|
uncurable mlady posted:have fun with your 500mb/day ingestion limit! geez yeah I wonder how much I could tune it down to ingest and still be useful in this ~1200 person company why does security have to be expensive, I think it's impossible to save companies that won't spend money on it.
|
#
?
Feb 26, 2017 07:07
|
|
|
|
| # ? May 17, 2024 23:22 |
|
|
Daman posted:hey has anyone used splunks universal forwarder as an alternative to expensive endpoint security poo poo (carbon black)? I'll do an effort post later but you don't want to use Splunk for this even though yes you could. Set up event log forwarding instead.
|
|
#
?
Feb 26, 2017 07:10
|
|
|
The thing I'll say right now is that there isn't a free product to do this effectively.
|
|
#
?
Feb 26, 2017 07:35
|
|
|
OSI bean dip posted:The thing I'll say right now is that there isn't a free product to do this effectively. MS makes it easy enough to trigger email alerts or whatever on things that hit an event log forward server. Pain in the rear end to get it set up and alerting on the things you really care about and there's always the chance of missing some obscure thing, but if you're time is worthless or free then go ahead
|
|
#
?
Feb 26, 2017 08:10
|
|
|
pseudorandom name posted:tbf git is completely unsuited for the storage of anything besides plain text
|
|
#
?
Feb 26, 2017 10:22
|
|
|
mackeeper should mackeeptothemselves
|
|
#
?
Feb 26, 2017 10:36
|
|
|
Wild EEPROM posted:mackeeper should mackeeptothemselves what even is that, ccleaner for apple computers?
|
|
#
?
Feb 26, 2017 10:39
|
|
|
cinci zoo sniper posted:what even is that, ccleaner for apple computers? if ccleaner is a thing that promises to make your computer great again but doesn't do much and is ludicrously overpriced for what it does and is almost malware in how hard it is to get rid of once installed and is advertised with popup ads that try to hard sell you on the idea that your computer is full of crud that only ccleaner can remove and then when you try to close the popup some js intercepts the window close and questions your judgement for daring to cut off the lifeline they are graciously extending you, come on get out your credit card right now? then yes last i heard nobody had identified any way in which mackeeper was actively harmful if installed, but it's still a really lovely product that is sold in the sleaziest way possible. it is more or less a legal way to steal money from people who don't know better
|
|
#
?
Feb 26, 2017 11:27
|
|
|
Mackeeper actively makes your security worse by getting owned to poo poo: https://krebsonsecurity.com/2015/12/13-million-mackeeper-users-exposed/
|
|
#
?
Feb 26, 2017 11:37
|
|
|
BobHoward posted:if ccleaner is a thing that promises to make your computer great again but doesn't do much and is ludicrously overpriced for what it does and is almost malware in how hard it is to get rid of once installed and is advertised with popup ads that try to hard sell you on the idea that your computer is full of crud that only ccleaner can remove and then when you try to close the popup some js intercepts the window close and questions your judgement for daring to cut off the lifeline they are graciously extending you, come on get out your credit card right now? then yes what it does for windows is partial automation of menial maintenance duties, such as removal of obsolete registry entries, cache cleanup, bulk removal of ancillary data for some of the popular programs, and such yeah, they do claim its panacea for making computer funny again, but otoh the essential parts of that are free of charge
|
|
#
?
Feb 26, 2017 11:47
|
|
|
it is p. fun these days that time when you run into the person who goes on about the evils of and junk in the ~registry~, vintage 1997 nerd unchanged from 20 years ago
|
|
#
?
Feb 26, 2017 12:01
|
|
|
ClownCleaner
|
|
#
?
Feb 26, 2017 12:05
|
|
|
Cybernetic Vermin posted:it is p. fun these days that time when you run into the person who goes on about the evils of and junk in the ~registry~, vintage 1997 nerd unchanged from 20 years ago
|
|
#
?
Feb 26, 2017 12:10
|
|
|
don't take that personally, just a stray thought. overall mostly pointless to go around worrying about the registry, but was expanding to the slightly broader cabal of geek who had very strong opinions on those matters way past
|
|
#
?
Feb 26, 2017 12:17
|
|
|
Cybernetic Vermin posted:don't take that personally, just a stray thought. overall mostly pointless to go around worrying about the registry, but was expanding to the slightly broader cabal of geek who had very strong opinions on those matters way past i see. i just shamefully take joy in janitoring computer, so ill wipe obsolete stuff every now and then
|
|
#
?
Feb 26, 2017 12:21
|
|
|
One thing ccleaner is good for is if you're writing COM dlls and you gently caress things up, it will pretty much always fix things for you in a way that would be really tedious to do manually.
|
|
#
?
Feb 26, 2017 12:22
|
|
|
Chalks posted:One thing ccleaner is good for is if you're writing COM dlls and you gently caress things up, it will pretty much always fix things for you in a way that would be really tedious to do manually. lol @ writing COM stuff in tyool 2017
|
|
#
?
Feb 26, 2017 12:29
|
|
|
spankmeister posted:lol @ writing COM stuff in tyool 2017 com is more relevant than ever if you are writing the sort of software where it was ever relevant. which, granted, is not a lot of software, but rich client stuff on windows is still things that happen
|
|
#
?
Feb 26, 2017 12:55
|
|
|
Cybernetic Vermin posted:com is more relevant than ever if you are writing the sort of software where it was ever relevant. which, granted, is not a lot of software, but rich client stuff on windows is still things that happen you running OPC? yeah you kno me
|
|
#
?
Feb 26, 2017 15:17
|
|
|
com is like the go to solution for our devs but our software was created in the 6 months that Delphi was actually a thing so welp.
|
|
#
?
Feb 26, 2017 15:31
|
|
|
power botton posted:our software was created in the 6 months that Delphi was actually a thing so welp. Congratulations on your job at AgileBits
|
|
#
?
Feb 26, 2017 15:56
|
|
|
Rufus Ping posted:Congratulations on your job at AgileBits the new 1password is UWP I think
|
|
#
?
Feb 26, 2017 17:46
|
|
|
Daman posted:hey has anyone used splunks universal forwarder as an alternative to expensive endpoint security poo poo (carbon black)? so the thing about using splunk as an alternative to an endpoint security product is that you're going to miss a lot and the licensing is going to murder you. that and the forwarding software is not designed out of the box to be secure so while sure you'll be able to collect data about each endpoint, if someone were to get infected with an application that is aware of the use of splunk, disabling the service would be trivial i maintain a splunk installation that covers over 14,000 AD users and that generates about 50-60 GB of data per day just from the domain controllers. we're now event forwarding almost all servers and that has since brought it up to 80-90 GB/day depending on loads. i've already tuned the hell out of it but even then it's just the security logs i am sending off as while application and system logs would be useful, it would likely triple the amount of data being sent and there's a lot of other data i need that is more important and won't cause me to blast through my data cap instead what we do to keep track of endpoints is use fireeye hx, whch just like carbon black falls into the costing money category. all it does is sits in situ recording executed processes, network traffic, and other details and keeps it in a ledger that we have set to a maximum of three days. when the machine is compromised, we can pull that ledger as well as a memory dump and even a full disk image if need be however, i cannot recommend it anymore for two reasons: cost and the fact that they're integrating an AV product (bitdefender) into its software in the second half of this year. it's the only product i've openly recommended using and it was that way until last week when i had a meeting with reps from fireeye. we're going to continue to use it but my faith in the product has pretty much diminished so since you have the budget of $0, the best recommendation i can use is really look into osquery, which while isn't going to tick off all of the boxes you need, you do have the ability to gather information that you might need really quickly. i'd do this in addition to creating a group policy to forward event logs. combine the event forwarding with an ELK stack and you'll be able to use these details to quickly look up the information you want and then some. i imagine that with some work you could integrate osquery and ELK together, but it's not going to all work out of the box then again nothing generally works out of the box at $0 anyway feel free to PM me if you have specific questions you don't want to share in here Lain Iwakura fucked around with this message at 18:23 on Feb 26, 2017 |
|
#
?
Feb 26, 2017 17:59
|
|
|
only kind of a secfuck but somebody on my TL described it as "This transitions into a refrigerator magnet cache poisoning attack" https://twitter.com/foldablehuman/status/835655192624300032
|
|
#
?
Feb 26, 2017 18:39
|
|
|
sarehu posted:It's so easy to gently caress up a copy/pasted password so making you type it makes a lot of sense. sarehu posted:Not sarcastic at all. There are very obvious reasons why copy/pasting is disallowed when changing your password versus when logging in. If you can't think of them, try turning on your brain. sarehu posted:Gee, maybe stop and consider why people have to type it twice. 
|
|
#
?
Feb 26, 2017 19:56
|
|
|
sarehu is as i said a typical HN'r
|
|
#
?
Feb 26, 2017 19:57
|
|
|
OSI bean dip posted:sarehu is as i said a typical HN'r What's an HN'r?
|
|
#
?
Feb 26, 2017 20:16
|
|
|
Absurd Alhazred posted:What's an HN'r? https://news.ycombinator.com/ check out comment sections (dont (do)) - or just the best (worst) of them https://forums.somethingawful.com/showthread.php?threadid=3620458
|
|
#
?
Feb 26, 2017 20:19
|
|
|
Absurd Alhazred posted:What's an HN'r? Join us and be amazed: https://forums.somethingawful.com/showthread.php?threadid=3620458 e,fb 
|
|
#
?
Feb 26, 2017 20:21
|
|
|
Hollow Talk posted:Join us and be amazed: https://forums.somethingawful.com/showthread.php?threadid=3620458 
|
|
#
?
Feb 26, 2017 20:24
|
|
|
1password just sent out an email irt the cloudflare thing
|
|
#
?
Feb 26, 2017 20:28
|
|
|
cinci zoo sniper posted:beaten like "news" organizations Fake post! Very fake post!
|
|
#
?
Feb 26, 2017 20:28
|
|
|
cinci zoo sniper posted:hacker news regular Grazie.
|
|
#
?
Feb 26, 2017 20:43
|
|
|
BobHoward posted:if ccleaner is a thing that promises to make your computer great again but doesn't do much and is ludicrously overpriced for what it does and is almost malware in how hard it is to get rid of once installed and is advertised with popup ads that try to hard sell you on the idea that your computer is full of crud that only ccleaner can remove and then when you try to close the popup some js intercepts the window close and questions your judgement for daring to cut off the lifeline they are graciously extending you, come on get out your credit card right now? then yes 
|
|
#
?
Feb 26, 2017 20:45
|
|
|
Cybernetic Vermin posted:com is more relevant than ever if you are writing the sort of software where it was ever relevant. which, granted, is not a lot of software, but rich client stuff on windows is still things that happen It's pretty much only relevant when you're integrating with poo poo that only works with COM, but that certainly is a thing and will be for a while.
|
|
#
?
Feb 26, 2017 21:02
|
|
|
dragon enthusiast posted:only kind of a secfuck but somebody on my TL described it as "This transitions into a refrigerator magnet cache poisoning attack" for a minute I thought that IOT refrigerator magnets had become a thing
|
|
#
?
Feb 26, 2017 21:47
|
|
|
dragon enthusiast posted:only kind of a secfuck but somebody on my TL described it as "This transitions into a refrigerator magnet cache poisoning attack" for those who aren't used to twitter's lovely ui you gotta click the datetime to see the entire thread, which is well worth reading
|
|
#
?
Feb 26, 2017 21:53
|
|
|
Heavy_D posted:for a minute I thought that IOT refrigerator magnets had become a thing I am sure someone is preparing a VC funding proposal or Kickstarter right now.
|
|
#
?
Feb 26, 2017 23:01
|
|
|
any software that advertises using popunder ads on porn sites is probably not a good thing
|
|
#
?
Feb 26, 2017 23:32
|
|
|
|
| # ? May 17, 2024 23:22 |
|
|
Heavy_D posted:for a minute I thought that IOT refrigerator magnets had become a thing Same, expected this to be some sort of attack on a smart fridge that required a precise magnet placement. The reality was so, so much better. A+++ Twitter thread, would recommend.
|
|
#
?
Feb 27, 2017 03:28
|
|
