|
|
|
|
|
|
by ransackdev
1111 days ago
|
|
|
So am I to understand that from an OpSec perspective, connecting a machine to a known compromised system, is ok to do, “because you want internet”? Maybe because I’m not opsec and don’t know my ass from a hole in the ground, but my security recommendation would be, no, do not purposely connect your machine to a known compromised system regardless of its advertised purpose, attack vectors, attack surface, probability of unwanted exploitation, or justification as to why it’s necessary to do so, because you’re exposing yourself, and possibly corporate machine and network, to compromise. Find a trusted system (aka audited and considered reasonably low risk while acknowledging no system can ever be deemed fully secure and trust, or zero trust is a large determining factor) and consider the compromised machine as not existing at all, therefore not being an option at all, because connecting to it would go against common sense and 8th graders practice better security habits |
|
|