What about my beloved virus total

Yep all you need is a serial port

That's a given and built into my work EDR

well i mean anyrun is sandboxing, i think those might be quite different, especially because of infosec being the area of application for you, and anyrun being mainly applied for malware analysis to my knowledge

Oh shoot

Wait

Hmm what did I use that also had virus total built into it

@sinful moon found one. 1930 Model 15 Teletype for linux https://youtu.be/2XLZ4Z8LpEE?t=666

lol @ the timecode

urlscan.io is good for "sandboxing" but I get you. But AnyRun's free limits are much too limited for me without work deciding to pay for it

Also being small medium business myself, I just have to identify the thing, I'm not really finding novel samples and threat hunting all that much

ive never looked into urlscan.io previously

Wait is urlscan the one where it actually shows you the website but it doesn’t effect you because it’s isolated

It's just an anonymous scan of a URL, but some more advanced cloudflare protected malacious sites will often detect the sus origins of urlscan.io and refuse to work

yeah like i was saying, i think the area of application for anyrun might be different, you just need to identify it while, from what ive seen, anyrun is more for analysis and modelling the ttps of whatever/whoever made the malware, using a paid version of anyrun for identification would definitely be overkill, so using something like urlscan.io does make more sense

Still found tons of really sus malware URLs that have literally 23+ redirects on them lol

almost always it's just an O365 phishing template

all i can think of when i hear cloudflare is the enterprise extortion thing

i really wanted to work there until i heard about that, it seemed pretty cool beforehand

If I needed that I'd want a more controlled enviroment than AnyRun honestly

It's a really neat platform but the free version is far far too limited

In my opinion. Anyrun would be better if you are a malware researcher but even then they would prolly have there own isolated vm

could you elaborate, on what alternatives there are and what anyrun lacks in terms of controlling the environment?

Running my own isolated enviroment and controlling all the variables with no chance this would go public until I said so

yeah thats what i was saying earlier, its more applicable to malware analysis, which is the main reason i like it, it seems very cool in that context

on what

is anyrun not isolated enough and thats your problem or is the going public thing your problem, or is it a combination?

Not for beginners I'd say tho, running a true isolated enviroment taking everything into account takes effort

you wanting something to do

It's multiple factors, it's a poor subsitute for an actual reserarch enviroment, without paying money

If ya mean on what I ended up doing & am doing, not your OSINT project lol. Though just watching yt and a couple tv series

I'm sure if you pay them it's lovely, but I'm already running VMs for security research

i think for my intents and purposes, doing malware analysis for fun and just familiarizing myself or doing superficial reverse engineering, anyrun free is fine, but if i was doing it for a job/occupation, then i would find alternatives

do you think paying them or getting a home server is more sustainable?

I mean I already have the home server running ESXi lol

oi btw Ellie, forgot to ask ya multiple times. Any ideas of what to do with my old PSP GO

for someone who doesnt have a home server

But beyond that extreme, I'd still research doing so yourself. Learn ProcMon and other IOC kinda datasets that AnyRun is giving you. There's tons of ways to do this

I just remember looking at the prices and thininking that it's a neat service but not worth it to me personally

i figured not that 😂 but was curious what you ended up with -- youtube is always a good way

yeah watching piratesoftware clips atm

so for my intents and purposes what do you think would be more sustainable? home server, free anyrun, or an alternative?

https://www.youtube.com/watch?v=OdCSU96GjJo

if you wanna take a look

I'll generally throw sus files to a research VM I have to just check them out and see where they lead, typically VPNed through my pentesting server at a VPS service

Anyrun

i mean i would like to use my own virtual environment but im not sure how to get the same data anyrun does

If you aren’t doing this for a company and just for fun anyrun is good

alright then

learn ProcMon as I mentioned (Process Monitor from Sysinternals)

Sysinternals as a whole is invaluable, especially ProcEx, ProcMon and similar

@molten sky how's your reGex goin?

would procmon get http requests and dns requests as well?

with ProcMon you will see every API call, regedit write, file write and more a program makes

yes that too

oh sweet

Plus setting up a properly isolated environment is very important. You wouldn’t want malware accidentally attacking your own host os because you forgot to isolate

Yeah no shared folder, ideally put it on its own VLAN, etc

would i need a different process for getting a graph like anyrun?

Procmon won't give you a pretty graph, you will need to extrapolate that yourself

Ik virus total has a graph thing but I think you need to create a account for it

yeah thats one of my worries, and since im just doing this for fun i dont feel a need to go that far, im just keeping this in my back pocket if i do want to legitimize it

But yes VirusTotal does have a similar graph as do all EDR solutions in the professional space

I feel you

and i do think you know, if i were to legitimize it, i would want to do it right, with the right infrastructure, and im just not at a point in life where that is sustainable or feasible

There’s also some pretty good videos on isolation but make sure to do your research and see if they know what there talking about

I even get "fileless" EDR detections for supicious potential ransomware activity. A user cut and pasted hundreds of files from her workstation to another location on the file server she was working on.

My EDR will be like woah hold up, and list every single file she interacted with to revert the change, especially if this was actually undetected ransomware

yeah for sure, i will take a look just to keep that information in my back pocket if i do get an opportunity or a reason to make a more legitimate malware research setup

Oh wow

actually that might be a great use for me to make a home lab when im at a point in life where im legally employable

that would be something fun to work on and invest in, and would go great on a resume i hope

thats pretty interesting

thats lot of information to have accessible

I wouldn't nessessarily list home lab on resume but I'm no pro there. But I can absolutely recommend it personally

all you need is an old machine with enough RAM and that's it

don't go crazy like I did unless you really need to lol

But what do you mean by fileless. Wouldn’t there be files involved if the user pasted files?

well not home lab but, like any malware research i had undertaken using that home lab as a side project

aka there was no spawning process which created the issue

Ah I see

FILE02 the server detected the issue due to the share being messed with en-mass, and then just saw that this specific workstation just modified hundreds of files all at once in a suspicious mannor and stopped it

If it wasn't for this user doing it intentionally, this would have been a great example of detecting ransomware activity even if the EDR agent isn't on that workstation

That’s very cool

For sure

bit less cool when this one user has triggered this three times but again I'd rather have over active than underactive threat detection

each case they had cut/copied nearly a thousand files so can't blame the EDR for being like "wtf"

💀

Can you tell the user to stop what they are doing?

lol I spoke with her on the phone more than once about this

Basically she didn't even know anything happened and didn't care lol

yikes, i try the vulnerversity room and quickly realize i need to use and attackbox and whatnot and actually utilize tools and exploits that i havent quite learnt yet, so the offensive pentesting path is more for reinforcement than for learning like i had thought

Never learns ig

so ill have to do this path once i do jr pentester, so then i have the knowledge required to move forward

btw quick tip as you're getting started, use all your tools even when you're not told to

Also NOTES

always nmap every single room, you'll get the flags down stat that way

mhmm that too

We love notes here

yeah i mean ive been noting everything i learnt from this

hey guys

and earlier when someone was talking about how to read smb i noted that too

how do u autofill in linux terminal

keeping everything in my backpocket

As a quick counterpoint, it depends on the person but I'd highly recommend to only keep the notes you need to quickly remind yourself of the topic. Don't be like me and accidently create wikipedia articles

i might do the free bits of the cyber defense path if wireshark 101 is free

yeah i keep it vague, just enough to jog my memory or give me a boost

mhmm exactly lol, I get to obsessive and can take things too far but I've learned from that

but imo creating wikipedia article length notes doesnt hurt as long as the wording is vague enough i can go off of what i remember and search it to find it again

wireshark 101 is in fact, not free 😭

Imho even then, I've heard "smart notes" as a note taking concept, I'd instead argue ironically for "dumb notes". Don't frontload this with a bunch of info you already know and will maintain long term, just the stuff you're likely to forget

Sadly a lot of the path rooms aren’t

just enough context to get you going, and it also keeps your notes more easily searchable

yeah i have to run through a bunch of modules and find the free ones

.

im just trying to keep my streak going until i can get a subscription so my knowledge/routine doesnt deprecate too much

Press Tab to complete commands and file paths

or atrophy might be the better word

if you use zsh you can even Tab complete flags, which shows suggustions and tips on what each flag does

you can also tab complete package names in zsh at the very least but probably bash as well

it isnt working

does anyone have a suggestion for what path i should do the free bits of next? ive done the free bits of JR pentester and SOC level 1

Most impressively zsh tab completes AUR community package names for Arch which is wild

its just cycling through the options

im looking for ones to add to my knowledge NOT reinforce it

Yeah my zsh got corrupted so I deleted it

That's because it's bash and you're using default settings, Tab complete in bash will have that behavior by default when there's two matching terms

in zsh it just cycles between the two options without being quite as weird

I'm also not saying just switch to zsh, that is a substantial change, it's just a nice shell

i was trying to revert to the original directory and it didnt work

that's not a good use case for tab competion anyways

that's more a job for cd ../../.. kinda stuff

If I remember cd: brings you one directory

it changes the directory

You said you wanted to go back one

ye

Oh original

i think the Attacks and Exploits module might fit my current status

?

That’s not to you dagger

cd .. is the most basic expression of that, but I think Aces's shortcut works as well

.. literally means one dir up

cd: ?

wdym

Try that

ok

It was targeted to trymph

Nvm

if you ls -la you will see . and .. as "folders" in the directory, they literally stand for current directory and one directory up respectively

oh i see, yeah what i was saying wasnt related to anything

Hm

yeah just stick to the .. format, I've never heard of AceS shortcut there

I swear that worked

Hold on

try it

wow there is a decent bit of free content, i just need the right modules and i need to find the information to fill the gaps

besides easily to go up as far as you want with cd ../../../.. style lol

I wonder if there’s a Linux terminal online to test

I’m not near my computer

bruh

I still remember when I was between 6 and 8 and messing around with CMD on Win 9x. I saw these .. directories I couldn't see in Windows and they looked sus lol. I thought I had a virus or something

why'd u think that

But nah that's just the demoninator for "up one directory"

Wait I told you wrong trymph

Try cd -

bruh

sure

ye that worked

Because it was like 1998, I was 7 or so and didn't have much MS-DOS experience. So I had no way to know that the mysterious .. directories were an intended part of DOS I couldn't see in Windows

there r so many useful commands

ahh

so u r 28 rn?

You can also just run cd with no arguments to immediately go to your home directory

oh

Pretty cool

Either that way or ellie way. Btw do you like being called Ellie?

Most people use cd ~ because they don't know

Lol

who is ellie

uh closer to 32 lol

Ellie be me

and yeah that's more than fine

Ight bet

bruh

sick stuff

oh right

I won't lie, I'm a 18+ year Linux user and did figure I had to cd ~ to do this. Thank you lol

Gave +1 Rep to @stray tapir (current: #2157 - 1)

oh i'm not even doing that rn

i'm working on a flaresolverr pr

the more u know, the more u will realise how much u dont know

I see why you know so much stuff now

Yep pretty much

lol goes for both replies

HAL, sysvinit, and ALSA were the norms of the day when I started Linux lol

does anyone have any suggestions for a FREE module that can prepare me for my first CTF room?

I only got into Linux 3 years ago

And programming stuff since middle school.

my end goal is to me well rounded in pentesting and have job opportunities, and be able to do CTFs for fun

i mean technically, you can do that at any level

brb I spilled a drink 🙃

Yeah same

I do this stuff as a hobby but I'm not sure where to go from here

okie back

I've been thinking of trying to work towards getting a sysadmin job working with Linux or something, but I really don't know how proficient I need to be.

Honestly it's likely you'll see a minimal amount of Linux unless you work for a larger org. I by far have deployed more Linux servers than anyone ever at my org before including my boss, and that was just for simple getting things done tasks

It's 100% good experience just more in learning how computers work further than just what Windows exposes, but yeah good experience either way

i do plan to get jr pentester done to prepare me for my first real CTF, but i still want something kinda simple with "real hacking" to reinforce some type of learning, from some type of module

Not trying to steer you way but you will find a ton of Windows Active Directory and Azure AD Entra ID instead in many ords

but yeah you do need that Linux experience since that will almost always be your attacker machine

Yeah I lack a ton in windows knowledge

just don't devalue Active Directory in particular

does anyone know if these would prepare me for my first small CTF?

i have many questions but, thats because im out in the woods here with no subscription 😅

This sounds dumb to a lot of people, but Linux is just easier to understand

For me at least

Nah I agree and kinda concured with my ealier statements

because it's not "obfuscated". Not that Windows is all security via obsecurity, but it's significantly more opaque how things work together for even power users vs Linux

what, you don't like windows's 73 different Settings apps that all do kinda the same thing but gradually shift options between them?

there is truly information for everything on THM lmao

The windows registry I cannot wrap my head around

i think i just unlocked a core memory

It was a idea that only made sense in 1991ish when it was invented

ngl the registry is actually one of the few things ms did well imo

they wanted to do away with ini files in each program directory for managing settings

and Windows registry was their solution

but over time yeah it became the insane hellscape we have now

Why not just a /etc/ directory with a bunch of config files?

Ultimately Group Policy is actually what you want to be using to manage a vast majority of your Registry settings

nah the registry is fine, it's microsoft's never ending moving shit around and changing what entries do that makes it a hellscape

If you have Windows whatever Pro, then you have Local Group Policy Editor and can make some very very powerful changes to your own machine on a more limited scope

Hmm

Group Policy when orchestrated by a Domain Controller, makes these changes to many devices all at once and it's very powerful

Domain Controller == the Active Directory Server

I need to setup a windows server with AD some time to learn this stuff.

im looking at CTF rooms right now, from what im seeing most of them are just puzzles, are there any somewhat easy ones that i can do where i actually get to put tools and whatnot to use?

For sure, it's great experience and THM has some rooms for setting up the basics and learning the fundimentals

AD and GPO is one thing I wish I knew more about before actually moving into IT, but you don't know what you don't know when it comes to a lot of this stuff until you see it

That being said for all these on prem solutions, a lot are moving or have moved to Entra ID (cloud AD) and their own solution for handling Group Policy Object like changes... although we're almost getting far enough along that some orgs are saying screw it and moved back on perm lol

AAD

many of them also seem vague on their prerequisites, which makes it hard to look for things and learn appropriately to do them

i stand by it

Yeah I know, it's still in the URLs even lol

and I did say AAD further above, but might as well introduce the newcomers with the current terms, as awful as they are lol

i didn't even notice lol

i just saw Entra ID pop up in my peripheral

It's okay we all know Microsoft for such hits as "Windows Fundamentals for Legacy PCs", "Windows Embedded Compact 2009 vs Windows Embedded 2009", and other fun naming changes such as still awful O365 to M365 transition lol

Sadly Windows Fundimentals for Legacy PCs is quite dissapointing, being a just barely stripped down XP copy for legacy hardware. Vs "Windows Thin PC" where they went much harder for stripping down Win 7 for legacy hardware

Windows Thin PC is a very nice underrated release despite being 32bit only, but yeah only going to find that via VL and MSDN really

Didn’t mean to kill chat, have some Win XP running on my iPad

Got JIT working well with SideJITServer, no complaints after locking a library to a specific version to get this to work over Wifi

first time I ever cared enough to sideload an app, after enjoying UTM SE so much on the App Store

although lol, I've only been an iOS user for 3 years, so take that with a grain of salt. I ran custom ROMs on nearly every Android phone I had before that

anyone?

holy shit malware tech streams now?

the guy who found the kill switch for wannacry?

Spent way too long realising that after the : was a ! not a lower case l

lol ouch, understandable

Morning

Morning Kyooty!

I don't remember many instances of me wishing you a good morning vs a good night lol

ive gotten perhaps all my questions answered today, except this one, either im shadowbanned, or there isnt any free modules that fit this bill lmao

I wish I could give you a proper answer, but I'm not sure which rooms are free and which arent. The Pickle Rick room was a great first CTF room, and the path that lead to it set me up for it, but I am unsure if they are all free

i think most of the CTFs are free, im just looking for a free module that can give me the knowledge to get a CTF done, perhaps the reason i didnt really get an answer was my wording being ambiguous

those rooms were all I really needed that taught me how to complete the picklerick room

maybe the nmap room also if you havent used that before

alright i will write those down, is the upload vulnerabilities neccesary for this CTF? since that one is the only paid one here in this module, if it is worst case scenario i watch a walk through of it

i will check that one out too

only the live host discovery part of the NMAP module is free, i think that should be fine though

The upload ulnerabilities does cover topics that will need to be used in that (and probably most) CTFs

i see, so i happen to be missing the main valuable material in that module.. lmao

alright, i will just watch a walkthrough for it and hope that works out

nmap -sV -sC -T4 10.10.10.10 -vv -On output.nmap will solve 95% of rooms for you port wise. But this lacks UTP or all ports like using -p-

still good info, but yeah read up on the flags and form your own standard you can throw out like that

i think ill get to that once i get a subscription, so i can understand the -sV -sC, whatnot

that was easily from memory

scan services, scan common basically

also is the steel mountain CTF difficult? i recall in the show the tagline of steel mountain was literally "impenetrable"

a bit less agressive than -sA iirc which is Scan All

-T4 however is a very agressive rate which should only be used for CTF and learning

Thats at the end of the Complete Beginner path, I'm about 4 rooms away from it now so I havent tried that one

is there any command i can do to just view all of this?

are you familiar with linux man pages?

man nmap

yeah that lol

right, and im assuming man is short for manual?

also with zsh you can see flag tab completion

exactly

does zsh stand for anything?

z shell

https://www.stationx.net/nmap-cheat-sheet/

lol

Hi Eli

Hi Dagger

heya

also it’s Ellie but idc that much c:

good morning

Ellie

Eli is a male’s name with biblical conatations in english lol

i mean it seems pretty sweet, im reading the description right now and it has you use metasploit for getting foothold, which seems fantastic for reinforcing learning or anything of the sort

english is my 3rd language

i would love to try that out after i do the red teamer path

Yep no worries, you’re doing more than well enough to the point I’d not have known that

actually, the red teamer path doesnt even have metaspoilt

i must have gotten mixed up

I thought it does have it?

jr pentester does, so i will be able to do this sooner than i thought

apparently not

i thought it had more information on c2 and persistence and metasploit, the sort, but it doesnt

pentester is a part of red team no?

it has intro to c2 and windows persistence, thats about it

i think its more offsec than red team, i wouldnt know for sure

How much do you want these VIP courses, I can tell you’re pretty dedicated

Have you done the Blue room? I'm not sure if its free, but its a metasploit centred "CTF" room, it holds your hand so not a real CTF but in the end it has you finding flags on windows

ayy

how's my pfp looking

as long as i learn something from it im more than happy to do it, it sounds good as a prerequisite to a CTF that actually challenges me beyond what i know, could you send a link?

i would jump into a pit of scorpions for it lmao

no

https://tryhackme.com/r/room/blue

it is not

thank you very much 🤝

Gave +1 Rep to @candid niche (current: #278 - 19)

@molten sky how's my pfp?

nb. is that from something?

also wondering if the bio is from something lol

it says "R1sh0x on eyes"

wait what does it

ye I just googled it apparently they are not hte same

Red Dead redemption 2

i don't see that part ,-,

https://tenor.com/view/table-hit-yakuza-hitting-table-walk-out-gif-15307369

oh shit yeah solid game

i made it from copilot

for free

lmao, im jk, i will search a walkthrough for the nmap room and try getting this one done

powered by dall-e

common misconception -- it's even my bio on here right now lol

the command Ellie linked above should be enough to get you by for the time being until you can learn how it works. just replace the IP address in the command with the IP of the box

OK no need to have beef with me

huh? i just said it's a common misconception

and that it's common enough that i've set my bio to it

bro is convincing everybody that using kali ain't red teaming

ill keep it in my back pocket if the walkthroughs dont help, but i do want to get this done based on stuff that i know and understand to the best of my ability

gotta stand by at least some priciples, lol

that's one of em now

gg

ok i've to go

bye

o7

OHH THIS IS THE ROOM FROM THE OFFENSIVE PENTESTING PATH

perhaps i quit that path too early because i dont have access to the paid content

i should at least try to understand it

even if i dont have access to the more advanced paid content

i should be able to get by on walkthroughs for now

why are you so dedicated to do courses?

gotcha, totally understand (:

nmap will be the first command you run for almost all CTFs unless you are given the info already that the nmap would show.

in short it scans the IP address for what ports are open and reports back other details, so you know what kind of exploit you may want to use depending on what services are running / what ports are open

Try port swagger they have lots of basic free rooms

it was a lil funny going through the pathways after subscribing and being like oh shit i already did this this and this without realizing

the portswigger rooms are decently well put together iirc as well, them as well as the nmap rooms (if those are free)

yeah i will definitely have to look into it further given my only experience with nmap being from... greyhack lmao

great game haha

i dont know enough to play it well lmao, i rely on the exploits in the shop and absolutely cannot hack a website for my life if there isnt a root user on and a good exploit in shop

i mean one website had no firewall rules, and i couldnt do anything with that

you will learn a lot here, I just hit my 50 day streak and the amount ive learnt is far more than I expected

Bro you can also try..overthewire bandit ..you will learn more and its also funnn

Where

Gonna be some fun looks I'll be getting, going to work with my motorcycle helmet

where?

Here

i did take a look but i just would prefer to be able to keep it to THM

thank goodness, ElizabethNoir gave me a voucher, so i have 3 months of VIP

so ill be grinding lmao

Haha sorry i now saw 'here' word

oh wow! what a great gift.

+rep @sinful moon

Gave +1 Rep to @sinful moon (current: #37 - 205)

very much so

im gonna grind the Jr pentester path and do the nmap module on top of that, since for some odd reason the nmap module isnt in the path itself

For sure and no problem, can just tell Dagger will do well c:

Yeah the modules and paths are not always mutually exclusive (or maybe I have that phrase backwards, but you know what I mean lol)

fun looks?
i didn't take my bike up north bc it's get stolen, so I always took my car. I had to take my helmet to campus one day to fix up my comms and deal with an RMA on them, but was running a bit late and went straight to class instead. the Instr. asked, looking very confused, why I was walking around with a motorcycle helmet despite coming in a car

yep, at least from my questions on this server i have an idea of where i want to go and what to search to gain that

perfectly good question but i wasn't prepared for it, so mentally just stopped for a moment and was like well fuck this does sound weird w/out that context

Mhmm, and folks here will be more than glad to give guideance c:

I am going to be sitting in a train with a helmet that represents a bunny

Parked my bike at the train station

..just wear it instead then

It'll be hot like a mofo, cause it's a 1 and a half hour train

fair

turns out it is, im just looking in the wrong places lmao

usually i just look for the module header, not for the rooms

thank goodness

this will get me covered to do my first CTF, without a doubt i should be able to get the pickle rick CTF done with this no problem

i mean..

i think this might even be overkill for the pickle rick CTF

Yeah the rooms for each path are generally the recommended way to progress, modules are just single bits of info on their own kinda

and yeah there are some beginner CTF rooms in the more red team focus learning paths

how do you ask a question or answer one?

Instructions can be found at https://dontasktoask.com

I was referred here from the tutorials but apparently am not reaching anyone.

looks like you dropped a msg in #room-help and #intros --- no bites there yet?

....CIA?

Si

lmao im jk

i know what it means from the free bits

now i get to go more in depth though

Confidentiality Integrity and Avaliability

like calling it the free bits lol

Yeah that’s the paramount bits and counterpoints to security that you have to ensure for users in a blue team standpoint

i just remembered i can do the wireshark 101 now

thank goodness

you can make the most secure system in the world, but without Availability then it’s useless for end users for example

@light sorrel just looked back at #room-help and it seems you actually got a couple relies --- not sure if you saw yet

"The CIA triad is unlike a traditional model where you have individual sections; instead, it is a continuous cycle. Whilst the three elements to the CIA triad can arguably overlap, if even just one element is not met, then the other two are rendered useless"

The tutorials have changed so pasting the ip address of the attacikbox just goes to an error page, not to the site shown in the video using the same method..

I've always found the availability part of this to be of dubious inclusion in the "security" side of things

did you see the two replies in #room-help or nah

no - I'm new at discord - I'll try to find them

i'll link here if it's easier, one sec

#room-help message @light sorrel click here

Mhmm, without the CIA triad, you can make a secure platform that is impractical to actually use

let us know if that's applicable to your issue

not long until rocks will be in danger

although fair I’m mostly thinking about the availability side, but going too hard on confidentiality or integrity results in the same issues in lack of availability depending on the solutions

i vote that availability should be a separate topic and the CIA triad is role blurring nonsense

I think rocks and The Rock will remain secure

Yeah I guess I didn’t really notice how lopsided avaliability makes the CIA triad until now

confidentiality? no doubt security. integrity? no doubt security. availability? that's the guys over in HA or the NOC or whatever

but fair you can just kinda say “erm backups” and call it a day which is probably the lowest common demoninator answer

im learning now the principles of security room is very ambiguous lmao

it phrases PAM as the translation of PIM into a level of access, then the questions frame it as PAM being the management of access and not so much the translation of PIM -> PAM

lol if you’re not quite aquainted with actual blue team/defense yeah there’s a good bit to know there

It depends on the OS/Implementation what it’s called

I == who are you A == what can you do

That too

( they are often used interchangeably tho so it's grey )

Also as just general names PIM is what you’ll see in Azure and PAM in Linux, as just general framework/API names

well

PAM is used and PIM ignored

so less interchangeably more nobody says PIM

Except Microsoft but they’re a special child as always

lol even in the case of Azure people say PAM despite it being PIM

i think at the very least, i will remember what i need to if it ever comes up

at least that's what i've noticed

lol totally fair

not a MS shop

which im sure it will but, not in the near future

you're in keyword hell right now --- idk the last time i've said PAM in a real life conversation

But for example to enable SSO/MFA for like ssh login on Linux, you need a custom PAM module which hooks into how SSH works

yeah im trying not to think too much about simple terminology

im mostly keeping stuff i find important in my head and remembering that

it's more the concepts that matter at this point imo

i will keep that in mind

i think remembering the basic premise of something should be able to jog my memory and remind me of the specifics

know what the difference is between PAM and PIM and SSO and 2FA/MFA and 2-Step

on that note --

2 step is not 2 factor

google is dumb

mhmm

SSO != MFA

to what extent is the steel mountain CTF based on show? because im watching the "hacking steel mountain" clip and they make steel mountain seem like an impenetrable fortress, which makes the CTF seem wildly intimidating

despite them often coming up in similar documentation and same articles even

also AWS is dumb ------- curse amazon for only allowing a single mfa option on your root account

ouch didn’t know that

the only reason why my AWS still uses TOTP rather than yubi

And honestly it’s been at least three years since I did Steel Mountain. I remember some references but it wasn’t very closely linked

ive only ever used ZAP for hosting a fivem server, which i dropped because id rather pay for THM > ZAP lmao

the lesson has its own exploits to show you

i dont think ill ever have any reason to use AWS

ZAP? i need context

its applicable knowledge/experience nonetheless though, right?

Do consider DigitalOcean if you ever need a VPS in the future, I am gladly shilling for them because I love the service

honsetly even if you don't go all out with cloud native, AWS is nice to at least get some basic familiarity with at some point imo

ZAP has tons of game servers and VPS you can host with easy to use interfaces, and decent pricing

my personal use nowadays is pretty limited tho, mostly r53, ec2, s3, cloudfront, and a couple others here and there

ill have to look into it, for the sake of keeping the knowledge in my back pocket

I did straight up go to their tech support and asked about running a vuln scanning server for work, they were like, no problem as long as you aren’t forging invalid IPv4 packets

DigitalOcean is absolutely solid tho as Noir said

i think AWS loosened up their port scanning rules recently as well

was it AWS that banned it? idk

this is the first time im hearing of them, perhaps since ive never gotten much into any cloud or server stuff

i never cared tbh

yeah I wouldn’t even chance running a server like that on AWS

DigitalOcean gets EXPENSIVE for anything large scale, but they are awesome for small scale

very simple

avg prices

yeah $5 gets you at lot if you can navigate terminal only linux, as most servers should be

glares at windows server

i think if i do ill probably just buy a PC from ebay and upgrade it to my needs, if im gonna do it i might as well do it 100% and make sure i own everything and have it configured to my liking

Heh there’s always Windows Server Core which no one ever uses sadly

i love being able to do everything by GUI, i hate having to rely on it

Trust me, more linux experience and you can admin a server via command line no problem

i find myself physically repulsed by using a gui on servers

yeah massive waste, but you see it tons in small-medium business just due to ease of administration for newbies

yep, i do hope that just experience with attack boxes and replicating it on my own VM can get me there

honestly if you get bored one day just try some things in r/selfhosted lol

Mhmm honestly it’s not hard, just learning how to learn Linux commands and etc is half the battle

man pages and more really does kinda just get you there already

although sure there’s some less common commands which are a bit more “word of mouth” like using trail -f to view the last 5 lines of a log file, and then continue to view the output of the log as it’s updated

freaking invaluable

also does, for example, "man nmap" work on ubuntu or only arch?

watch

both

great

just making sure

man is part of the kernel, should work anywhere

you just need to install man if it’s not already installed on Arch

should be tho

should

that is a peculiarity of Arch in particular

Yeah it didn’t used to be this way, but more reciently its its own package not in base

im gonna assume it works on ubuntu, since ubuntu is very user friendly

but seriously, watch x2 ---- extremely useful when a use arises

ubuntu can die

but yes

after nullbytes reccomended ubuntu i dont think i will ever use anything else

pls reconsider lmao

i dont see whats wrong with it

Meanwhile for deploying at work, yeah can’t complain much with Ubuntu Server LTS

you don't need to switch rn, just the "ever" part

user friendly, security is okay if you do your due diligence, i havent heard anything bad about it besides the snap downloads

Yeah no Ubuntu is not the endpoint lol

ubuntu server i'm more willing to accept than desktop

just a beginner friendly distro

well, maybe i will get to a point where i see something wrong with it, for now i dont

my personal stance: canonical can fuck off of any device i manage

why is that though?

Are you running straight up GNOME 3 Ubuntu?

canonical is the microsoft of linux

i dont have it configured right now, im too lazy to set up my VM again, given that the attack boxes do me fine, im running win 10 and i have yet to configure a VM, i factory reset recently

https://tenor.com/view/взгляд-2000-ярдов-война-war-soldier-gif-3632617944134077161

well, what reccomendations do you have?

Okay most attackboxes are XFCE based which is solid

from spyware to what i consider horribly anti consumer and/or anti user practices like swapping apt packages for snaps under the hood or the ol sending all your searches straight to amazon

im used to XFCE from my experience with kali on.. vbox

use XFCE for GTK focused or KDE for Qt focused. I’d argue XFCE if you like a bit more retro vibes or KDE for modern

alright now you could have prefaced with that and i would have been much more willing to switch 😆

whats wrong with gnome?

i hate the excessive rounded corners and big icons but other than that, its alright

These each have specialized Ubuntu distros, Xubuntu and Kubuntu (or KDE Neon) respectively

TO BE CLEAR ubuntu is a fine entry distro
i'm just more anti canonical than a lot of people on here

well what are some alternatives that are also user friendly?

would mint suffice?

GNOME 3 is awful in that is highly touch based, and just a really weird model of window and UI management

If you like it that’s fine but it’s not for me

i personally use fedora nowadays but that's just cause it worked well for me --- mint is also great. mint is downstream of ubuntu but they pull a lot of the canonical crap out like snap

for the most part, you want to pay attention to DE rather than distro

my main problem with it on ubuntu was that in the tab manager all the windows were different sizes and placed as "bubbles" which was more aesthetic than efficent

you like gnome? fedora gnome, debian gnome, whatever, they'll all work

you like kde? fedora kde, debian kde, etc all work

I have a differing opinion on Mint in that I don’t see the use case anymore since Ubuntu long since has the codecs Mint was designed for but meh

Mint does have Cinnamon but that traditionally had issues with gaming

i will check them all out and get a VM of whichever i like, tommorrow i will virtualize one before i continue to a CTF

the use case for mint is deb deriv that isn't canonical and has a faster rel cycle than deb, while also being more user friendly than straight deb (since deb is admittedly pretty raw sometimes)

well i mean im on win, so that works fine for gaming, i will use mint virtualized for my THM needs

are you only using linux in VMs or your host as well?

Not sure how trustworthy their release cycle is with low usership but that is a fair point

Which of you have a second monitor and do you recon its a mandatory purchase long term?

for what?

pretty consistent actually -- they're pretty solid iirc

I mean don’t forget how badass proton is with Steam and other solutions

~~ better than manjaro ~~

97%+ of games work just fine on Proton

wasn't sure if you were running a linux desktop as well or just a VM

I run 3, I could totally go a 4th, 2 is required imo, but id say its personal preference

when i did try ubuntu as my main distro, i used proton to get space engineers working problem free

literally anything that's not AAA competitive like cod. battlefield works great tho

the steamdeck moved linux compatibility along pretty quickly

Yeah it’s only kernel level anti cheat which doesn’t work

yeah i use windows 10 rights now, my desktop was made with windows in mind, at the time i never planned on ethical hacking as the main purpose, and i have yet to configure a VM since i factory reset a few days ago

and that’s already some pretty cursed software lol

if i am to switch it to my main OS, i will probably by a used thinkpad for it or something

Totally with you on that, I plan on getting 5 eventually, not just practical but it would look cool as hell

as very effectively demonstrated by crowdstrike lol

Tbh idc about playing competitive games, too many sweaty people

Yeah I’m far more a singleplayer main

sandbox games like space engineers or gmod, are fantastic

I recently put aside my second to use an ultrawide instead and I could get by with either
one normal 16x9 would be a downgrade though. certainly workable, but if you can afford either a normal (not high-end gaming$$$$) ultrawide or a second normal monitor, it's a pretty solid QOL boost

satisfactory got boring quite quick

so should mint be fine for my THM needs without having the negative things that canonical presents?

Totally fair but I play too much retro for Ultrawide to make sense

i need a second ultrawide overhead

i was getting off topic from this main question

not an issue for me lol but that would be quite difficult to manage

Ubuntu and Mint will both be limited in terms of infosec package avaliability, but will be in a decent place

you’ll just have to compile some (which is trivial)

curious what you mean by "with windows in mind" -- are you thinking that there would be any blockers to loading linux up?

or just not a thought yet

Nix might have some of those packages.

honestly most of what he'd need is in ubuntu, and the minor ones that aren't are always being backported from kali

Do you like ultrawide because it looks and feels abit cleaner or do you have another reason?

I hope you’re not actually recommending NixOS if thats what you mean. It’s a very interesting enviroment but not for beginners

No I'm not, I'm talking about the package manager

just works well for my workflow. I never have things maximized across the full width -- i have several windows open side by side without the bezel of 2/3 monitors (no bezel also means i can have ~middle~ items, which is another plus)

You can install nix on any distro

so just much cleaner and a better UX for my use

How can the package manager function without the core ideals of Nix and weirdo hash based directories tho?

brb gonna install pacman on fedora

Oh I’ve seen worse

I used to do Linux tech support on a major Linux Discord

we got so many standard “how do i install steam on Kali” questions lol, but one was more perplexing than the rest

man those two things suck individually, why would you combine them 😂

tech support and managing discord users en masse

“my friend installed kali tools on arch but now everything is broken, help”

“um what”

Idk its some real wizardry. I recommend using nix because its literally like the aur in terms of package availability.

“my friend installed apt to run a script to install all the kali tools on Arch”…

you can see where this is going

they literally installed apt on arch just to install the Kali versions of tools and borked their isntall

i got it for gaming, i got corsair fans, a MSI motherboard and cooler, NVIDIA GPU, AMD CPU, i know AMD is alright on linux, but my fan software didnt work, my motherboard and CPU cooler software didnt work, i hadnt ever anticipated using linux on it, when i did use ubuntu on it, due to linux and windows using different memory formats or something, i had a terrible time switching back to windows especially because i was very new, even now i think i would be better off sticking to windows and using linux in VMS until i actually use linux for my occupation or something, which im quite far from being legally employable, so i dont really have too much to worry about in terms of that

i feel like encouraging new users to install tertiary and under utilized package managers unto distros they have no proper support for is a recipe for disaster

even if the benefit may be there for people who can manage

i do want to use linux as my main on something, for fun, and i might get a secondary SSD to dualboot, i do have a hard disk, but i dont trust those at all, especially not to hold an OS, when i was much younger i bricked two hard disks, after accidentally moving my laptop in a jitter motion

I would strongly recommend against Nix for package management, especially if it keeps to the ideals it’s trying to shove into other distros

NixOS is neat if that’s what you want, but no we should not shim versioned and hashed directories into normal Linux to make Nix happen on other distros

ah yeah no that niche software is pretty difficult sometimes
a lot of it has been ported in some capacity but far from all --- and as it communicates directly with the hardware, that's even harder to bottle/translate on the fly
nvidia is also very 50/50

Ok suite yourself then

Yep agree to disagree, no worries at all c:

yeah, if i am to switch to linux, it'll be on a second SSD, or an entirely different PC from ebay

simply because, this PC isnt built for linux

I do find NixOS fundimentally interesting from a tech standpoint though and admire its goals despite not being for me personally

weird thing to say but it's less building "for" linux and more avoiding the small handful of companies that say "screw y'all i don't wanna support you" like nvidia

is kinda like OverlayFS we see in game modding in some ways which is neat

the community does a lot of good work on that front tho

just forcing things to work with drivers built mainly with duct tape and glue

To be fair Nvidia is barely making some progess finally

they get no reconition from me yet

same as when intel "open sourced" some software recently, lol

intel?

lol they were like, hey we made the kernel driver all open source, and loaded any remaining propritary bits back into the binary blob

ayyy that's the one

but reportedly Nvidia Proprtiary now works in Wayland

I have yet to test for myself

the guy maintaing the github repo even said in some Issues like yeah this isn't open source idk why tf they're telling everyone that

hey guys

yeah afaik they just offloaded it all into the binary blob as mentioned lol

Speaking of nvidia drivers

but fair this is much more auditable as is

I recently tried out using nouveau with nvk

(root㉿kali)-[/home/toxic/THM/GoBusterChallenge]
└─# gobuster vhost -k -u http://webenum.thm -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -t 10 --delay=200ms

===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)

[+] Url: http://webenum.thm
[+] Method: GET
[+] Threads: 10
[+] Delay: 200ms
[+] Wordlist: /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
[+] User Agent: gobuster/3.6
[+] Timeout: 10s
[+] Append Domain: false

Starting gobuster in VHOST enumeration mode

Found: 1 Status: 400 [Size: 424]
Found: gc._msdcs Status: 400 [Size: 424]
Found: 2 Status: 400 [Size: 424]
Found: 11285521401250 Status: 400 [Size: 424]
Found: 2012 Status: 400 [Size: 424]
Found: 11290521402560 Status: 400 [Size: 424]
Found: 123 Status: 400 [Size: 424]
Found: 2011 Status: 400 [Size: 424]
Found: 3 Status: 400 [Size: 424]
Found: 4 Status: 400 [Size: 424]
Found: 2013 Status: 400 [Size: 424]
Found: 2010 Status: 400 [Size: 424]
Found: 911 Status: 400 [Size: 424]
Found: 11 Status: 400 [Size: 424]
Progress: 2414 / 4994 (48.34%)^C
[!] Keyboard interrupt detected, terminating.
Progress: 2426 / 4994 (48.58%)

Finished

I need help coz I dont understand why I am receiving 400 status codes every time

i found it lmao https://github.com/intel/xess

In terms of performance I wouldn't say its on par with the propriety driver just yet, but I can play Minecraft and some less demanding games with good framerates

It’s because there’s a ton of pages you’re attempting to scan for which don’t exist, that’s normal

my god, 3 years ago it was announced

3 whole years already

What am I doing wrong?

You didn’t let it complete or used the wrong wordlist

or add a filter for 4xx so you don't see it

but they'll still be there

just hidden

I have let it complete so many times still not working and I am not using the wrong world list

Most likely read the room a bit more closely

I have even gone to docs and pple have done the same thing I am doing but for me it is not working

I do believe you but it doesn’t help that your output to us includes a Ctrl^C

I canceled it coz I already know the end results

It’s been a couple years since I’ve done this room but I don’t remember having any issues

For me I don't know why I am having an issue

Ill take on the job of @sick lance , this belongs in #room-help

Yeah probably for the best

alright, finished "principles of security" im gonna look into debian, fedora, and mint cinnamon, and see which one suits my needs

I highly recommend Hannah Montana linux

I’d personally steer you towards Debian or more likely Fedora tbh

🔥 but i think i will go with amogOS

maybe temple

Debian is great but package base is just too old, and you’ll end up compiling a ton yourself

Tbh Debian is great. I used it as a daily driver for my school laptop.

ah then thats not for me, im looking for minimal maintaining work on my VM, so ill check out fedora or mint cinnamon

Fedora is pretty forward leading in terms of tech but I can’t personally say how good package coverage is

fedora mentioned?

use fedora

kde specifically

I never had to fix anything with Debian beside nvidia drivers

Perfect for this use case, just can have issues if you need the lastest and greatest

this is where mint shines --- more up to date than deb because it follows the ubuntu release cycle, but also separated from canonical's bs a bit

poor coverage for infosec packages being one

Arch though

I wasn’t going to go there lol

This is a new Linux user

it turns out I had to add --append-domain at the end of the command so that it could work

Which is perfect for arch lmao

I did switch to Arch within 1.5 years of me starting with Linux but I’m not the norm lol

compile your own kernel and build out custom or why bother

that’s Gentoo

should really write his own kernel tho

That's nixos

compiling a prewritten one is kinda cheating

I feel you man, the aur is irresistible

Arch isn’t compiling at all beyond AUR or when you feel like it

Kinda the whole point

that was the biggest reservation i had when leaving arch for fedora. the aur. but the fact that the copr exists nowadays was acceptable to me (even if not quite the same)

First time I’ve heard of it but fair enough

You switching to nixos Elizabeth?

tldr; user specific aur

I just remember when a SUSE head was expolling the virtues of their rolling package… but it straight up broke the rules of packaging lol

i.e. my own copr where i'm working on some packages [redacted], and anyone can add your copr to your package manager to pull your stuffs

Never lol

Why not!

Nix is good

That's what I tried to tell them

Nix is literally the aur but portable

I very much respect Fedora, especially for leading the charge on new technologies, that’s usually when I’ll adopt them on Arch, but all due respect to you (which is quite a bit) I’ll take more credence in COPR as a format when you’re not the only person I’ve ever heard about it from

I at least heard multiple people talk about SUSE’s half baked solution, even tough this is undoubtedly better

yeah it's not quite the same as the aur so it'll never have the same steam --- unlike the aur where you can just be like install x, you have to add an individual one first

probably more akin to ppas on ubuntu actually

interesting

fedora (and family) didn't have an equiv til recently.

rustscan's fedora distrib was via copr for example (well, until now)

Interesting

goood damn, fedora KDE looks pretty nice, i might choose that for my VM

are there any common issues with it?

Yeah as you can tell I don’t have much against Fedora, I think it’s a great distro, just understandably skeptical about new package management solutions

right right, i see

in my case, i don't use my copr for any distribution -- only for testing builds before i push to real

Fedora KDE is a great choice

like while working on them

i use the KDE spin myself. Fedora 40 just moved to KDE 6 so he might encounter the odd bug or two but largely an improvement

Infosec package management may be tricky, but @molten sky may be able to detail more there

i think i might actually use KDE on all my VMs in the future, it looks way better than i recall and i cant stand excessive corner rounding

I feel you man, the aur is terrible*

Fixed if for you

just also keep in mind the GTK based XFCE for lower end machines. KDE has tone tons to optimize but XFCE is pretty darn minimal

Gn

Good night, nice chatting!

debian KDE looks... extraordinarily ordinary

oh 100%. package managers are normally looking to solve a problem that doesn't exist or capitalize where they shouldn't (*cough* snap)
in this case it's kinda warranted. they needed something like this and never had it, while ubuntu had ppa, arch aur, etc. it's here to stay even if in limited use

so thats settled, i will do fedora KDE for my VM

Yeah a bit of a blindspot for mself

I really admire Fedora but I don’t have tons of experience beyond maybe RHEL and CentOS at work

who is this even in reply to? lol
and yeah infosec packaging is a damn pain in the ass i stg -- especially with precompiled binaries and such

should fedora be pretty simple for me? since out of all the distros ive tried, they were all debian based, but im not sure about where fedora came from

i do want to keep to the file systems/package managers, whatever you want to call them, that i experienced on debian based systems

dnf instead of apt otherwise still linux

yeah you won't have apt

well possibly check with @molten sky for package availability, although sorry to offload that question

apt is deb + derivs

ehhh i think i might stick to debian based things

Ah yeah he kinda already replied

you really don't need apt tho

most of the same shit is there, just swapping three letters

honestly unless you’re dealing with Arch or similar, do expect to compile a handful of apps, but it’s no big deal

also instead of apt update apt upgrade it's just one command, dnf update, instead of two 🤷‍♂️

so would i be able to do dnf-upgrade or whatever it was to update on debian based systems?

oh there we go

it’s basically like
make make install

i haven't compiled shit from scratch on this build tbh

well the normal stuff

excluding my constant breaking shit and messing with things

(never doing normal user stuff have i needed to)

will i have any issues installing basics like gobuster or nmap or anything?

or should i be okay there?

Rip discord broke

agh my messages are delayed

oh so its not just me

good to hear

But even on Arch I have founds some really odd things that weren’t in the AUR, but fair most often just trivial python stuff not worthy of such

Discord please send my messages

lmao oh no

the flood of unsent messages are coming

ironically, mine still worked
even though mine always crashes

lol yeah they finally sent all at once

should i be using kali or ubuntu if im aiming to be blue team?

I have a queued image upload which I can’t cancel now lol

any OS works

@fleet turtle The one thing I would recommend out of the gate is to add rpm fusion
Fedora (being related to RHEL) is very FOSS absolutist---non free software being legally prohibited in the default. This will open up significantly more software to you. honestly, rpm fusion is probably more akin to the AUR than the COPR now that I think about it

just depends on what fits for you

been using kali, thank you

Gave +1 Rep to @fleet turtle (current: #654 - 6)

woo 6 rep

no issues at all

🔥

Yeah that’s the wrong way to look at it, progressing in both blue and red team activities makes you more well informed for each side

alright now we are getting into terminology torture here lmao

i have no idea what half of those acronyms mean

i didnt want to overload my brain but i do plan on finishing every path/module on THM

and if there's something that you want that isn't there, someone can probably add it if you request online 🤷‍♂️ rare chance of that happening tho. same thing on debian/ubuntu

but end game is blue team

Most of my blue team stuff actually runs on Windows.

ill just try it out and worst case scenario, i go to mint or something

Fedora is all about Open Source Software or nothing, and not adding propritary repos. This “universe” repo gives you proprtiary and more limited software

That’s what I took out of that statement

normally i say don't copy commands from random people on discord, but...... just copy this command block when you get in

sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
sudo dnf config-manager --enable fedora-cisco-openh264

that's all. gets you access to a lot of nonfree (restricted) packages, including some with higher stability

really? im on a mac so am i able to do the same?

That’s very true of Debian and Ubuntu but I wasn’t sure how true it was of Fedora

ill keep it in my back pocket

Mac is even better for it, with much more *nix native tech

Can't say, I've never really used a mac.

i just have the standard iterm on my mac, is there some additions i should be looking into?

as long as the limits are something i can operate within for THM stuff, thats fine

Are you sure? people in my class with macs have nothing but issues.

No “additions” beyond homebrew I guess

ohh fair

but homebrew is lovely

okay thank you

will look into that

i've always had mixed feelings about brew

mhmm np, Homebrew is the mac native unofficial package manager

it's a good package manager but unless you're on mac it's just unnecessary

idk why people use it on non mac

Mac could have issues with Flare-Vm depending on how your mac deals with virtualisation.

Yeah idk why they target non-mac at all

Mac is the only place it makes sense

( reading the above --- seems the convo was targetting mac, which is ofc great for brew )

holy shit

currently use UTM for my vm's right now

it just clicked

pacman means package manager

😭

lmao yup

Is that good?

we learnin together

it's pamac now but i still use pacman

i thought it was just a funny gimmick for their package manager for a embarassingly long time

although if you do the -vv flag iirc it does show a pacman character lol

yeh i havent had any problems with it so far

On Mac OS via hypervisors?

i know 😭 when i tried endeavour and installed some stuff it showed a pacman eating dots as the loading bar, so i just assumed the main point was the pun, and there wasnt any superficial meaning

Hey verum, aren't you supposed to be asleep...

Ah, Malware analysis should be ok then, if you choose to to do that.

Yeah that’s not stock lol

apt (debian, derivatives) means advanced packaging tool, yum (old rhel, derivs) means yellow dog updater, dnf (new rhel, deribs) means dandified yum...etc

if curious

dnf == Did not Finish

fify

Did you know pacman was called puckman, but later changed?

yes

never used hypervisors utm is my first of the sort

know if apt does delta downloads?

hypervisors == VMs but yea

curious

yeh its on the app store etc but i heard that ones buggy so i got it from official site

VNM*

Not at all, apt is all or nothing

ohh got cha

It's not a Virtual machine(VM), it's a Virtual machine manager (VMM).

i gotta get in tune with all the terminology

unfortunate. not much use nowadays but cool feature to have on deck

^

I’d aruge that’s not the right frame of reference but I think I get your issue

I’m talking about the base tech, not the software

ah yes the Virtual Nachine Manager