|
MustardFacial posted:I mean every vendor has exploits, and nobody makes a perfect appliance. But when someone gets caught with hard coded passwords and encryption keys in their software, then that's a level of neglect that makes me question everything they make. If they're going to make that much of an amateur mistake, then what else is there that hasn't been found yet? Or hell, what equally dumb exploits and backdoors are already there that haven't been disclosed? Again, tell me a vendor that hasn't done that.
|
#
?
Sep 28, 2021 04:18
|
|
|
|
| # ? May 25, 2024 01:43 |
|
|
MustardFacial posted:Windows Update, downloads from various websites, the slack desktop client, and (for me personally) the Signal desktop client don't work. In the case of Slack and Signal, the website loads and I can download the clients from there but the application itself will not connect to the service. Both applications show up in the application filter as passing traffic, I have allow rules in the DNS filter for all listed domains they connect to (for windows update as well), and there is no mention of that traffic being blocked anywhere in the firewall. Can you screenshot the log showing the host traffic to slack or whatnot? Curious if it sends shut but never gets anything back
|
|
#
?
Sep 28, 2021 11:25
|
|
|
Bob Morales posted:Can you screenshot the log showing the host traffic to slack or whatnot? Curious if it sends shut but never gets anything back Next time I'm in the office I'll grab one.
|
|
#
?
Sep 28, 2021 20:15
|
|
|
MustardFacial posted:Next time I'm in the office I'll grab one. I wonder if you got this thing with a 0 byte return
|
|
#
?
Sep 28, 2021 20:40
|
|
|
this aws issue is killing me. why the hell am I getting a 502 when the drat server appears to be up and running just fine? a local curl gives me a 302 that redirects to the login page. THATS HOW ITS SUPPOSED TO WORK
|
|
#
?
Sep 29, 2021 02:54
|
|
|
A ticket came in: All of a customer's Linux boxes crashed. Resolution: Their third-party backup provider deleted /bin on all machines.
|
|
#
?
Sep 29, 2021 04:26
|
|
|
RFC2324 posted:this aws issue is killing me. why the hell am I getting a 502 when the drat server appears to be up and running just fine? a local curl gives me a 302 that redirects to the login page. THATS HOW ITS SUPPOSED TO WORK this fixed itself 
|
|
#
?
Sep 29, 2021 04:27
|
|
|
RFC2324 posted:this fixed itself Sounds like DNS.
|
|
#
?
Sep 29, 2021 04:29
|
|
|
22 Eargesplitten posted:A ticket came in: All of a customer's Linux boxes crashed. This is an easy one to explain to customers. Go to their desk, take some important papers. Then dump them in the bin. Ask them if they expect them to be there tomorrow. Training complete.
|
|
#
?
Sep 29, 2021 05:01
|
|
|
Dr. Arbitrary posted:This is an easy one to explain to customers. Go to their desk, take some important papers. Then dump them in the bin. Ask them if they expect them to be there tomorrow. I feel like I am having a stroke right now
|
|
#
?
Sep 29, 2021 05:09
|
|
|
I don't know Dr. Arbitrary so I'm not sure if he's making a joke about /bin being similar to another term for trash can or if he actually thinks that the /bin directory in a Linux system is the same as the recycle bin in Windows.
|
|
#
?
Sep 29, 2021 05:13
|
|
|
22 Eargesplitten posted:I don't know Dr. Arbitrary so I'm not sure if he's making a joke about /bin being similar to another term for trash can or if he actually thinks that the /bin directory in a Linux system is the same as the recycle bin in Windows. I got the /bin joke, but is also...  troll successful lol
|
|
#
?
Sep 29, 2021 05:14
|
|
|
22 Eargesplitten posted:I don't know Dr. Arbitrary so I'm not sure if he's making a joke about /bin being similar to another term for trash can or if he actually thinks that the /bin directory in a Linux system is the same as the recycle bin in Windows. If this turns out to be the actual explanation, you're honor bound to tell us.
|
|
#
?
Sep 29, 2021 05:25
|
|
|
I'm being 100% serious, that was the findings of an RCA and the third party company flat-out admitted to doing it.
|
|
#
?
Sep 29, 2021 07:17
|
|
|
22 Eargesplitten posted:A ticket came in: All of a customer's Linux boxes crashed. "*Former* third party backup provider", right? Right?
|
|
#
?
Sep 29, 2021 10:39
|
|
|
Fil5000 posted:A ticket finally came in. A user has been doing his damndest to circumvent our feature addition process (which is as simple as submit ticket, we prioritise the work, then we do the work) because he doesn't want to wait. He's gone as far as contacting the business partner at our supplier who we kind of need doing other things right now. Yesterday he finally submitted a ticket. Unfortunately instead of submitting it for the changes he wants he's spat his dummy out and submitted a ticket saying our system is not fit for purpose and needs to be replaced entirely. Update - apparently he's now raised a support ticket directly with the supplier. This is ridiculous. How is this happening
|
|
#
?
Sep 29, 2021 10:55
|
|
|
Fil5000 posted:Update - apparently he's now raised a support ticket directly with the supplier. This is ridiculous. How is this happening Management above him is failing and he now knows he can get away with poo poo like this.
|
|
#
?
Sep 29, 2021 11:14
|
|
|
AlexDeGruven posted:Management above him is failing and he now knows he can get away with poo poo like this. One of my coworkers is in the office with his manager and has forwarded this whole thing on to her, and she's VERY apologetic and it's all going to be actually dealt with. Apparently. I'm not holding my breath.
|
|
#
?
Sep 29, 2021 11:21
|
|
|
Fil5000 posted:One of my coworkers is in the office with his manager and has forwarded this whole thing on to her, and she's VERY apologetic and it's all going to be actually dealt with. Apparently. I'm not holding my breath. That's actually refreshing to read. Let's see if it pans out.
|
|
#
?
Sep 29, 2021 12:44
|
|
|
It won't.
|
|
#
?
Sep 29, 2021 17:11
|
|
|
AlexDeGruven posted:"*Former* third party backup provider", right? This is the same customer that we've considered firing because their refusal to pay to upgrade off of RHEL 5 means we're putting a hugely disproportionate amount of time into trying to make poo poo work and it's quite possibly getting to the point where labor costs outweigh what they are paying.
|
|
#
?
Sep 29, 2021 17:47
|
|
|
22 Eargesplitten posted:This is the same customer that we've considered firing because their refusal to pay to upgrade off of RHEL 5 means we're putting a hugely disproportionate amount of time into trying to make poo poo work and it's quite possibly getting to the point where labor costs outweigh what they are paying. jesus they should be fired before that turns into a giant compromise that makes your company look bad, no matter how much they are paying
|
|
#
?
Sep 29, 2021 18:46
|
|
|
10 years from now RHEL 5 experts will be making $$$
|
|
#
?
Sep 29, 2021 19:29
|
|
|
I secretly love seeing this on a monitor when booting up a server.
|
|
#
?
Sep 29, 2021 19:30
|
|
|
Mustache Ride posted:On the opposite side of this, I've heard the red team go, " *enters cisco/cisco, roots entire network* "That'll be $35,000"
|
|
#
?
Sep 29, 2021 19:33
|
|
Ciscos" so take that for what it's worth.
|
22 Eargesplitten posted:This is the same customer that we've considered firing because their refusal to pay to upgrade off of RHEL 5 means we're putting a hugely disproportionate amount of time into trying to make poo poo work and it's quite possibly getting to the point where labor costs outweigh what they are paying. Considered? loving hell. Let's hope they're not in finance or ever planning on going public because SOX auditors would be drooling over the number of "findings"
|
|
#
?
Sep 29, 2021 23:15
|
|
|
No comment.
|
|
#
?
Sep 29, 2021 23:16
|
|
|
AlexDeGruven posted:Considered? loving hell. I work with Sox compliance and I'm kind of side eyeing this statement. SOX is about demonstrating proper paperwork, identity tracking, auditing permissions and the like. Basically it's more worried about making sure you have control over who can touch data, and that you have visibility on those users. Oftentimes SOX auditing firms will push for more modern OS's as a matter of legal CYA, but the actual SOX law is frustratingly non specific about what constitutes good practices. I definitely agree though that holy gently caress get off ancient OS's stat. Any half decent pen tester is going to wreck those servers in a pornographic fashion. Raerlynn fucked around with this message at 08:08 on Sep 30, 2021 |
|
#
?
Sep 30, 2021 06:01
|
|
|
One of our HUGE SOX items was getting RHEL5 out the door.
|
|
#
?
Sep 30, 2021 13:34
|
|
|
We still have a fair few RHEL6 boxes that we can't get off of for various reasons, but we are on extended support contracts for them so they're still getting security updates, and the vast majority remaining do have active plans to move off of them. There's a nonzero number though that are just going to linger until extended support ends and then kill the service they run because the costs to migrate it are in the mid 6-figures due to license stuff and other things. Even we got RHEL5 out the door entirely years ago.
|
|
#
?
Sep 30, 2021 14:10
|
|
|
At least there's a plan. My "favorite" vendor Linux moment was when they shipped us an OVA with an unlicensed RHEL 7 build with 2 root accounts, root and root2. Both uid 0. But root2 had a home directory of /home/root2 instead of /root or /, and that's where all the actual software went. I am more than 90% confident that this was because you're not supposed to run software as root, but they couldn't make it work as a non-privileged user and that was their solution. The other 10% is that they probably didn't know how to move root's home.
|
|
#
?
Sep 30, 2021 14:31
|
|
|
Ah yes, the "can we reopen the selection process for this software, there seems to have been a mistake" moment, I know it well.
|
|
#
?
Sep 30, 2021 14:38
|
|
|
Bob Morales posted:Can you screenshot the log showing the host traffic to slack or whatnot? Curious if it sends shut but never gets anything back Update: I’ve partially figured this out. SSL inspection is delivering the wrong cert and loving with the services. I think it might be a bug so I’ll open a ticket with Fortinet about it.
|
|
#
?
Sep 30, 2021 19:32
|
|
|
AlexDeGruven posted:My "favorite" vendor Linux moment was when they shipped us an OVA with an unlicensed RHEL 7 build with 2 root accounts, root and root2. Both uid 0. But root2 had a home directory of /home/root2 instead of /root or /, and that's where all the actual software went hail, and I cannot stress this enough, satan
|
|
#
?
Sep 30, 2021 21:48
|
|
|
A ticket came in: Seemingly if someone creates a mailbox with the same email that was used for a Team, the Team gets deleted. I haven't really investigated it fully, so I could be wrong, but that seems like a feature that we all asked for.
|
|
#
?
Oct 1, 2021 12:06
|
|
|
 You would think that you would get some sort of warning that it already exists? Granted, I'm not at all familiar with Teams but...that doesn't exactly seem like an edge case Microsoft couldn't have anticipated.
|
|
#
?
Oct 1, 2021 14:06
|
|
|
Old Linux ? We've got a Fedora 11 box running an x-ray microscope originally made by GE. It's technically supported by whoever bought GE's instrumentation division, but... all they'll do is restore to a fresh Fedora 11 configuration. I politely declined to do a drat thing to this antique, I ain't breaking it.
|
|
#
?
Oct 1, 2021 15:18
|
|
|
mllaneza posted:Old Linux ? We've got a Fedora 11 box running an x-ray microscope originally made by GE. It's technically supported by whoever bought GE's instrumentation division, but... all they'll do is restore to a fresh Fedora 11 configuration. I politely declined to do a drat thing to this antique, I ain't breaking it. Arrested Development "no touching!" dot gif Don't blame you one bit for that. "Call the vendor" would be my singular response to anything that came up on a setup like that because gently caress that noise.
|
|
#
?
Oct 1, 2021 15:42
|
|
|
Don't forget to airgap that thing!
|
|
#
?
Oct 1, 2021 16:14
|
|
|
|
| # ? May 25, 2024 01:43 |
|
|
AlexDeGruven posted:Arrested Development "no touching!" dot gif Ah, I see you've met our "DevOps" team. "It's in Production, you can't touch it! And QA is our Production!"
|
|
#
?
Oct 1, 2021 17:08
|
|
