|
BangersInMyKnickers posted:new WAF/IPS feature: randomly injected latency to create excessive noise for timing attacks Sheep posted:Honestly this seems like it is probably the most straightforward mitigation. Edit: Thinking about it, I do wonder if there's a way you can use ipfw tee to send traffic to an IDS which could then feed information back into dummynet so that it would only do latency injection when it detected a specific set of traffic patterns. BlankSystemDaemon fucked around with this message at 14:25 on Jul 28, 2018 |
#
?
Jul 28, 2018 11:55
|
|
|
|
| # ? Jun 9, 2024 07:58 |
|
|
Random noise slows down timing attacks but not nearly as much as you'd want it to.
|
|
#
?
Jul 28, 2018 17:58
|
|
|
Double Punctuation posted:If Spectre required admin access, then it wouldn’t be an exploit. Let's see, random scanning monitoring pages like firewall poo poo, SPA services/services like Ruby on Rails or Node.js with their own special implantation and monitoring software you know is just filthed up with JavaScript because "UX" design. Also the first part of your statement is backwards. I would be more worried of an attack that only works on admin because then the person doing the attack knows not only the attack works but because the attack works there is no doubt that they are touching an admin account.
|
|
#
?
Jul 28, 2018 18:21
|
|
|
EVIL Gibson posted:Also the first part of your statement is backwards. I would be more worried of an attack that only works on admin because then the person doing the attack knows not only the attack works but because the attack works there is no doubt that they are touching an admin account. ??? "This attack lets the admin do things they could do already" is not an exploit. I don't think you parsed their statement properly.
|
|
#
?
Jul 28, 2018 18:35
|
|
|
EVIL Gibson posted:I would be more worried of an attack that only works on admin because then the person doing the attack knows not only the attack works but because the attack works there is no doubt that they are touching an admin account.
|
|
#
?
Jul 28, 2018 18:58
|
|
|
Wiggly Wayne DDS posted:priv esc is dead folks, pack your bags It had a good run.
|
|
#
?
Jul 28, 2018 18:59
|
|
|
Volguus posted:Thunderbird rules. Thunderbird works. There are many like it, but this one is mine. My Thunderbird is my best friend. It is my life. I must master it as I must master my life. Without me, my Thunderbird is useless. Without my Thunderbird, I am useless. Sir this is a modern business
|
|
#
?
Jul 30, 2018 00:13
|
|
|
Can you use Thunderbird with Exchange
|
|
#
?
Jul 30, 2018 01:07
|
|
|
Iirc only via imap
|
|
#
?
Jul 30, 2018 01:14
|
|
|
There is a forked plugin for native exchange support in Thunderbird, but how you feel about some random GitHub that may not work with future versions of Thunderbird is another infosec discussion.
|
|
#
?
Jul 30, 2018 02:10
|
|
|
Apart from the FT ePass is anyone aware of any u2f device that also supports GIDS Smart card or loading JavaCardOS applets? Really would like to have U2F and GIDS support. YubiKey seems to have the ability to load JCOS applets but it isn't clear anymore that the manager keys are freely available
|
|
#
?
Jul 30, 2018 02:47
|
|
|
https://twitter.com/SwiftOnSecurity/status/1024103949639589888
|
|
#
?
Jul 31, 2018 02:29
|
|
|
Wiggly Wayne DDS posted:priv esc is dead folks, pack your bags ... Best practice is to make service accounts for each sensitive external services so even if that service owner is compromised, they are basically only locked down to to what they are permitted.
|
|
#
?
Jul 31, 2018 19:04
|
|
|
EVIL Gibson posted:... Hence the privilege escalation comment.
|
|
#
?
Aug 1, 2018 13:22
|
|
|
Imagine putting "Endorsed by @SwiftOnSecurity" on your resume
|
|
#
?
Aug 2, 2018 03:16
|
|
|
Potato Salad posted:Imagine putting "Endorsed by @SwiftOnSecurity" on your resume 
|
|
#
?
Aug 2, 2018 03:28
|
|
|
I like how the letter is written by Susan Bradley but the Computerworld article is written by Woody Leonhard.
|
|
#
?
Aug 2, 2018 03:46
|
|
|
EVIL Gibson posted:... ...Until they privesc to administrator. But yes, separation of duties/least privilege is good
|
|
#
?
Aug 2, 2018 11:23
|
|
|
vomit https://twitter.com/duosec/status/1024989452031143936
|
|
#
?
Aug 2, 2018 13:45
|
|
|
Goodbye duo, I really liked your service and how it worked with, but wasn't directly integrated into, anyconnect.
|
|
#
?
Aug 2, 2018 13:54
|
|
|
That is not the news I wanted to start my day with.
|
|
#
?
Aug 2, 2018 14:29
|
|
|
*deletes app*
|
|
#
?
Aug 2, 2018 16:37
|
|
|
Uh, stupid question for someone who's not familiar with the issues, why is being acquired by Cisco bad, aside from "giant company acquires another good, small company and ruins it"? We just switched to Duo and F5 BigIP for VPN where I work, so this may be relevant to me.
|
|
#
?
Aug 2, 2018 17:39
|
|
|
Darchangel posted:Uh, stupid question for someone who's not familiar with the issues, why is being acquired by Cisco bad, aside from "giant company acquires another good, small company and ruins it"? "This year has brought five undocumented backdoors in Cisco’s routers so far, and it isn't over yet. In March, a hardcoded account with the username “cisco” was revealed. The backdoor would have allowed attackers to access over 8.5 million Cisco routers and switches remotely."
|
|
#
?
Aug 2, 2018 17:46
|
|
|
Cisco has a reputation of cornering markets and ratcheting up the costs to near-intolerable levels while cutting support and development.
|
|
#
?
Aug 2, 2018 17:50
|
|
|
Features and product innovation go down. Security goes down. Support goes down. Prices go up.
|
|
#
?
Aug 2, 2018 17:53
|
|
|
"And probably more exciting on the national scale, Duo Security’s $1.17 billion valuation is the highest valuation we have seen of any venture-backed company in Michigan." hell yeah tech bubble is coming to the motor city
|
|
#
?
Aug 2, 2018 18:08
|
|
|
Diva Cupcake posted:Features and product innovation go down.
|
|
#
?
Aug 2, 2018 18:26
|
|
|
CRIP EATIN BREAD posted:"And probably more exciting on the national scale, Duo Security’s $1.17 billion valuation is the highest valuation we have seen of any venture-backed company in Michigan."
|
|
#
?
Aug 2, 2018 18:27
|
|
|
They also like to create obnoxious and nonsensical dependencies, so that to use one product successfully, you've really gotta use this OTHER product. They want to be the go-to for SO many categories of product that they're not actually competitive in :\
|
|
#
?
Aug 2, 2018 18:29
|
|
|
CRIP EATIN BREAD posted:hell yeah tech bubble is coming to the motor city Ann Arbor is not Detroit.
|
|
#
?
Aug 2, 2018 19:13
|
|
|
Sounds like Cisco is a fine example of business know-how. By which I mean a bunch of money grubbing assholes who aren't particularly good at what they purport to do. Guess they're really good at kickbacks and free lunches, 'cuz I see they're poo poo all over the place.
|
|
#
?
Aug 3, 2018 00:04
|
|
|
Cisco bought opendns and so far haven't hosed that up
|
|
#
?
Aug 3, 2018 00:19
|
|
|
Very cyberpunk: https://twitter.com/alt_kia/status/1024786909199884288
|
|
#
?
Aug 3, 2018 01:02
|
|
|
NevergirlsOFFICIAL posted:Cisco bought opendns and so far haven't hosed that up Kind of hard to gently caress up a DNS security company. I mean, they'll definitely try their hardest.
|
|
#
?
Aug 3, 2018 03:57
|
|
|
Yeah but Umbrella spawned out of it, and ain’t that some poo poo.
|
|
#
?
Aug 3, 2018 04:00
|
|
|
What the gently caress, context please
|
|
#
?
Aug 3, 2018 11:12
|
|
|
AlternateAccount posted:Yeah but Umbrella spawned out of it, and ain’t that some poo poo. Does it still not work on IPv6 networks?
|
|
#
?
Aug 3, 2018 11:41
|
|
|
Cup Runneth Over posted:What the gently caress, context please I'm guessing that it's "truck or trailer owner slaps GPS unit on truck or trailer, but truck driver doesn't like how they get treated when this information is gathered on them and brings a GPS-jammer on their drive; unwitting bystanders have their GPS jammed along the drivers route."
|
|
#
?
Aug 3, 2018 14:52
|
|
|
|
| # ? Jun 9, 2024 07:58 |
|
|
And they've been able to track the jammers by looking at the signature of the interference being generated
|
|
#
?
Aug 3, 2018 14:54
|
|