|
guppy posted:Aren't passwords that are a bunch of words taped together typically easy pickings for password crackers? Not really, if they’re longer than 40 characters long it’ll take like 5 years to brute force or something (or maybe it’s impossible) I’m not in security. Either way if you’re using a long enough string of words it doesn’t matter that they’re words vs random characters both will be equally hard to crack
|
# ? Apr 28, 2024 23:19 |
|
|
# ? May 15, 2024 13:01 |
|
my understanding is that it doesn't matter if your password is random characters or dictionary words brute force tools use lists of hashes for all possible characters up to a certain length also, brute forcing passwords is way less common these days, and is largely only used to crack in offline dumps online password risk is completely from lists of known passwords which is why the only two rules that matter are: 1. it must be long enough 2. it must be unique for every site/service
|
# ? Apr 28, 2024 23:58 |
|
If this devolves into a AGI conversation IE can probe me for a month
|
# ? Apr 29, 2024 00:14 |
|
|
# ? Apr 29, 2024 00:18 |
|
jaegerx posted:If this devolves into a AGI conversation IE can probe me for a month you should only do it every other day to allow it to recover
|
# ? Apr 29, 2024 00:30 |
|
I now regret replying with that smiley.
|
# ? Apr 29, 2024 02:48 |
|
The Fool posted:my understanding is that it doesn't matter if your password is random characters or dictionary words So you're saying I didn't have to make my Google password dozens of characters of randomly generated unintelligible gibberish that's a pain to type into every new phone? Thanks, me from 2015.
|
# ? Apr 29, 2024 06:05 |
|
The solution to passwords is easy. Every time you change your password it gets longer and the bit requirements get bigger. This will punish those who don't use password managers, which solves the problem.
|
# ? Apr 29, 2024 06:59 |
|
guppy posted:Aren't passwords that are a bunch of words taped together typically easy pickings for password crackers? Nope, they are actually what is recommended because then you can enforce longer passwords that are more difficult to crack even if the hashes are leaked. Passphrases are kind of the standard for passwords now and are recommended as a best practice. Also along those same lines - getting rid of rolling password expiration , which encourages password re-use and bad passwords policy in general.
|
# ? Apr 29, 2024 12:09 |
|
tortilla_chip posted:I thought CA ssh solved this? Not supported by Gitlab afaik so that’d require engineering effort to implement. jaegerx posted:Why don’t they use a bastion server or tailscale? We’re already on a vpn, my guess is that disabling and dealing with the backlash for a day or 2 was easier.
|
# ? Apr 29, 2024 12:29 |
|
Does anyone here use IPAM? Ive asked around and having trouble finding anyone who does!
|
# ? Apr 29, 2024 14:59 |
|
Dandywalken posted:Does anyone here use IPAM? Ive asked around and having trouble finding anyone who does! We use it. I get some value out of it when troubleshooting network issues.
|
# ? Apr 29, 2024 15:01 |
|
Dandywalken posted:Does anyone here use IPAM? Ive asked around and having trouble finding anyone who does! We do. Invaluable tool for troubleshooting and network/subnet planning.
|
# ? Apr 29, 2024 15:03 |
Wibla posted:We do. Invaluable tool for troubleshooting and network/subnet planning. Same, we also have an integrated in the automation system for onboarding devices. User managed passwords are fake security. I just consider whatever it is to be insecure if that’s the only factor used for authentication. If it’s for some system where I care about the password, then it’s gonna be a gigantic unique string of trash that gets pasted in from a vault, which I also do for my own personal stuff. The only password I know is the one to get into the password vault which is of course two factor.
|
|
# ? Apr 29, 2024 16:34 |
|
Dandywalken posted:Does anyone here use IPAM? Ive asked around and having trouble finding anyone who does! We use it solely for manually setting CIDRs for new subnets so we can avoid CIDR overlaps in our three clouds. It’s useful enough at that.
|
# ? Apr 29, 2024 17:36 |
|
IPAM is so useful that every product gets away with being ludicrously priced relative to the actual complexity of the product
|
# ? Apr 29, 2024 17:58 |
|
Vulture Culture posted:IPAM is so useful that every product gets away with being ludicrously priced relative to the actual complexity of the product We just use the one that comes with Windows Server. It's fine I guess? Angry IP Scanner does everything I need to do when it comes to finding IPs.
|
# ? Apr 29, 2024 18:05 |
|
nmap -sP 192.168.0.69/24 is all the IPAM I need.
|
# ? Apr 29, 2024 18:16 |
|
Have any of you run into an issue where subnet A resolves a host with their public IP address but subnet B resolves the host with their private IP address? Both subnets use DHCP scopes that point to the same DNS server.
|
# ? Apr 29, 2024 19:08 |
|
GreenNight posted:Have any of you run into an issue where subnet A resolves a host with their public IP address but subnet B resolves the host with their private IP address? Both subnets use DHCP scopes that point to the same DNS server. Separate views on the DNS server?
|
# ? Apr 29, 2024 19:10 |
|
Accipiter posted:Separate views on the DNS server? I don't see anywhere split-brain DNS is configured on the DNS server.
|
# ? Apr 29, 2024 19:14 |
|
DNS search suffix in DHCP? If this is a web browser then it could be ignoring the system DNS servers and using DoH.
|
# ? Apr 29, 2024 19:17 |
|
Thanks Ants posted:DNS search suffix in DHCP? Option 119 is not set for either DHCP scope. nslookup does the same thing. Basically ethernet gives external IP while wifi gives internal. It's very odd.
|
# ? Apr 29, 2024 19:19 |
|
Yo, I figured it out. Ugh. We use Cisco Umbrella and the domain name for the resource wasn't set in Umbrella to resolve locally.
|
# ? Apr 29, 2024 19:22 |
|
Antioch posted:We just use the one that comes with Windows Server. It's fine I guess? Angry IP Scanner does everything I need to do when it comes to finding IPs.
|
# ? Apr 29, 2024 19:23 |
|
Vulture Culture posted:IPAM is so useful that every product gets away with being ludicrously priced relative to the actual complexity of the product Netbox is open source
|
# ? Apr 29, 2024 19:38 |
|
xzzy posted:nmap -sP 192.168.0.69/24 is all the IPAM I need. Add the o for os detection
|
# ? Apr 29, 2024 23:10 |
|
Just do what we do: track all the IP address ranges in a single Excel file
|
# ? Apr 30, 2024 00:46 |
|
Ahhh cool. I only used it in a class project, where we set it up to manage a single DNS server which seemed kind of unnecessary. But if it can coordinate and troubleshoot multiple servers for that and DHCP functions then I def see the merit. I guess our campus isnt at the scale where that sort of functionality is necessary, as nobody at all was familiar with it despite four DNS servers.
|
# ? Apr 30, 2024 00:56 |
|
What IPAM are your orgs using? Mega corp I work for is a mix of Excel and Solarwinds.
|
# ? Apr 30, 2024 01:02 |
|
We have several hundred VLANs and even more subnets, it would be impossible to keep track of without IPAM. Currently we use phpIPAM. Tried out Netbox which was nice but didn't really offer anything over phpIPAM to make it worth the effort of switching. e: We don't track every assigned IP and a lot of the networks use dhcp anyway, but it's invaluable to keep track of all the subnets and vlans. Collateral Damage fucked around with this message at 01:25 on Apr 30, 2024 |
# ? Apr 30, 2024 01:16 |
|
We use phpIPAM as well, way better than anything you don't pay for
|
# ? Apr 30, 2024 01:31 |
|
Prescription Combs posted:What IPAM are your orgs using? Mega corp I work for is a mix of Excel and Solarwinds. Infoblox. I’ve used bluecat in the past but infoblox seems to be the choice for big rear end corps
|
# ? Apr 30, 2024 01:57 |
|
Prescription Combs posted:What IPAM are your orgs using? Mega corp I work for is a mix of Excel and Solarwinds. A home grown oracle database from the 90's. Instead of ever taking any opportunities to improve, they wrote scripts to export it to infloblox. The schema is a complete tire fire as only 30 years of simmering can produce. Fortunately that is so far away from my department that I never have to interface with it.
|
# ? Apr 30, 2024 03:20 |
|
IPAM is the bees knees so long as Im not the one managing it. Ive used InfoBlox and SolarWinds. No personal preference between either, again so long as Im not maintaining either. Otherwise Infoblox is a beast if you pay for all that it can do and I'd opt for SolarWinds for smaller shops.
|
# ? Apr 30, 2024 04:17 |
|
Collateral Damage posted:We have several hundred VLANs and even more subnets, it would be impossible to keep track of without IPAM. Currently we use phpIPAM. Tried out Netbox which was nice but didn't really offer anything over phpIPAM to make it worth the effort of switching. We also extensively use Netbox for the DCIM side, rack, cabling etc. Can be a little cumbersome but you can get a lot out of it if you spend the time throwing all the info at it HalloKitty fucked around with this message at 09:16 on Apr 30, 2024 |
# ? Apr 30, 2024 09:12 |
|
HalloKitty posted:We also extensively use Netbox for the DCIM side, rack, cabling etc. Can be a little cumbersome but you can get a lot out of it if you spend the time throwing all the info at it
|
# ? Apr 30, 2024 09:21 |
|
BaseballPCHiker posted:IPAM is the bees knees so long as Im not the one managing it.
|
# ? Apr 30, 2024 11:47 |
|
The person I report to doesn't know what Bcc is. We had to explain it to him when it came to sending an email to a number of people without exposing one's address to another.
|
# ? Apr 30, 2024 12:25 |
|
|
# ? May 15, 2024 13:01 |
|
Serperoth posted:The person I report to doesn't know what Bcc is. We had to explain it to him when it came to sending an email to a number of people without exposing one's address to another. How do these people even get a job? probably because the person who hired them is even more incompetent
|
# ? Apr 30, 2024 13:59 |