|
Shaggar posted:I use a combination of the j# vsphere client and the html5 vsphere client.
|
# ? Oct 18, 2017 01:01 |
|
|
# ? May 15, 2024 08:22 |
|
mrmcd posted:Question 1: If their corporate WiFi network were suddenly transformed into a Starbucks wifi, how hosed would they be? I.e. How much of their security depends strongly on network trust? if the answer to two is "pretty easy" I hope you've also secured your wired edge ports as well, but you probably haven't, so R.I.P
|
# ? Oct 18, 2017 01:02 |
|
hobbesmaster posted:title: “Microsoft is good? ”
|
# ? Oct 18, 2017 01:02 |
|
anthonypants posted:can't use the .net client to connect to vcenter 6.5, and the html5 client is missing features this is one reason we're still on 6
|
# ? Oct 18, 2017 01:04 |
|
Shaggar posted:this is one reason we're still on 6
|
# ? Oct 18, 2017 01:27 |
|
i'll move to hyper-v before installing flash
|
# ? Oct 18, 2017 01:28 |
|
|
# ? Oct 18, 2017 01:30 |
|
anthonypants posted:there was a flash update to fix an 0day https://helpx.adobe.com/security/products/flash-player/apsb17-32.html On the surface this sounds lol, but in practice it's probably fine. The Flash web client is being deprecated in favor of the HTML5 web client. It would be nice if they would fix it considering that I believe the HTML5 client still isn't at full parity with the older Flash client, but this is a thing that will solve itself with time. Caveat, I haven't used vSphere in like a year. I never had trouble with just using the HTML5 client.
|
# ? Oct 18, 2017 02:07 |
|
I can't wait till Flash is finally gone
|
# ? Oct 18, 2017 02:18 |
|
Shaggar posted:i'll move to hyper-v before installing flash at this point old homestarrunner stuff is 100% of why i still use flash willingly
|
# ? Oct 18, 2017 02:19 |
|
ErIog posted:On the surface this sounds lol, but in practice it's probably fine.
|
# ? Oct 18, 2017 02:24 |
|
mrmcd posted:Question 1: If their corporate WiFi network were suddenly transformed into a Starbucks wifi, how hosed would they be? I.e. How much of their security depends strongly on network trust? 1. gently caress if I know. I should look and see if our peoplesoft implementation goes over https. That’s the biggest thing. 2. Well, you need a user ID and password to get on to any of the networks, and only 1 of the 3 allows to any privileged info. So a rogue device on the network would be seen pretty quickly, and Ethernet ports are locked down too. 3. It’s a college, so probably more than average but less than most due to snarfable PII. Sounds like we’re not too bad off overall with what’s been said.
|
# ? Oct 18, 2017 03:55 |
Avenging_Mikon posted:1. gently caress if I know. I should look and see if our peoplesoft implementation goes over https. That’s the biggest thing. this sounds like my college and if my college of 30000 students is any indication hilariously insecure and relying on vlans alone for the heavy lifting for network isolation
|
|
# ? Oct 18, 2017 04:07 |
|
anthonypants posted:there was a flash update to fix an 0day you could say this every week for the past 15 years and it would be just as true
|
# ? Oct 18, 2017 04:21 |
|
M_Gargantua posted:this sounds like my college and if my college of 30000 students is any indication hilariously insecure and relying on vlans alone for the heavy lifting for network isolation mm yes thank goodness there are such excellent alternatives to vlans for network segmentation, such as,
|
# ? Oct 18, 2017 04:24 |
abigserve posted:mm yes thank goodness there are such excellent alternatives to vlans for network segmentation, such as, such as not having all the important stuff on a 'secure' campus wide wifi that includes dorms its not a very good system here, but it is better than it all being on one network
|
|
# ? Oct 18, 2017 04:29 |
|
M_Gargantua posted:such as not having all the important stuff on a 'secure' campus wide wifi that includes dorms Single ssid -> multiple VLANs based on user attributes or whatever works really well though and in fact it's pretty much been adopted as the defacto way to provision wireless networks for years? realistically there is no way anyone who actually gives a poo poo about network isolation is going to run any protected service over wireless. can't segregate the air, yo
|
# ? Oct 18, 2017 05:02 |
|
my college at least completely isolated all the dorm / residency network stuff from the rest of the school, and the wifi once you were actually on school grounds was significantly more locked down then again they also installed way too many AP's (i was told we had a total of 14,000 of them, and there was like one every 5 - 10 feet, seriously) so the wifi was practically worthless most of the time since they were all interfering with each other
|
# ? Oct 18, 2017 05:57 |
|
anthonypants posted:except it breaks the vmware flash client, and the recommended fix from vmware is to roll back to the old version of flash https://kb.vmware.com/kb/2151945 lol we got an email from IT Monday morning advising us all to roll back for this reason
|
# ? Oct 18, 2017 05:57 |
|
ate all the Oreos posted:my college at least completely isolated all the dorm / residency network stuff from the rest of the school, and the wifi once you were actually on school grounds was significantly more locked down uni's you get the particularly tasty brand of secfuck where IT wants everything to be as secure as possible and standardized, "IT as a service" etc. but then you tell someone they can't do something and suddenly "x had a talk to the vice chancellor and they said we have to..."
|
# ? Oct 18, 2017 06:39 |
|
abigserve posted:uni's you get the particularly tasty brand of secfuck where IT wants everything to be as secure as possible and standardized, "IT as a service" etc. but then you tell someone they can't do something and suddenly "x had a talk to the vice chancellor and they said we have to..." can confirm for west aus, unis are accidents waiting to happen
|
# ? Oct 18, 2017 10:56 |
|
M_Gargantua posted:such as not having all the important stuff on a 'secure' campus wide wifi that includes dorms the college I went to not had no authentication on their wireless network other than a page that you logged into and registered your wireless device's MAC to your student user account like I mean literally 100% no encryption at all, because the MAC system is obviously secure and
|
# ? Oct 18, 2017 11:25 |
|
oh yeah and that was a college with about 25 thousand students at the time
|
# ? Oct 18, 2017 11:26 |
|
At my college they had a thing where if you torrented too many cool vidz from your dorm room, it would throttle your connection for the rest of the day to dialup speeds. But it was based on mac address, so you could just change the address in software and get fast again. Or you could setup a socks ssh tunnel to the cs linux lab, which had no throttling. Well that's my college network story thanks for listening.
|
# ? Oct 18, 2017 12:20 |
|
Haquer posted:the college I went to not had no authentication on their wireless network other than a page that you logged into and registered your wireless device's MAC to your student user account when I was in school they did that because WPA2 clients didn’t really work yet and then they set it up and had guides and it worked that’s my story, see you later
|
# ? Oct 18, 2017 13:05 |
|
I told the last place I worked to implement a pppoe setup for the dorms so the students could simply bring their own routers in and we wouldn't have to worry about huge wifi deployments, but it was shafted as too expensive then they built the next big building and it was a bunch of shipping containers stiched together so basically every room required an enterprise AP lmao
|
# ? Oct 18, 2017 13:09 |
|
abigserve posted:uni's you get the particularly tasty brand of secfuck where IT wants everything to be as secure as possible and standardized, "IT as a service" etc. but then you tell someone they can't do something and suddenly "x had a talk to the vice chancellor and they said we have to..." im security for a university and yeah, gently caress this poo poo forever and ever. new director/cio are changing some of that culture but ugh its such a poo poo show. rip me.
|
# ? Oct 18, 2017 13:18 |
|
thanks for whoever pointed out the free yubikey replacement program, just ordered mine e: oh man I just remembered I have an old one that snapped in half that I think I might have kept the individual pieces of, I wonder if I can parlay that into another free one... Shame Boy fucked around with this message at 15:33 on Oct 18, 2017 |
# ? Oct 18, 2017 15:30 |
|
https://twitter.com/supergreatfrien/status/920297877754093568 E: https://twitter.com/supergreatfrien/status/920298481092198400 Shame Boy fucked around with this message at 15:55 on Oct 18, 2017 |
# ? Oct 18, 2017 15:48 |
|
ate all the Oreos posted:https://twitter.com/supergreatfrien/status/920297877754093568 lol I've taken this exact training
|
# ? Oct 18, 2017 16:29 |
|
Cocoa Crispies posted:when I was in school they did that because WPA2 clients didn’t really work yet When I was in college we didn't have wireless, but we did have gigabit internet connections and a campus-wide lan that we could play half-life DM on.
|
# ? Oct 18, 2017 17:40 |
|
ate poo poo on live tv posted:When I was in college we didn't have wireless, but we did have gigabit internet connections and a campus-wide lan that we could play half-life DM on. we each got symmetrical 100M lines that we could have upgraded to symmetrical gigabit lines if we asked nicely so that was nice also they frowned on torrenting public files off the greater internet because they'd gotten plenty of DMCA notices so someone set up a DCC network that went entirely over the private school network and was conveniently ignored by school IT since it wasn't using any internet bandwidth and they didn't get any takedowns from it
|
# ? Oct 18, 2017 19:26 |
|
my college time was before bittorrent but we had a shitload of napster/kazaa/limewire traffic wifi showed up about halfway through, it was mindblowing to be able to pick up a toilet seat ibook and go to a bench slightly down the hall with it
|
# ? Oct 18, 2017 19:34 |
|
Avenging_Mikon posted:1. gently caress if I know. I should look and see if our peoplesoft implementation goes over https. That’s the biggest thing. If anyone cares, looks like pretty much all our server-side software uses https.
|
# ? Oct 18, 2017 21:49 |
|
https://arstechnica.com/information-technology/2017/10/google-play-apps-with-as-many-as-2-6m-downloads-added-devices-to-botnet/
|
# ? Oct 18, 2017 21:53 |
|
Just-In-Timeberlake posted:https://arstechnica.com/information-technology/2017/10/google-play-apps-with-as-many-as-2-6m-downloads-added-devices-to-botnet/
|
# ? Oct 18, 2017 22:12 |
|
lol android
|
# ? Oct 18, 2017 22:29 |
Diva Cupcake posted:lol android i love my malware infested botnet phone
|
|
# ? Oct 19, 2017 00:04 |
|
I'm a little unclear. Are they suggesting the DDOS would be performed by the SOCKS proxy being pointed at a target instead of an ad server?
|
# ? Oct 19, 2017 00:11 |
|
|
# ? May 15, 2024 08:22 |
|
ate all the Oreos posted:thanks for whoever pointed out the free yubikey replacement program, just ordered mine just happy to help
|
# ? Oct 19, 2017 00:35 |