TeamAU Overclocking

@IAMERICAbooted @Bluewall Excluded from all CAPs except for an auth strength CAP forcing the yubikey only!

@Bluewall It should be fido2 hard key authn as primary auth and stored in the company safe with a procedure to get them out, critical alerts when they login, and excluded from all CAPs

This is you uncomfortable reminder that if a Global Admin gets popped, they can create another Global Admin account and delete all the others :p

@SecurityAura @IAMERICAbooted If you can connect to a random ftp or sftp from server ranges, your firewall config is lacking

Whenever I have clients that talk about DLP to prevent exfil and so on I ask them to do one test: Go on a random server, download the portable version of WinSCP or FileZilla, connect to an outbound SFTP or FTP server and transfer files. Neither DLP or EDR will do anything here

@IanCutress You didn’t bite him?

World's strongest man Vs World's most silicon man

@techspence “Works for me”

Famous last words by IT admins: I’m just testing…

@Harshal_Tank @gskillgaming Did you mortgage your house?

@gskillgaming hey guys, where can I buy your 48GB DDR5-9000 CL42 kit? 🍻

@skatterbencher Seems eerily true

Oh. My. God. 🤣 shipordie.club/roast/startup?…

@slovak_killer @Sparkys_Adv What is the best performing bios for you?

Another day, another leak. ASTRAL RTX 5090 2000W XOC V2 leaked, its the newer version of the bios, which should include fixed power limit, with GPU able to reach 2000W now. Link in the comments.

@thedatabunny If your running Forti you’ll want multiple layers of DMZ 😅

Fully migrated the OpenVPN server to the De-Militarized Zone (DMZ). Any servers that will have ports open to the internet will sit on the DMZ network and on this DMZ switch. Now, I’m going to clean up for tonight.

@avvyxcs @iamcs2kitchen @CounterStrike You are disabling the first core that handles a lot, and disabling the SMT cores so you are left with the real cores and no core 0

@iamcs2kitchen @CounterStrike This exact affinity set had my best results. Disabling 0 had some improvement, disabling 1, 3, 5, 7, 9, 11, 13 and 15 had even more and having them all disabled had the best. Both AVG and P1 improved a lot.

Disabling core 0 can boost your 1% low FPS by upto 17% on many CPUS ( doesn't work on all cpus). Good thing is this performance benefit is not limited to @CounterStrike . CPU's tested ( Works on: 7800x3d, 9800x3d... maybe your cpu as well.)

@MyNameIsMurray I think PacketFence is what you want. I just finished POC, SCEP server built in, captive portal with saml, tls authentication, ad authorisation, guest registration workflows, firewall sso integrations, self onboarding certificates for macOS windows, it’s identical to Clearpass

@teamau It seems like not many have actually tried to do both device and user authentication, or if they have they are wealthy schools/enterprises that can use Cisco ISE, Aruba ClearPass, or similar ludicrously expensive options. I just want a budget-friendly modern Wi-Fi auth. Sigh!

@MyNameIsMurray have you looked into packetfence for your use cases? Just starting to build our PoC and it looks promising but a lot of work to go

@techspence These are the exact files I leave around the place, backdated with canary credentials. Vmdk or vhd are juicy targets too.

Ultimate internal pentest cred-hunting cheat sheet (steal these) .kdbx | unattend(dot)xml | web(dot)config | .ini | .env | appsettings(dot)json | .git-credentials | .ps1 | .bat | .cmd | .vbs | .vba | .sql | connections(dot)xml Also check… BCDR docs, logon scripts, Notepad++ temp, browser vaults, anything with “secret” in the name, log files, vmdks, readme’s, install guides, new user setup docs, powershell history, source code repos What did I miss?

@skatterbencher @MasterbitzOC @intel @Gigabyte @CORSAIR Yeah this is THE one

Ehr, no wait, another New Memory OC WR! 6765.2 MHz (13530.4 MT/sec) by Sergmann 🇩🇪 using @intel Arrow Lake, @Gigabyte Z890 Aorus Tachyon Ice, and @CORSAIR Vengeance DDR5. Chart: skatterbencher.com/memory-overclo… Details: hwbot.org/benchmarks/mem… Validation: valid.x86.fr/jn8tlb

@MyNameIsMurray I like it, I’m trying to work towards passwordless, wifi is the last hurdle, so trying to work out a wifi onboarding method that supports modern auth mechanisms

@teamau And that is why modernising the old and not very secure PEAP/MSCHAPv2 solution with a secure tunnel and then performing user auth (backed by Entra users/groups) is my current plan.. this EAP-TTLS/PAP.

@MyNameIsMurray The issue with EAP for BYOD is the on boarding, if you own the devices it’s trivial with SCEP

@teamau There are a few options that rely on browser initiated user authentication, but these tend to not provide network access at the login window, not trigger auth for apps/sockets. It's a bit "meh" as a solution compared to EAP-TTLS/PAP and eventually TEAP...

@MyNameIsMurray Nah I’m thinking more the auth mechanism than fw vs NPS. Have you considered open network with OWE and captive portal OIDC to Entra? Support for passkeys and modern auth and you can configure in a way that if the user is logged into Entra in browser it’ll auth automatically l

@teamau Modernise authentication to provide (filtered) internet access more securely. We already have a firewall to protect internal assets and provide web access policy configuration that satisfies our duty of care requirements: So we just need an NPS replacement, not a new firewall.

@MyNameIsMurray The student wifi, are you trying to protect internal assets or just give internet access?

@teamau I've used it in the past, mostly to help isolate VMs needed for testing where we couldn't physically isolate or configure VLANs. It was fine. The main thing I need to solve at the moment is RADIUS, and PF includes FreeRADIUS, so I'm just going with FreeRADIUS directly for now.

@NathanMcNulty is it your understanding that WH passkeys should be supported in syncable passkey preview? I can get password manager keys enrolled but WH is failing.

@IAMERICAbooted We’re using Prisma for some edge cases and it’s working really well. Users generally arnt happy with the extra control’s though.

Best RBI solution? Please RT

5090 is happening