𝒍𝒆𝒎𝒂𝒏𝒏

Hey! Please contact me at my primary Fedi account: @lemann@lemmy.dbzer0.com

https://lemmy.one/u/lemann@lemmy.dbzer0.com

  • 46 Posts
  • 1.18K Comments
Joined 1 year ago
cake
Cake day: June 6th, 2023

help-circle





  • It kinda depends on the setup I think, especially when vlans and firewalls are involved, you’d likely need additional payloads to make further progress in that kind of environment IMO. Something granting persistent remote access to the compromised machine would be the most ideal option.

    As always physical access is pretty much game over though lol.

    My cams are only accessible via an authenticated endpoint hosted on a dedicated machine, which acts as a “bridge” between the VLAN that the cameras are on (no internet access), and another VLAN hosting internal services, like home assistant, plex etc.

    Aside from physical access, the only way to access the cams (that I can think of) would be via some exploit in Home Assistant, or by brute forcing the password to (any of) my network switches to access the management VLAN, changing the VLAN the cameras are set on to something else (bypassing the routing, firewall setup, and auth “bridge” entirely). Or maybe just exploiting the bridge machine directly and dropping a payload to forward the cams out to the net via the services VLAN

    With physical access, you could chop up the PoE for an external camera and using that as an ingress point - but you’d only have access to the cameras and the bridge machine unless you exploited that too. At this point the zabbix client on the bridge machine would have notified me that a camera’s dropped off the network, unless you dropped a payload to force it to return a good status lol

    Does sound like a very fun exercise though tbh


  • I think most people are just used to Google, I used to be several years ago before moving to DDG.

    Now I find Google is way too… “tutorially” and “bloggy” with results, and actually slows down my workflow a lot when I’m looking for a specific thing immediately - usually a bit of scrolling to get what I’m looking for.

    DDG (for my use case as a casual search engine, and something to search docs for work) gets you to whatever you want with a much, much shorter and concise query, and pretty much always gets it right each time as the first result


  • I agree with OP here, these results are not great.

    OP searched for the redis docker image, not a tutorial on how to use it, not a tutorial on why redis should be run in docker, and did not search for redis docker docs. While these are relevant, they should be further down, not the top result. DDG gets this right, and I’m pretty sure other search engines do too.

    For a total newbie, these results are probably OK, but for a technical person who knows what they want literally as they type it, Google’s results are (excuse my french) simply shit. DDG is miles better at handling this stuff, and they don’t need your personal data to do it well either.

    Edit: Just went and searched “redis docker image” in a private tab on Google, and the docker hub image for Redis is not even shown on the first page of results













  • Flash drive hidden under the carpet and connected via a USB extension, holding the decryption keys - threat model is a robber making off with the hard drives and gear, where the data just needs to be useless or inaccessible to others.

    There’s a script in the initramfs which looks for the flash drive, and passes the decryption key on it to cryptsetup, which then kicks off the rest of the boot mounting the filesystems underneath the luks

    I could technically remove the flash drive after boot as the system is on a UPS, but I like the ability to reboot remotely without too much hassle.

    What I’d like to do in future would be to implement something more robust with a hardware device requiring 2FA. I’m not familiar with low level hardware security at all though, so the current setup will do fine for the time being!