|
Rip zonealarm
|
# ? Mar 26, 2019 23:09 |
|
|
# ? May 19, 2024 21:40 |
|
mostly rip thinking that the identity of the base image of a process is a useful/refined security distinction
|
# ? Mar 26, 2019 23:15 |
|
speaking of jre, ghidra got an update today
|
# ? Mar 26, 2019 23:30 |
|
Midjack posted:motherfuckers act like they forgot about jre eqing for rotor
|
# ? Mar 26, 2019 23:38 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 26, 2019 23:39 |
|
Sniep posted:eqing for rotor thanks but i forgot i was logged in here so BAM
|
# ? Mar 26, 2019 23:39 |
|
pseudorandom name posted:speaking of jre, ghidra got an update today "turned on font antialiasing by default for linux" yup this is authentic government code
|
# ? Mar 27, 2019 00:17 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 27, 2019 00:28 |
|
Midjack posted:motherfuckers act like they forgot about jre drat lol also this actually happened at work! turns out some poo poo old application depends on it and its critical for hr so some poor fucker has to figure out how to keep it working! not me though!
|
# ? Mar 27, 2019 01:27 |
|
Midjack posted:motherfuckers act like they forgot about jre graph please
|
# ? Mar 27, 2019 03:32 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 27, 2019 05:47 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 27, 2019 06:17 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 27, 2019 06:21 |
|
now now we can just hang onto it until this thread gets closed yet again
|
# ? Mar 27, 2019 07:22 |
|
lotta yall dont understand thread semver minor point updates for title changes, version bumps for new threads please dont use yospos threads in production until you have internalized this
|
# ? Mar 27, 2019 08:07 |
|
also, mods plsMidjack posted:Security Fuckup Megathread - v17.1 - motherfuckers act like they forgot about jre also also, little snitch owns bones
|
# ? Mar 27, 2019 08:09 |
|
yoloer420 posted:The question was about process aware firewalls that work. They do work, I'm not aware of any enterprise level solutions (for anything) that work though. The tech exists however. it's called "the windows firewall"
|
# ? Mar 27, 2019 14:31 |
|
Krankenstyle posted:lotta yall dont understand thread semver I'm going to need to see your versioning documentation in the IG, this seems to be a non-security impacting change so you can probably use a wildcard.
|
# ? Mar 27, 2019 15:33 |
|
BangersInMyKnickers posted:it's called "the windows firewall" Windows firewall is good in the same way Defender is good. Microsoft actually implemented a relatively simple, good thing that you can manage centrally but then forgot that you might care about central logging.
|
# ? Mar 27, 2019 15:44 |
|
ewiley posted:Windows firewall is good in the same way Defender is good. Microsoft actually implemented a relatively simple, good thing that you can manage centrally but then forgot that you might care about central logging. They do need a native mechanism to forward that in to an event log but if you aren't already deploying a log forwarding agent to scape application log files then you've already messed up so its kinda a moot issue
|
# ? Mar 27, 2019 15:50 |
|
Krankenstyle posted:lotta yall dont understand thread semver actually i think you'll find the way semver works is nobody ever changes major versions because we need to "get a marketing win out of a new major version", minor versions are meaningless and patch versions are random and then someone changes it to be based on the current year and then never updates it again so your version is forever 2017.x.x
|
# ? Mar 27, 2019 16:28 |
|
half the libs are pre 1.0.0 and the versions mean nothing too
|
# ? Mar 27, 2019 16:31 |
|
Defender is getting stronger with ATP, ATA, and Sandbox testing builtin. Honestly, if you have Azure AD, even just for your off prem stuff, you should totally take advantage of ATP and their Event Forewarding Analysis stuff. We've been testing its use as a way to isolate infected machines, and even though it modifies the firewall to block all outbound internet traffic if it detects an infection, it keeps pushing the ATP and even forewarding for analysis
|
# ? Mar 27, 2019 16:32 |
|
Midjack posted:motherfuckers act like they forgot about jre
|
# ? Mar 27, 2019 16:59 |
|
Shame Boy posted:actually i think you'll find the way semver works is nobody ever changes major versions because we need to "get a marketing win out of a new major version", minor versions are meaningless and patch versions are random lol at using patch versions just increment the minor version number and look in the code if you want to see what check ins are covered in that
|
# ? Mar 27, 2019 17:04 |
|
CommieGIR posted:Defender is getting stronger with ATP, ATA, and Sandbox testing builtin. There's like 4 different ATP products
|
# ? Mar 27, 2019 17:06 |
|
Someone post some anime so we can force the devs to update
|
# ? Mar 27, 2019 17:21 |
smoka, i heed thee
|
|
# ? Mar 27, 2019 17:29 |
|
pro thread title
|
# ? Mar 27, 2019 18:44 |
Now fix the versioning
|
|
# ? Mar 27, 2019 18:52 |
|
cinci zoo sniper posted:Now fix the versioning
|
# ? Mar 27, 2019 18:56 |
|
cinci zoo sniper posted:Now fix the versioning lmao
|
# ? Mar 27, 2019 19:14 |
|
lel
|
# ? Mar 27, 2019 19:18 |
|
good hustle
|
# ? Mar 27, 2019 21:13 |
|
The Fool posted:There's like 4 different ATP products And I'm specifically talking about one of them. How it relates to the ATP product chain as a whole: CommieGIR fucked around with this message at 22:04 on Mar 27, 2019 |
# ? Mar 27, 2019 22:00 |
|
ftfy
|
# ? Mar 27, 2019 22:30 |
|
ate poo poo on live tv posted:Yea, this is where I'm at. Idempotent is a fun word, and ansible/network changes AREN'T. Thirding this. All configuration is a transition from some state to another state, and the concept of idempotence with regard to configuration just seems like either pretending the starting state doesn't exist or implicitly assuming a known clean starting state. I like Ansible for configuration automation, but the idempotent paradigm is stupid and I don't use it. I thought I was stupid or that I must have been using Ansible wrong. I may still be stupid, but it seems pretty clear to me after a few years of using it that Ansible itself misunderstands the nature of their own project.
|
# ? Mar 28, 2019 00:36 |
|
For Juniper devices Ansible works really well because you just delete the entire config, then apply the complete new one. Juniper commit engine is smart and as long as the section that you deleted and put back didn't change, the router won't recommit and cause router reconvergence, or firewalls to drop sessions etc. For Cisco/Arista, welp...
|
# ? Mar 28, 2019 04:38 |
|
Cisco had a rce vulnerability on one of their routers which was reported to them along with a curl command that would trigger the problem. They released an update that solves this problem by blocking user agents containing 'curl' https://twitter.com/RedTeamPT/status/1110843396657238016
|
# ? Mar 28, 2019 04:52 |
|
|
# ? May 19, 2024 21:40 |
|
Rahu posted:Cisco had a rce vulnerability on one of their routers which was reported to them along with a curl command that would trigger the problem.
|
# ? Mar 28, 2019 05:24 |