Determining clients connecting to IIS using CBC ciphers. (preparing for Lucky13 remediation)

I am trying to determine the impact of re-mediating a lucky 13 vulnerability; which i understand requires disabling CBC cipher modes. So far i have added custom logging to my IIS instance to capture and translate the algorithms that clients are connecting with.
Using this i am able to get the cipher, hash, and kex algorithms for each connection. However I was hoping for insight into the MODE (CBC,CTR,GCM). Am i able to derive the mode from the data i am capturing?

Some columns ommited for privacy.

Connecting to VPN Initial Handshake Uses Encrypted or Unencryted Data?

I searched for a specific answer to this question and although there are many answers about VPN encryption, I did not find this specific question answered. Setup as follows:

MyPC -> VPN -> RestaurantISP -> Internet

When I first connect to my VPN service using either the OpenVPN protocol or the APP supplied by my VPN, does the initial TLS handshake send my username and password unencrypted or is that data sent encrypoted AFTERfter the connection to the VPN server has been established?

More specifically, if the RestaurantISP installs a packet sniffer, could they see my login details, like username and password?

Connecting two ethernet ports with a bridge kills local network

I’ve just finished rebuilding my NAS, now using an Intel-based SBC with two Realtek ethernet ports (Odroid H2 for those interested). Everything worked fine so far, up until I tried to use both ethernet ports in a bridge to maximize local network bandwidth (this NAS will be used to stream multiple 4K streams locally).

Setup of hardware is simple: the H2, with a 256GB NVMe SSD in the M.2 slot, two HDDs connected to the two SATA ports, and the two ethernet ports are slotted on my router’s (HyperOptic’s modem+router combo Tilgin HG2381) first two LAN ports.

Software-wise it’s also simple: regular Ubuntu Server 19.04 install on the SSD, where I store my cloud stuff, Docker’s stuff (images, config folders), etc.; and the two HDDs are in a RAID0 array with a single XFS partition for storage of media. Data loss is not a danger, as I do not care much about the content on the HDDs, and the docker configs (the irreplaceable bit) is backed up daily to Google Drive.

I’ve purged cloud-init from the system, and set the netplan renderer to NetworkManager, so that I could use Cockpit’s web interface for management of all. Extra networking software installed is zerotier, which I found to be the most simple to set up and manage.

The two separate network interfaces work well, but the device gets two separate IPs. I wish to treat this connection as a single interface with load balancing, so I’ve created a bridge out of the two and set a static IPv4 address to it. The moment this network configuration is activated, the whole local network dies – WiFi, internet access, local network access, everything. While I do enjoy the discovery of this kill switch, I’d really like to fix it.

The current NetworkManager configs:

Wired connection 1:

[connection] id=Wired connection 1 uuid=8d403f31-b593-38b7-a177-62d26ac8604c type=ethernet autoconnect-priority=-999 master=bridge0 permissions= slave-type=bridge timestamp=1565379408  [ethernet] mac-address=00:1E:06:45:06:C1 mac-address-blacklist= 

Wired connection 2:

[connection] id=Wired connection 2 uuid=a440422a-941f-32c0-8863-5b35e3a9cd12 type=ethernet autoconnect-priority=-999 master=bridge0 permissions= slave-type=bridge timestamp=1565379408  [ethernet] mac-address=00:1E:06:45:06:C2 mac-address-blacklist= 

bridge0:

[connection] id=bridge0 uuid=c60701c0-12f2-4624-a6d0-4f0ba327445f type=bridge autoconnect-slaves=1 interface-name=bridge0 permissions= timestamp=1565379708  [bridge] stp=false  [ipv4] address1=192.168.1.75/24,192.168.1.1 dns=1.1.1.1;1.0.0.1; dns-search= method=manual  [ipv6] addr-gen-mode=stable-privacy dns-search= method=auto 

At first look I do not see any issue here, however I’m nowhere near even a NetworkManager adept (I’m still familiarizing myself with it, after almost exclusively using /etc/network/interfaces – not many embedded devices have fully blown fancy-pants network management systems, even routers!). Is there something wrong with my network config, or is it the router not handling a bridged interface well?

Powershell – SPOConnect throws error when connecting to a sharepoint SITE

I’m having trouble connecting to my share point site. I belong to an to an organization and was tasked to create a community page/sub site thats customized.

I use the connection string from the API

Connect-SPOService -Url https://contoso-admin.sharepoint.com -credential

except that I’m not connecting to our main orginzations sharepoint site, but sort of a subsite under it.

my URL basically looks like https://orginizationsite.sharepoint.com/sites/NameOfSubSite

and i get thrown this is not a tenant site.

Are we even able to customize these kinds of sites” or do i basically need admin level access to the organizations share point?

Issue Connecting to WPA/WPA2 Enterprise Wifi Connection in Kubuntu 19.04

The wifi connection in question is my university wifi.

The authentication method is PEAP/MSCHAPv2. The wifi used to work before this summer. However currently trying to connect to it keeps it in a configuring network state. Note that the wifi connects in my friend’s Ubuntu 18.04 machine. I’m running Kubuntu 19.04 with backports and kubuntu-backports enabled.

I have attached the relevant part of the syslog here: https://pastebin.com/xuPt7amc

The wireless card is Intel AC3165.

Please tell me if any further information is required.

Thanks in advance!

Why does nautilus keep asking for username / password when connecting to a SMB share? I can’t connect

I want to share a folder.

I went to the Documents folder, right clicked, turned on sharing, gave it a name.

Nautilus installed Samba and said it was working.

I navigated to the “Other locations” area and found my computer’s name.

I clicked into that and found the share.

Clicked that and it asked for an anonymous connection or a registered connection.

I tried both and both times it failed. I can’t connect with any machine on the network though others can see it.

What’s happening? I’ve restarted the computer but still the same. A constant request for password each time I enter and try and connect.

Connecting microservices with eachother

my only skepticism about using microservices over REST /HTTP is that there could be a performance drop using too many microservices over REST, with a REST connection, the data would always first need to pass through an HTTP server and things like latency would be an issue. imagine a data process which needs to pass-through 100’s of microservices which are connected via rest to each other. Is there a better way to achieve this without REST?