|
trashy owl posted:Unsure what other outcome you would expect here? That's going to look like normal web traffic. From Russian and Chinese IPs for which I'm certain no one else in our network is pulling gigabytes from. Just thought they'd say something to me, I dunno. I'm making it very clear that I want their sever-ance package 
|
#
?
Mar 12, 2021 03:34
|
|
|
|
| # ? May 19, 2024 19:37 |
|
|
droll posted:I'm making it very clear that I want their sever-ance package Good. Hearing the phrase "Wake Up Authority" strikes me as what an old coworker used to call a "resume generating event."
|
|
#
?
Mar 12, 2021 06:16
|
|
|
Cup Runneth Over posted:Good. Hearing the phrase "Wake Up Authority" strikes me as what an old coworker used to call a "resume generating event." Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep?
|
|
#
?
Mar 12, 2021 07:04
|
|
|
droll posted:From Russian and Chinese IPs for which I'm certain no one else in our network is pulling gigabytes from. Just thought they'd say something to me, I dunno. You never know. Now if you were uploading gigabytes? Maybe.
|
|
#
?
Mar 12, 2021 07:38
|
|
|
droll posted:Seems all a bit silly. Maybe I'm just too new to 'big security'. Looks like it
|
|
#
?
Mar 12, 2021 07:52
|
|
|
Defenestrategy posted:Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep? Plenty of places do it. Early on in my career I dealt with an extremely lovely on-call situation. Since then it has gotten better, but through most of my travels even if I'm not technically on call, if I don't answer poo poo will be down until I do. You just kind of cross your fingers if you're going to be on vacation and out of touch and hope the company still exists when you get back. It's not good and no place should be like this, but a lot are. I will say that the cloud has helped a lot in this realm.
|
|
#
?
Mar 12, 2021 07:54
|
|
|
spankmeister posted:Looks like it Speaking as a silly big security person that just runs scans, generates reports and acts like they're helpful? I'm sure.
|
|
#
?
Mar 12, 2021 07:55
|
|
|
Defenestrategy posted:Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep? I've done it and it sucks but I just took things a bit more slowly and it's fine. The worst part is getting back to sleep.
|
|
#
?
Mar 12, 2021 07:59
|
|
|
droll posted:Speaking as a silly big security person that just runs scans, generates reports and acts like they're helpful? I'm sure. You're just being reactionary to the big takeover and the new company butting in and changing everything, usually not for the better. I get that, I would probably do that too. But downloading ISO's from China and Russia to elicit some response is juvenile and insulting to the intelligence of their security people. Which might be deserved, but it's still lame af. Imo, try to be constructive instead. Or just GTFO that's what I'd probably be doing.
|
|
#
?
Mar 12, 2021 08:03
|
|
|
Defenestrategy posted:Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep? If there's a critical service issue that affects the company's bottom line, then yeah, you need someone to deal with that in order to ensure the future of your job. But you don't have the authority to wake me up for whatever reason you want. The servers have authority to wake me up, if they decide to gently caress themselves. Then, and only then, can you call me at 2 am, panicking and apologizing, to beg me to fix it. Otherwise go gently caress yourself, especially if I'm salaried, ESPECIALLY especially if I'm not and you try to weasel out of paying me overtime. If my job doesn't respect my work-life balance then I'll find a new job.
|
|
#
?
Mar 12, 2021 09:55
|
|
|
spankmeister posted:You're just being reactionary Absolutely yes I am I don't want to be there. They're throwing money at me to stay for 6 months so I'll do it. I want to rapid build reasonably secure services which is what I've done but my job just suddenly stopped being that. It's weird, new thing at my level. Sorry for unloading on the thread!
|
|
#
?
Mar 12, 2021 10:05
|
|
|
https://www.lawgazette.co.uk/news/uk-to-depart-from-gdpr/5107685.article gently caress sake
|
|
|
#
?
Mar 12, 2021 12:43
|
|
|
CyberPingu posted:https://www.lawgazette.co.uk/news/uk-to-depart-from-gdpr/5107685.article "afraid of inadvertently breaking [the rules]" lol ok boomer
|
|
#
?
Mar 12, 2021 13:04
|
|
|
Is this the right thread to wander in and ask "Hey what android podcast app won't doxx me?" -- I'm in a totally different field but.... Defenestrategy posted:Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep? No, you do not want engineers (of any kind) working on critical poo poo (of any kind) with no sleep  Cup Runneth Over posted:Hearing the phrase "Wake Up Authority" strikes me as what an old coworker used to call a "resume generating event."
|
|
#
?
Mar 12, 2021 14:18
|
|
|
denereal visease posted:No, you do not want engineers (of any kind) working on critical poo poo (of any kind) with no sleep Depends what the situation is. Do you want to wake someone up at 2am to do pendantic dumb poo poo that could easily have waited until morning? No, absolutely not, because sleepy engineers are more likely to make mistakes. But if your systems are on proverbial fire, you're under active attack / major security incident, etc., it's entirely possible (even probable) that the risk of a sleepy engineer making a mistake is lower than the risk incurred by letting the issue continue for 8hrs to ensure Mr. Engineer has had his breakfast and coffee before handling the issue. Every enterprise-sized company I've ever worked for has had some sort of On Call deal for exactly that reason. It's not even a bad thing, assuming that they're compensating you appropriately for it. For instance, my current employer drops about $20k extra on the people who get saddled with On Call rotations. If they're just trying to slip that into your responsibilities without extra cash, though, that's pretty lovely. And while it's fine for a new company to let you know that it's part of the deal now, no one should be bragging about their ability to page you--that seems like they enjoy doing it and is childish as hell. Cup Runneth Over posted:If my job doesn't respect my work-life balance then I'll find a new job. I think this is the key part. If you want to page me for some legitimately serious issue, ok, sure--pay me sufficiently and it's all fine. If you're paging me at 2am because someone locked themselves out of their account, then no, gently caress off, unless you are paying me a lot.
|
|
#
?
Mar 12, 2021 15:28
|
|
|
DrDork posted:I think this is the key part. If you want to page me for some legitimately serious issue, ok, sure--pay me sufficiently and it's all fine. If you're paging me at 2am because someone locked themselves out of their account, then no, gently caress off, unless you are paying me a lot. Last job had the worst on-call setup I've ever experienced and it was a major factor in me burning out and looking to move on from a job I otherwise enjoyed. No extra pay, on call 24/7 for 1 week a month. We could informally flex time spent on call by leaving early but were starting to get major pushback on that from HR and had a few times on the end where we couldnt take our flex time and were just forced to work extra hours for nothing. I do not miss staying up to 3AM to deal with fiber cuts to some police/fire station anymore.
|
|
#
?
Mar 12, 2021 17:57
|
|
|
engineering staff should absolutely be on call for infra they own, and compensated for it.
|
|
#
?
Mar 12, 2021 18:03
|
|
|
Internet Explorer posted:Plenty of places do it. Early on in my career I dealt with an extremely lovely on-call situation. Since then it has gotten better, but through most of my travels even if I'm not technically on call, if I don't answer poo poo will be down until I do. You just kind of cross your fingers if you're going to be on vacation and out of touch and hope the company still exists when you get back.
|
|
#
?
Mar 12, 2021 18:05
|
|
|
evil_bunnY posted:engineering staff should absolutely be on call for infra they own, and compensated for it. I'm probably at the level of career where it's never enough compensation, the places I've interviewed at that require it is just some token.
|
|
#
?
Mar 12, 2021 18:09
|
|
|
Swiss Cops siezed the equipment from the Verkada hacker https://twitter.com/__eater__/status/1370397978524061701?s=20
|
|
#
?
Mar 12, 2021 18:11
|
|
|
I guess everyone who cares about the exchange thing is busy right now.
|
|
#
?
Mar 12, 2021 19:24
|
|
|
Busy finding new jobs you mean
|
|
#
?
Mar 12, 2021 19:28
|
|
RFC2324 posted:I guess everyone who cares about the exchange thing is busy right now. Busy on holiday. E.g hiding under their beds with their phones switched off and all the lights off in their house.
|
|
|
#
?
Mar 12, 2021 19:30
|
|
|
I have never been happier that my email knowledge is postfix
|
|
#
?
Mar 12, 2021 19:38
|
|
|
RFC2324 posted:I guess everyone who cares about the exchange thing is busy right now. Cared enough to force our exchange team to patch, so I'm good.
|
|
#
?
Mar 12, 2021 19:57
|
|
|
CommieGIR posted:Cared enough to force our exchange team to patch, so I'm good. Same. People were not happy that I force hybrid exchange boxes without mailboxes to be cut off until they were patched. Every day that goes by I am slightly more vindicated.
|
|
#
?
Mar 12, 2021 20:15
|
|
|
I had a recruiter email me about a job at a 911 call center software company. Like holy poo poo you can't pay me enough for the stress. I think I'd rather be 911 operator, at least I can only gently caress up my own calls, not the calls for a whole state or something. If there's a upside to your company's product being meaningless trash, it's that nobody dies from my fuckups.
|
|
#
?
Mar 12, 2021 20:42
|
|
|
huh, what's this thing that looks like a secondary payload on our exchange server...
|
|
#
?
Mar 12, 2021 21:25
|
|
|
Internet Explorer posted:huh, what's this thing that looks like a secondary payload on our exchange server... It's the thing you click on to get your free iPad!
|
|
#
?
Mar 12, 2021 21:26
|
|
|
LOL https://twitter.com/dangoodin001/status/1370467563163975684
|
|
#
?
Mar 12, 2021 21:27
|
|
|
Anti-virus companies are usually tightly run orgs. This is so strange. 
|
|
#
?
Mar 12, 2021 21:36
|
|
|
Sickening posted:Same. People were not happy that I force hybrid exchange boxes without mailboxes to be cut off until they were patched. Every day that goes by I am slightly more vindicated. Yup. Gave the Exchange team 12 hours to get back with a patching plan or patches done or the boxes went offline. They did it all in 10. And frankly, they seemed happy because it got done without a fuss.
|
|
#
?
Mar 12, 2021 21:44
|
|
|
CommieGIR posted:Yup. Gave the Exchange team 12 hours to get back with a patching plan or patches done or the boxes went offline. They did it all in 10. And frankly, they seemed happy because it got done without a fuss. gently caress that. Keeping exchange services exposed to the internet for any length of time after learning the information that came down was reckless. I guess it depends on your org, but I would assume most orgs are more damaged by their data being exposed than their email services being down due to emergency patching. And the data exfiltration wasn't even the biggest issue, getting your exchange server owned and backdoored was huge as well. We already in the process of nuking the hybrid servers and starting over, even after doing all the due diligence we could for detecting any escalation of privilege.
|
|
#
?
Mar 12, 2021 21:51
|
|
|
don't forget the hardest but most important part of this exchange vuln: mandatory IR
|
|
#
?
Mar 12, 2021 21:52
|
|
|
Sickening posted:gently caress that. Keeping exchange services exposed to the internet for any length of time after learning the information that came down was reckless. I guess it depends on your org, but I would assume most orgs are more damaged by their data being exposed than their email services being down due to emergency patching. And the data exfiltration wasn't even the biggest issue, getting your exchange server owned and backdoored was huge as well. It was overnight 12 hours, and yeah I was being lenient but they still got it done and we did a full IR of the box with no IOCs found and nothing in the logs to indicate anything. To be fair: Our on prem exchange boxes are only allowed to talk to assets on the company network and are not internet facing.
|
|
#
?
Mar 12, 2021 21:55
|
|
|
Defenestrategy posted:Personally I'm not sure what my price would be responsible to wake up and do poo poo possibly. Do you even want engineers working on critical poo poo with no sleep? I guess there are ways to deal with this. My coworkers have told of one case of saturday storage system fix, where the resident expert was too drunk to let on the keyboard. He was saying the required commands and there was other guy translating them to sober talk and typing them out.
|
|
#
?
Mar 13, 2021 01:50
|
|
|
Guy Axlerod posted:I had a recruiter email me about a job at a 911 call center software company. Like holy poo poo you can't pay me enough for the stress. I think I'd rather be 911 operator, at least I can only gently caress up my own calls, not the calls for a whole state or something. If there's a upside to your company's product being meaningless trash, it's that nobody dies from my fuckups. My mom worked on public telecom switch software for most of her career, and I remember asking her “are you ever worried that someone will die because of a bug?” “every. damned. day.”
|
|
#
?
Mar 13, 2021 02:13
|
|
|
Cup Runneth Over posted:If there's a critical service issue that affects the company's bottom line, then yeah, you need someone to deal with that in order to ensure the future of your job. But you don't have the authority to wake me up for whatever reason you want. The servers have authority to wake me up, if they decide to gently caress themselves. Then, and only then, can you call me at 2 am, panicking and apologizing, to beg me to fix it. Otherwise go gently caress yourself, especially if I'm salaried, ESPECIALLY especially if I'm not and you try to weasel out of paying me overtime. If my job doesn't respect my work-life balance then I'll find a new job. They mentioned a 5000 person IT staff. Some fragment of that is security. Which means you have a lot of bodies working a lot of shifts, waking people up should be rare/never. If you need on call, you also have enough people to make it your "one night per quarter", not some general blanket 24/7 poo poo.
|
|
#
?
Mar 13, 2021 03:43
|
|
|
I've just started playing around with HackTheBox. It's a terrible time-sink...
|
|
#
?
Mar 14, 2021 11:08
|
|
|
|
| # ? May 19, 2024 19:37 |
|
Pablo Bluth posted:I've just started playing around with HackTheBox. It's a terrible time-sink... It's very fun though. Try hack me is also another great similar platform
|
|
|
#
?
Mar 14, 2021 11:49
|
|