What is the use case for using TLS on an internal network?

See the note in the bottom center of this classic slide:

NSA intercepting Google traffic, writing "SSL added and removed here" with a smiley

This is from a leaked NSA slide deck. Tapping internal traffic is not rocket science, the only real requirement is that someone is targeting you. If there is something of value going over the cable, something potentially worth encrypting, then you may also assume that someone might be going after it sooner or later.

That’s why we encrypt internal traffic: physical cables are not always to be trusted. A guest in a waiting room having access to the internal network (due to missing or misconfigured (V)LANs) is not uncommon, or someone who is trusted but whose device is infected, or someone who physically breaks in, or a single compromised server that can intercept other servers’ traffic… there are a lot of scenarios in which encryption helps, also on internal networks.

Do you know where your physical cables run and whether all those places are guarded at all times? Is ARP spoofing disabled in every LAN you have? VLAN hopping mitigated? No WPA2-PSK WiFi anywhere? Intermediate firewalls and routers have 2FA enabled and are not hacked? Are all of the implemented measures tested? Did I not forget anything? From my experience, each of these measures is in use only in a minority of companies, and very few will have it all.

Setting up the encryption is typically easy these days. If you’re only talking about your own data, then you can take the risk for yourself. But when there are other people (colleagues or even customers) at risk, you really should enable it.

mojave – Internal microphone extremely quiet

I have a 2018 MacBook Pro running Mojave. Midway through a Zoom meeting, people were suddenly not able to hear me. I checked System Preferences and saw that my internal microphone was selected as the input, but it wasn’t picking up my voice (though it picked up the sounds of me typing or tapping). After turning my input volume to max and disabling ambient noise reduction, I was still only barely audible.

I have tried resetting my PRAM and SMC, but to no avail. Any help would be greatly appreciated.

penetration test – SQLmap finds injectable ‘id’ parameter but the response is ‘Internal Server Error’

I am trying to understand the SQLi so I ran SQLMap with ‘-vvv’ parameter

4: Show also HTTP requests.

I did scan one of the vulnerable and ‘free to hack’ sites.
In one of the requests sent, the response from SQLmap was:

(22:25:10) (DEBUG) got HTTP error code: 500 (‘Internal Server Error’)

(22:25:10) (INFO) GET parameter ‘id’ appears to be ‘AND boolean-based
blind – WHERE or HAVING clause’ injectable (with –code=200)

I tried to use same payload
GET /showforum.asp?id=1%20AND%20%28SELECT%20CHR%28116%29%7C%7CCHR%28100%29%7C%7CCHR%2885%29%7C%7CCHR%28111%29%20FROM%20SYSIBM.SYSDUMMY1%29%3D%27tdUo%27 in Burp but it keeps throwing me 500 error.

Can someone explain me how did excatly SQLmap come to this conclusion that parameter ID is injectable, while there was an error?
I tried to compare different 500 error responses, but no difference between this specific payload ant other ones.

Any answer will be appreciated,
thanks.

links – Repeated Anchor Text while internal linking for SEO

Having many interal links to any single page that has the same anchor text is fine. On this site, almost every link to a question will have anchor text of the title of the question. Repeated anchor text just indicates that the site is powered by a database. There is no penalty for having a database driven site. It is a very common case.

There are some cases where anchor text can get you into trouble internally. Repeating the same words in a list of links is really bad SEO these days. Consider the following list of links:

  • Lounge Bars Dubai
  • Lounge Bars Paris
  • Lounge Bars Copenhagen
  • Lounge Bars New York
  • Lounge Bars Taiwan

That looks really spammy. Users are not going to appreciate that. Something like this looks much better:

Lounge bars in other cities

  • Dubai
  • Paris
  • Copenhagen
  • New York
  • Taiwan

A few years ago, internal anchor text was very important. It was best when it matched the pages that it was pointing to. To rank well you had to use “Lounge Bars Dubai” as your anchor text on links to those pages.

That is no longer the case. Internal anchor text doesn’t count for much of anything these days as far as I can tell. Only anchor text from external links seems to have any keyword weight.

In fact, Google has started to penalize spammy repetition more. You are much more likely to penalized for keyword stuffing than get a boost for exact match anchor text if your list of links looks like the first one.

I would also recommend putting no more than 10 items in any list of links. Users almost never use more links than that in a list. Long lists of links are another sign of spam.

Why the number of external links and internal links has decreased

Advertising

y u no do it?

Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

Starts at just $1 per CPM or $0.10 per CPC.

redirects – I have redirected my homepage to internal page. Should I include my homepage in the new sitemap?

Google says you should not include URLs in your sitemap that redirect. If you redirect your home page to a deep URL, you should only include that URL in the sitemap.

If you do include URLs in your sitemap that redirect, Google will show you the error “We found that some URLs redirect to other locations” in Google Search Console. See this question for more details.

The canonical URL for that page should be the deep URL as well. A canonical URL should not redirect.

Redirecting the home page is not best practice. The home page URL is always your simplest URL that is easiest to type. For those reasons it is good for users and usability.

Redirecting to put keywords in the URL for SEO isn’t likely to work. Google doesn’t seem to use words in the URL path as a ranking signal these days. At most they could help with the click through rate from the search results if somebody searches for those exact words. See Are keywords in URLs good SEO or needlessly redundant?

Twenty years ago, it used to be common to redirect to an internal URL from the home page because of technology limitations. On many web platforms, URLs had to reflect the technology that powered them. (Like all URLs must end with .asp.) These days with rewrite rules supported on all major servers, that just isn’t the case.

I’d recommend not redirecting your home page URL. If the keywords at that URL are important, I’d recommend creating a separate page about that topic and let your home page rank for your brand and domain terms.

8 – How do I create a link from an internal path for the core Link class?

I miss the deprecated l() a lot. I am trying to construct the Drupal 8 equivalent of:

l(t('mylink'), 'admin/structure/types');

I am trying to generate a link to'admin/structure/types' (but will appreciate an answer that explains how to do this for any valid internal path.

I’ve looked at a lot of examples, a most of the them end up saying one should use Link::fromTextAndUrl in some construct like this – without explaining how to get $routename from the path.:

Link::fromTextAndUrl(t('mylink'), Url::fromRoute($routeName));

I’ve seen this suggested, but the object it produces is not text, but some object that does not even contain a textual link to be rendered on the screen:

Link::fromTextAndUrl(t('mylink'), Url::fromUserInput('admin/structure/types'));

SUPolicy to allow custom service to read and write from Internal Storage

I’m setting up custom service with custom sepolicy using this as a base:
How to fix SELinux "avc: denied" errors when launching DNSCrypt as init.d script?

My issue is that I want config and log files to be read and written (respectively) from the internal storage /sdcard aka /storage/self/primary

What are my options?

linux – restore data from internal storage of android phone

I am struggelling with the file recovery of an internal storage of an android phone.

I made a dd copy of the /dev/sda device which includes the system and userdata and some other partitions of the phone.

bla@bla:/media/Volume$ mmls sda.raw 
GUID Partition Table (EFI)
Offset Sector: 0
Units are in 4096-byte sectors

      Slot      Start        End          Length       Description
000:  Meta      0000000000   0000000000   0000000001   Safety Table
001:  -------   0000000000   0000000005   0000000006   Unallocated
002:  Meta      0000000001   0000000001   0000000001   GPT Header
003:  Meta      0000000002   0000000002   0000000001   Partition Table
004:  000       0000000006   0000000015   0000000010   padding0
005:  001       0000000016   0000016399   0000016384   recovery
006:  002       0000016400   0000032783   0000016384   boot
007:  003       0000032784   0001011727   0000978944   system
008:  004       0001011728   0001026063   0000014336   apppreload
009:  005       0001026064   0001041423   0000015360   cota
010:  006       0001041424   0015447055   0014405632   userdata
011:  007       0015447056   0015450106   0000003051   reserve0
012:  -------   0015450107   0015450111   0000000005   Unallocated

I am able to mount some partitions:

bla@bla:/media/Volume$ sudo fsstat -b 4096 -o 32784 sda.raw 
FILE SYSTEM INFORMATION
--------------------------------------------
File System Type: Ext4
Volume Name: system
Volume ID: 7019a2b4b48a33b92c4409cbe0a229c7

Last Written at: 2020-05-28 21:04:07 (CEST)
Last Checked at: 2019-07-22 16:11:16 (CEST)

Last Mounted at: 2020-05-28 20:55:42 (CEST)
Unmounted properly
Last mounted on: /system

Source OS: Linux
Dynamic Structure
Compat Features: Journal, Ext Attributes, Resize Inode, Dir Index
InCompat Features: Filetype, Extents, Flexible Block Groups, 
Read Only Compat Features: Sparse Super, Large File, Huge File, Extra Inode Size

Journal ID: 00
Journal Inode: 8

METADATA INFORMATION ...

But not the userdata partition. Are there any tricks I missed so far?

TestDisk 7.0, Data Recovery Utility, April 2015
Christophe GRENIER <grenier@cgsecurity.org>
http://www.cgsecurity.org

Disk sda.raw - 63 GB / 58 GiB - CHS 7694 255 63
     Partition               Start        End    Size in sectors
>P MS Data                   262272    7971615    7709344 (system)
 P MS Data                  8093824    8208511     114688
 D MS Data                  8208512    8331391     122880
 D MS Data                  8331390  123576413  115245024 

Outputs for userdata:

bla@bla:/media/Volume$ sudo fsstat -b 4096 -o 1041424 sda.raw
Cannot determine file system type

Thanks for any hints in advance!

Klaus

lenovo – How to unmount internal storage as a disk drive no root without pc

I’m very unlucky. At first my sd card got corrupted and than I changed the sd card with another one and then I thought that I would not be able to get my erased data back and I should start from a new start. But afterwards I noticed I was NOT able to see my files in Google Files app I got soo much scared and sad. But few days later I watched a video ‘how to hardreset an android’ I got little happy to see that title but when I started doing that trick, when I checked the recovery mode I literally saw no wipe data/factory option.

I lost my hope but it gets even worse later. I am no longer able to download large files and I can’t download the files that I get from whatsapp (from friends) even if they are like in KBs.(I need those files because they are important as they from my teachers). It says ‘You don’t have enough internal storage. Pls unmount the internal storage as disk drive’

If anyone knows solution to my problem PLS PLS PLS PLS PLSSS help me
I have lenovo tab 4 10 and it is not rooted.(Snap Dragon cpu)

Thank you