Today is August 16, 2022
Join Now! | Home | Sign in | FAQ | Help
Zord's Underground Archive by Zord
 
April 2016
1ARCHIVE ENTRY ONE.....
2ARCHIVE ENTRY TWO
3ARCHIVE ENTRY THREE
4ARCHIVE ENTRY FOUR
5ARCHIVE ENTRY FIVE
9SANDERS FOR PRESIDENT!
11Defense Information Systems Agency (DISA)
12Selections From Old SYNTHESIS Website, Sadly, Now Defunct.....
13SYNTHESIS II
14To Worship The Funeral.....
15Some Works From My Youth......
16THE DECLINE OF AMERICA
17DADA NIHILIS LE FLEUR
18NATIONAL ANARCHISM AND THE STATE
21Alexander Dugin: Magus And Mad Prophet!
22NO, THE DEMOCRATIC PARTY CANNOT COUNT ON MY VOTE!
23UNCONVENTIONAL WEAPONS AND WORLD POWERS
24Is Vladimir Putin The Chakravartin?
25BARACK OBAMA LORD OF APOCALYPSE!
26The Myth Of SRA, Psychotronics, And The Global Reality Grid
27BERNIE NEEDS OUR HELP!
30SANDERS VICTIM OF DNC/HILLARY CLINTON'S DIRTY TRICKS!


April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016

Defense Information Systems Agency (DISA)
April 11, 2016

Hyper-Links are disabled for the first 30 days of active

journaling here: so you will just have to cut-and-paste the

URL into your browser.


Defense Information Systems Agency (DISA)


http://iase.disa.mil/eta/Pages/index.aspx


I have taken around 11 classes here, and have learned a great deal, and have 11 certificates to prove it.....

However, I am not sure if I could work for the military, in

that I am not that great at retaining what I read....

What I did find odd, is that the US military has a good

number of vulnerabilities that I think they should try to

patch up:

1. Make sure that all DMZ's have a hardware and software

two firewall DMZ set-up.

2. Harden the routers more, to prevent 'application-proxy'

spoofing exploits; to get an outbound connection to

services so they can be exploited, and make sure that access

to services are encrypted with something better than MD5.

I am not a encryption expert, but there are tools that can

crack MD5 with not too much difficulty...


3. Prevent authentication-flooding attacks to create

bandwidth depletion and crashes; by creating 3 minute

time-outs on all accounts after attempted log-ins past the

first two. Also I have seen in my own logs attempts to use

Port 67, to spoof packets with my IP to request incoming

connections to the broadcasting address: 255.255.255.255

to try to syn-flood my system...

I have forgotten what port 67 is, because there are

53,525 ports, and people have attacked me on port 3000 and

even higher.... Ports that are optimum for SYN Flood should

be closed/stealthed if they are not needed. (Along with all

other unneeded ports) IP Tables are over my head for now,

but default port settings on my firewall tend to do the

trick. Any packets that enter the system with TTL's that are

too fast should be dropped. Smurf attacks (SYN Flood) and

Authentication flooding can be mitigated by blocking

packets with timing signatures that are too fast, whether

they are routing packets or Time-To-Live.

If the NSA is reading this post, they should have the DOD

fix this stuff.

(No, I am not going to tell you how to attack government

computers. I would advise you not to do it, not even with

botnets; because you will get caught even if they have to

do forensics for years, to snarf the imprints of all of

your zombies and malformed connections)

Before you think that I am a genius, I assure you that I

am not. I had my firewall disabled in my linux distro for

two years! Because the ports were closed and some stealthed

I thought the firewall was on, it wasn't. Linux blocks all

incoming connections by default. But I had two ports open,

53 and 80, which is no big deal, but I was wide open to an

application proxy attack, because the ports were open

without filtering the nature of the packets that would be

allowed, or limiting these ports to my LAN. Enabling the

firewall fixed this....

See, I am no genius after all........ Smile


 
Login to select
your favorite journals

PrevTopNext
 
 


© Website Copyright 2016 by My-Journal.com
© Journal Content Copyright 2016 by the Author
 
Terms of Service Agreement
 
Privacy Policy