|
Furism posted:tldr; if they throw you in an oven because of your DNA, at least take comfort in knowing it was just a wild guess. The holocaust was preceded by massive data collection - censuses, birth/marriage/death records, etc. IBM played a part but stridently deny that they knew anything. Not wanting your genetic code indexed is prudent, especially if you are aware how population data was misused in the previous century. It's not really negated by the argument "well there's no genetic marker for Judaism".
|
# ? Jun 8, 2018 01:31 |
|
|
# ? May 10, 2024 11:59 |
|
It's all well and good to that religion isn't genetic, but Judaism was under the Nuremburg laws. Nuns and priests were gassed because they had grandparents who ticked Jew on a census decades earlier.
|
# ? Jun 8, 2018 02:15 |
|
mewse posted:The holocaust was preceded by massive data collection - censuses, birth/marriage/death records, etc. IBM played a part but stridently deny that they knew anything. Not wanting your genetic code indexed is prudent, especially if you are aware how population data was misused in the previous century. It's not really negated by the argument "well there's no genetic marker for Judaism". Just recently, the Golden State Killer was caught using DNA data collected by a private company. Which is great in this case, but the privacy implications are troubling.
|
# ? Jun 8, 2018 02:57 |
|
says here you share a lot of genetic traits with the golden state killer, welcome to the police department
|
# ? Jun 8, 2018 06:04 |
|
doctorfrog posted:says here you share a lot of genetic traits with the golden state killer, welcome to the police department I mean locking up old, white males may not be the worst idea.
|
# ? Jun 8, 2018 17:37 |
|
mewse posted:The holocaust was preceded by massive data collection - censuses, birth/marriage/death records, etc. IBM played a part but stridently deny that they knew anything. Not wanting your genetic code indexed is prudent, especially if you are aware how population data was misused in the previous century. It's not really negated by the argument "well there's no genetic marker for Judaism". Well, yeah, privacy matters and mass-collecting DNA by anyone Doesn't Sound Good and people probably shouldn't do it. My point was just that being Jewish or not is irrelevant in this context.
|
# ? Jun 8, 2018 21:22 |
|
Furism posted:Well, yeah, privacy matters and mass-collecting DNA by anyone Doesn't Sound Good and people probably shouldn't do it. My point was just that being Jewish or not is irrelevant in this context.
|
# ? Jun 8, 2018 21:34 |
|
https://twitter.com/phat_hobbit/status/1005465815896883200
|
# ? Jun 9, 2018 16:09 |
|
I've been trying to figure my way around this. Far as I can tell every goddamn Linux distro connects to SMB shares with v1 by default. ARRG [edit] And printers, at the very least Ricoh and some others scan to folder And some Android apps redeyes fucked around with this message at 16:26 on Jun 9, 2018 |
# ? Jun 9, 2018 16:18 |
|
Even the very latest Ubuntu has an smb client that doesn’t auto negotiate to v2.
|
# ? Jun 9, 2018 16:26 |
|
evil_bunnY posted:Even the very latest Ubuntu has an smb client that doesn’t auto negotiate to v2. Yeah and that is why every ubuntu based distro is broken talking to windows right now.
|
# ? Jun 9, 2018 16:27 |
|
We mount our shared storage by specifying vers=2 but yeah it’s just dumb that it can’t auto negotiate up if it can do v2
|
# ? Jun 9, 2018 16:49 |
|
redeyes posted:I've been trying to figure my way around this. Far as I can tell every goddamn Linux distro connects to SMB shares with v1 by default. ARRG
|
# ? Jun 9, 2018 20:13 |
|
I've always wanted to move to NFS but setting that up correctly is a pain. You think you gave the share all the right permissions, groups and others, but then only maybe half your devices will even see the shares and half of that will not be able to understand it requires a username/password. Then you type in two commands and you immediately have SMB shares working.
|
# ? Jun 10, 2018 02:40 |
|
Does Windows have an SFTP client and/or server now that it has SSH?
|
# ? Jun 10, 2018 16:06 |
|
Yeah, Windows now includes the sftp command by default since OpenSSH comes as a default feature on the latest builds. Edit: dunno if WSL includes sftp or not. Sheep fucked around with this message at 12:12 on Jun 11, 2018 |
# ? Jun 11, 2018 11:52 |
|
I use lftp through WSL all the time. I don't think it comes with it, but you just apt install it and off you go.
|
# ? Jun 11, 2018 14:11 |
|
I'm trying tenable.io for the first time, it's really slick. Big step up from the older version of Security Centre that I've used for years at my last job. welp that's my monday infosec thoughts, cheers
|
# ? Jun 12, 2018 00:26 |
|
CLAM DOWN posted:I'm trying tenable.io for the first time, it's really slick. Big step up from the older version of Security Centre that I've used for years at my last job. What are the things that you like about tenable.io? I have heard absolutely terrible things about Tenable from a friend running TVM at another company (mixed SecCenter and tenable.io). I have mild complaints and irritations with Nexpose but nothing major and I'd def recommend you check them out if tenable.io isn't needs suiting. Monday Infosec Thoughts: Trying to wrestle Splunk Universal Forwarders to take powershell input appears to be a pain in the rear end and I really wished I had proserv for some questions like this.
|
# ? Jun 12, 2018 20:31 |
|
I'm doing some test work for the Splunk guy to get away from running the UF on all the endpoint and instead do event log subscriptions out to a collector box and then drop the UF on just that, similar to how we're doing our syslog ingest. Seems easier to propagate and the permissions model is much nicer since it will run with Event Log Readers perm instead of local admin or [shudder] DA.
|
# ? Jun 12, 2018 21:11 |
|
CLAM DOWN posted:I'm trying tenable.io for the first time, it's really slick. Big step up from the older version of Security Centre that I've used for years at my last job. But it ain't DarkTrace levels of pretty.
|
# ? Jun 12, 2018 22:20 |
|
BangersInMyKnickers posted:I'm doing some test work for the Splunk guy to get away from running the UF on all the endpoint and instead do event log subscriptions out to a collector box and then drop the UF on just that, similar to how we're doing our syslog ingest. Seems easier to propagate and the permissions model is much nicer since it will run with Event Log Readers perm instead of local admin or [shudder] DA. Oh please talk about this! Two big things I want to implement are: - WEF to a collector box (you can't get rid of the bullshit at the end of windows events unless you are handling log ingestion to the indexing cluster from a heavy forwarder) which will end up saving us a few 10s of gigs on our license - Getting everyone on at least WMF5 for powershell OTS and scriptblock logging WEF seems like to do it right the company needs a PKI which we: do not have, and the PS logging seems to require some new shares set up to get it done right. How are you going about it?
|
# ? Jun 12, 2018 22:47 |
|
Anyone using Splunk stream to capture DNS logs on a Windows DNS server? I see you can do it with the MS DNS add-on but the debug log files look quite , and it seems easier to filter internal DNS requests out with Stream.
|
# ? Jun 12, 2018 23:23 |
|
Jeoh posted:But it ain't DarkTrace levels of pretty. don't trigger me like this
|
# ? Jun 12, 2018 23:24 |
|
Softcox posted:Anyone using Splunk stream to capture DNS logs on a Windows DNS server? I see you can do it with the MS DNS add-on but the debug log files look quite , and it seems easier to filter internal DNS requests out with Stream. I capture them by dropping them to flat files and making the splunk forwarder read the flat files. It works okay.
|
# ? Jun 13, 2018 04:01 |
|
Jowj posted:What are the things that you like about tenable.io? Chiming since I'm in the middle of a migration from a mix of Nexpose and Nessus scanners to TIO. If you like Nessus, it's great as the interface has that feel. It's got cool stuff with remote agents and scanners and while not finished, there's an asset tagging system so you can add descriptors to your hosts. I'm using this to identify system owner so I know who can fix what gets found. The dashboards are nice as well, but will be better once they implement more customizations and the ability to create reports off tags as well. We went with it for cost reasons mainly. I tested both tenable and InsightVM and found them both to do what I wanted and they gave the same results. If you're on rapid7 whatever and happy with it, my tests indicated no real reason to migrate. They both feel pretty equal to me.
|
# ? Jun 13, 2018 17:32 |
|
Boner Wad posted:I capture them by dropping them to flat files and making the splunk forwarder read the flat files. It works okay. I read this as "I capture them by fropping them flat on their face". I liked it better that way.
|
# ? Jun 13, 2018 18:03 |
|
Any recommendations on password managers for non-IT groups that are affordable? Our marketing department has a bunch of social media accounts that they need to store.
|
# ? Jun 13, 2018 18:40 |
|
1password teams?
|
# ? Jun 13, 2018 18:44 |
|
Softcox posted:Anyone using Splunk stream to capture DNS logs on a Windows DNS server? I see you can do it with the MS DNS add-on but the debug log files look quite , and it seems easier to filter internal DNS requests out with Stream. It works fine with an ISF and a TAP/SPAN/Mirror but just give up now if you're trying to use the TA with a universal forwarder and care about data integrity. The TA does no local buffering, and drops the queue at the sign of any issue.
|
# ? Jun 13, 2018 19:20 |
|
Good for small numbers of users; they just released a business version with AD integration if you like it but need a bit more manageability (can’t say I’ve tried that version, mind you).
|
# ? Jun 14, 2018 00:47 |
|
Softcox posted:Anyone using Splunk stream to capture DNS logs on a Windows DNS server? I see you can do it with the MS DNS add-on but the debug log files look quite , and it seems easier to filter internal DNS requests out with Stream. Grassy Knowles posted:It works fine with an ISF and a TAP/SPAN/Mirror but just give up now if you're trying to use the TA with a universal forwarder and care about data integrity. The TA does no local buffering, and drops the queue at the sign of any issue. Hi. I do this. I recommend using Stream with DNS over reading the DNS logs directly. The DNS logs within Windows are just awful and when Stream became an option for me I latched on to it. Having an RSPAN, TAP, or whatever is definitely the best option. Also make sure to have your DNS centralised otherwise having to setup and configure multiple sniffing points will become problematic. The way I have it configured is that I have four DNS servers that are separated by geography with secondary falling to a local domain controller. Stream is configured on a separate VM at their respective sites where it listens to the traffic being sent to the DNS servers. It works well and I recommend it over the native Windows logging.
|
# ? Jun 14, 2018 01:03 |
|
Lain Iwakura posted:Hi. I do this. Thanks, that’s super helpful. Stream on separate VMs with span ports sounds the most scalable. Plus I can’t easily break anything on the DNS servers that way
|
# ? Jun 14, 2018 12:22 |
|
What is Stream in this context? Sounds better than what I was doing but has somewhat of an ambiguous name and my searches are failing me.
|
# ? Jun 14, 2018 17:52 |
|
Splunk Stream, I think?
|
# ? Jun 14, 2018 17:59 |
|
Basically a Splunk Span Port adapter. I haven't heard it used for DNS, what's wrong with the default windows input?
|
# ? Jun 14, 2018 19:25 |
|
Jowj posted:Oh please talk about this! Two big things I want to implement are: The documentation says you only need PKI if you don't have kerberos for system authentication (or go noauth yolo and rely on the firewall). Hopefully that's true, since I'm banking on it. Test environment is still locked up in a zone while I wait for firewall rules to get opened so I can get it pulling logs.
|
# ? Jun 14, 2018 19:31 |
|
Mustache Ride posted:Basically a Splunk Span Port adapter. Relies on disk writes and to be enabled through the registry or through a patch. https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn800669(v=ws.11)#dbug
|
# ? Jun 14, 2018 21:37 |
|
There's always good ole ram disks if you want to get weird about it.
|
# ? Jun 14, 2018 22:25 |
|
|
# ? May 10, 2024 11:59 |
|
https://twitter.com/Ehmee/status/1007348713117929472
|
# ? Jun 15, 2018 00:19 |