|
pseudorandom name posted:iirc, Windows Update uses TLS integrity but not encryption, which is forbidden by the HTTP/2 spec the spec doesn’t mean you’ll get arrested if you don’t follow it, just that you won’t interoperate. they don’t care about interoperation, so it’s just as fine as if they’d used a totally custom protocol
|
# ? Jan 29, 2018 21:18 |
|
|
# ? May 28, 2024 17:55 |
|
Shinku ABOOKEN posted:what does a hardened 5g network mean anyways? if the user can connect to it it’s not hardened it means government control over the most used networks in your daily life .
|
# ? Jan 29, 2018 21:20 |
|
hobbesmaster posted:cdma activations stop June 30 of this year for Verizon don't worry fishmech is still the best kind of correct in this case because he's only counting entire nationwide network shutdowns and not individual carriers
|
# ? Jan 29, 2018 21:21 |
|
lol at t-mobile’s 3g coverage
|
# ? Jan 29, 2018 21:27 |
|
hobbesmaster posted:lol at t-mobile’s 3g coverage their lte bands are very good
|
# ? Jan 29, 2018 21:30 |
|
|
# ? Jan 29, 2018 21:41 |
|
can't wait to see how the cisco security SME at work sweeps this one under the rug
|
# ? Jan 29, 2018 21:45 |
|
Shaggar posted:it means government control over the most used networks in your daily life . they can get whatever information they want from the current networks so I don’t see this as different from today. more direct control over the airwaves would probably allow for much more efficient use of available spectrum. (though I’m not saying it would work out that way)
|
# ? Jan 29, 2018 21:46 |
|
Kazinsal posted:can't wait to see how the cisco security SME at work sweeps this one under the rug
|
# ? Jan 29, 2018 21:50 |
|
anthonypants posted:disabling the webvpn feature seems like a no-brainer to me, but heck what do I know It's a firewall, just open the ports. Why make this overly complicated with a VPN tunnel?
|
# ? Jan 29, 2018 21:50 |
|
anthonypants posted:disabling the webvpn feature seems like a no-brainer to me, but heck what do I know knowing the ASA platform that'll probably gently caress anyconnect up somehow, which $employer uses for working remotely
|
# ? Jan 29, 2018 22:21 |
|
Kazinsal posted:knowing the ASA platform that'll probably gently caress anyconnect up somehow, which $employer uses for working remotely
|
# ? Jan 29, 2018 22:32 |
|
BangersInMyKnickers posted:It's a firewall, just open the ports. Why make this overly complicated with a VPN tunnel? once anarcho-communism takes over we won't need firewalls and everyone's ports will be open because we're just one big human family
|
# ? Jan 29, 2018 22:46 |
|
i once used cisco asa and vpn and it's a PIECE OF poo poo the way it routes/nats traffic to/from vpn is janky as gently caress. they should've just created a virtual interface for vpn traffic and called it a day but cisco gotta cisco
|
# ? Jan 29, 2018 22:50 |
|
Shinku ABOOKEN posted:i once used cisco asa and vpn and it's a PIECE OF poo poo gently caress ASAs https://supportforums.cisco.com/t5/security-documents/asa-8-3-upgrade-what-you-need-to-know/ta-p/3127078 This was the stupidest loving thing I ever did
|
# ? Jan 29, 2018 22:51 |
|
Every Cisco product is garbage and you should feel bad for buying them.
|
# ? Jan 29, 2018 23:05 |
|
https://twitter.com/BikeManStream/status/958073629006290944 flash back at it again boys
|
# ? Jan 29, 2018 23:50 |
|
hobbesmaster posted:cdma activations stop June 30 of this year for Verizon I'm finding nothing about this for AT&T. Just announcements that Verizon 2g and 3g services are to end before 2022 and that T-mobile is removing 3g services on certain bands. AT&T support has all sorts of announcements and info on 2g shutdown and actively encourages shifting to 3g with no indication of shutting that down any time soon.
|
# ? Jan 30, 2018 00:18 |
|
I guess this may fit here for privacy stuff: https://twitter.com/torproject/status/958016026431643648
|
# ? Jan 30, 2018 00:41 |
|
if you can’t do the time, don’t do the browsing
|
# ? Jan 30, 2018 01:28 |
|
Methanar posted:gently caress ASAs Lol I've done that. It was the worst. Anyway, now that I'm a big boy experienced network engineer I get unilateral decision making on vendor selection, and Cisco is never even in the same ball park. I do the vendor bake-offs and I've decided that the only reason someone chooses Cisco is because they are incompetent at their job.
|
# ? Jan 30, 2018 01:29 |
|
MononcQc posted:I guess this may fit here for privacy stuff: Nation state fuckup. (The gently caress up is the authoritarian nation state that doesn't have codified speech protections and narrow treason definitions not the browser cookie).
|
# ? Jan 30, 2018 01:31 |
|
MononcQc posted:I guess this may fit here for privacy stuff: never let the government near your communications infrastructure.
|
# ? Jan 30, 2018 01:43 |
|
ate poo poo on live tv posted:Lol I've done that. It was the worst. Anyway, now that I'm a big boy experienced network engineer I get unilateral decision making on vendor selection, and Cisco is never even in the same ball park. I do the vendor bake-offs and I've decided that the only reason someone chooses Cisco is because they are incompetent at their job.
|
# ? Jan 30, 2018 01:44 |
|
ate poo poo on live tv posted:Nation state fuckup. (The gently caress up is the authoritarian nation state that doesn't have codified speech protections and narrow treason definitions not the browser cookie). nice pull back, you almost insulted mechanical turkishness there
|
# ? Jan 30, 2018 01:44 |
|
ate poo poo on live tv posted:Lol I've done that. It was the worst. Anyway, now that I'm a big boy experienced network engineer I get unilateral decision making on vendor selection, and Cisco is never even in the same ball park. I do the vendor bake-offs and I've decided that the only reason someone chooses Cisco is because they are incompetent at their job. I will never put anything other than Arista switches in my datacenters again. 7280SR: 100gbps QSFPs and full internet BGP for $25k. Perimeter firewalls are bad and obsolete. Calico network policies at the kubernetes pod level or get the gently caress out.
|
# ? Jan 30, 2018 01:55 |
|
spit on my clit posted:https://twitter.com/BikeManStream/status/958073629006290944 flash back at it again boys you love to see it.
|
# ? Jan 30, 2018 01:58 |
|
MononcQc posted:I guess this may fit here for privacy stuff: oh no, this authoritarian regime purging tens of thousands of people based on shoddy-to-nonexistent evidence might have made a tech mistake!!!
|
# ? Jan 30, 2018 02:24 |
|
ate poo poo on live tv posted:the authoritarian nation state that doesn't have codified speech protections and narrow treason definitions sounds like a feature, not a bug, unless i'm missing something?
|
# ? Jan 30, 2018 02:40 |
|
anthonypants posted:who has the good networking equipment, we use asas as firewalls and vpn endpoints but we also have some brocades except now i guess they're owned by extreme We use Arista for switching and Juniper for routing/firewalls which I've been very consistently happy with, but we are web serving and a pretty small shop manpower-wise (3 engineers.) If you are worried about Enterprise security/proxy/utm then Palo Alto is highly recommended. If you are a little bit bigger then us but still web-serving, then you are wasting >300k/yr not just using an openflow whitebox/brightbox custom solution. For our employee VPN solution we are looking at Pulse Secure with Otka, but we are currently using OpenVPN which works, but doesn't have easy role-based user access. For the enterprise/office space, I'm really not sure who the best vendor is. I'm not a fan of Juniper Switching because of the bad cli model for Move/Adds/Changes, it makes day-to-day office operations harder then it needs to be. Arista isn't in the office space and Cisco is significantly more expensive. Maybe HP? Not really sure. In my current environment we use Juniper for wiring closets (price was right, plus familiarity) Fortunately I don't have to deal with the typical IT stuff, but talking with the IT Staff it's a pita compared to the Cisco model.
|
# ? Jan 30, 2018 02:49 |
|
Methanar posted:I will never put anything other than Arista switches in my datacenters again. 7280SR: 100gbps QSFPs and full internet BGP for $25k. though I wouldn't necessarily call perimeter firewalls "obsolete," depending on what you are doing. But yea, our current production model doesn't use a perimeter firewall, though our self-hosted customer portal does have the traditional Firewall/DMZ setup. I will say that I am a little iffy about Arista doing BGP Internet Routing. In a 'pod' situation like our hadoop cluster, sure, but internet policies etc, I'm not sold on yet. ate shit on live tv fucked around with this message at 02:56 on Jan 30, 2018 |
# ? Jan 30, 2018 02:53 |
|
ate poo poo on live tv posted:
I've got 50gbps of WAN bandwidth out 4 providers and soon at least another 10g direct DC interconnect to GCE running through a pair of 7280SRs and it's never once flinched on me in 2 years. I've got a handful of static ACLs on my BGP edge that drops SSH, weird poo poo like https://en.wikipedia.org/wiki/Character_Generator_Protocol#Abuse and whitelisted upstream sources for DNS, NTP. I don't do anything fancy with openflow or directflow because I don't need to. I strongly considered doing MLAG on my two edge switches when I was building everything, but I ultimately decided against it because of the complexity and just do everything through BGP now. It's good.
|
# ? Jan 30, 2018 03:40 |
|
Shaggar posted:never let a foreign government near your infrastructure. https://twitter.com/adrianzenz/status/957879611513278464
|
# ? Jan 30, 2018 04:29 |
|
Good to see that China is modernizing African exploitation for the 21st century.
|
# ? Jan 30, 2018 04:36 |
|
Shaggar posted:it means government control over the most used networks in your daily life . Build it themselves so that they have automatic access to monitoring every user to bypass the problems agencies have had with Stingray surveillance. By definition it means a weak security system with built in backdoors that obviously no bad actor will have access to (TM), increased cost for hardware and software as an added bonus as it only rolls out in the US and will be deliberately incompatible with foreign networks. Your typical win-win situation Maybe the Trump administration can force implementations to be built only on US soil too MrMoo fucked around with this message at 05:56 on Jan 30, 2018 |
# ? Jan 30, 2018 05:53 |
|
ate poo poo on live tv posted:Lol I've done that. It was the worst. Anyway, now that I'm a big boy experienced network engineer I get unilateral decision making on vendor selection, and Cisco is never even in the same ball park. I do the vendor bake-offs and I've decided that the only reason someone chooses Cisco is because they are incompetent at their job. Cisco still makes the best edge switches unless you don't use any features In the dc space dell switches running cumulus are the way to go if you don't mind the management
|
# ? Jan 30, 2018 08:57 |
|
https://twitter.com/WiredUK/status/958084308924760065 woops
|
# ? Jan 30, 2018 09:21 |
|
My question is who is more fault here, Strava for releasing the map, or Military institutions for not banning these devices
|
# ? Jan 30, 2018 09:23 |
|
FAT32 SHAMER posted:My question is who is more fault here, Strava for releasing the map, or Military institutions for not banning these devices I'd say it was absolutely the military. Yeah, releasing this sort of data is arguably irresponsible, but malicious actors don't need to wait for something like this to be released publicly if there's no policy against carrying these devices. Frankly it's probably better that this data is in the public domain now rather than Russian intelligence hacking Strava and having live tracking data on US military personnel (for example) and nobody realising it.
|
# ? Jan 30, 2018 09:50 |
|
|
# ? May 28, 2024 17:55 |
|
Can’t wait until we find out the moon landing was fake because sombody played Pokemon Go in a classified location or some poo poo. The future rules.
|
# ? Jan 30, 2018 10:03 |