|
secfuck megathread 18.5: don't click random links. click this link to learn more
|
# ? Feb 8, 2024 21:31 |
|
|
# ? Jun 7, 2024 23:34 |
|
sneaky also their spam email had an overlay that launched two windows anyway? what is that garbage
|
# ? Feb 8, 2024 21:31 |
|
graph posted:sneaky Don't you not still want to receive this information? Yes
|
# ? Feb 8, 2024 21:53 |
|
“WHO should stop receiving the newsletter?” “You pressed me, referring to me, that is incorrect. The correct answer is you. You will remain subscribed.”
|
# ? Feb 9, 2024 00:57 |
|
Volmarias posted:This is using a QR code, not clicking a link, I don't see the problem??? way back in the "I love you" virus days someone told me he was safe because he never opened suspicious attachments, he only ever viewed them in the outlook preview pane
|
# ? Feb 9, 2024 03:18 |
|
this is probably going to ruin a few peoples weekend: https://www.fortiguard.com/psirt/FG-IR-24-015
|
# ? Feb 9, 2024 11:04 |
evil_bunnY posted:yeah some of the out-of-the-way doors in our facilities have battery powered card readers for access control and they're just. so. poo poo.
|
|
# ? Feb 9, 2024 13:10 |
|
Pile Of Garbage posted:this is probably going to ruin a few peoples weekend: https://www.fortiguard.com/psirt/FG-IR-24-015 oh neat I wonder if that's why my employer pulled all of their VPN and remote access offline worldwide all week
|
# ? Feb 9, 2024 13:13 |
|
is forti vpn going to be the next lastpass
|
# ? Feb 9, 2024 13:58 |
|
sent it to the sr network engineer, “I’ll get it updated next week.”
|
# ? Feb 9, 2024 14:04 |
flakeloaf posted:is forti vpn going to be the next lastpass
|
|
# ? Feb 9, 2024 14:07 |
|
Pile Of Garbage posted:this is probably going to ruin a few peoples weekend: https://www.fortiguard.com/psirt/FG-IR-24-015 this explains my work's IT sending out a mail going "we need to update some stuff, you might lose internet intermittently between 11:00am-1pm today" this morning I guess
|
# ? Feb 9, 2024 14:07 |
|
Pile Of Garbage posted:this is probably going to ruin a few peoples weekend: https://www.fortiguard.com/psirt/FG-IR-24-015 fortigate sucks so much rear end, but they must be cheap as hell because its what we use.
|
# ? Feb 9, 2024 14:19 |
This is just the latest stop on the merry go round of SSLVPN critical vulns. Usually they take turns but we’ve got some overlap with Ivanti this time.
|
|
# ? Feb 9, 2024 14:26 |
|
Shaggar posted:fortigate sucks so much rear end, but they must be cheap as hell because its what we use. they're fuckin sick. what's you fav NGFW Shaggar? if you say Check Point then i'll make it my mission to kick you down a mineshaft rafikki posted:This is just the latest stop on the merry go round of SSLVPN critical vulns. Usually they take turns but we’ve got some overlap with Ivanti this time. i actually had the displeasure of using Ivanti PulseSecure to connect to one of our customers last year before the vulns started dropping. the entire thing has huge Citrix Presentation Server 4.5 vibes, like it's a remote access solution from 2010 lol
|
# ? Feb 9, 2024 15:04 |
|
i like fortigate because of the companies i interact with at work they cause me the least problems
|
# ? Feb 9, 2024 15:09 |
|
also most of the previous big FGT SSL-VPN vulns were for the web mode implementation which makes sense because like it's not even a VPN it's just web server with some auth and it proxies you to poo poo. in fact in earlier 7.4 releases they added big warning banners in the GUI advising how it is super hosed and in the newest 7.4 releases its been removed altogether. ofc this new vuln affects the entire SSL-VPN daemon itself regardless of whether you're using web mode or just tunnel mode. i guess everything's poo poo! edit: also if you're not a complete scrub you'll be configuring your FGT to mitigate poo poo like this. make the SSL-VPN daemon listen on a loopback interface so you can put firewall policies with IPS in front of it and block connections from Tor/anon VPN services. oh and if you know that your users are only gonna access it in-country restrict connections based on geo-IP. Pile Of Garbage fucked around with this message at 15:23 on Feb 9, 2024 |
# ? Feb 9, 2024 15:10 |
|
Pile Of Garbage posted:they're fuckin sick. i havent been responsible for that stuff in a while so idk what else is out there these days. All i know is fortigate sucks to administer and forticlient sucks to use and manage. its cool that official guidance is to run 4+ year old forticlient if you just want VPN because any newer version of forticlient will gently caress up your poo poo with corpo spyware. I really liked the sophos UTMs we had like a million years ago. Their configuration system w/ reusable objects and stuff actually worked unlike the half-assed version of the same in the fortigates. sophos was full of vulnerabilities though cause under the hood it was a cobbled together pile of linux. Pile Of Garbage posted:also most of the previous big FGT SSL-VPN vulns were for the web mode implementation which makes sense because like it's not even a VPN it's just web server with some auth and it proxies you to poo poo. in fact in earlier 7.4 releases they added big warning banners in the GUI advising how it is super hosed and in the newest 7.4 releases its been removed altogether. yeah the admin should have to do a bunch of stupid bullshit to workaround their fail-rear end fortigate instead of it just working
|
# ? Feb 9, 2024 15:40 |
|
Shaggar posted:i havent been responsible for that stuff in a while so idk what else is out there these days. All i know is fortigate sucks to administer and forticlient sucks to use and manage. sounds like you have used it for quite some time, they've had a "VPN-only" version for ages now: https://www.fortinet.com/support/product-downloads#vpn. forticlient in general has been rough but they've improved the poo poo outta it, especially since they're pushing towards ZTNA poo poo. as for FGT sucking to administer maybe you haven't used it since like 4.0 or some poo poo. like honestly their web interface is one of the best ive ever used and it's miles better than any others. Shaggar posted:yeah the admin should have to do a bunch of stupid bullshit to workaround their fail-rear end fortigate instead of it just working it's not a workaround, it's just basic hardening same as you'd do on any other device
|
# ? Feb 9, 2024 15:51 |
|
<clears throat> fartigate we're entirely in the f5 ecosystem half-moved to paloalto, RIP to all the people who have to deal with this
|
# ? Feb 9, 2024 16:55 |
|
palo if you’re not broke
|
# ? Feb 9, 2024 16:56 |
|
in a well actually posted:palo if you’re not broke another company i approve of entirely because they don't bother me much please base all your purchasing decisions entirely on whether or not the company bothers shame boy at work
|
# ? Feb 9, 2024 17:48 |
|
BlankSystemDaemon posted:I would be entirely unsurprising to learn that the bulk price of a WiFi+BT(LE) chip for use in IoT devices is likely low enough, that it's entirely possible that it does both and they're just not making use of it. hahahahaha for gently caress’s sake
|
# ? Feb 9, 2024 18:09 |
|
a generic multiprotocol chip sounds plausible but wouldn't necessarily mean the toothbrush automatically jumps on wifi without the manufacturer knowing. wouldn't it have specific pins that have to be hooked up to something for wifi functionality? or receive a command to enable it when booting?
|
# ? Feb 9, 2024 18:18 |
|
Pile Of Garbage posted:sounds like you have used it for quite some time, they've had a "VPN-only" version for ages now: https://www.fortinet.com/support/product-downloads#vpn. forticlient in general has been rough but they've improved the poo poo outta it, especially since they're pushing towards ZTNA poo poo. I think the current vpn only version is like 6.4 or something and it comes with a baseline of spyware. 6.0.10 is the newest you can get with just VPN and thats only if you have an old copy lying around. I dont care at all about whatever the gently caress ZTNA is or all the dogshit features listed under the main forticlient entry on that page. all i want is a fuckin vpn. The last time i was doing admin was prob fortigate 6.x or something. Any time i'd have to setup a vpn tunnel it would take an hour cause the UI was so loving bad. IDR the details but i remember it being impossible to use existing network definitions for like remote and local ranges and/or having to specify the same cipher configs multiple times or something. And if you made a mistake half the time it would delete a bunch of your work. idk, it sucked rear end compared to something like the sophos UTMs where it was insanely easy and good to define all your poo poo and then just use it. I guess its better than total dogshit like sonicwall or linksys or something, but its not good. Pile Of Garbage posted:it's not a workaround, it's just basic hardening same as you'd do on any other device if its basic hardening why dont they do it for you?
|
# ? Feb 9, 2024 18:27 |
|
Shaggar posted:if its basic hardening why dont they do it for you? sometimes it takes a while ok
|
# ? Feb 9, 2024 19:12 |
|
dpkg chopra posted:sometimes it takes a while ok
|
# ? Feb 9, 2024 19:15 |
haveblue posted:a generic multiprotocol chip sounds plausible but wouldn't necessarily mean the toothbrush automatically jumps on wifi without the manufacturer knowing. wouldn't it have specific pins that have to be hooked up to something for wifi functionality? or receive a command to enable it when booting? The TV is from 2015 or so, and hasn't received software updates since the last came out in 2018. I assume every IoT devices just connects to open WiFi networks just for the fun of it.
|
|
# ? Feb 9, 2024 19:48 |
|
Shaggar posted:fortigate sucks so much rear end, but they must be cheap as hell because its what we use. fortigate does suck rear end and they are like half the price of palos
|
# ? Feb 9, 2024 19:52 |
|
BlankSystemDaemon posted:My TV is purposefully not connected via wired or WiFi, and the OS on my HTPC has Ethernet over HDMI disabled - and yet on the menu of the TV, occasional ads for new movies show up.
|
# ? Feb 9, 2024 19:53 |
|
sniff wifi and post logs tia but also its gonna happen at some point, even if it might now have yet. its too much of a temptation to mba brains
|
# ? Feb 9, 2024 20:11 |
|
fortigates ui is probably better than palo's though. palo alto has never done ui particularly well.
|
# ? Feb 9, 2024 20:12 |
|
mystes posted:someone is going to show up to insist you're wrong and this is a conspiracy theory it's me, and i would legitimately love to see a demonstration of this, along with specific model and firmware revision info on the tv itself Carthag Tuek posted:sniff wifi and post logs tia this too me, i'd bet on it being a case of "oh, i actually did connect it to wifi one time, and then forgot about it or otherwise thought i had disconnected it" otoh, the odds of a tv from 2015 having a working ad server to pull ads from is surprising in and of itself infernal machines fucked around with this message at 21:19 on Feb 9, 2024 |
# ? Feb 9, 2024 21:16 |
mystes posted:someone is going to show up to insist you're wrong and this is a conspiracy theory Also, it's not always that it can manage it, even when there are some - when I set up one with kismet in monitoring mode to do what Carthag Tuek said, I could only manage a single pcap that showed a device with a vendor identity matching Philips (who made the TV), and it wasn't anything that I'd consider proof (ie. it was a HTTPS connection, so who the gently caress knows). Currently there's no ads, either. As for this sort of thing happening, it's not exactly news that TV manufacturers gently caress around - only real difference is that Philips are using HTTPS. Carthag Tuek posted:sniff wifi and post logs tia infernal machines posted:it's me, and i would legitimately love to see a demonstration of this, along with specific model and firmware revision info on the tv itself Yeah, it's possible that the reason there's no ads there anymore, is that there's no servers to contact anymore. I only ever notice it when I accidentally press the menu button instead of the instant record button. BlankSystemDaemon fucked around with this message at 21:53 on Feb 9, 2024 |
|
# ? Feb 9, 2024 21:46 |
|
BlankSystemDaemon posted:My TV is purposefully not connected via wired or WiFi, and the OS on my HTPC has Ethernet over HDMI disabled - and yet on the menu of the TV, occasional ads for new movies show up. i got a scale that reports my weight to some cloud thing, without me ever having configured WiFi. haven't bothered taking it apart but my guess is there's a SIM card in there. maybe the same w your tv? I think that's what they do w those barnacle boots too, they could have sorted out the infrastructure end so it can only connect to a handful of hosts and have its data tightly capped
|
# ? Feb 9, 2024 22:29 |
|
uninterrupted posted:i got a scale that reports my weight to some cloud thing, without me ever having configured WiFi. haven't bothered taking it apart but my guess is there's a SIM card in there. maybe the same w your tv? Did you set it up with your phone? It may have gotten the wifi settings from the phone during the setup process, or it could be syncing via Bluetooth through your phone. I have an old Withings scale that can do wifi and Bluetooth sync.
|
# ? Feb 9, 2024 22:36 |
|
put the tv in a faraday cage with a sniffer, see if tries to ping anything
|
# ? Feb 9, 2024 22:49 |
|
pairofdimes posted:Did you set it up with your phone? It may have gotten the wifi settings from the phone during the setup process, or it could be syncing via Bluetooth through your phone. I have an old Withings scale that can do wifi and Bluetooth sync. i got it from Roman as part of the wegovy program. i don't remember setting it up with an app, and I'm gonna lose my poo poo if the Roman app pulled my WiFi password to configure a scale they shipped me. brb gonna stare at wireshark with a loaded pistol pointed at my scale
|
# ? Feb 9, 2024 23:40 |
|
pairofdimes posted:Did you set it up with your phone? It may have gotten the wifi settings from the phone during the setup process, or it could be syncing via Bluetooth through your phone. I have an old Withings scale that can do wifi and Bluetooth sync. if it was configured with a phone app and it's using wifi, it almost certainly takes the wifi configuration from the app
|
# ? Feb 9, 2024 23:44 |
|
|
# ? Jun 7, 2024 23:34 |
|
BlankSystemDaemon posted:My TV is purposefully not connected via wired or WiFi, and the OS on my HTPC has Ethernet over HDMI disabled - and yet on the menu of the TV, occasional ads for new movies show up. do you have an RF antenna hooked up to receive over-the-air channels? there is lots of weird poo poo in ATSC and whatever the euro equivalent is, e.g. https://en.wikipedia.org/wiki/Program_and_System_Information_Protocol lol maybe a TV broadcaster figured out how to cram banner ads into the weather data or something
|
# ? Feb 10, 2024 00:16 |