am i just paranoid for no reason?

i filled their form and this is what they replied :

i used throwaway e-mail account, i hope that ill get that pdf

The link goes to a slick website, but they want your name and email data in exchange. Looks like they want to market to you and are using the PDF as bait. I'd get the info another way (there's so much free info out there) or use one of those 10 minute emails unless you don't mind them marketing to you. From a quick search, the business seems legit.

1 members found this post helpful.

yes, thats exactly what i thought about them.
i just wrote "company = home"

Post a follow-up please, with some review of the book. You'll get the idea quickly enough. Write a list of things you'd like to see, things you'd like not to see and virus/malware check it.

It's probably one big ad for their proprietary s/w. But they probably don't appreciate how tight fisted OSS folks can be .

haha, i would pay for good suricata book, ill check out that one if they send it to me and let you know how good it is, or bad.

i found info about that pdf book from : https://github.com/StamusNetworks/suricata-4-analysts

Threat hunting, imho is a very fast-changing game where guys are patching bugs as fast as they are found. So by the time a book is written, some of it is out of date. There's no substitute for hard work and sound specialised knowledge. That's why the newbies who install Kali don't learn pen testing. They just learn that Kali is an incomplete OS. However good it is, o0ne book or one program won't get you much.

You're now up against Government-backed operations, who will get in through some innocuous third party, spend months in your system carefully covering their tracks, and escalating their privileges. Those guys will be able to access various hacks available for your versions of certain programs, perhaps even do a 'dry run' on their own copy of your systems, and then hit you hard when you don't see it coming.

Our whole hospital system was hacked here. Everything is computerised, and a friend of mine was close to the IT company tidying it up. The hackers had penetrated the system ~6 months previously, presumably tested every move in advance. They attacked at 16:00 on a Friday afternoon. There's a 35 hour week here in a lot of places, so you can get nothing done on Friday afternoon anyhow. The sysadmins were on their weekend plans.

They infected every hospital in the country, while everyone thought things were normal. The first inexperienced trainee sysadmins noticed were screens being encrypted. Power was cut then, far too late. The entire patient databases and every windows pc connected to the hse.ie network was affected.

Our Prime Minister immediately announced publicly that no ransom would be paid, and that the country would live with the inconvenience and loss as long as necessary. The hackers were to blame for any resulting deaths. The health system went back to paper. After a week, Some hacker sent the decryption programme to a HSE sysadmin's email. After being inside the network and presumably reading email, they had that info. It still took 6-8 weeks to get it all up and back running.

That's what you're up against today. Pen testing? And in Ireland, linux servers are surprisingly rare, because it adds €5K + setup costs to the quote!

1 members found this post helpful.

yeah, its losing game vs those kind of threat-actors, i have been reading about Qubes-OS and immutable Linux distros. atm i am testing Qubes-OS, next maybe NixOS.

https://www.howtogeek.com/what-is-an...-linux-distro/

atleast i dont have system that would be interesting to that kind of hackers. and i often change distros and have important files at github. so if i would get hit by some encrypting hack i would just wipe my ssd's and move on.

edit : damn, made a new post, i were trying to edit that one above xD

i am more worried about keyloggers as my game items are worth money, one weapon i have costs about 200€ if you were about to get one like it.

I feel your pain on the post.

My gut feeling is that the book will be testing for threats that in OSS, have been patched. If you have windows or Mac OS, sure, zero days exist. But linux users share their pain on places like this. EDIT: Are we talking Windows here? Software keyloggers for linux are vanishingly rare, I thought.

i am not sure how rare those are, and yeah, i am talking about Linux keyloggers.
i have restricted output to ports like udp 53 and tcp 443 and to those ports that games use.

and all allowed output/input goes to suricata which is running in IPS mode via "-j NFQUEUE".
also i have OpenBSD bridge with Pf-badhost setup.

https://undeadly.org/cgi?action=arti...20210119113425

next thing i am going to do is to install some immutable Linux distro and test it.
i wont use Windows for gaming, gaming sites that i use are places that i think arent 100% reputable.

and back to topic, i didnt receive that pdf book