|
ate all the Oreos posted:today my friend managed to catch in code review one of our shittier devs' "solution" to running tasks remotely. i'm a neophyte when it comes to remote execution or IPC or whatever, what IS the 'correct' thing to do when you have a task to farm out
|
#
?
Aug 8, 2017 00:53
|
|
|
|
| # ? May 17, 2024 02:49 |
|
|
Ciaphas posted:i'm a neophyte when it comes to remote execution or IPC or whatever, what IS the 'correct' thing to do when you have a task to farm out cron job/scheduled task then delete it after the job runs
|
|
#
?
Aug 8, 2017 01:01
|
|
|
i once used netcat for a quick and dirty eve online in game chat monitoring script and even though it didn't go past my local network I felt dirty as gently caress
|
|
#
?
Aug 8, 2017 01:26
|
|
|
Ciaphas posted:i'm a neophyte when it comes to remote execution or IPC or whatever, what IS the 'correct' thing to do when you have a task to farm out in this case we needed one specific task to run on demand when called from our server (it retrieved some data and packaged it up and sent it to us, we can't access the place the data's coming from directly so it's really just being a proxy / reformatter thing), there's infinity better ways to do it but at least using SSH instead of accepting arbitrary user input on a raw TCP socket and piping it directly to the shell would be a, uh, start e: to be completely fair it was connecting out to our server rather than opening a port and listening so it would have at least required, what, one extra step to gently caress poo poo up real bad?
|
|
#
?
Aug 8, 2017 01:29
|
|
|
Deep Dish Fuckfest posted:the term is "unix philosophy" its not a crash, its a stall man
|
|
#
?
Aug 8, 2017 02:25
|
|
|
|
|
#
?
Aug 8, 2017 04:17
|
|
|
ate all the Oreos posted:in this case we needed one specific task to run on demand when called from our server (it retrieved some data and packaged it up and sent it to us, we can't access the place the data's coming from directly so it's really just being a proxy / reformatter thing), there's infinity better ways to do it but at least using SSH instead of accepting arbitrary user input on a raw TCP socket and piping it directly to the shell would be a, uh, start if only distributed worker queues that connect to a central server to get work were a solved problem they could literally just include a library for. they could resque themselves from this fuckup using some other developer's work, but that would just make the coder into some kind of sidekiq activemq
|
|
#
?
Aug 8, 2017 05:33
|
|
|
funnily enough that activemq thing is totally new to me and may be just the ticket for a side project i've wanted to do for a while at work so thanks for that 
|
|
#
?
Aug 8, 2017 09:13
|
|
|
Storysmith posted:if only distributed worker queues that connect to a central server to get work were a solved problem they could literally just include a library for. they could resque themselves from this fuckup using some other developer's work, but that would just make the coder into some kind of sidekiq at the same time another team has built a distributed worker queue into a project that it's totally not appropriate for and it's fuckin' poo poo up my company is kinda dum
|
|
#
?
Aug 8, 2017 12:39
|
|
|
some fun quirks between win32 and nt apis https://googleprojectzero.blogspot.co.uk/2017/08/windows-exploitation-tricks-arbitrary.html
|
|
#
?
Aug 8, 2017 17:59
|
|
|
we got our pentest results back and it turns out that when you have asas on an ancient firmware revision you're probably exposed to ancient cves reportedly they had tried to update the firmware on these asas at one point, but couldn't because there wasn't enough memory on them or something. we have a bad networking guy who's been tasked with moving the vpn endpoint from these asas to different ones but it's been months and he's made literally zero progress until this week, because my boss is freaking out about this critical vulnerability on our network that we've had for the past year and a half. update: my boss had not read the cisco advisory and didn't understand why i wanted to shut down vpn services sooner rather than wait for all the other crap to get migrated off first anthonypants fucked around with this message at 21:04 on Aug 8, 2017 |
|
#
?
Aug 8, 2017 19:25
|
|
|
My company is trying to build a fault/partition tolerant distributed, auditable database on top of a message broker without using any of the useful and relevant features the message broker provides because nobody involved has ever read any documentation.
|
|
#
?
Aug 8, 2017 19:56
|
|
|
Good username post combo
|
|
#
?
Aug 8, 2017 20:15
|
|
|
upguard found a bunch of data from some energy infrastructure company a month ago https://www.upguard.com/breaches/data-leak-pqe
|
|
#
?
Aug 8, 2017 21:32
|
|
|
What's upguard?
|
|
#
?
Aug 8, 2017 21:34
|
|
|
not much how about you
|
|
#
?
Aug 8, 2017 21:48
|
|
|
isnt that fart's company
|
|
#
?
Aug 8, 2017 22:14
|
|
|
yes https://piss.io/2016-cybersecurity-report-for-pizza-only-8d8a76020b5d
|
|
#
?
Aug 8, 2017 22:52
|
|
|
Kuvo posted:not much how about you That was the joke thank you for getting it (not being sarcastic)
|
|
#
?
Aug 8, 2017 23:08
|
|
|
It's very confusing to read something by fart that is serious
|
|
#
?
Aug 8, 2017 23:09
|
|
|
spankmeister posted:It's very confusing to read something by fart that is serious
|
|
#
?
Aug 8, 2017 23:14
|
|
|
anthonypants posted:we got our pentest results back and it turns out that when you have asas on an ancient firmware revision you're probably exposed to ancient cves it's been like 15 years since my experience but if you have smartnet on the ASA (which I assume you do because new firmware) and they release a firmware that's too big won't they send you an updated one with enough RAM?
|
|
#
?
Aug 9, 2017 01:21
|
|
|
Hed posted:it's been like 15 years since my experience but if you have smartnet on the ASA (which I assume you do because new firmware) and they release a firmware that's too big won't they send you an updated one with enough RAM?
|
|
#
?
Aug 9, 2017 01:55
|
|
|
No they wont, and you can't renew it indefinitely. They pretty clearly announce the last date to attach a service contract, which at that point will be hardware only. If your primary business growth appliance acquisition vector is eBay or one of those lovely refurb vendors then god help you. Smartnet won't save you when an 8 year old raccoon attack vector wrecks your MSP from the inside out
|
|
#
?
Aug 9, 2017 02:52
|
|
|
gonna go out on a limb and call it Fartnet
|
|
#
?
Aug 9, 2017 03:05
|
|
|
https://twitter.com/ken5m1th/status/895110528221290496 time to make the 0days
|
|
#
?
Aug 9, 2017 05:43
|
|
|
Storysmith posted:https://twitter.com/ken5m1th/status/895110528221290496 Dunkin Donuts is trash, patronized only by same.
|
|
#
?
Aug 9, 2017 05:49
|
|
|
Why does this earth need a dunkin' donuts app?quote:Fresh from the oven we bring the new app Dunkin 'Coffee. So that you enjoy coupons and promotions in your Dunkin 'favorites. Where is the nearest? Enter the shopping section and we'll show the closest.
|
|
#
?
Aug 9, 2017 05:50
|
|
|
Storysmith posted:https://twitter.com/ken5m1th/status/895110528221290496 Phrosphor posted:Why does this earth need a dunkin' donuts app?
|
|
#
?
Aug 9, 2017 05:53
|
|
|
nist has some very cynical people in their copywriting department
|
|
#
?
Aug 9, 2017 09:33
|
|
|
edit: haddock
Jamsta fucked around with this message at 11:25 on Aug 9, 2017 |
|
#
?
Aug 9, 2017 10:39
|
|
|
Schadenboner posted:Dunkin Donuts is trash, patronized only by same. i don't know if this is coffee bait but it's good, actually
|
|
#
?
Aug 9, 2017 13:13
|
|
|
CommunistPancake posted:i don't know if this is coffee bait but it's good, actually I am on a trip to Canada and drinking Tim Horton's coffee right now, and DD is a bad version of Tim Hortons. Then again Timmy's is about as good as you get for massive corporate chain coffee.
|
|
#
?
Aug 9, 2017 13:17
|
|
|
geonetix posted:nist has some very cynical people in their copywriting department ... Nice?
|
|
#
?
Aug 9, 2017 13:26
|
|
|
mrmcd posted:I am on a trip to Canada and drinking Tim Horton's coffee right now, and DD is a bad version of Tim Hortons. Then again Timmy's is about as good as you get for massive corporate chain coffee. The general rule is that Tim Horton's was good in the 90s. By the early 2000s, they decided to stop having fresh donuts and whatnot (instead shipping frozen stuff from Ontario). Somewhere in the last few years, they also changed their coffee providers and most people ended up complaining about the change. From the regulars I know, Tim Horton's is pretty bad across the line now, and McDonald's coffee is probably a safer bet.
|
|
#
?
Aug 9, 2017 13:40
|
|
|
mrmcd posted:I am on a trip to Canada and drinking Tim Horton's coffee right now, and DD is a bad version of Tim Hortons. Then again Timmy's is about as good as you get for massive corporate chain coffee. this and the dunkin donuts reminded me that for a while last year tim's was pushing a dual credit card/gift card (maybe they still are  )it was a tim horton's branded visa but it had buttons on the card to switch between gift card mode and credit card mode (and a led to indicate which mode the card was active) and of course you could have the credit card automatically recharge the gift card for convenience i swear this is a real thing that actually got made maybe it was just in toronto, the only canadian city where people would be dumb enough to get one e: also to make things worse canada has had nearly universal tap-to-pay on credit and bank cards for a few years now so it's several additional levels of complication fisting by many fucked around with this message at 14:50 on Aug 9, 2017 |
|
#
?
Aug 9, 2017 14:47
|
|
|
tim hortons is terrible and got laughed out of the us. dd is good, mcdonalds is good. starbucks is burnt dumpster beans
|
|
#
?
Aug 9, 2017 15:24
|
|
|
Shaggar posted:tim hortons is terrible and got laughed out of the us. dd is good, mcdonalds is good. starbucks is burnt dumpster beans they're everywhere here in Detroit
|
|
#
?
Aug 9, 2017 17:31
|
|
|
Gobbeldygook posted:restaurant rewards accounts/apps are a very soft target. lots of people have their starbucks, steak 'n shake, etc account linked to their bank account/credit card. someone once put a bunch of fraudulent charges on my dunkin card but that's because someone broke into my card and stole the giftcard
|
|
#
?
Aug 9, 2017 17:36
|
|
|
|
| # ? May 17, 2024 02:49 |
|
|
fisting by many posted:i swear this is a real thing that actually got made it's a real thing available across canada? https://www.cibc.com/ca/doubledoublecard/index.html it was so big they ran out of the first run of cards in a couple of weeks
|
|
#
?
Aug 9, 2017 19:28
|
|
