Hey everyone, I know the videos lately have been pretty long. I want to make sure I give more than a superficial amount of knowledge about these topics, though I'm trying to find a middle ground where it isn't too much. I'm also still working on a teaching style that works well for this channel. If you have any suggestions, let me know. Also, let me know if you'd like to see any topics in particular be covered in a video. Here's some of the stuff coming up: intro to PowerShell scripting, intro to Bash scripting, advanced malware analysis, overview of network security, IPS/IDS overview, IP subnetting tutorial, stenography overview, social engineering deep dive, Linux kernel hardening, Windows Powertoys tutorial, how to create a custom Windows ISO, and many others. I also plan to keep making the career development videos here and there and have some more crypto security videos that'll be coming soon. There's also going to be more videos coming soon on how to use specific applications, like how I've done in the past with Portmaster and Simplewall.
I enjoy this style of video. I've done SOME of the things you recommend. As regards, DNS, I've inputted the four "9s" in my router's DNS. I've not used software or placed the "Quad 9s" in my browsers or TCP/IP stack. I am an old man with lots of crappy old hardware (except for my M1 Mac running Asahi Linux). Do you recommend my ADDING a computer to my network such as a Raspberry Pi running piHole...or just an old Intel box that runs software with similar characteristics to piHole. Jeff Geerling talks about that sort of thing, so I wonder if I can...or SHOULD...run a piHole or similar. From a perverse point of view, can one increase one's visibility/targetability by running such "Hey...look at me! I'm a piHole! Try and get through me!" software and hardware? Mahalo for another really thought-provoking video! Aloha.
@@jimcabezola3051 Hey Jim, it's good to see you again! As far as DNS goes, the router option works great. This saves you from having to set up DNS on each device and makes sure all DNS traffic is protected. If you ever have issues with getting what you know is a legit website to load, you can always just set it back to default to check if something was flagged incorrectly. As far as the piHole, those are awesome devices, but there are a few things to be careful of. If you are okay with the risk and they are set up properly, they are great. If you don't want to go that route, just using Quad9 and uBlock Origin will basically give you the same protection without the extra features. There's some other small things to consider, but here's what I consider to be most important: Whatever settings you use, just be sure DNS is encrypted and DNSSEC is enabled. Those devices can also be subject to DDoS attacks. You can work around this with rate limiting and making sure your firewall is blocking anything unnecessary to the piHole. This last part is one of the biggest concerns with using a piHole. You could risk internal exposure of your entire network by having hostnames revealed and a hacker could also get a zone transfer and see a map of all your DNS records. They also have to be configured to not be an open resolver, which means the piHole can take queries from any IP. This can be used for things like DDoS attacks, and could get you involved in legal issues or your IP address being blacklisted. These are also mitigated with things like rate limiting, setting the firewall up well, and restricting IP's being used for your IPs only. Having a properly configured firewall is just fine here though, and having IPS would be the cherry on top. I don't think the devs intended for people to have these set to be open resolvers. The other concern I have with these is that if a device on the network is compromised but not discovered, the hacker could get into the piHole and do DNS spoofing without getting caught. Then things like bank accounts, social media, etc, would be taken over as things like login details can be captured. To be fair though, this could happen on a computer as well if an infection wasn't discovered. An example of DNS hacking was the video I made a couple months ago about the hack being used on foreign embassies in Belarus. ESET has an article if you're interested in learning more about it on their welivesecurity website. The attack was called MoustachedBouncer. Anyway, I think they are great devices. They just need proper setup to mitigate the security problems.
Hey everyone, I know the videos lately have been pretty long. I want to make sure I give more than a superficial amount of knowledge about these topics, though I'm trying to find a middle ground where it isn't too much. I'm also still working on a teaching style that works well for this channel. If you have any suggestions, let me know.
Also, let me know if you'd like to see any topics in particular be covered in a video.
Here's some of the stuff coming up: intro to PowerShell scripting, intro to Bash scripting, advanced malware analysis, overview of network security, IPS/IDS overview, IP subnetting tutorial, stenography overview, social engineering deep dive, Linux kernel hardening, Windows Powertoys tutorial, how to create a custom Windows ISO, and many others.
I also plan to keep making the career development videos here and there and have some more crypto security videos that'll be coming soon. There's also going to be more videos coming soon on how to use specific applications, like how I've done in the past with Portmaster and Simplewall.
I enjoy this style of video. I've done SOME of the things you recommend. As regards, DNS, I've inputted the four "9s" in my router's DNS. I've not used software or placed the "Quad 9s" in my browsers or TCP/IP stack. I am an old man with lots of crappy old hardware (except for my M1 Mac running Asahi Linux). Do you recommend my ADDING a computer to my network such as a Raspberry Pi running piHole...or just an old Intel box that runs software with similar characteristics to piHole. Jeff Geerling talks about that sort of thing, so I wonder if I can...or SHOULD...run a piHole or similar. From a perverse point of view, can one increase one's visibility/targetability by running such "Hey...look at me! I'm a piHole! Try and get through me!" software and hardware? Mahalo for another really thought-provoking video! Aloha.
@@jimcabezola3051 Hey Jim, it's good to see you again!
As far as DNS goes, the router option works great. This saves you from having to set up DNS on each device and makes sure all DNS traffic is protected. If you ever have issues with getting what you know is a legit website to load, you can always just set it back to default to check if something was flagged incorrectly.
As far as the piHole, those are awesome devices, but there are a few things to be careful of. If you are okay with the risk and they are set up properly, they are great. If you don't want to go that route, just using Quad9 and uBlock Origin will basically give you the same protection without the extra features.
There's some other small things to consider, but here's what I consider to be most important:
Whatever settings you use, just be sure DNS is encrypted and DNSSEC is enabled.
Those devices can also be subject to DDoS attacks. You can work around this with rate limiting and making sure your firewall is blocking anything unnecessary to the piHole.
This last part is one of the biggest concerns with using a piHole. You could risk internal exposure of your entire network by having hostnames revealed and a hacker could also get a zone transfer and see a map of all your DNS records.
They also have to be configured to not be an open resolver, which means the piHole can take queries from any IP. This can be used for things like DDoS attacks, and could get you involved in legal issues or your IP address being blacklisted.
These are also mitigated with things like rate limiting, setting the firewall up well, and restricting IP's being used for your IPs only. Having a properly configured firewall is just fine here though, and having IPS would be the cherry on top. I don't think the devs intended for people to have these set to be open resolvers.
The other concern I have with these is that if a device on the network is compromised but not discovered, the hacker could get into the piHole and do DNS spoofing without getting caught. Then things like bank accounts, social media, etc, would be taken over as things like login details can be captured. To be fair though, this could happen on a computer as well if an infection wasn't discovered. An example of DNS hacking was the video I made a couple months ago about the hack being used on foreign embassies in Belarus. ESET has an article if you're interested in learning more about it on their welivesecurity website. The attack was called MoustachedBouncer.
Anyway, I think they are great devices. They just need proper setup to mitigate the security problems.