VM in VPC reaching out to numerous Internet IPs [closed]

I was building a sandbox environment for a client in GCP, due to some app issues I modified the firewall rule to allow source range 0.0.0.0/0 and all ports.

Recently, there was a security breach where the client said the VM was reaching out to 190 internet IPs. The VM only had docker installed and the images required.

Being someone not from security background I’m not able to grasp the root cause of this issue.

Baby monitor over wifi only, without connecting to the internet

Are there any products that are sold as baby monitors that don’t need a connection to the internet to stream audio and video on a local wifi network?

From a network security and a personal safety perspective I would rather not have an IoT device connect from my network to the internet.

I see in previous similar questions from a few years ago someone suggesting using a phone that automatically answers phone calls on skype. I do not want or need remote access, so this is not my preferred solution.

I am concerned that if I buy a product, that the only way to view the stream will be online and that it will first be uploaded to their servers, so I can’t watch locally while blocking the device’s access to the internet. Does anyone know of any commercial solutions, or if not does anyone have recommendations about how to set up a usb-camera to stream locally in a safe manner?

ESET Internet Security blocks GSA SER communication

No matter, that the GSA SER is put into the ESET’s whitelist off applications, my ESET still reports malicious connectivity – see the attached image. This one shows probably the check of current version, but when I use the Proxy Scraper, it frequently recognize the connection to the bing.com portal as Coin-Miner.JS threat.

If this activity is no harm, I can create the rule within, however I am quite sure, that to contact the ESET with the request to reevaluate the activity sorting, would be from their side considered as something kinda ilegal.

Any clue? 

What attacks can be done from a “sketchy” internet site

I’ve heard that tabs in modern web browsers are fairly well sandboxed, so what kind of attacks could a malicious site do to your computer and/or web browser assuming you don’t do anything obviously stupid (like download and run a file from it)?

Does it make a difference if you are using a private / incognito tab to remove any cookies you have from other sites?

How did Vice detect voting machines connected to the internet? [closed]

https://www.vice.com/en_us/article/mb4ezy/top-voting-machine-vendor-admits-it-installed-remote-access-software-on-systems-sold-to-states

What method would you use to determine if a machine is a voting machine? do they give off a unique signature? Did someone give them a list of all IP addresses associated with voting machines and they pinged them to see if they were online?

the article is very scarse on details, yet it referneces a group of security experts

Risk/CVSS of exposed web admin portal to the internet

more of a philosophical question, suppose there is one behavior which allows an attacker to do something with high impact but by itself cannot be used to cause that impact. For example, internet accessible admin portal which even though still requires authentication, it doesn’t have IP whitelist nor 2FA.

Suppose that using the admin portal, an attacker can upload a shell and compromise the whole server.

Would you classify just having relaxed controls on the admin portal authentication as vulnerability?

If yes, what would you say just would you say is the CVSS score?

The risk? I guess here, the impact is high but the likelihood would be in relation to how easy is for someone to acquire valid credentials, which in most cases should be very low)

I would say it’s not vulnerability since one needs valid credentials to actually be able to use the portal. But i hear people having a lot of different opinions so i would like to see some other people’s thoughts.

It’s similar to having a gun (admin portal) without bullets (credentials). It’s only dangerous if you somehow manage to get bullets.

How to circumvent an isolated domestic internet connection?

Perhaps this is off-topic or too broad to answer but I’m thinking that there must be solutions.

Some countries are talking about unplugging from the internet and creating their own isolated domestic internet. Russia, recently, ran their own tests about doing this and it has seemed successful.

How could this, essentially, large LAN network be circumvented?

How do I allow Mozilla Firefox to use internet? [closed]

At my school Mozilla firefox is blocked for students, so only teachers could access it. The PCs are running on Linux Gnome. It has nothing to do with the cable, network manager or ifconfig eth0 up. It is only in Mozilla. You think it could be somewhere in Mozilla‘s settings (no proxy is used) .

As I was 12 I went in a IT Academy, where we had the same thing, so we couldn’t play any Flash games. We fixed it, by changing port in Mozilla in the right one, which people have seen once from a teacher.

I am saying it, because I couldn’t find the same option in the settings now.

Any information would help, thanks!

How can I restrict visibility to my SMB server to public (internet)? [on hold]

I have a SMB server running on pi4 behind an ADSL router from my ISP.

Although there is only 1 ssh port-forwarding rule to my pi4 server, the SMB server is visible to the internet! So, I don’t have DMZ enabled on my ISP ADSL router and there is only 1 port forward rule – to access ssh on my pi4.

Is there any way to restrict SMB server visibility to the public internet from smb.conf or other methods? I searched all over the internet and found nothing.