|
here is a security fuckup for the new thread: at my last job, they used solarwinds and most of the stuff piped logs to some server that it monitored. their "ids" solution was a script that checked logs for false ssh entries, and on the 100th hit, it would send a ticket to the noc. the noc was responsible for pulling that ip address, going back into solarwinds to make sure that they were really an active threat, and not some guy who only made two or three invalid attempts in the past hour, and then fed that ip address into another script that null routed that ip to some of the routers. this script was very old and did not affect the routers for the somewhat newer pci/compliance environment. oh, and solarwinds was helpful in pulling the ptr for ip addresses that had one, and if you had a domain name that didn't have an a record, it couldn't get added to the null route table anthonypants fucked around with this message at 19:34 on Apr 8, 2016 |
#
¿
Apr 8, 2016 19:31
|
|
|
|
| # ¿ May 22, 2024 10:54 |
|
|
Parallel Paraplegic posted:lol 100 hits, i've seen bots get bored and give up before that also i should be more clear that it wasn't 100 hits from the same ip, it was every 100 hits. no one had a problem with this
|
|
#
¿
Apr 8, 2016 19:49
|
|
|
Parallel Paraplegic posted:wait what, it would just flag every 100th failed login?
|
|
#
¿
Apr 8, 2016 20:17
|
|
|
goddamnedtwisto posted:tbh a big part of why government it (in the uk at least) is so hosed up is that sort of bias. it goes like this:
|
|
#
¿
Apr 8, 2016 22:42
|
|
|
McGlockenshire posted:Followup on yesterday's wordpress article with both new and old information: https://www.wordfence.com/blog/2016/04/panama-papers-wordpress-email-connection/ 
|
|
#
¿
Apr 9, 2016 01:49
|
|
|
the http://rebootmymodem.net/ url is prompting me for a google login so i guess i'm not going to see if it works on my sb6120, but it probably does
|
|
#
¿
Apr 9, 2016 17:43
|
|
|
cheese-cube posted:i'll buy this tag for the next 10 ppl who quote this post (might take me a couple of days to do so, ive just moved house and have no internet yet)
|
|
#
¿
Apr 9, 2016 19:00
|
|
|
Subjunctive posted:there's no good way to get the bbcode for someone's existing title text, is there? code:
|
|
#
¿
Apr 9, 2016 19:37
|
|
|
Subjunctive posted:Yeah, I mean for others' more intricate ones. say, Captain Foo. take http://fi.somethingawful.com/safs/titles/b9/ce/00054492.0001.png, upload it, the title text would be code:e: kalmstram's is way more intricate so here's his code:anthonypants fucked around with this message at 19:47 on Apr 9, 2016 |
|
#
¿
Apr 9, 2016 19:41
|
|
|
Sharktopus posted:I like baud bitches thats my fuckin problem 
|
|
#
¿
Apr 9, 2016 20:11
|
|
|
cheese-cube posted:lol you're jelly af
|
|
#
¿
Apr 10, 2016 00:52
|
|
|
ChickenOfTomorrow posted:see I was making a joke by asking if the quanta router was subject to the arris vuln because while usually that would be unlikely, the quanta router is just so bad that it probably is
|
|
#
¿
Apr 10, 2016 03:30
|
|
|
Trabisnikof posted:√ thanks!
|
|
#
¿
Apr 10, 2016 07:25
|
|
|
kalstrams posted:
|
|
#
¿
Apr 10, 2016 17:35
|
|
|
ChickenOfTomorrow posted:tag check
|
|
#
¿
Apr 10, 2016 23:43
|
|
|
jony ive aces posted:remember security fuckups
|
|
#
¿
Apr 11, 2016 02:37
|
|
|
Shaggar posted:If a government agency is storing user creds in reversible form for one of their applications, what is the best way to get them to fix it? I've emailed the responsible organization w/ details and suggestions. Should I do anything else?
|
|
#
¿
Apr 11, 2016 21:59
|
|
|
Midjack posted:this is really the only thing that will make a usgov entity admit they have a problem
|
|
#
¿
Apr 12, 2016 00:55
|
|
|
Cocoa Crispies posted:granny natting, not double dmz natting like you should be
|
|
#
¿
Apr 12, 2016 05:35
|
|
|
Parallel Paraplegic posted:computer over, virus equal very yes
|
|
#
¿
Apr 14, 2016 16:06
|
|
|
finally, the long national nightmare of quicktime on windows is over http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/
|
|
#
¿
Apr 14, 2016 22:52
|
|
|
apparently if you generated enough bit.ly urls you could get access to someone's onedrive until microsoft removed the feature http://www.wired.com/2016/04/researchers-cracked-microsoft-googles-shortened-urls-spy-people/
|
|
#
¿
Apr 15, 2016 00:34
|
|
|
moonshine is...... posted:So apparently this is a thing https://deaddrops.com/ a friend of mine told me her techie friend is really into it. So that's fun. 
|
|
#
¿
Apr 15, 2016 01:04
|
|
|
https://twitter.com/webster/status/720758545688477696
|
|
#
¿
Apr 15, 2016 01:50
|
|
|
Sharktopus posted:wish I could find whatever the gently caress you're talking about anthonypants posted:apparently if you generated enough bit.ly urls you could get access to someone's onedrive until microsoft removed the feature http://www.wired.com/2016/04/researchers-cracked-microsoft-googles-shortened-urls-spy-people/
|
|
#
¿
Apr 15, 2016 23:52
|
|
|
OSI bean dip posted:i'm the sec fuckup. i published my sa password to github
|
|
#
¿
Apr 19, 2016 00:22
|
|
|
OSI bean dip posted:i can say that this is not the case
|
|
#
¿
Apr 19, 2016 02:09
|
|
|
did people itt really believe osi's password was kjs500? because that's an ancient radium password for everything
|
|
#
¿
Apr 19, 2016 02:38
|
|
|
ChickenOfTomorrow posted:buncha people in here don't know forums history
|
|
#
¿
Apr 19, 2016 05:50
|
|
|
Captain Foo posted:good thread title change
|
|
#
¿
Apr 19, 2016 20:42
|
|
|
flakeloaf posted:that's what our product needs, multiple barriers to sensible usage Parallel Paraplegic, there's a free tier of secret server that you can host in-house, and their browser integration is real good. iirc you can only have 100 users and 1000 passwords/secrets, but it's probably a good starting point to see if you want to implement that instead of sharing a 1password vault
|
|
#
¿
Apr 20, 2016 16:16
|
|
|
Shaggar posted:lol if u allow lets encrypt certs to be trusted on ur networks.
|
|
#
¿
Apr 20, 2016 19:37
|
|
|
Maximum Leader posted:i can't believe microsoft didnt gently caress with the active directory name yet. is it their only product with an unfucked name at this point?
|
|
#
¿
Apr 20, 2016 20:20
|
|
|
lol
|
|
#
¿
Apr 20, 2016 21:55
|
|
|
at my last job if you said you were a customer and wanted to do anything like ask for a csr or make dns changes you had a better than 50% chance of the change getting made without verifying you were who you said you were. later on they decided the sales team would update all the customers' contact information. but salesforce.com was never updated because it turned out to be too difficult so the policy changed to if the customer pays less than $50/month then you should just make the change anyway. i'm like 99% positive you could email them and say "hey we need you to run this script on our server after hours" and they would, no questions asked
|
|
#
¿
Apr 20, 2016 22:01
|
|
|
Volmarias posted:I especially liked the unexpected sexism at this part Cocoa Crispies posted:why are all you people replying to shaggar
|
|
#
¿
Apr 21, 2016 00:49
|
|
|
Acer Pilot posted:What was that other password manager? The less terrible free one? Keep rear end? Shaggar posted:yeah that would be good but in the meantime I don't want lets encrypt certs marked as trusted. maybe there can be a new signing type that marks the certificate as encrypting but not trusted or untrusted. browsers that don't support the extension would treat it as untrusted or invalid and browsers that do support it would show it as encrypted/not-trusted.
|
|
#
¿
Apr 21, 2016 01:54
|
|
|
Shaggar posted:lets encrypt is the worst of them because they provide automated mechanisms for malware to get certs and their policy specifically states that they're ok with signing malware certs.
|
|
#
¿
Apr 21, 2016 02:32
|
|
|
CommunistPancake posted:i feel like if you're already paying
|
|
#
¿
Apr 21, 2016 03:55
|
|
for a domain you're not going to give up when you see that it's another
|
|
| # ¿ May 22, 2024 10:54 |
|
|
suffix posted:SA has the lock so this checks out
|
|
#
¿
Apr 21, 2016 04:32
|
|