ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    What Are You Doing Right Now

    Scheduled Pinned Locked Moved Water Closet
    time waster
    88.9k Posts 287 Posters 52.3m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • siringoS
      siringo @scottalanmiller
      last edited by

      @scottalanmiller said in What Are You Doing Right Now:

      @Obsolesce said in What Are You Doing Right Now:

      @scottalanmiller said in What Are You Doing Right Now:

      @popester said in What Are You Doing Right Now:

      @scottalanmiller said in What Are You Doing Right Now:

      @popester said in What Are You Doing Right Now:

      Trying to wrap my brain around adding a CA to our domain so we can encrypt traffic between servers. OMG... Where do I start....

      For AD, I assume?

      Yes sir. What brought it about was we run Citrix xenapp and nothing is encrypted this side of the ADC

      Well, the passwords are. That's the only important bit in a typical domain communications chain. Not to belittle "encrypt everything", because that's a good idea in general. Just saying that AD is decently secure even when at its least secure.

      AD (and everything using it) is only as secure as the DC.

      DCs are pretty secure unless you screw something up. However, the DC does not hold passwords, so even a compromised DC does not divulge passwords. So technically, it can be more secure than the DC 🙂

      Hey Scott, can you enlighten me here? I'm no expert on this topic, but I expect the passwords to be stored someplace and somehow in the AD database?????????

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • EddieJenningsE
        EddieJennings @siringo
        last edited by

        @siringo said in What Are You Doing Right Now:

        @EddieJennings said in What Are You Doing Right Now:

        Catching up on some E-mail / comments from YouTube videos.

        Oh what a horrible thing to do. The Internet is full of haters.

        Ha! The couple of things I'm responding to are folks asking questions about stuff.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @siringo
          last edited by

          @siringo said in What Are You Doing Right Now:

          @scottalanmiller said in What Are You Doing Right Now:

          @Obsolesce said in What Are You Doing Right Now:

          @scottalanmiller said in What Are You Doing Right Now:

          @popester said in What Are You Doing Right Now:

          @scottalanmiller said in What Are You Doing Right Now:

          @popester said in What Are You Doing Right Now:

          Trying to wrap my brain around adding a CA to our domain so we can encrypt traffic between servers. OMG... Where do I start....

          For AD, I assume?

          Yes sir. What brought it about was we run Citrix xenapp and nothing is encrypted this side of the ADC

          Well, the passwords are. That's the only important bit in a typical domain communications chain. Not to belittle "encrypt everything", because that's a good idea in general. Just saying that AD is decently secure even when at its least secure.

          AD (and everything using it) is only as secure as the DC.

          DCs are pretty secure unless you screw something up. However, the DC does not hold passwords, so even a compromised DC does not divulge passwords. So technically, it can be more secure than the DC 🙂

          Hey Scott, can you enlighten me here? I'm no expert on this topic, but I expect the passwords to be stored someplace and somehow in the AD database?????????

          AD never stores passwords. AD only stores a password hash, ever. It has no way to recreate the original password or retrieve it. The only time to get the original password is to grab it at the time that it is typed in.

          This is a fundamental part of the security system - AD never knows, stores, or has your passwords at any step of the process. They aren't told to the server ever, they are never sent over the network, etc.

          Now, if you can completely compromise an end point to the point that you are on the network and sending your own direct hash to AD, you can still authenticate even without a password. But if you can do that, you've completely compromised the system anyway and didn't need to do so.

          DashrenderD 1 Reply Last reply Reply Quote 1
          • jmooreJ
            jmoore @RojoLoco
            last edited by

            @RojoLoco I haven't looked at monoprice in a long time so will have to check it out. i do have a Phase Technology speaker system at home though with 15" sub and i do love it.

            1 Reply Last reply Reply Quote 0
            • jmooreJ
              jmoore @Obsolesce
              last edited by

              @Obsolesce I haven't seen that site, I'm going to check it out. Could always use more learning resources.

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @scottalanmiller
                last edited by

                @scottalanmiller said in What Are You Doing Right Now:

                @siringo said in What Are You Doing Right Now:

                @scottalanmiller said in What Are You Doing Right Now:

                @Obsolesce said in What Are You Doing Right Now:

                @scottalanmiller said in What Are You Doing Right Now:

                @popester said in What Are You Doing Right Now:

                @scottalanmiller said in What Are You Doing Right Now:

                @popester said in What Are You Doing Right Now:

                Trying to wrap my brain around adding a CA to our domain so we can encrypt traffic between servers. OMG... Where do I start....

                For AD, I assume?

                Yes sir. What brought it about was we run Citrix xenapp and nothing is encrypted this side of the ADC

                Well, the passwords are. That's the only important bit in a typical domain communications chain. Not to belittle "encrypt everything", because that's a good idea in general. Just saying that AD is decently secure even when at its least secure.

                AD (and everything using it) is only as secure as the DC.

                DCs are pretty secure unless you screw something up. However, the DC does not hold passwords, so even a compromised DC does not divulge passwords. So technically, it can be more secure than the DC 🙂

                Hey Scott, can you enlighten me here? I'm no expert on this topic, but I expect the passwords to be stored someplace and somehow in the AD database?????????

                AD never stores passwords. AD only stores a password hash, ever. It has no way to recreate the original password or retrieve it. The only time to get the original password is to grab it at the time that it is typed in.

                This is a fundamental part of the security system - AD never knows, stores, or has your passwords at any step of the process. They aren't told to the server ever, they are never sent over the network, etc.

                Now, if you can completely compromise an end point to the point that you are on the network and sending your own direct hash to AD, you can still authenticate even without a password. But if you can do that, you've completely compromised the system anyway and didn't need to do so.

                I thought there was a "store password with reversable hash" option in AD? Granted, you should never user it.

                JaredBuschJ 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender
                  last edited by

                  Yep, here it is
                  https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption

                  https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc957013(v=technet.10)?redirectedfrom=MSDN

                  DustinB3403D 1 Reply Last reply Reply Quote 0
                  • DustinB3403D
                    DustinB3403 @Dashrender
                    last edited by

                    @Dashrender said in What Are You Doing Right Now:

                    Yep, here it is
                    https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption

                    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc957013(v=technet.10)?redirectedfrom=MSDN

                    AKA the original backdoor to encryption that the US wants to enforce on everyone.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @DustinB3403
                      last edited by

                      @DustinB3403 said in What Are You Doing Right Now:

                      @Dashrender said in What Are You Doing Right Now:

                      Yep, here it is
                      https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption

                      https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc957013(v=technet.10)?redirectedfrom=MSDN

                      AKA the original backdoor to encryption that the US wants to enforce on everyone.

                      Hell of a lot more than just the US - US, UK, Australia, China, N. Korea... I'm sure most of the middle east, likely Russia (though I've never heard it mentioned in any news or podcasts, likely because it's assumed since they are totalitarian regimes)

                      1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @Dashrender
                        last edited by

                        @Dashrender said in What Are You Doing Right Now:

                        I thought there was a "store password with reversable hash" option in AD? Granted, you should never user it.

                        The password is never stored. Simply the hash is easily reversible into the password.

                        siringoS 1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          Very short on staff today.

                          DashrenderD 1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender @scottalanmiller
                            last edited by

                            @scottalanmiller said in What Are You Doing Right Now:

                            Very short on staff today.

                            All using that unlimited vacation at the same time?

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Dashrender
                              last edited by

                              @Dashrender said in What Are You Doing Right Now:

                              @scottalanmiller said in What Are You Doing Right Now:

                              Very short on staff today.

                              All using that unlimited vacation at the same time?

                              One is out for Carnival, one from a death in the family, one has street construction that cut off their power, three off site in meetings....

                              RojoLocoR LilAngL 2 Replies Last reply Reply Quote 1
                              • RojoLocoR
                                RojoLoco @scottalanmiller
                                last edited by

                                @scottalanmiller said in What Are You Doing Right Now:

                                @Dashrender said in What Are You Doing Right Now:

                                @scottalanmiller said in What Are You Doing Right Now:

                                Very short on staff today.

                                All using that unlimited vacation at the same time?

                                One is out for Carnival,

                                Well laissez les bons temps rouler! My girlfriend is making a king cake later.

                                scottalanmillerS coliverC 2 Replies Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @RojoLoco
                                  last edited by

                                  @RojoLoco said in What Are You Doing Right Now:

                                  @scottalanmiller said in What Are You Doing Right Now:

                                  @Dashrender said in What Are You Doing Right Now:

                                  @scottalanmiller said in What Are You Doing Right Now:

                                  Very short on staff today.

                                  All using that unlimited vacation at the same time?

                                  One is out for Carnival,

                                  Well laissez les bons temps rouler! My girlfriend is making a king cake later.

                                  Oh nice, I want some cake here!

                                  RojoLocoR 1 Reply Last reply Reply Quote 0
                                  • RojoLocoR
                                    RojoLoco @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in What Are You Doing Right Now:

                                    @RojoLoco said in What Are You Doing Right Now:

                                    @scottalanmiller said in What Are You Doing Right Now:

                                    @Dashrender said in What Are You Doing Right Now:

                                    @scottalanmiller said in What Are You Doing Right Now:

                                    Very short on staff today.

                                    All using that unlimited vacation at the same time?

                                    One is out for Carnival,

                                    Well laissez les bons temps rouler! My girlfriend is making a king cake later.

                                    Oh nice, I want some cake here!

                                    We decided last year to start making them at home, all the store bought ones were terrible.

                                    1 Reply Last reply Reply Quote 0
                                    • coliverC
                                      coliver @RojoLoco
                                      last edited by

                                      @RojoLoco said in What Are You Doing Right Now:

                                      @scottalanmiller said in What Are You Doing Right Now:

                                      @Dashrender said in What Are You Doing Right Now:

                                      @scottalanmiller said in What Are You Doing Right Now:

                                      Very short on staff today.

                                      All using that unlimited vacation at the same time?

                                      One is out for Carnival,

                                      Well laissez les bons temps rouler! My girlfriend is making a king cake later.

                                      I think I'm going to make fastnacht tonight for my girls. I need to pick up some frying oil though.

                                      ObsolesceO 2 Replies Last reply Reply Quote 2
                                      • RojoLocoR
                                        RojoLoco
                                        last edited by

                                        About to set myself up with a new work desktop! Dell Precision 3630 mid size. 512gb NVMe, 1TB spinner, i7-9700, 32 RAMs. Oh, also 4x mini-DP outs for super multi display.

                                        DashrenderD 1 Reply Last reply Reply Quote 0
                                        • DashrenderD
                                          Dashrender @RojoLoco
                                          last edited by

                                          @RojoLoco said in What Are You Doing Right Now:

                                          About to set myself up with a new work desktop! Dell Precision 3630 mid size. 512gb NVMe, 1TB spinner, i7-9700, 32 RAMs. Oh, also 4x mini-DP outs for super multi display.

                                          Why so much storage?

                                          RojoLocoR 1 Reply Last reply Reply Quote 0
                                          • RojoLocoR
                                            RojoLoco @Dashrender
                                            last edited by

                                            @Dashrender said in What Are You Doing Right Now:

                                            @RojoLoco said in What Are You Doing Right Now:

                                            About to set myself up with a new work desktop! Dell Precision 3630 mid size. 512gb NVMe, 1TB spinner, i7-9700, 32 RAMs. Oh, also 4x mini-DP outs for super multi display.

                                            Why so much storage?

                                            That's the way the boss ordered 10 new machines. The dev team needs the storage more than I do, but I'm grabbing one for me while they are still available. And I will likely swap the 1TB for a 500gb SSD. I tend to hoard ISOs and other installers.

                                            DashrenderD 2 Replies Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3920
                                            • 3921
                                            • 3922
                                            • 3923
                                            • 3924
                                            • 4446
                                            • 4447
                                            • 3922 / 4447
                                            • First post
                                              Last post