGILE -- and commit the funding and governance rigor to continuous and sustained improvement. A "fully realized" hybrid space architecture, or even something pretty darned good that falls a bit short of that, won't be built in a day.

Have you watched “How to Get Data From Your Website / App That You'll Actually Use” on The Civic Hacker Network YouTube channel? This video invites technologists to take a more strategic approach to their product data and analytics. You can watch it there, along with the playlist of NASA Space Apps Bootcamp sessions from our very own Lori McNeill. Check it out here: https://lnkd.in/gXPXi58i #data #website #productdata

Pivoting, Tunneling, and Port Forwarding Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the compromised host. Port forwarding accepts the traffic on a given IP address and port and redirects it to a different IP address and port combination. Tunneling is a technique that allows us to encapsulate traffic within another protocol so that it looks like a benign traffic stream.

No one is safe