|
KillHour posted:I have an 8 bay Dell server and a 12 bay DAS loaded with 2TB drives from a previous company that was getting rid of them. Yeah, the large capacity drives are great, but your DAS can sustain r/w faster than those large disks. Without a lot of caching, those big disks are really loving slow. BaseballPCHiker posted:Things are so bad here that I am beginning to wonder if it will affect my long term judgement. Like if you're surrounded by dumpster fires the flaming bag of poo poo on the doorway doesnt seem as bad and you just sort of become numb to it. If my personal life wasnt so busy right now I would be looking for other jobs. dude, I'm so sorry, that loving sucks.  Do some self-care this weekend.
|
#
?
Jan 28, 2022 16:17
|
|
|
|
| # ? May 17, 2024 07:46 |
|
|
BaseballPCHiker posted:Things are so bad here that I am beginning to wonder if it will affect my long term judgement. Like if you're surrounded by dumpster fires the flaming bag of poo poo on the doorway doesnt seem as bad and you just sort of become numb to it. If my personal life wasnt so busy right now I would be looking for other jobs. I think I just had a stroke
|
|
#
?
Jan 28, 2022 17:08
|
|
|
BaseballPCHiker posted:Things are so bad here that I am beginning to wonder if it will affect my long term judgement. Sorry that you're dealing with such a mess. I just wanted to chime in and say that you're not alone in worrying about this sort of thing. My opinion is that it is definitely a real thing and something that I am constantly thinking about in my travels. Try not to pick up bad habits, and if it's that bad, might be good to get out when you can.
|
|
#
?
Jan 28, 2022 17:27
|
|
|
CommieGIR posted:Yeah, the large capacity drives are great, but your DAS can sustain r/w faster than those large disks. Without a lot of caching, those big disks are really loving slow. Yeah but I am past the part in my life where I want to actually do anything where that matters. I don't have time to maintain a datacenter in my basement anymore. 
|
|
#
?
Jan 28, 2022 17:42
|
|
|
KillHour posted:Yeah but I am past the part in my life where I want to actually do anything where that matters. I don't have time to maintain a datacenter in my basement anymore. Hire a dct
|
|
#
?
Jan 28, 2022 18:46
|
|
|
BaseballPCHiker posted:
If there are no logs, there's no problem, right? Also I'm sorry you're dealing with that. It sucks.
|
|
#
?
Jan 28, 2022 19:46
|
|
that are 
|
RFC2324 posted:Hire a dct "Do you have any questions for me?" "Yes... what does your company do." "Nothing. I just have all these servers and I feel like I need to use them for something. Host a Minecraft server or something, IDGAF."
|
|
#
?
Jan 28, 2022 19:51
|
|
|
KillHour posted:"Do you have any questions for me?" it's 2022, that means you're gonna end up hosting either a botnet or cryptomining
|
|
#
?
Jan 28, 2022 19:58
|
|
|
KillHour posted:"Do you have any questions for me?" pre:
${jndì:ldaps://somethingawful.com/forums}
|
|
#
?
Jan 28, 2022 21:26
|
|
|
Rust Martialis posted:
doesn't work, SA has no .class
|
|
#
?
Jan 29, 2022 01:10
|
|
|
Potato Salad posted:doesn't work, SA has no .class 
|
|
#
?
Jan 29, 2022 02:53
|
|
|
Potato Salad posted:doesn't work, SA has no .class It does have jars though
|
|
#
?
Jan 29, 2022 08:49
|
|
|
Rust Martialis posted:It does have jars though Pretty sure that broke a long time ago
|
|
#
?
Jan 29, 2022 09:30
|
|
|
BonHair posted:Pretty sure that broke a long time ago Oh God not that video
|
|
#
?
Jan 29, 2022 16:10
|
|
|
Rust Martialis posted:It does have jars though that was reddit that, wasn't a goon, was it? okay what are you referring to
|
|
#
?
Jan 29, 2022 17:26
|
|
|
Potato Salad posted:doesn't work, SA has no .class 
|
|
#
?
Jan 29, 2022 17:32
|
|
|
Potato Salad posted:okay what are you referring to One man one jar
|
|
#
?
Jan 29, 2022 17:33
|
|
|
BaseballPCHiker posted:I cant even get a list of linux hosts we have in the org, asset management is non-existent here. So while I understand your point, I am so far off from being able to do defense in a total depth of 1 layer let alone multiple. Good news, sounds like you can use Shodan to get that list.
|
|
#
?
Jan 29, 2022 19:54
|
|
|
Any Eurogoons interested in discussing NIS 2?
|
|
#
?
Jan 30, 2022 12:13
|
|
|
Rust Martialis posted:Any Eurogoons interested in discussing NIS 2? I’m skeptical about it since it only mandates audit on a limited basis and the control/management entities it mandates at member basis have been created already by most nato members. What are your thoughts?
|
|
#
?
Jan 30, 2022 14:41
|
|
|
SlowBloke posted:I’m skeptical about it since it only mandates audit on a limited basis and the control/management entities it mandates at member basis have been created already by most nato members. What are your thoughts? I work for a data centre service provider, and we provide services for a number of public and private entities currently deemed either essential or important or likely to be deemed as such once NIS 2 is passed. I am our senior subject matter expert on security including governance, risk and compliance. The difference between providing services to an essential entity and *being* an essential entity concern me. Annex I lists data centre service providers as a class under Digital Infrastructure open to be considered essential. If we're essential, then I have to go through notification of the "competent authorities" of any actual serious incident or any potential significant threat within 24 hours, as well as notifying all my customers of any impact and possible mitigations "without undue delay". If we're not deemed essential, I don't face the same reporting rules. Now the directive will probably be approved this summer with an implementation period of something like 18 months. So I have to advise my CISO and CEO if we need to make sure our vulnerability reporting is up to snuff - stricter than GDPR breach reporting. The CEO and VP Legal will probably also be interested that they can be suspended for breaches.
|
|
#
?
Jan 30, 2022 19:34
|
|
|
Rust Martialis posted:I work for a data centre service provider, and we provide services for a number of public and private entities currently deemed either essential or important or likely to be deemed as such once NIS 2 is passed. I am our senior subject matter expert on security including governance, risk and compliance. Breach/threat notification under 24 hours is mandated on several members already for public sector(and public controlled in most cases). I work in an italian public entity and ANYTHING foreign that touches data(cryptolockers that wipe storage without recourse included) must be notified to csirt since late 2019. Failure to update csirt is one of the few things i know will have heads roll quick. If you work within the gaia-x framework you are already under similar rules too. I do am skeptical on the “critical” label, what will get the label? Physical infrastructure for essential services? Datacenter providers that run services for public sector? Software makers for public sector(which are known to have very lax infosec stances)? Any nis2 doc i read doesn’t provide clear guidance.
|
|
#
?
Jan 30, 2022 23:01
|
|
|
Thanks Ants posted:Yeah there's hundreds of thousands of results on Shodan with the management interface of these boxes exposed to the world
|
|
#
?
Jan 31, 2022 14:11
|
|
|
Log 4j continues CVE-2022-23307 now have a CVSS rating of 10. (unfortunately im on phone and this is in swedish https://cert.se/2021/12/kritisk-sarbarhet-i-apache-log4j)
|
|
#
?
Feb 1, 2022 10:30
|
|
|
underlig posted:Log 4j continues In english -> https://nvd.nist.gov/vuln/detail/CVE-2022-23307
|
|
#
?
Feb 1, 2022 13:30
|
|
|
Wait, so this was identified in 2020, but nobody noticed that a vulnerable version of that library was being used in log4j 1.x as well?
|
|
#
?
Feb 1, 2022 13:35
|
|
|
Jabor posted:Wait, so this was identified in 2020, but nobody noticed that a vulnerable version of that library was being used in log4j 1.x as well? Every infosec bod that ignored the existence of log4j is now laser focused on finding new issues with it to flex on other infosec bods. It's going to last for a while.
|
|
#
?
Feb 1, 2022 13:45
|
|
|
SAMBA now has a 9.9 CVE. https://www.samba.org/samba/security/CVE-2021-44142.html I think pretty much every non-microsoft NAC and NAS is running it. Farking Bastage fucked around with this message at 15:14 on Feb 1, 2022 |
|
#
?
Feb 1, 2022 15:10
|
|
|
Farking Bastage posted:SAMBA now has a 9.9 CVE. Is vfs_fruit in the default config? At least you need write access of some kind to trip it…
|
|
#
?
Feb 1, 2022 15:25
|
|
|
Subjunctive posted:Is vfs_fruit in the default config? At least you need write access of some kind to trip it… This is true. Still the most common attack vector is a users machine being rooted, so YMMV
|
|
#
?
Feb 1, 2022 15:39
|
|
|
Subjunctive posted:Is vfs_fruit in the default config? At least you need write access of some kind to trip it…
|
|
#
?
Feb 1, 2022 16:00
|
|
|
Just as reference, current QTS 5.0 has 4.13.0 so every qnap nas is potentially exposed.
|
|
#
?
Feb 1, 2022 16:04
|
|
|
Faaaack Ed: faaaaaaack Rust Martialis fucked around with this message at 18:42 on Feb 1, 2022 |
|
#
?
Feb 1, 2022 17:55
|
|
|
Subjunctive posted:Is vfs_fruit in the default config? At least you need write access of some kind to trip it…
|
|
#
?
Feb 1, 2022 18:00
|
|
|
Sigh I should have never said that I enjoy doing remediation work
|
|
#
?
Feb 1, 2022 18:04
|
|
|
Heyyyyyy who has two thumbs and explicitly no longer involved in incident response  This guy
|
|
#
?
Feb 1, 2022 18:34
|
|
|
I think that option is enabled only if the fruit-module is enabled by "vfs objects = fruit".
|
|
#
?
Feb 1, 2022 18:35
|
|
|
Saukkis posted:I think that option is enabled only if the fruit-module is enabled by "vfs objects = fruit". Yeah it's this, it's not turned on out of the box but I bet it is on some appliances
|
|
#
?
Feb 1, 2022 18:48
|
|
|
Jabor posted:Wait, so this was identified in 2020, but nobody noticed that a vulnerable version of that library was being used in log4j 1.x as well? Well hopefully this results in companies being accountable for the libraries they include in their software, instead of getting a free ride. SlowBloke posted:Every infosec bod that ignored the existence of log4j is now laser focused on finding new issues with it to flex on other infosec bods. It's going to last for a while. It's not a new issue with it. It's a very old issue with it. If it takes everyone being laser focused to find a dependency, the problem isn't just going to last for a while. It will last forever.
|
|
#
?
Feb 1, 2022 20:08
|
|
|
|
| # ? May 17, 2024 07:46 |
|
|
Fart Amplifier posted:Well hopefully this results in companies being accountable for the libraries they include in their software, instead of getting a free ride. As much as I'd like that to be the case...I don't think that's how this will play out on the large scale. See, if one company get hit with something, maybe that company learns. If it's very bad and very public, maybe a couple competitor companies also stop and think "wait, what if that had been us?" and fixes some stuff. But when everyone gets hit, well obviously that was just an unavoidable issue, no need to worry about it. It's not like customers can ditch for another company that didn't get hit, right?
|
|
#
?
Feb 2, 2022 02:51
|
|