|
if anyone happens to know how to deal with vpns on grey market ASAs, please let me know is it just as simple as setting it up on the device and then connecting with something that isn't anyconnect, or is there more nuance?
|
# ? Jul 11, 2017 18:22 |
|
|
# ? May 14, 2024 19:36 |
|
spankmeister posted:Thanks. Nothing in particular, just wanted to know your reasoning. That's a good resource and there's still a lot of motion in the ECC space. Since Windows is currently limited to NIST and 25519 (who uses brainpool really?). You have to make the tradeoff between a more accepted NIST curve with a larger key space (521 or 384) vs a newer, better formed 256-bit curve like 25519. MS included 25519 because of that and I expect future releases will expand the curve support but things are still shaking out of that whole discussion. http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf
|
# ? Jul 11, 2017 18:36 |
|
i dunno if it'll help but it can't possibly hurt- from the device i'm buying:code:
|
# ? Jul 11, 2017 18:46 |
|
anthonypants posted:if we use asas is there a good alternative to anyconnect or should we be using anyconnect anyconnect enforces policies that other clients may not (ex: split tunneling). the biggest thing is keeping it all up to date.
|
# ? Jul 11, 2017 18:49 |
|
Shaggar posted:anyconnect enforces policies that other clients may not (ex: split tunneling). the biggest thing is keeping it all up to date.
|
# ? Jul 11, 2017 18:51 |
|
Too bad the OpenVPN client is garbage for the average user to use. Is it even worth using from a security perspective or are there problems with it?
|
# ? Jul 11, 2017 18:53 |
|
the ASAs support multiple protocols so 3rd party clients can be used by design, so if its not a compliance requirement that you enforce certain things then don't worry about it. a bigger problem is that asa doesn't support anything beyond tls 1.0 afaik
|
# ? Jul 11, 2017 18:54 |
|
Wrath of the Bitch King posted:Too bad the OpenVPN client is garbage for the average user to use. Is it even worth using from a security perspective or are there problems with it?
|
# ? Jul 11, 2017 18:54 |
|
BattleMaster posted:reminds me of like 15 years ago and using IE and getting sketchy activex controls with long names saying they're totally cool and safe and begging to be installed not unlike vampires trying to convince you to invite them in
|
# ? Jul 11, 2017 21:34 |
|
https://twitter.com/og_tjg/status/884756210267893761
|
# ? Jul 12, 2017 00:32 |
|
https://mobile.twitter.com/voretaq7/status/884913799333105664
|
# ? Jul 12, 2017 00:35 |
|
|
# ? Jul 12, 2017 00:43 |
|
hackbunny posted:not unlike vampires trying to convince you to invite them in lol
|
# ? Jul 12, 2017 00:46 |
|
Plug this Web key into the USB drive on your computer. what is with this copy
|
# ? Jul 12, 2017 01:12 |
|
RISCy Business posted:i dunno if it'll help but it can't possibly hurt- from the device i'm buying: if 3des is enabled you're good. id do code:
the pro move however is to take your asa and throw it in the trash, its a piece of garbage. they're slow as gently caress (max vpn throughput is something like 100mbps theoretical but you'll never get that close). the ASDM is a loving steaming turd, but its the best way to update the firmware when theres an inevitable critical security vulnerability you can use the console, but of course you're stuck using TFTP for uploading firmware on the inside interface and it takes loving forever if theres even marginal latency on the line. you can use standard HTTP or FTP but it has to be accessible on the internet because you can't do code:
i guess this isn't an issue if you have one or two of these, but if you have a lot of them in the field it sucks pro move: get a sophos firewall image (Free for home use), spin up a VM, and get a used RED10 or RED15 30 TO 50 FERAL HOG fucked around with this message at 01:31 on Jul 12, 2017 |
# ? Jul 12, 2017 01:16 |
|
jesus christ
|
# ? Jul 12, 2017 01:48 |
|
technology will be the undoing of humanity and I am glad of it
|
# ? Jul 12, 2017 02:32 |
|
That one possibly does the same, but the federal Liberal Party of Canada (current government) sent a "pretends to be a keyboard and makes your computer do stuff" USB stick to all their donors a couple years back. I was skeptical of it from the start but finally plugged it in a couple years later when looking for a USB drive in a hurry since I had nothing else. Was mightily unimpressed even though I knew it was risky, but at least the target web page it launched was a 404 by then.
|
# ? Jul 12, 2017 02:56 |
|
fishmech posted:Plug this Web key into the USB drive on your computer. it's your key to your healthcare benefits what else would you call it!!!
|
# ? Jul 12, 2017 03:28 |
|
just got this lovely e-mail from symantec today: we've got a wildcard cert issued by geotrust before that june 1st date and it's used in lots and lots of places. us i guess.
|
# ? Jul 12, 2017 03:28 |
|
trying to get the wife to hang this on the wall at work thanks
|
# ? Jul 12, 2017 03:30 |
|
fishmech posted:Plug this Web key into the USB drive on your computer. Any person that would actually plug this in is the kind of person who would call it a "web key"
|
# ? Jul 12, 2017 03:33 |
|
cheese-cube posted:we've got a wildcard cert issued by geotrust before that june 1st date and it's used in lots and lots of places. us i guess. RIP you as much as if it expired, which shouldn't be that big a deal to handle.
|
# ? Jul 12, 2017 03:38 |
|
A couple years ago at work I found a box of usb toys that were left over from an industry show, it was an easy button type thing you plugged into your computer and if you pressed it it would take you to our support site we started plugging them into each other's computers and hiding them under the adjacent cube and pressing them at random times until one day they all mysteriously disappeared they took down that site about 6 months after the conference they were handed out in, as if to give customers a preview of the kind of lack of communication and foresight they could expect from us
|
# ? Jul 12, 2017 03:42 |
|
Idea: POTUS declares all health insurance companies terrorists and arrests their entire board of directors and all company officers. Then directs all insurance claims to be paid in full in the interim. Viola! Single payer, becomes de facto, and NHS happens after the interim disruption.
|
# ? Jul 12, 2017 05:00 |
|
my girlfriend just started as IT person #1 at an office of like 60 and they are apparently freaking out that they don't 'have a firewall' yet what should she tell them to buy other than 'whatever is being advertising at the airport'
|
# ? Jul 12, 2017 05:43 |
|
Jimmy Carter posted:my girlfriend just started as IT person #1 at an office of like 60 and they are apparently freaking out that they don't 'have a firewall' yet #1 as in best or #1 as in the first actual IT person at the whole company ever
|
# ? Jul 12, 2017 05:47 |
|
James Baud posted:That one possibly does the same, but the federal Liberal Party of Canada (current government) sent a "pretends to be a keyboard and makes your computer do stuff" USB stick to all their donors a couple years back. I was skeptical of it from the start but finally plugged it in a couple years later when looking for a USB drive in a hurry since I had nothing else. Was mightily unimpressed even though I knew it was risky, but at least the target web page it launched was a 404 by then. lol they basically mailed people rubber duckys bad rear end
|
# ? Jul 12, 2017 05:49 |
|
I visited my folks today and my pops showed me his new electric toothbrush (recommended by his dentist) that has a bluetooth connection to an "app" that can send brushing data to his hygienist. So today I got to explain the IoT and malware botnets to my boomer parents and the simultaneous looks of horror and confusion they gave me were great. "Imagine 4 million cars on a highway on ramp; DDOS works the same way."
|
# ? Jul 12, 2017 06:05 |
|
Jimmy Carter posted:my girlfriend just started as IT person #1 at an office of like 60 and they are apparently freaking out that they don't 'have a firewall' yet she should asap
|
# ? Jul 12, 2017 06:12 |
|
Jimmy Carter posted:my girlfriend just started as IT person #1 at an office of like 60 and they are apparently freaking out that they don't 'have a firewall' yet a few posts back somebody foolishly got an old asa they may want to part with
|
# ? Jul 12, 2017 07:20 |
|
surebet posted:on being completely, utterly owned by a font choice: How the Calibri font could take down Pakistan’s prime minister Microsoft’s default font is at the centre of an ongoing corruption investigation Microsoft’s Calibri is a fairly innocuous font, used by default on countless numbers of Word, Excel and Powerpoint documents. The inoffensive lettering could soon topple Pakistan’s prime minister, however, after being placed at the heart of a corruption investigation. Pakistan’s supreme court is currently deliberating a case against Nawaz Sharif, the head of the country’s government. As Al Jazeera reports, a Joint Investigative Team (JIT) encompassing police, military officials and financial regulators has been gathering evidence about the prime minister’s family’s assets. This follows a judgment by investigators that there were "significant gap[s]" in Sharif's family's ability to explain their assets and means of income. The investigation stems from the 2016 Panama Paper leak, which named three of Sharif's children as beneficiaries of offshore companies. Sharif’s political opponents claim that his properties in London were obtained through corrupt means. Okay, so where does Calibri come in? Well, to prove her father’s innocence, Sharif’s daughter Maryam Nawaz Sharif has produced a document – allegedly from 2006 – which claims to show certain declarations of income. The JIT report, however, notes that the documents are written in Calibri, which was not made commercially available by Microsoft until 2007. The investigators say this means that the declarations are therefore incorrectly dated, and were likely created at some later point in time. https://twitter.com/frooq/status/884494782306889730 The investigation is ongoing, so it’s too soon to tell if a misused font is enough to undermine Sharif’s case, but it certainly isn’t going to do the precariously placed politician any favours. Still, at least it wasn’t Comic Sans.
|
# ? Jul 12, 2017 09:21 |
|
And in related news the People's Republic of China is seeking damages from Microsoft (MSFT) for appropriating their flag's color scheme for the "hot dog stand" theme.
|
# ? Jul 12, 2017 09:44 |
|
RE: Disabling Facebook's SMS 2FA, per their support articlequote:Keep in mind: You can use as many authentication methods as you'd like, but you need to have at least text message (SMS) codes turned on, or at least both a security key and Code Generator turned on.
|
# ? Jul 12, 2017 10:03 |
|
surebet posted:How the Calibri font could take down Pakistan’s prime minister comic sans has been around since 1994 though. and lots of people use it for things they shouldn't (anything)
|
# ? Jul 12, 2017 10:14 |
|
surebet posted:How the Calibri font could take down Pakistan’s prime minister Microsoft should change the default font on Word every year just to gently caress with really dumb forgers.
|
# ? Jul 12, 2017 12:45 |
|
pretend they were using the beta. should work as a defence
|
# ? Jul 12, 2017 13:20 |
|
surebet posted:How the Calibri font could take down Pakistan’s prime minister Well I tried to use the original document, but word told me that it was too old so it converted it to a new one, I'm not sure I'm not good at computers Neither am I, that sounds plausible. Case dismissed! Seriously though, I love that there's always some new way for Microsoft's font handling to screw people over.
|
# ? Jul 12, 2017 14:01 |
|
cheese-cube posted:wildcard cert...used in lots and lots of places sounds like your own fault
|
# ? Jul 12, 2017 14:41 |
|
|
# ? May 14, 2024 19:36 |
|
Volmarias posted:Well I tried to use the original document, but word told me that it was too old so it converted it to a new one, I'm not sure I'm not good at computers is this an "oh day"?
|
# ? Jul 12, 2017 14:51 |