|
badlock: dat hype
|
#
?
Apr 12, 2016 23:57
|
|
|
|
| # ? Jun 12, 2024 05:55 |
|
|
adorai posted:badlock: dat hype What does "Badlock" stand for? "Badlock" was meant to be a rather generic name and does not point to any specifics.
|
|
#
?
Apr 13, 2016 00:07
|
|
|
At least everybody is now going to ignore the branded vulnerabilities.
|
|
#
?
Apr 13, 2016 00:17
|
|
|
At least POODLE stood for something real
|
|
#
?
Apr 13, 2016 00:44
|
|
|
I thought the strained backronym that was DROWN was a low point
|
|
#
?
Apr 13, 2016 00:47
|
|
|
siggy2021 posted:One of my switches died today and the only spare switch I have is not POE and doesn't have the right fiber connections to go back to my core switch. I've been stuck here loving around with a workaround since part of the building is out until I get my replacement switch tomorrow. ProCurve (not the rebranded 3com) gear is actually pretty good. Sorry for your lack of planning. If you're responsible for fixing the situation then you're responsible for having spares ready.
|
|
#
?
Apr 13, 2016 05:55
|
|
|
Internet Explorer posted:ProCurve (not the rebranded 3com) gear is actually pretty good. Sorry for your lack of planning. If you're responsible for fixing the situation then you're responsible for having spares ready. I've been pretty pleased with the ProCurve quiet fanless switches but thats the only ProCurve series equipment I've ever used. Whats the name of that phishing campaign software? Know4Sure or something like that? I want to get that into our budget for next year so I can appease the ultra paranoid board.
|
|
#
?
Apr 13, 2016 14:04
|
|
|
Internet Explorer posted:ProCurve (not the rebranded 3com) gear is actually pretty good. Sorry for your lack of planning. If you're responsible for fixing the situation then you're responsible for having spares ready.
|
|
#
?
Apr 13, 2016 14:06
|
|
|
Are there companies where that's now how it works or something?
|
|
#
?
Apr 13, 2016 14:35
|
|
|
Do companies exist where one person has one job role or is everything now three people each do a third of three different tasks - to guarantee duplication of effort and issues caused by poor communication.
|
|
#
?
Apr 13, 2016 14:50
|
|
|
Just got offered the office of the guy who left. Feels good! Even better yet, I still get to work from home for 4 days out of the week!
|
|
#
?
Apr 13, 2016 14:59
|
|
|
Thanks Ants posted:Do companies exist where one person has one job role or is everything now three people each do a third of three different tasks - to guarantee duplication of effort and issues caused by poor communication.
|
|
#
?
Apr 13, 2016 15:06
|
|
|
ugh we made some changes to GPO and disallowed running things as another user (run as admin was already disabled) I have to log out and log back in as my domain admin account (no mapped drives and no roaming profile) to actually do anything now... or RDP into a server and run poo poo there. Either way it's a giant pain in the dick to not be able to do stuff quickly. The fastest way for me to actually do anything with .msc would be just to have them on a thumb drive right? I mean I could navigate to my network storage folder but the share names are long af.
|
|
#
?
Apr 13, 2016 15:08
|
|
|
Why would you disable run as another user unless you hate your desktop support people?
|
|
#
?
Apr 13, 2016 15:12
|
|
|
GnarlyCharlie4u posted:ugh we made some changes to GPO and disallowed running things as another user (run as admin was already disabled) Whoever decided to disable run-as another user is a complete idiot. There isn't any upside to making that change. It doesn't make anything more secure.
|
|
#
?
Apr 13, 2016 15:17
|
|
|
BaseballPCHiker posted:Whats the name of that phishing campaign software? Know4Sure or something like that? I want to get that into our budget for next year so I can appease the ultra paranoid board. KnowBe4. I called them up last week after the reviews here on SA and I was expecting a price tag 10x what they asked. Didn't even need budget approval I was just like here's my card make it happen fellas.
|
|
#
?
Apr 13, 2016 15:25
|
|
|
Collateral Damage posted:Why would you disable run as another user unless you hate your desktop support people? Wasn't my call. I just came in today and it was done. Sickening posted:Whoever decided to disable run-as another user is a complete idiot. There isn't any upside to making that change. It doesn't make anything more secure. psure it was the boss. So yeah. Serious question though... you think the .msc thumb drive on my lanyard is a bad idea? I mean I could navigate to \\wholleyffuckthisisalongsharename-eatadick\desktopsupport$\lolnotyet\importantfiles\relevantimportantfiles\heres300foldersyoudontneed\theoneyoudo\gnarlycharlie4u and get the stuff I need every time. Or, ya know rdp into a domain controller  oh I forgot... the best part is the way we disabled "run as admin" It still shows up in the right click menu, but UAC is blocked so if you actually click on something to run it as admin, it throws you into an endless loop of the prompt popping up and being immediately closed. At which point you have to just unplug the computer, glue your hair back on, and call it a day. GnarlyCharlie4u fucked around with this message at 15:39 on Apr 13, 2016 |
|
#
?
Apr 13, 2016 15:36
|
|
|
Can you make a virtual machine that you use for admin tasks?
|
|
#
?
Apr 13, 2016 15:37
|
|
|
Sheep posted:KnowBe4. I called them up last week after the reviews here on SA and I was expecting a price tag 10x what they asked. Didn't even need budget approval I was just like here's my card make it happen fellas.
|
|
#
?
Apr 13, 2016 15:39
|
|
|
GreenNight posted:Can you make a virtual machine that you use for admin tasks? HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA. *sips water* HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA edit: even then, it would still require me to remote into something every time I needed to do a quick simple task.
|
|
#
?
Apr 13, 2016 15:41
|
|
|
GnarlyCharlie4u posted:HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA. You have a bizarre job. I do not miss big corp IT where the SR guys lockdown their lower admins to the point of them barely being power users. The truth is the customized restricted access takes planning and effort and simply restricting as much as possible is just easier.
|
|
#
?
Apr 13, 2016 16:08
|
|
|
Sickening posted:I do not miss big corp IT It's the smallest of local governments. Basically we transitioned from a contracted out IT department with a CTO to an all in house IT department with a former contractor that BECAME the new CTO by throwing the last one under the bus. We inherited a complete shitshow a little more than a year ago, and have been working our asses off to remedy the situation. We've also made our fair share of terrible choices though.
|
|
#
?
Apr 13, 2016 16:17
|
|
|
Guy says our product is only certified on CiscoUCM 6.x. I tell him no, we are certified on 8.6 and 9.1. He doesn't believe me. I send him the certs. He doesn't believe me. I forward him a email from cisco saying what I said. HE DOESN'T BELIEVE CISCO. At this point he's either loving with me, or he is trying to CYA really hard because he hosed up big. I am going to go with the latter.
|
|
#
?
Apr 13, 2016 17:05
|
|
|
Psh what does Cisco know tbh?
|
|
#
?
Apr 13, 2016 17:08
|
|
|
Kashuno posted:Psh what does Cisco know tbh? While this is a valid point, Cisco doesn't gently caress around with Certs.
|
|
#
?
Apr 13, 2016 17:10
|
|
|
GnarlyCharlie4u posted:We've also made our fair share of terrible choices though. Yeah... I can understand your boss being a stupid, but I'd fight that GPO change for the sake of actually being able to work. UAC hasn't also been disabled has it?
|
|
#
?
Apr 13, 2016 17:17
|
|
|
Super Slash posted:Yeah... I can understand your boss being a stupid, but I'd fight that GPO change for the sake of actually being able to work. GnarlyCharlie4u posted:oh I forgot... the best part is the way we disabled "run as admin" It's actually quite loving hilarious.
|
|
#
?
Apr 13, 2016 17:22
|
|
|
Super Slash posted:Yeah... I can understand your boss being a stupid, but I'd fight that GPO change for the sake of actually being able to work. GnarlyCharlie4u posted:but UAC is blocked I told this to my totally green employee and even he thought it's batshit insane.
|
|
#
?
Apr 13, 2016 17:25
|
|
|
From what I have heard, 99% of the time the reason some random program needs UAC privileges is because they are writing to some syslog file instead of doing it properly.
|
|
#
?
Apr 13, 2016 17:44
|
|
|
ratbert90 posted:From what I have heard, 99% of the time the reason some random program needs UAC privileges is because they are writing to some syslog file instead of doing it properly. I'm not sure what you're talking about there. UAC elevation occurs when a program needs to perform an administrative action (things like changing system settings, installing a program or driver, changing something to do with another account, running any kind of mmc snapin or administrative/system tool, etc). It's usually pretty predictable too.
|
|
#
?
Apr 13, 2016 17:50
|
|
|
GnarlyCharlie4u posted:We've also made our fair share of terrible choices though. Does this list include fanny packs and the misplacement thereof?
|
|
#
?
Apr 13, 2016 17:51
|
|
|
We block uac prompts. Changing settings in a lot of programs requires us to log in as admin, promote the user to local admin, log in as user, make the change, log out, log back in as admin, remove the user from local admin, log back in as user. I guess it saves us from calls from users asking for admin credentials when prompted but it feels like a huge headache.
|
|
#
?
Apr 13, 2016 18:07
|
|
|
Judge Schnoopy posted:We block uac prompts. Changing settings in a lot of programs requires us to log in as admin, promote the user to local admin, log in as user, make the change, log out, log back in as admin, remove the user from local admin, log back in as user. And there's a risk of forgetting to undo some permission.
|
|
#
?
Apr 13, 2016 18:09
|
|
|
CLAM DOWN posted:I'm not sure what you're talking about there. UAC elevation occurs when a program needs to perform an administrative action (things like changing system settings, installing a program or driver, changing something to do with another account, running any kind of mmc snapin or administrative/system tool, etc). It's usually pretty predictable too. Ok, I should have specified bad programs that have no business needing UAC elevation.
|
|
#
?
Apr 13, 2016 18:23
|
|
|
What drives me the most nuts, is that Optishot, the software for my at-home Golf Simulator, prompts loving UAC to run.
|
|
#
?
Apr 13, 2016 18:24
|
|
|
Vulture Culture posted:I dunno, this sounds like one of those situations where nobody is actually responsible for the stuff until one day it suddenly doesn't work That is basically the case. I was just the guy who happened to find the problem, so I'm the guy who had to fix it. I also thought we had a spare, but it turned out it was sitting in a cabinet because the person who was supposed to RMA it never did. As for Procurves not being bad, maybe they aren't as bad as I think but I've run into problems recently and have had 2 die completely in the past month. Our configuration is also all hosed up but I'm afraid to start touching it. Also, hp sent me a newer model (2920 instead of a 2910) and that is super cool but I wish they would have told me. My 10 Gb SFP module isn't compatible with the 2920 so now I need to wait for that to come in tomorrow.
|
|
#
?
Apr 13, 2016 18:27
|
|
|
Ugh, Dell does that too. Pro support on monitors, a 16:9 monitor breaks. "We don't have that model anymore so here's the next best thing, the 16:10 version!" It doesn't work like that Dell, you need to send me the next year's 16:9 so my poo poo matches.
|
|
#
?
Apr 13, 2016 18:31
|
|
|
Judge Schnoopy posted:Ugh, Dell does that too. Pro support on monitors, a 16:9 monitor breaks. "We don't have that model anymore so here's the next best thing, the 16:10 version!" Uh... It sounds like Dell is actually in the right here? gently caress 16:9 forever for actual work.
|
|
#
?
Apr 13, 2016 19:23
|
|
|
psydude posted:Does this list include fanny packs and the misplacement thereof? That would fall into the 'I' category. Not the 'we (or they) Potato Alley posted:Uh... Yeah, I have to agree. 16:10 supremacy.
|
|
#
?
Apr 13, 2016 19:28
|
|
|
|
| # ? Jun 12, 2024 05:55 |
|
|
Yeah but it drives some people nuts when the bezels on their monitors dont match and line up exactly perfect. Theres someone I work with who has put in a ticket for this like every 7 months complaining to help desk about it.
|
|
#
?
Apr 13, 2016 19:33
|
|