|
It's all automated and I don't know anything about the Exchange filters, so all I can say is that our security guy had a bit of a wake-up call yesterday. He does have certain IP ranges filtered, but idk how effective that even really is in this world of VPNs.
|
# ? Apr 26, 2019 01:40 |
|
|
# ? May 30, 2024 23:34 |
|
My company recently had a pissing match with Telus when our e-mail auto-responders got into a loop with each other.
|
# ? Apr 26, 2019 01:47 |
|
Schadenboner posted:The mistake was in accepting mail from Russia, hth? Or any IP traffic at all. We literally block the world on our edge firewalls except for the US and the Cayman Islands. Exec traveling outside the US for some reason? Better put in a ticket with what country and the dates and we will allow it only for that period. Between making sure O365 is using modern auth across the board and disabling pop/imap, this has greatly reduced incidences of any successful phishing attacks causing further damage. If they can’t get to our ADFS to authenticate in to O365, then they can’t get in period. Yes, this doesn’t help if they are proxied through a US host, but it’s pretty effective otherwise.
|
# ? Apr 26, 2019 01:50 |
|
Entropic posted:The glitch I had was much more literally hellish sounding. Sounds like an alien numbers station more than a portal to hell IMO
|
# ? Apr 26, 2019 02:06 |
|
Our helpdesk runs off a shared mailbox on which we turned off external senders.
|
# ? Apr 26, 2019 02:44 |
|
devmd01 posted:Or any IP traffic at all. We literally block the world on our edge firewalls except for the US and the Cayman Islands. Exec traveling outside the US for some reason? Better put in a ticket with what country and the dates and we will allow it only for that period. Plenty of IPs will get mis-categorized, I assume you're doing geo IP blocking? It's pretty effective, but we would run into at least 1 IP a week that was actually from somewhere in asia but was being categorized by the vendor as from the US. Still, defense in depth and all that.
|
# ? Apr 26, 2019 02:44 |
|
Schadenboner posted:The mistake was in accepting mail from Russia, hth? In the dark days before our gMail migration I had inherited a Communicate 4.5 server running on OS X 10.6 Server (on a G5 tower). Even with Postini filtering we got absolute floods of spam. So I started blocking larger and larger blocks of IP addresses. Pretty quickly I was blocking Class Cs, and then multiple Class Cs. I got frustrated one morning and blocked.... I think it was 8.0.0.0/8 to 12.0.0.0/8. Eastern and NE Europe basically. After lunch one of the department heads swung by my desk and mentioned that they hadn't had any email from $biggestClient today. They're in Finland. Oops. So I punched a (small) hole in the middle of that range and sent out a calmly worded email to the project team list.
|
# ? Apr 26, 2019 03:20 |
|
I've got one that I'm actually hoping you guys can help me out with here. Got a ticket from one of our digital marketing people. They're trying to do some audience match BS with Ebay, and essentially, I don't know how to help them. We have a CSV file with a list of names, email addresses, etc. Ebay wants us to: 1) Name the file a specific way. Easy 2) Convert all email addresses to UPPERCASE. Easy 3) Hash each email address using SHA-256 I have no loving idea how to do this. 4) Encrypt the file. Fine, we'll use GPG4Win and Kleopatra I'm really stuck on step 3 though. I'm a server, network, desktop, cloud guy. This seems to be falling down into programming/scripting, and it a bit out of my realm. Any thoughts?
|
# ? Apr 26, 2019 14:14 |
|
That seems to be asking you to do multiple things at once. Do they want the email address field in the .csv to be hashed? Do they want a file that is just a .csv consisting of only the email address hashed?
|
# ? Apr 26, 2019 14:23 |
|
Arquinsiel posted:That seems to be asking you to do multiple things at once. Do they want the email address field in the .csv to be hashed? Do they want a file that is just a .csv consisting of only the email address hashed? You're correct. They literally want an encrypted file (PGP) , that contains hashed (SHA256) email addresses. Double-safe? Seems a bit silly for email addresses, but it's what Ebay wants. I'm hoping that I do not have to be the person that does this for the dozens of files and bajillions of email addresses they're going to want. So I'll need something that a) can do this on Windows 10 and b) can be done by a standard User account. Sigh. I suppose I could try to write a powershell script that reads the base csv, feeds it to get-stringhash, then exports the hash back to a new CSV file, then encrypt it with gpg4win when it's done. Gerdalti fucked around with this message at 14:33 on Apr 26, 2019 |
# ? Apr 26, 2019 14:30 |
|
echo "aa@aa.com"|sha256sum
|
# ? Apr 26, 2019 14:31 |
|
Gerdalti posted:I've got one that I'm actually hoping you guys can help me out with here. Got a ticket from one of our digital marketing people. They're trying to do some audience match BS with Ebay, and essentially, I don't know how to help them. Unless you want it to take infinity days, something like a python script (or maybe PowerShell?) is going to be the only solution. This is doubly true if it's going to be ongoing. Ultimately, except for step 4, the whole thing is text manipulation. You can read in a CSV with Python and then create the new file (with special file name), do your caps conversion on a specific field, use hashlib to apply the hash and then write out to the new CSV file. hashlib is super simple: code:
|
# ? Apr 26, 2019 14:36 |
|
You know what is cool about IT? For every problem that leaves me thinking “I leave no idea how I’d go about tackling that.” There is someone who goes, “oh that’s easy. Just do blah blah blah” and knocks it out of the park. It’s trippy sometimes.
|
# ? Apr 26, 2019 16:03 |
|
Agrikk posted:You know what is cool about IT? That's why I posted it here. As an update, I found out that the file is simply 1 column of email addresses, so I've managed to automate steps 2 and 3, and now I'm struggling to get GPG4win to run properly in the powershell script. Any ideas? I just can't get it to parse properly no matter what I do. code:
|
# ? Apr 26, 2019 18:41 |
|
my cat is norris posted:A Russian email address sent our service desk address a little test email at 4:48 PM yesterday. My helpdesk got three of the 'deleterious soft' emails, in Chinese. I almost died laughing.
|
# ? Apr 26, 2019 18:44 |
|
Unsalted sha256 is super easy to crack, I bet I could get like 75% of those email addresses back. Anyway, you can definitely do this in Python but for this id just use bash like code:
|
# ? Apr 26, 2019 18:45 |
|
I don't know why, but wrapping the GPG calls in a function fixed it. For those interested in this lovely lovely project: code:
|
# ? Apr 26, 2019 19:37 |
|
Dirt Road Junglist posted:At least you've never inadvertently terminated your company's Japanese CEO? In my defense, he was on my list! Why not both?
|
# ? Apr 26, 2019 23:05 |
|
Gerdalti posted:I don't know why, but wrapping the GPG calls in a function fixed it. I have a few critiques on the code that may help you out. code:
code:
code:
You're going to get an error if there's not already a .hash file with that name present, this can be handled with a simple test. code:
First, there's no point in declaring $hasher and $encoding more than once. This will incur a performance penalty (though a fairly minor one), cut those and stick them above the for-loop. Second, overall $hash is fine, but it is a little hard to read and a bit slow. Third, you don't need to echo $hash to append it. You can pipe it directly. Lastly, every single run of the for-loop you're having to open your file to append the hash. This will totally cripple your script from a performance perspective. There are a few easy ways to handle that last point and the best method really depends on your environment and the files you're working with. You could add a test inside the loop to dump once an array reaches a certain size (I'd use this method if the files are larger than 10k/20k lines). If the lists are shorter you can just write it all to an array and dump it to a file at the very end. Here are some of the things I mentioned implemented, code:
This task would also be a good candidate for parallelization if you're looking at significantly larger lists. PBS fucked around with this message at 17:28 on Apr 27, 2019 |
# ? Apr 27, 2019 03:40 |
|
That's some great advice. I'm not very good with power shell, so I'll look at implementing those Monday morning. I couldn't get a definitive answer on how large the files will be, but experience has me thinking 500000 to 1500000 rows isn't out of the question. Thanks!
|
# ? Apr 27, 2019 12:27 |
|
Gerdalti posted:That's some great advice. I'm not very good with power shell, so I'll look at implementing those Monday morning. Made a few more edits. It'll now process 1.5m rows in ~80 seconds on my machine. Also, can be done fairly simply (and significantly more quickly) via python. Python 3.6 code:
Total Time: 6.09424614906311 Seconds Lines: 1,500,000 PBS fucked around with this message at 18:19 on Apr 27, 2019 |
# ? Apr 27, 2019 17:29 |
|
PBS posted:Also, can be done fairly simply (and significantly more quickly) via python. Yeah, Python is pretty much tailor made for this kind of stuff. But since they’re talking Powershell, I’m guessing Windows so they may not have/not be able to install Python.
|
# ? Apr 27, 2019 19:29 |
|
PBS posted:Made a few more edits. It'll now process 1.5m rows in ~80 seconds on my machine. Python is pretty great, but if you're stuck on any Powershell in the future, there's a megathread. https://forums.somethingawful.com/showthread.php?threadid=3286440
|
# ? Apr 27, 2019 20:47 |
|
Proteus Jones posted:Yeah, Python is pretty much tailor made for this kind of stuff. But since they’re talking Powershell, I’m guessing Windows so they may not have/not be able to install Python. Yeah, that's why I did the best I could in powershell first. If you can get python on any machine of the same OS type you can also compile a python script into an executable, making it more portable.
|
# ? Apr 27, 2019 21:08 |
|
Usually for stuff like this, I highlight the best bits. This is all best bits. quote:A 26-year-old internet entrepreneur faces up to 20 years behind bars in America, and a potential $250,000 fine, after attempt to steal a really not-very-good domain name.
|
# ? Apr 29, 2019 22:32 |
|
PBS posted:This assumes there's only one period in the filename, not a big deal really but could be a little confusing at some point. OP wants to use $var.LastIndexOf('.') to find the very last period.
|
# ? Apr 29, 2019 22:47 |
|
Shut up Meg posted:Usually for stuff like this, I highlight the best bits. At first I was “huh, you go to prison for domain squatting?” but then carried on reading and it was just
|
# ? Apr 29, 2019 22:56 |
|
Thanks Ants posted:At first I was “huh, you go to prison for domain squatting?” but then carried on reading and it was just Amazing that anyone could be that stupid. Of course they could trace it back to him, the guy that had been harassing him for the name.
|
# ? Apr 29, 2019 23:19 |
|
“Here just transfer the domain into this account in my name with all my other domains”
|
# ? Apr 30, 2019 00:04 |
Next time I’m writing front-end form validation I’ll be thinking about a guy getting pistol-whipped while filling it in
|
|
# ? Apr 30, 2019 00:08 |
|
Data Graham posted:Next time I’m writing front-end form validation I’ll be thinking about a guy getting pistol-whipped while filling it in Add a check box labeled “I am currently being held at gunpoint,” which, if checked, dispatches the police to the submitter’s IP address.
|
# ? Apr 30, 2019 01:30 |
|
Thanks Ants posted:“Here just transfer the domain into this account in my name with all my other domains” Even if he hadn't when he eventually setup a service at that domain it'd likely have been traceable back to him too. There's a lot of layers of stupid there.
|
# ? Apr 30, 2019 01:45 |
|
He didn't think that even after the robbery and the domain ended up in his account, that somehow just stay there? Like no one would ever go to the police?
|
# ? Apr 30, 2019 05:42 |
|
CitizenKain posted:He didn't think that even after the robbery and the domain ended up in his account, that somehow just stay there? Like no one would ever go to the police? He had his cousin tell the guy NOT to go to the police, didn't you pay attention?
|
# ? Apr 30, 2019 06:16 |
|
Imagine waking up every day to the fact that you nearly got killed over an internet domain. Decades of leaded gas fumes have made us crazy as a species.
|
# ? Apr 30, 2019 06:20 |
See, if you told me "a guy was robbed of a domain registration at gunpoint"... I can imagine a scenario where some online scammer has some untraceable hosting and false registration credentials to point it at, and just ties the dude up for a few hours while they hoover up people's login info or whatever, and the few hours they get are enough to be worth the effort. But no, he thought he could just steal a domain name forever and nobody would figure that out.
|
|
# ? Apr 30, 2019 07:57 |
|
Carth Dookie posted:Imagine waking up every day to the fact that you nearly got killed over an internet domain. The truth is even more unbearable: we're inherently like this with or without gas fumes.
|
# ? Apr 30, 2019 12:50 |
|
CitizenKain posted:He didn't think that even after the robbery and the domain ended up in his account, that somehow just stay there? Like no one would ever go to the police? He was hoping the other guy would be too intimidated to ever report it.
|
# ? Apr 30, 2019 13:50 |
|
I'll be honest, I would not be surprised if one of you relates an IT story where your boss hands you a gun.
|
# ? Apr 30, 2019 17:22 |
|
|
# ? May 30, 2024 23:34 |
|
Shut up Meg posted:I'll be honest, I would not be surprised if one of you relates an IT story where your boss hands you a gun. I have one, but it was because my boss was buying the gun and wanted to show it off. Nothing exciting happened. Unrelated, the guy he bought the gun from is in prison now.
|
# ? Apr 30, 2019 17:30 |