Darren is on point with the drawings! They alone make this episode worth it... also the dynamism between them helps alot.. snubs asks lots of questions I was wondering myself! =)
No. The password is not sent unencrypted to the server. The encryption key will already be established to exchange data including username and password. The username and password is just for authentication and access to the server. If user/pass are incorrect, then it just doesn't give you access. I believe Darren was referring to bruteforce attacks on the ssh server because the data exchange cannot be viewed by an eavesdropper.
there are many distributions of Linux but one of the most popular is Ubuntu but i recommend just testing a few out on a virtual machine to see what you like best
VPS is basically a virtualized server, sitting on a real (hardware) server which has lots of VPS'es on it. Difference between a VPS and a shared server is that a VPS is an OS of your choice which you can configure how ever you want.
Nice show, If I was going to write a daemon or some other Unix program whats the best way to make it proxy aware? Is there a recommended library or similar.
I'm not sure what you mean with listening servers. Like your machine it can have numerous services running and if you choose to have a GUI or a DM you can even do remote desktop (why you would want that is beyond me though).
Using *asymmetric* key pairs. Public-Private key authentication isn't symmetric, which is why it's considered more secure. Also, your password isn't transmitted in the clear, making it incredibly difficult to sniff. This is done by establishing a secure session using Diffie-Hellman (DH) key exchange to generate a shared secret, prior to the client actually authenticating to the server. At least that's how I interpret the RFC, someone school me if I'm off.
So SSHd creates a socks5 server? I would like to see a proxy server created in a Flask app so I can have a socks5/open_proxy along side a webserver built in Python.
Great video mate! Although im seeking help on how to write a socks program to connect a client and a server and cache the webpages on the server, could you at hak5 help me out here?
OK, you won me over! . Now I want to connect through a proxy connection, but when Shannon use PuTTY and says "you are entering your host name" [1:09] - What should I write there?? I guess the answer is not ddk.hak5.org ....
Geez, Darren is like totally patient with Shannon...or is she just playing along for those that are learning...i'm hoping she's playing along...meh she's got nice hooters so i don't really bother listening to her...way to go DK...
No, its to simulate a teacher-student effect so simpler questions can be asked, everyone makes it a sexist issue but its honestly just to give the viewer a better understanding through simpler asked questions, she definitely knows whats going on
Darren is on point with the drawings! They alone make this episode worth it... also the dynamism between them helps alot.. snubs asks lots of questions I was wondering myself! =)
Excellent show this week guys (and gals) Please do more like this.
Great show this week. Some great questions from Snubs too.
9:40
"Or in IP version 5, ::1"
Am I the only one that caught this?
Damn. I wish Darren taught my network security class. Maybe I would have gotten a better grade on my mid-term.
No. The password is not sent unencrypted to the server. The encryption key will already be established to exchange data including username and password. The username and password is just for authentication and access to the server. If user/pass are incorrect, then it just doesn't give you access.
I believe Darren was referring to bruteforce attacks on the ssh server because the data exchange cannot be viewed by an eavesdropper.
Fantastic tutorial. Thanks!
there are many distributions of Linux but one of the most popular is Ubuntu but i recommend just testing a few out on a virtual machine to see what you like best
VPS is basically a virtualized server, sitting on a real (hardware) server which has lots of VPS'es on it. Difference between a VPS and a shared server is that a VPS is an OS of your choice which you can configure how ever you want.
Just say virtual machine
Nice show, If I was going to write a daemon or some other Unix program whats the best way to make it proxy aware? Is there a recommended library or similar.
It is. You must just know few basic things to make your life easier :)
she acts like she has no clue about what's going on.. cmon, we all know you are a shady hacker
+nemo - est someone's gotta be the watson. ;) - shannon
12:50 Counter Strike reference! awesome!
I couldn't figure out why he looked so familiar, until I realized Jim from the Office grew a cheard!
Sometimes it is, but it's almost always more fun :)
I'm not sure what you mean with listening servers. Like your machine it can have numerous services running and if you choose to have a GUI or a DM you can even do remote desktop (why you would want that is beyond me though).
Thanks for the advice :)
I will choose port 6969, cause that sounds good
Using *asymmetric* key pairs. Public-Private key authentication isn't symmetric, which is why it's considered more secure. Also, your password isn't transmitted in the clear, making it incredibly difficult to sniff. This is done by establishing a secure session using Diffie-Hellman (DH) key exchange to generate a shared secret, prior to the client actually authenticating to the server. At least that's how I interpret the RFC, someone school me if I'm off.
What advantages come from looping to localhost and how does localhost know how to connect to your vps
1:01 - yes! Yes! Yes! Linux is always easier! 👍👍👍
So SSHd creates a socks5 server? I would like to see a proxy server created in a Flask app so I can have a socks5/open_proxy along side a webserver built in Python.
hak5 for evah!
Yea, i will thanks :)
There's no way I said IPv5.... Or did I? Man, I gotta lay off the 40's before shooting ;)... We all know I mean IPv6
It's gotta be hard acting like you have no clue what is going on lol.
+treehippie789 It is, but luckily I took theater classes many years ago. -Shannon
cc license huh wonder what changed props for that
A non root user can use 1024 through 65535. You were off by one. Root users can use 1023 and below.
It's typical for programmers to have off-by-one errors
I see, let's say I have a passphrase on my keys, will it be sent unencrypted as well?
What would be the best form of linux or would it be linux ( i am new i could mean UNIX ? :S)
yep got no idea what he just said.... awsome :/
Haha hahahahhaaahahahhahahahahahahahahahahhaha dummyboy nannanananannanananananananan
someone hook me up with a source for socks5's
Great video mate! Although im seeking help on how to write a socks program to connect a client and a server and cache the webpages on the server, could you at hak5 help me out here?
OK, you won me over! . Now I want to connect through a proxy connection, but when Shannon use PuTTY and says "you are entering your host name" [1:09] - What should I write there?? I guess the answer is not ddk.hak5.org ....
Your Servers public IP address
Can someone please sum up the difference and pros/cons between VPN and VPS?
VPN is someone else server ie never trust 3rd party with ip
"So guess what Darren?!" "Yes!" "I have big boobs." That's what I thought heard..
You lost me at "I develop php"
Isn't SSH currently at version 3?!
This video is old like yout comment.
lo isn't local, lo is loopback
Guys, I'm blushing. Thanks :)
27015 respect!
Im going to say it.. First..
09:46 is that some kind of sex toy top right conner
I heard* -.-
~ 12:30
Can you make a conection to me plz:)
Geez, Darren is like totally patient with Shannon...or is she just playing along for those that are learning...i'm hoping she's playing along...meh she's got nice hooters so i don't really bother listening to her...way to go DK...
5:04 she isn't even looking, lmao how fake is this???
:D tf is this
Is that woman there only to look good or is she meant to help? I'm confused this seems very sexist towards women.
No, its to simulate a teacher-student effect so simpler questions can be asked, everyone makes it a sexist issue but its honestly just to give the viewer a better understanding through simpler asked questions, she definitely knows whats going on