|
BangersInMyKnickers posted:I prefer quad9 for some amount of malicious domain filtering my ISP's local resolver also hijacks not-found domains to display "helpful" never heard of quad9, i'll check it out thanks
|
#
?
Apr 3, 2019 14:57
|
|
|
|
| # ? May 20, 2024 09:50 |
|
|
CommieGIR posted:PLCs and most SCADA/Industrial Automation has little to nothing in the way of actual security, and tends to utilize outdated OSs and Software to handle the backend. the problem is one of the big benefits of those systems is realtime monitoring so you need access to that data from outside the control network. this means you cant totally airgap the system and you need to setup some kind of gateway between your control and operations networks. the goal is to limit what can get in and out. remote vendor access for maintenance is a whole other thing and in that case you tell them to pound sand and send someone out. Shaggar fucked around with this message at 15:26 on Apr 3, 2019 |
|
#
?
Apr 3, 2019 15:23
|
|
|
Shame Boy posted:my ISP's local resolver also hijacks not-found domains to display "helpful" TWC used to do this, but it looks like after spectrum bought them they don't anymore? atleast according to that test. I ended up setting 1.1.1.1 and some other server on my unifi gateway and now its like 15 ms faster than my isp for uncached responses!!
|
|
#
?
Apr 3, 2019 15:25
|
|
|
Shaggar posted:the problem is one of the big benefits of those systems is realtime monitoring so you need access to that data from outside the control network. this means you cant totally airgap the system and you need to setup some kind of gateway between your control and operations networks. the goal is to limit what can get in and out. The solution for some systems is to setup a seperate Monitor Only network that has no connection to the PLCs, a lot of power companies do this with remote Substations: All you can do is monitor, and if something needs to actually happen, someone has to be sent out.
|
|
#
?
Apr 3, 2019 15:33
|
|
|
CmdrRiker posted:For those of us not in infosec and are just the regular programmers that are super annoying about security, why is it a joke? For the most part the industry is 10+ years behind everyone else, they typically run networks like some lovely SOHO environment from the mid-00's. Monolithic flat lan with no redundancy or segregation/flood control? Check. Border firewall with an un-monitored and weak VPN service? Check. Absolutely no logging or log analytics? Check. Border firewall configured with a default outbound allow-all rule? Check. Running on commodity OS's without any hardening beyond a lovely AV install? Check. Patched? Probably not. Host firewalls? Disabled. Default vendor credentials that have never been rotated? You better believe it. You basically have a single protection layer of a border firewall with inbound deny rules but even that is often misconfigured and the second you're through that there's practically no protection or detection mechanisms left and an attacker can go loving hog wild on the place. BangersInMyKnickers fucked around with this message at 15:37 on Apr 3, 2019 |
|
#
?
Apr 3, 2019 15:34
|
|
|
CommieGIR posted:The solution for some systems is to setup a seperate Monitor Only network that has no connection to the PLCs, a lot of power companies do this with remote Substations: All you can do is monitor, and if something needs to actually happen, someone has to be sent out. Yeah, we started asking around for NERC-compliant facilities that use any of the vendors' remote access solutions and it was absolute crickets. At least the IT people that are running the large scale plants know enough that the border firewall is their only truly effective control and they refuse to compromise it. Our solution has been to dump the remote access appliances in the DMZ and firewall them off to the point that only the monitoring functionality works.
|
|
#
?
Apr 3, 2019 15:37
|
|
|
https://twitter.com/GalaxyKate/status/1113315381697949696 I laughed
|
|
#
?
Apr 3, 2019 15:39
|
|
|
the term "gender reveal" is pretty loving stupid for obvious reasons
|
|
#
?
Apr 3, 2019 15:43
|
|
|
BangersInMyKnickers posted:For the most part the industry is 10+ years behind everyone else, they typically run networks like some lovely SOHO environment from the mid-00's. Oh and you can't ever scan it with a vuln scanner or run effective pen tests because half of the stuff will poo poo the bed and shut down a production line costing $$$/hour losses.
|
|
#
?
Apr 3, 2019 15:44
|
|
|
|
|
#
?
Apr 3, 2019 16:08
|
|
|
the best way to monitor SCADA is to have it display on a screen locally, then have a webcam on a completely different network pointed at the screen
|
|
#
?
Apr 3, 2019 16:14
|
|
|
Chris Knight posted:the term "gender reveal" is pretty loving stupid for obvious reasons i'm the obvious reason
|
|
#
?
Apr 3, 2019 16:37
|
|
|
Chris Knight posted:the term "gender reveal" is pretty loving stupid for obvious reasons invite your friends and family to a gender reveal party and it's just a presentation about how gender is a social construct and distinct from biological sex
|
|
#
?
Apr 3, 2019 16:38
|
|
|
click here to request a gender reset email
|
|
#
?
Apr 3, 2019 16:41
|
|
|
scada bad because availability is one of the CIA services and the only one that mattered in industrial controls prior to computerization (confidentiality and integrity were provided by the building and not people touching the process)
|
|
#
?
Apr 3, 2019 16:42
|
|
|
well of course there was a male goose inside the cake, didn't you fuckers read the card
|
|
#
?
Apr 3, 2019 16:45
|
|
|
Shifty Pony posted:Facebook got caught demanding people give Facebook their email passwords gotta admit, I didn't think FB would be this blatant
|
|
#
?
Apr 3, 2019 16:48
|
|
|
Meat Beat Agent posted:click here to request a gender reset email i laughed
|
|
#
?
Apr 3, 2019 16:49
|
|
|
your gender must be at least eight characters long and contain a number
|
|
#
?
Apr 3, 2019 16:50
|
|
|
ymgve posted:the best way to monitor SCADA is to have it display on a screen locally, then have a webcam on a completely different network pointed at the screen
|
|
#
?
Apr 3, 2019 16:52
|
|
|
ymgve posted:the best way to monitor SCADA is to have it display on a screen locally, then have a webcam on a completely different network pointed at the screen would hooking a VGA cable into a KVM-over-IP box be acceptable? suppose you could rip out the E-DDC pins if you're concerned about somehow hacking over VGA
|
|
#
?
Apr 3, 2019 17:04
|
|
|
Main Paineframe posted:gotta admit, I didn't think FB would be this blatant hey, it worked (briefly) for LinkedIn
|
|
#
?
Apr 3, 2019 17:27
|
|
|
Shame Boy posted:that subtitle reminds me of this for some reason: I feel like that subtitle gets me. I want it as my epitaph.
|
|
#
?
Apr 3, 2019 17:37
|
|
|
ymgve posted:the best way to monitor SCADA is to have it display on a screen locally, then have a webcam on a completely different network pointed at the screen There's a couple Shodan feeds Ive seen like that
|
|
#
?
Apr 3, 2019 18:12
|
|
|
Cocoa Crispies posted:invite your friends and family to a gender reveal party and it's just a presentation about how gender is a social construct and distinct from biological sex "sex reveal party" sounds like something rather different
|
|
#
?
Apr 3, 2019 18:16
|
|
|
haveblue posted:your gender must be at least eight characters long and contain a number
|
|
#
?
Apr 3, 2019 18:18
|
|
|
haveblue posted:your gender must be at least eight characters long and contain a number Sorry, someone else has already chosen this gender, please try again. The gender and confirm gender fields must match, please try again.
|
|
#
?
Apr 3, 2019 18:42
|
|
|
your gender may not contain SELECT or ;
|
|
#
?
Apr 3, 2019 18:45
|
|
|
your gender is too similar to a previously used gender
|
|
#
?
Apr 3, 2019 19:15
|
|
|
If you've forgotten your gender, please click this button to have a temporary gender assigned.
|
|
#
?
Apr 3, 2019 19:22
|
|
|
your gender has expired, please enter a new one
|
|
#
?
Apr 3, 2019 19:23
|
|
|
forums hacked, 1.5m unencrypted genders for sale on dark web
|
|
#
?
Apr 3, 2019 19:26
|
|
|
Proteus Jones posted:If you've forgotten your gender, please click this button to have a temporary gender assigned. you'll be asked to present as one of your security genders first
|
|
#
?
Apr 3, 2019 19:28
|
|
|
Please consult your Autheticator application for your time-limited temporary gender.
|
|
#
?
Apr 3, 2019 19:29
|
|
|
something you have and something you are could be two different factors
|
|
#
?
Apr 3, 2019 19:30
|
|
|
Sorry, that gender is too common. Please pick something else.
|
|
#
?
Apr 3, 2019 19:33
|
|
|
Wiggly Wayne DDS posted:i thought teslas set themselves on fire to avoid this data loss problem they also veer the car into trucks as a brave new strategy where the user will never have to worry about their data being stolen cause they’ll be dead
|
|
#
?
Apr 3, 2019 19:38
|
|
|
gender strength: good
|
|
#
?
Apr 3, 2019 19:42
|
|
|
Shifty Pony posted:apparently if you have an adblocker running it shows a phone verification page instead. Also, trying to hide stuff always looks good when you're caught and try to pretend you didn't know it was bad.
|
|
#
?
Apr 3, 2019 19:43
|
|
|
|
| # ? May 20, 2024 09:50 |
|
|
flakeloaf posted:something you have and something you are could be two different factors 
|
|
#
?
Apr 3, 2019 19:50
|
|