|
BangersInMyKnickers posted:Clearly lying to auditors is the most viable and prudent path forward Then the FDA "hi you can't make more drugs now til you fix this poo poo" catches you. :/
|
#
?
Dec 26, 2018 16:59
|
|
|
|
| # ? Jun 9, 2024 06:48 |
|
|
Sounds like someone is pretty bad at lying
|
|
#
?
Dec 26, 2018 17:00
|
|
|
We have a government project that forbids us from using encryption between internal endpoints because they want to be able to inspect the traffic. The best was when they wanted auth only to be encrypted for something, but the actual communication needed to be in clear text. Ensuring the secrecy of the credentials was more important than ensuring the integrity of the data those credentials were protecting.
|
|
#
?
Dec 26, 2018 17:02
|
|
|
bull3964 posted:We have a government project that forbids us from using encryption between internal endpoints because they want to be able to inspect the traffic. Well it's important to prove that you could encrypt it if you wanted to.
|
|
#
?
Dec 26, 2018 17:04
|
|
|
Rust Martialis posted:Any Tenable Nessus users here using it to report compliance to templates from Security Center? Either roll-your-own, or the canned templates (SOX, PCI DSS, HIPPA/HITECH, etc.). Looking for good/bad reviews before I try to force security to devote project hours. We did this in Tenables and it worked fine, we rolled our own templates for CSOX and a few others.
|
|
#
?
Dec 26, 2018 19:04
|
|
|
Anyone else here signed up for Kringlecon this year? The recorded talks are pretty good, definitely worth checking out if you weren't previously aware of it. ...that is all... 
|
|
#
?
Dec 28, 2018 14:52
|
|
|
bull3964 posted:We have a government project that forbids us from using encryption between internal endpoints because they want to be able to inspect the traffic. Eh, as long as you're including some kind of signed digest for the data, and the data isn't something that needs to be secret, it's crazy but not THAT crazy. There's no digest, I'm sure.
|
|
#
?
Dec 28, 2018 23:05
|
|
|
Happy birthday, everyone. 
|
|
#
?
Jan 1, 2019 01:12
|
|
|
TinTower posted:Happy birthday, everyone. Wow, you were also born January first 1900? That’s amazing! Thought I was the only one
|
|
#
?
Jan 1, 2019 22:49
|
|
|
OSU_Matthew posted:Wow, you were also born January first 1900? That’s amazing! Thought I was the only one I think some of us are 70 years younger than that. 
|
|
#
?
Jan 2, 2019 00:08
|
|
|
Man I really hope Trump signs that executive order banning Huawei equipment in the US. Connected to a Huawei network before connecting to a VPN like an idiot while travelling and the phishing texts and emails were nearly instantaneous.
|
|
#
?
Jan 2, 2019 04:33
|
|
Cat Army
|
TinTower posted:Happy birthday, everyone. Okay, that one took me a while 
|
|
#
?
Jan 2, 2019 08:07
|
|
|
The Iron Rose posted:Man I really hope Trump signs that executive order banning Huawei equipment in the US. Connected to a Huawei network before connecting to a VPN like an idiot while travelling and the phishing texts and emails were nearly instantaneous. There's unlikely to be any connection, this sounds like nonsense. Unless you're using unencrypted communication, and in that case I don't think you'd need to be concerned about Huawei. Lambert fucked around with this message at 12:03 on Jan 2, 2019 |
|
#
?
Jan 2, 2019 12:00
|
|
|
Cup Runneth Over posted:Okay, that one took me a while
|
|
#
?
Jan 2, 2019 13:12
|
|
|
D. Ebdrup posted:I apparently have a huge case of the dumbs, because I have no idea. When you register an account that doesn’t matter, do you give your real DOB or do you fake it? What is the easiest fake to enter?
|
|
#
?
Jan 2, 2019 14:36
|
|
|
PCjr sidecar posted:When you register an account that doesn’t matter, do you give your real DOB or do you fake it? What is the easiest fake to enter? That's a pretty good joke, too.
|
|
#
?
Jan 2, 2019 22:20
|
|
|
at one point, steam said something like 90% of its users has a 1/1 birthday lmao
|
|
#
?
Jan 2, 2019 22:41
|
|
|
4/20/69 baby
|
|
#
?
Jan 2, 2019 22:42
|
|
|
BangersInMyKnickers posted:4/20/69 baby hell, same
|
|
#
?
Jan 3, 2019 02:13
|
|
|
BangersInMyKnickers posted:4/20/69 baby Lmao I'm glad I'm not the only one who does this one
|
|
#
?
Jan 3, 2019 02:28
|
|
|
CLAM DOWN posted:Lmao I'm glad I'm not the only one who does this one I'm worried about the maniacs who don't do this
|
|
#
?
Jan 3, 2019 02:47
|
|
|
I'm going to ask some very dumb questions, but please bear with me. I'm currently working from home, so my boss installed OpenVPN in order for me to be able to access all the documents that are hosted in the company's server. Whenever I'm connected through OpenVPN to access those work files, can he see anything that I do in my computer at all? Like, which websites I'm browsing right now or my browser traffic, for example. Or any other stuff that's personal like my computer files, etc.
|
|
#
?
Jan 3, 2019 14:29
|
|
|
Mystic Stylez posted:I'm going to ask some very dumb questions, but please bear with me. This is going to depend on how the routing table and dns is configured for the tunnel. If its configured for full tunnel then everything is going to be bounced through your work and then out to the internet. A trace route to some common website can probably confirm this. The content itself (youre poasts) will be encrypted over https in most cases, but other things like the SNI header for the website name or the DNS requests you used to get there could end up being logged on their end. Even if it isn't a full-tunnel configuration, your DNS requests are most likely going through their corporate servers which will be plaintext and loggable. You can somewhat protect for that by using DNS over HTTPS if your browser supports it https://en.wikipedia.org/wiki/DNS_over_HTTPS A TOR browser might be another viable option though it will probably set off some flags on common security software. It may be possible that file shares on your system become exposed on the corporate network when you are connected. Again, depends on the config. If you're giving anonymous/everyone groups permissions to file shares then assume that is exposed.
|
|
#
?
Jan 3, 2019 14:40
|
|
|
BangersInMyKnickers posted:This is going to depend on how the routing table and dns is configured for the tunnel. I'm very illiterate when it comes to those things so I guess I don't really follow you. How can I do a trace route (if I actually can) to confirm if it's a full tunnel? When you say file shares, what exactly are those? Because when I click on Network on File Explorer, it says "file sharing is turned off", is that enough? What I meant by access my files is things that are in normal folders in my computer's HD. E: VVVVVVVVVV Midgets, obviously. Mystic Stylez fucked around with this message at 15:05 on Jan 3, 2019 |
|
#
?
Jan 3, 2019 14:52
|
|
|
Mystic Stylez posted:I'm going to ask some very dumb questions, but please bear with me. What porn are you watching this morning?
|
|
#
?
Jan 3, 2019 14:59
|
|
|
If you go to https://www.whatismyip.com when you're connected to the VPN, and again when you're off the VPN, are the addresses different? If they are then you're probably in a full tunnel, which means everything can be inspected if it's clear text. If the addresses are the same then you're in a split tunnel but there's no guarantee that your DNS requests aren't being logged or another payload was deployed alongside the OpenVPN installer.
|
|
#
?
Jan 3, 2019 15:10
|
|
|
Yeah it's the same IP whether I'm connected to the VPN or not, which I guess is a little better? If my DNS requests are being logged and poo poo, is it really easy to check that I'm shitposting at the SOMETHINGAWFULDOTCOMFORUMS or playing Solitaire on Steam or whatever, or would he have to go through some poo poo to check? I don't think he can be arsed to do those things/really cares, but anyway. Mystic Stylez fucked around with this message at 15:41 on Jan 3, 2019 |
|
#
?
Jan 3, 2019 15:39
|
|
|
It really depends how much of a poo poo he gives. He could have made it very easy for himself to spy on everyone, or he may not be logging anything at all. We have no way of knowing this. If you are seriously worried about it, just disconnect from the VPN when you need to And if they did have you install some kind of tracking software on your personal machine that reports back, especially without your consent, that is ethically terrible and legally dubious. Docjowles fucked around with this message at 15:59 on Jan 3, 2019 |
|
#
?
Jan 3, 2019 15:55
|
|
|
Yeah, he actually came home and installed it right by my side, it was only OpenVPN. He's actually very cool, so I doubt he would do such things. It's just something to keep me at ease. Thanks for the help, guys! e: VVV lol Mystic Stylez fucked around with this message at 16:20 on Jan 3, 2019 |
|
#
?
Jan 3, 2019 16:10
|
|
|
Mystic Stylez posted:Yeah, he actually came home and installed it right by my side, it was only OpenVPN. He's actually very cool, so I doubt he would do such things. It's just something to keep me at ease. Thanks for the help, guys! ....your boss came to your home and you let him onto your personal computer to install stuff??
|
|
#
?
Jan 3, 2019 16:17
|
|
|
Dude get a different computer for work and personal stuff. If something happens in that company there's a possibility they can take your personal computer and do scary forensics on it. Does work have the option to assign you a computer? Can you buy a cheap Chromebook to watch your Midget Porn on?
|
|
#
?
Jan 3, 2019 17:04
|
|
|
Mystic Stylez posted:Yeah it's the same IP whether I'm connected to the VPN or not, which I guess is a little better? Since you confirmed its not a full tunnel, use Firefox with DNS over HTTPS for browsing and you should be good. https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/ DNS requests for things like steam might end up going through the work servers but since those are background services you have a fair amount of plausible deniability there.
|
|
#
?
Jan 3, 2019 17:21
|
|
|
Or just don't do non-work stuff while on the work vpn 
|
|
#
?
Jan 3, 2019 17:24
|
|
|
It's not like I work for a gigantic company, it's a small business where the owner is a family friend and there's like three other employees. I don't live in the US or Europe. I use the VPN to access a bunch of .doc and .pdf files. I don't have the money to get another computer just to separate things right now, isn't just disconnecting from the VPN and exiting OpenVPN enough? I also don't think he would be upset because I'm browsing news sites during work hours or poo poo, the other employees that actually work there do that all the time.BangersInMyKnickers posted:Since you confirmed its not a full tunnel, use Firefox with DNS over HTTPS for browsing and you should be good. Still this is good to know, thanks for being helpful!
|
|
#
?
Jan 3, 2019 17:25
|
|
|
Mystic Stylez posted:It's not like I work for a gigantic company, it's a small business where the owner is a family friend and there's like three other employees. That does not make it okay. You have to cover your own rear end.
|
|
#
?
Jan 3, 2019 17:33
|
|
|
CLAM DOWN posted:That does not make it okay. You have to cover your own rear end. So if I can get a separate computer with the VPN installed and only my work stuff there is it sufficient or do I need anything more?
|
|
#
?
Jan 3, 2019 17:38
|
|
|
Mystic Stylez posted:So if I can get a separate computer with the VPN installed and only my work stuff there is it sufficient or do I need anything more? Please make sure your work pays for this other computer.
|
|
#
?
Jan 3, 2019 17:39
|
|
|
Mystic Stylez posted:So if I can get a separate computer with the VPN installed and only my work stuff there is it sufficient or do I need anything more? That's the general idea. Sickening posted:Please make sure your work pays for this other computer. A hundred thousand times this.
|
|
#
?
Jan 3, 2019 17:58
|
|
|
Mystic Stylez posted:So if I can get a separate computer with the VPN installed and only my work stuff there is it sufficient or do I need anything more? Yup that's exactly what you should be doing, and your work should be paying for every cent of this. This is the normal thing to do, when you are required to log in remotely/work from home. Do not, repeat do not, pay for this 2nd computer yourself. Under any circumstance.
|
|
#
?
Jan 3, 2019 18:07
|
|
|
|
| # ? Jun 9, 2024 06:48 |
|
|
OK, I'll see about that, again thanks for all the help, guys!
|
|
#
?
Jan 3, 2019 18:12
|
|