|
Who do I have to kill at Intel to get this commercial off the air? https://www.youtube.com/watch?v=-JLM5YullGo
|
# ¿ Nov 25, 2013 03:14 |
|
|
# ¿ May 21, 2024 09:29 |
|
Tell him he can take the $.25 cents they're worth out of your pay
|
# ¿ Dec 2, 2013 23:19 |
|
An email came in a few days ago: Client who likes me posted:Dear Mustache Ride, Now this isn't terribly bad, however my parent company has changed their processes completely since the last time I was stationed there (6 months ago). So in the past 2 days I've had to learn all of the processes again, including the new Review Platform software. But since I'm a badass, I learned quickly and got up to speed with what they wanted. The result? I'm now working 12 hours a day with few breaks catching my parent company up on all of their leftover bullshit. And because this is still a new job, my pay and Christmas bonus was really really lovely. I don't feel loved this Christmas.
|
# ¿ Dec 13, 2013 19:31 |
|
Agrikk posted:Seriously. He probably forgot the '.' Which is why when you even think about attempting to rm -fr something you ALWAYS ALWAYS ALWAYS use the full goddamn path.
|
# ¿ Feb 28, 2014 01:32 |
|
Maybe the client contact has said how much they like you, and how they would hate to see you go.
|
# ¿ Mar 17, 2014 20:14 |
|
This website can help
|
# ¿ Jun 3, 2014 14:42 |
|
DrAlexanderTobacco posted:So why do it? Probably the future hope of one day having an official change in title or pay. So naive.
|
# ¿ Jul 24, 2014 21:14 |
|
Inform them of the great features of Nine or whatever the iPhone relevant app is that forces EAS to modify the security settings at an App level instead of a Device level. I've been using Nine for a few months, and its great for ignoring EAS policies that disrupt MY device. Its also good so if my company decides to wipe my phone, it'll only wipe the app and leave all my data alone. edit: vvv wait, are you actually praising Blackberry for something? Mustache Ride fucked around with this message at 20:25 on Aug 6, 2014 |
# ¿ Aug 6, 2014 20:04 |
|
Moey posted:Advising end users to skirt around any IT policy seems idiotic. If it is their device they are then accepting the company policy to access company resources. If you are savvy enough to do protect your data on your own by some means, more power to you, but you are then most likely breaking a company policy. Its actually not skirting company policy. The app requires you to enter a 4 digit pin code to see any emails, but doesn't set that security policy at a Device Level. So the security policies are still in place for the company's data (email) but not for your personal stuff (your goddamn phone).
|
# ¿ Aug 6, 2014 20:48 |
|
Gerdalti posted:We are being required by a client to have an SOC 2 Type 2 audit/certification done. I don't even know where to start. Any suggestions? That is a terribly huge audit project that will take you months...months to complete using an outside firm. My company has been prepping to do one for over 8 months now, but they are dragging their feet because its so drat expensive.
|
# ¿ Sep 18, 2014 15:47 |
|
Gerdalti posted:I think this is just a case of "too big for our britches". No one wanted to involve me in any of the actual discussions, and then went "Oh, I'm sure IT can get that done pretty quickly". This is not our typical client, and considering the cost of the SOC 2 Type 2 audit would far exceed (even at the low end) the money the client would pay us over a year, it seems like it's probably not the right choice business wise. All other companies involved how now stated that the requirements are too much and would be unprofitable to implement, which is exactly what I said. That was our quandary too. We're a small 30 person eDiscovery/Forensics firm and we're trying to branch off into offering our services to larger corporations that require a SOC2 in order to host their data on our systems. Even though the cost is more than the potential business we have now, I keep trying to tell them that little icon on our website will bring so much business our way. I thought I had the partners convinced, but they seem to be wavering.
|
# ¿ Sep 18, 2014 17:21 |
|
Sickening posted:Anything that doesn't equal short term profits is hard to sell. I am stuck between thinking that this is just where business shifted to over the years or if its always been this way and I was just naive. Yeah I dunno. But I got a job offer from a large corporation yesterday, so gently caress em.
|
# ¿ Sep 18, 2014 17:27 |
|
Why are you dealing with a network printer if there is only one computer? Hook that poo poo up via USB and tell the office clowns to call their 7 year olds if they have trouble.
|
# ¿ Sep 24, 2014 13:41 |
|
President Ark posted:Uhhhh I'm pretty sure if there's a dude with porn of underaged people on his machine you can just go straight to reporting it to the FBI. Yeah, any time I find jailbait on a user profile, the first thing I do is call the FBI. I don't even stop by my manager's desk when I do, I just call the FBI and explain the case and what I found. Of course, I do eDiscovery/Forensics for a Fortune 500, so usually when I'm given a heads up that they want me to look for something on a user profile, I expect it to be bad, but yeah, call the FBI next time.
|
# ¿ Oct 1, 2014 19:52 |
|
tehloki posted:A dude accidentally formatted an external drive with some important mp4 files on it. He did a quick format, and immediately unplugged the drive and brought it to me after he realized his mistake. Try FTK Imager. Its free, just add the device and you should be able to see deleted files in unallocted. Theres a guide here if you need help.
|
# ¿ Oct 1, 2014 22:28 |
|
Zero VGS posted:Another ticket came in, this one from the company lawyer: quote:Here is what I am looking for in my online data room: Sure, any decent FTP server software will do this and they'll be really happy with how cheap quote:Nice to have Hahahaha, no. That's called a review platform. Call a company called Relativity and ask them to give you a quote. Be sure to video the lawyer's face when you tell him how much it costs to do those things alone, not to mention the team required to administer the drat thing. Lawyers are funny. Mustache Ride fucked around with this message at 01:46 on Oct 2, 2014 |
# ¿ Oct 2, 2014 01:43 |
|
internet jerk posted:What're you SOC types using for cases. JIRA? ArcSight's built in cases? DFLabs here. edit: Also: gently caress ArcSight Mustache Ride fucked around with this message at 07:06 on Nov 14, 2014 |
# ¿ Nov 14, 2014 07:03 |
|
less than three posted:I don't know what SOC means? But we have ArcSight and hate it. Security Operations Center. I think he's asking what case management software the IT Security team uses for Incident Response.
|
# ¿ Nov 14, 2014 13:30 |
|
Galler posted:ArcSight's case system is such a tacked on piece of poo poo. Glad I don't have to use it for that. We were talking with Netflix to get their automated FIDO system to handle the easy reimage stuff like Malware callbacks, but they basically shut down their ITSec group so we're going to have to build it ourselves now.
|
# ¿ Nov 14, 2014 23:28 |
|
An email came in at 8:30 this morning:quote:From: Manager
|
# ¿ Nov 26, 2014 17:17 |
|
pr0digal posted:I built a Snort server and got it set up and working in a lab environment. Now I get to put in a ticket (e-mail) to the remote network engineer to see if he'll set up port mirroring on the core switch for me! Snort? Nah, its all about Bro dude. Get your Bro on and start Broing. Bro! Doesn't this look like fun! (The bro jokes have become who I am now. You learn to live with it after a while.) Bro is a bit more hardcore than Snort, I use it for hunting in the network, but Snort is a good start, as long as you don't have a poo poo ton of traffic bandwidth. What are you planning on using? Snorby or Sguil? Did you build Snort standalone, or on top of my favorite distro, Security Onion?
|
# ¿ Feb 3, 2015 22:40 |
|
Simpsons quotes for me. Also, I loving hate my bank for limiting me to 16 characters. Why would anyone limit you in the year of our lord 2015.
|
# ¿ Feb 10, 2015 03:50 |
|
hihifellow posted:Password hashing is more disappointing than I thought it would be Yes it is, but even with things like distributed rainbow tables and massive hash libraries, most attackers don't even bother with cracking hashes. There are too many hash formats in use, and the processing power required to break a hash is still too costly. Most still rely on credential harvesting from live machines, and tools which require no breaking of hashes, but instead just people downloading malware on to privileged machine. http://youtu.be/BIlqWNpxIGY
|
# ¿ Feb 10, 2015 13:23 |
|
pr0digal posted:Thanks to the Sony attacks the TSA is on the lookout for Cyber Terrorists, you'll probably be pulled aside for a more intense search. They'll want to make sure you're not carrying any "scriptz" or "warez". I've carried on Forensic Falcons, Cellebrites and nearly 20 hard drives in the last 5 months. The TSA agents didn't even bat an eye, except for the part where I was pulling 4 computers out of my bag to run through the scanner and holding up the line. Just pull it out like its a computer and you'll be fine.
|
# ¿ Feb 26, 2015 00:48 |
|
BaseballPCHiker posted:So many tickets come in from our idiot sales force. Why these people cant be responsible adults and remember their passwords is beyond me. Seriously so many password reset calls. We've implemented Okta for single sign on so for %90 of their logins they only have to remember ONE password but that's to much for them. I'm at a complete loss of what to do now but I know looking at our metrics that our helpdesk team spends way to much time on piddily crap like this. We use Microsoft's Forefront Identity Manager for this, but it wasn't easy to set up. Then again, we've got 45k+ users so if you're smaller it might be simple. Who knows!
|
# ¿ Mar 11, 2015 17:18 |
|
Truga posted:lol if you think malware won't just install into %appdata% if there's a lack of admin rights. It really sounds like you need an application whitelisting solution. That will keep anything from installing, and since it sounds like these are one-time use workstations they won't need anything new installed on them. Either that or I would build a base image, and everytime the user logs out it reverts to that base. Like a kiosk mode or something. That way if anyone does install some dumbass malware it will be removed when they log out so you don't have to clean it every day. edit: ^^ yeah, deepfreeze, thats whats its called.
|
# ¿ Apr 1, 2015 15:09 |
|
Netflix open sourced their security platform called FIDO on github. We were in talks with them to buy it, but they clammed up and we basically built this entire system ourselves with hopes and dreams, and more than a little alcohol. If anybody has some of the security tools listed on here and wants to become a top tier SOC, load it up on a box and give it a try. With a little wiggling, it should become your automatic IT Security Group with very little input needed.
|
# ¿ May 5, 2015 14:30 |
|
Oooh what's it's called? That might be fun to GPO out.
|
# ¿ Sep 1, 2015 18:56 |
|
larchesdanrew posted:"Hey larchesdanrew, can you move all my email from my old laptop to my new laptop?" "Oh I'm sorry, the IT Director has sent us a new policy regarding email, and we'll need to archive any emails older than 1 year to this shiny Buffalo NAS. I can help with that."
|
# ¿ Sep 3, 2015 14:57 |
|
I love CSI: Deep Web. I did major in computer forensics, and now work in incident Response. That show is hilarious. Like MST:3000 bad hilarious. It's so bad it's good.
|
# ¿ Sep 6, 2015 21:54 |
|
Put your resume on a Google doc or something so we can all help you rewrite it.
|
# ¿ Sep 9, 2015 14:56 |
|
Xequecal posted:Currently in the same room as a new hire. She's on the phone with the help desk and is really mad at them that her Citrix login doesn't work.....her Citrix login from her previous job at a different company. She does not understand why it doesn't work and is very mad at the help desk. "Don't give me all that computer mumbo jumbo, Citrix is Citrix and this worked for years, there's no reason for it to suddenly stop working now for no reason." I'm wondering if I should say something. Is she an IT New Hire? Because that poo poo's ridiculous if so.
|
# ¿ Oct 5, 2015 17:32 |
|
Here's a funny ticket that came in. quote:Hi, Sure, we'll get right on that....
|
# ¿ Oct 12, 2015 15:24 |
|
FireSight posted:Please tell me that it tells you WHO requested that. Yeah I didn't include all the internal stuff that came along with the ticket. It gives me someone's personal gmail account. We're still tracking down who this is. Its not really a high priority though, I don't really care who looks at porn (or tries to) on our network, as long as they aren't downloading malware while doing so.
|
# ¿ Oct 12, 2015 15:51 |
|
God I love it when pentesters pop Enterprise Admin accounts. Monday is going to be so much fun.
|
# ¿ Dec 11, 2015 22:59 |
|
Japanese Dating Sim posted:That's gotta be the highlight of a pentester's week/month, no? Yeah, she's at the end of her first week of a 2 week engagement. We're going to leave the EA/DA account she created for herself and get her to do it another way for next week.
|
# ¿ Dec 11, 2015 23:17 |
|
Then he's fine, because a reasonable employee would have reached out to him after the first few emails and said "hey I did do this and its reporting it as wrong, can you fix it please?" While this lady didn't read any of the emails. Reading is hard.
|
# ¿ Dec 20, 2015 17:02 |
|
We need pics of your new digs, and the lovely chairs.
|
# ¿ Jan 5, 2016 00:28 |
|
Go to his desk and steal the creds for the DA account he surely has written down on a postit somewhere. edit: and steal your chair back.
|
# ¿ Jan 5, 2016 19:53 |
|
|
# ¿ May 21, 2024 09:29 |
|
Brought in to a meeting that had been going on for 45 minutes about keying two RH servers together, because I'm one of the few people that has linux experience in our group. They forgot to put an "s" in "ssh-rsa" inside the known_hosts file on the target folder.
|
# ¿ Jan 11, 2016 20:41 |