|
Oh I'd like it more for the scrape API and keyword notifications. I don't ever actually use pastebin to post.
|
# ? Apr 7, 2021 19:25 |
|
|
# ? Jun 10, 2024 13:24 |
|
Martytoof posted:Does pastebin pro ever actually go on sale? It's "sold out" every time I check. It went on sale at some point since I have a pro account (back in December of 2018)
|
# ? Apr 7, 2021 19:47 |
|
BaseballPCHiker posted:I have read, and Im not 100% sure on this, that the above was limited to the "major" carriers in the US, meaning some podunk regional providers might still be affected. I'm gonna guess all the resellers or whatever 5.95/month plan you find on the internet are also going to still be affected. because they will start getting a cut
|
# ? Apr 7, 2021 20:05 |
|
BaseballPCHiker posted:I have read, and Im not 100% sure on this, that the above was limited to the "major" carriers in the US, meaning some podunk regional providers might still be affected. That was my read on it, too. An additional open question is the behavior of MVNO's riding on the major carriers--I honestly don't know enough about how mobile numbering works to know if the major carrier's actions effectively protect MVNOs on their networks or not.
|
# ? Apr 7, 2021 20:09 |
|
Hello friends, it’s time to update Exchange (again)! https://twitter.com/thezdi/status/1382023848422473734?s=20 Tryzzub fucked around with this message at 19:21 on Apr 13, 2021 |
# ? Apr 13, 2021 19:15 |
Anyone seen any IOCs for the new exchange vulns floating around yet?
|
|
# ? Apr 13, 2021 21:41 |
|
rafikki posted:Anyone seen any IOCs for the new exchange vulns floating around yet? The current set above or the last set that set off the patching panic? If its the last set, Microsoft released a toolset for detecting IOCs: https://us-cert.cisa.gov/ncas/current-activity/2021/03/06/microsoft-ioc-detection-tool-exchange-server-vulnerabilities
|
# ? Apr 13, 2021 21:57 |
Naw, the ones just released. If it's not being actively exploited yet, probably not going to be much unless MS decides to share more info I suppose.
|
|
# ? Apr 13, 2021 22:00 |
|
rafikki posted:Naw, the ones just released. If it's not being actively exploited yet, probably not going to be much unless MS decides to share more info I suppose.
|
# ? Apr 13, 2021 22:05 |
|
Wiggly Wayne DDS posted:the new ones were released by nsa, so either they did some rca around the last vulns or they decided to release some of their old stock. either way we aren't getting iocs for them Yeah I'm assuming Microsoft will provide a tool for detecting IOCs if its being detected as actively being compromised.
|
# ? Apr 13, 2021 22:15 |
|
hopefully this time I can avoid having to rebuild our exchange server. wouldn't that be nice.
|
# ? Apr 13, 2021 22:22 |
|
have you considered g suite instead
|
# ? Apr 13, 2021 22:27 |
|
Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget.
|
# ? Apr 13, 2021 22:38 |
|
as someone that generally has not had to deal with legacy systems, i'm actually curious - how the gently caress do some of these things work? how does it take a full team more than a year to migrate from onprem exchange to o365? was everyone just not using SSO and signing in directly with AD or even given the ability to connect on port 25 over the internal network and send emails completely unauthenticated? do people have 30 terabyte deleted items folders? exchange onprem already requires every single user to be licensed with one or more than one required CAL, how much different is that than paying for o365 per user?
|
# ? Apr 13, 2021 22:40 |
|
Methinks the size of the company and their IT beurocracy matters. IT department of 5? Much easier than an IT org of 3,000. I'm in the latter's hell right now after being acquired and its nightmarish. We migrated from o365 to gsuite years ago which apparently surprises people but we don't have calendaring tickets every day any more. But now we are helping move everyone back to the parent company's o365 lol
|
# ? Apr 13, 2021 22:43 |
|
We're already using O365, we just have Exchange on-prem for management and internal relay. I insisted that we don't open firewall rules for HTTP/S and SMTP to our server, which seems to be paying off right now. Although details seem scarce on this new exploit.
|
# ? Apr 13, 2021 22:44 |
|
CommieGIR posted:Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget. I would think that even for large orgs this is an extreme glacial pace. The process is about as streamlined as it can be especially if you use some of the 3rd party resources out there.
|
# ? Apr 13, 2021 22:47 |
|
CommieGIR posted:Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget. If your org has so much insane bureaucracy that moving to O365 takes a year, it's probably going to take you that long just to get the OK to patch all your Exchange servers.
|
# ? Apr 13, 2021 22:54 |
|
I guess my first question is what in the hell your org is investing time into instead.
|
# ? Apr 13, 2021 23:00 |
|
Microsoft onprem licensing training sessions and webinars
|
# ? Apr 13, 2021 23:12 |
|
Meanwhile, our CIO is scrambling to figure out how we do O365 things on-prem because O365 keeps going down.
|
# ? Apr 13, 2021 23:17 |
|
Internet Explorer posted:Meanwhile, our CIO is scrambling to figure out how we do O365 things on-prem because O365 keeps going down. Your risk only goes up with it being on prem. Also, without an incredibly investment in people and resources, your uptime is not going to be able to compete just from the patching alone.
|
# ? Apr 13, 2021 23:26 |
|
I know that. We're talking about a CIO here. He wants us to be able to press a button and have everything that's in O365/Azure running on-prem, and then press a button for it to go back.
|
# ? Apr 13, 2021 23:27 |
|
They are at month 7 of trying to get 500 of our users from gsuite to megacorps o365. They're targeting to have it complete in 9. I haven't seen them send any change management comms or trainings for people that don't know Outlook.
|
# ? Apr 13, 2021 23:28 |
|
Internet Explorer posted:I know that. We're talking about a CIO here. He wants us to be able to press a button and have everything that's in O365/Azure running on-prem, and then press a button for it to go back. Is that even possible?
|
# ? Apr 13, 2021 23:29 |
|
yes, you pay for both to always be on, connect them to each other via imap/pop3/whatever the gently caress sync emails and meetings, and whenever the CIO is bored of the outlook colour scheme, the big red button changes your company domain's mx record from outlook.com to google.com
|
# ? Apr 13, 2021 23:33 |
|
Sickening posted:Is that even possible? With Hybrid Exchange and Hybrid-Added Azure AD systems, sort of? File access would probably be your biggest enemy, some way to immediately mirror and sync files edited on SPO or on-prem SMB or something would probs be pretty intensive
|
# ? Apr 14, 2021 00:04 |
|
Sickening posted:Is that even possible? Not really. But that's not what the vendors in CIO Magazine say. klosterdev posted:With Hybrid Exchange and Hybrid-Added Azure AD systems, sort of? File access would probably be your biggest enemy, some way to immediately mirror and sync files edited on SPO or on-prem SMB or something would probs be pretty intensive It would be so incredibly complex. User auths, SSO, SharePoint, Teams, Teams PBX, etc. There's no way.
|
# ? Apr 14, 2021 00:15 |
|
Kazinsal posted:If your org has so much insane bureaucracy that moving to O365 takes a year, it's probably going to take you that long just to get the OK to patch all your Exchange servers. It's really not. I've done it with 4 different clients now and is not a small task. Recommending moving to O365 is good, don't get me wrong. But assuming it's some simple task is underestimating the scale of the project for medium to large orgs. Even Microsoft themselves will not openly state a time other than saying it can be as quick as two weeks or as long as 6 months. Sickening posted:I would think that even for large orgs this is an extreme glacial pace. The process is about as streamlined as it can be especially if you use some of the 3rd party resources out there. You engaged a third party, congrats in most cases this is now a project requiring a lot of funding. i am a moron posted:Not really unless you’re hellbent on holding your users hands. I’ve been part of mega huge migrations that had strict requirements for users if they wanted to ensure things moved over and basically telling them to gently caress off otherwise. Migrations are turnkey af Gonna disagree. But you are also basically admitting that in most cases you told users AND clients to shutup and accept a brand new clean O365 instance, which of COURSE is turnkey versus an actual migration. Shockingly migrations are easy when you can just flip your client the bird. CommieGIR fucked around with this message at 00:46 on Apr 14, 2021 |
# ? Apr 14, 2021 00:32 |
Not really unless you’re hellbent on holding your users hands. I’ve been part of mega huge migrations that had strict requirements for users if they wanted to ensure things moved over and basically telling them to gently caress off otherwise. Migrations are turnkey af My favorite was the DoD migration. ‘Here’s your separate and new username/password cause there’s eighty billion forests, shut up and gently caress you’
|
|
# ? Apr 14, 2021 00:37 |
|
CommieGIR posted:
I said third party resources. BitTitan for example was maybe the easiest 3rd party tool I have ever engaged and I have moved more than 100k email accounts through it over the course of my career. If you can't spend any money, then you are going to run into a roadblock to do most anything so how long a project realistic takes is kind of pointless to debate. And btw the "so congrats" posting loving sucks, can you do less of that? Thanks.
|
# ? Apr 14, 2021 00:49 |
CommieGIR posted:Gonna disagree. But you are also basically admitting that in most cases you told users AND clients to shutup and accept a brand new clean O365 instance, which of COURSE is turnkey versus an actual migration. Shockingly migrations are easy when you can just flip your client the bird. O365 migrations are lame, boring garbage and outside of helping to sell a couple as a consultant I haven’t been anywhere near one since being at a big rear end financial institution in 2015 that absolutely didn’t care about its users feeling and handled it internally.
|
|
# ? Apr 14, 2021 00:54 |
|
Sickening posted:If you can't spend any money, then you are going to run into a roadblock to do most anything so how long a project realistic takes is kind of pointless to debate. This was kinda my point: You are making very big assumptions about the capabilities of people who many be struggling with patching, and yet assume they can handle an O365 migration by adding just third party tools rather than resources. And yes, I'll apologize, the "congrats" was not meant to be antagonistic, but more in disagreement that I don't think you understood what I meant. Sorry https://twitter.com/Shadow0pz/status/1382121406280970243?s=20
|
# ? Apr 14, 2021 01:03 |
|
Does "tangible" have a traditional legal definition, or is it entirely contextual if you mean something literally physical, or just something not-abstract?
|
# ? Apr 14, 2021 22:28 |
|
klosterdev posted:Does "tangible" have a traditional legal definition, or is it entirely contextual if you mean something literally physical, or just something not-abstract? I think in this context they mean in property and ownership.
|
# ? Apr 14, 2021 23:01 |
|
CommieGIR posted:This was kinda my point: You are making very big assumptions about the capabilities of people who many be struggling with patching, and yet assume they can handle an O365 migration by adding just third party tools rather than resources. Page 9 of 11
|
# ? Apr 14, 2021 23:40 |
|
Bit the bullet and signed up for 1Password's cloud subscription service instead of just using my old agilekeychain vault like always, aaaaand it kind of sucks rear end. I hate it. Apparently they've changed the way the browser extension works so you can no longer use the loving thing in private browsing mode. It literally won't even respond to clicking if you check "always use private browsing mode" in Firefox, even after you set it up initially and just need to enter your password. I have the Windows app. Seems like a pretty basic compatibility feature for security-minded users and they had it working perfectly in 1Password 4 so I have no idea why they hosed that up. Guess I'll just use Mini, thereby foregoing the extra phishing protection that having the extension check the URL I'm on provides. Good looking out, 1Password. e: Okay, figured out a workaround. Turned off always private browsing, then changed my taskbar shortcut and added the --incognito switch to replicate the functionality. Whatevs, good enough. Cup Runneth Over fucked around with this message at 13:48 on Apr 16, 2021 |
# ? Apr 16, 2021 13:12 |
Why not just set your browser to more strict privacy settings? Have them clear cookies and any browsed sites upon close.
|
|
# ? Apr 16, 2021 18:46 |
|
That's odd. Never had an issue with it working in incognito mode in Chrome. Is there something else you hate about it, or are you just saying it sucks in Firefox in private browsing mode?
|
# ? Apr 16, 2021 18:59 |
|
|
# ? Jun 10, 2024 13:24 |
|
Cup Runneth Over posted:Bit the bullet and signed up for 1Password's cloud subscription service instead of just using my old agilekeychain vault like always, aaaaand it kind of sucks rear end. I hate it. Apparently they've changed the way the browser extension works so you can no longer use the loving thing in private browsing mode. It literally won't even respond to clicking if you check "always use private browsing mode" in Firefox, even after you set it up initially and just need to enter your password. I have the Windows app. Seems like a pretty basic compatibility feature for security-minded users and they had it working perfectly in 1Password 4 so I have no idea why they hosed that up. The extension works fine in private browsing mode, at least on Chrome-based browsers. You probably need to enable this setting
|
# ? Apr 16, 2021 19:03 |