@dafyre Connection closed by foreign host after a couple seconds lol

@fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

@scottalanmiller said in Technologies Begging to be Ransomwared:

@dashrender said in Technologies Begging to be Ransomwared:

FYI - my experience in all of this is through the use of shares - so if shares aren't enabled.. then I'm guessing you're probably correct due to configuration.

Shares aren't on by default. But even when they are, nothing is shared out that a local non-admin user could access.

Yeah, and this is ultimately what saves you - OK now we're on the same page.

Thanks

@JaredBusch Did you ever find a product that you liked for this?

I am looking for 1 PoE outdoor camera for the front of my house. I ran the Cat6 line years ago and I just need to buy the camera now.

@scottalanmiller said in Anyone used Infection Monkey?:

@ambarishrh I meant that YOU should make one.

I'm too subtle, I guess.

lol! Yes, will make one for sure! Just need to test it on a lab and see how it goes. Its an interesting project 🙂

@DustinB3403 said in Solarwinds Blames Intern for Laughable Password:

@scottalanmiller said in Solarwinds Blames Intern for Laughable Password:

@IRJ said in Solarwinds Blames Intern for Laughable Password:

They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

You mean like how the government hires Solarwinds?

I have a client that uses at least one solar wind product and I shudder....

Me too.

@DustinB3403 said in Microsoft Hid Known Vulnerability According to Senator:

@scottalanmiller said in Microsoft Hid Known Vulnerability According to Senator:

@Dashrender said in Microsoft Hid Known Vulnerability According to Senator:

you're saying that they can't ever be wrong in their releases?

No, I'm saying that whether right or wrong is irrelevant. That it happened is what matters. Deciding if it happened accidentally or on purpose is a different discussion. Things that happen on accident doesn't make them not have happened.

Like teen pregnancy....

LOL, exactly.

@Obsolesce said in Active Directory - User Attribute RFID/HID Badge:

@DustinB3403 said in Active Directory - User Attribute RFID/HID Badge:

@Dashrender I'm a 3rd party to the end customer here. Acting as the middle man as the customer's IT department wanted to engage outside support to try and vet different products.

I candidly told the customer that while this product will work, it won't work with all of the features they want without some substantial changes to their infrastructure and that the support (at least from this vendor) is pretty awful.

The simple approach here is to not integrate RFID/HID's to the system and simply use the AD Integration with the built-in QR codes that each member is assigned.

Just because something may be supported, doesn't imply that it is support.

Except in this case the vendor very clearly has stated they support you adding custom attributes within AD.

https://www.zdnet.com/article/microsoft-weve-open-sourced-this-tool-we-used-to-hunt-for-code-by-solarwinds-hackers/

@Dashrender said in Best practice security updates linux servers?:

saying Well - Johnny is just better employee than you, so I choose to pay him more, that isn't going to make people happy, it will likely make them less happy...

You are looking at it from the employer's perspective. Of course it doesn't help the employer. It helps the employee when they can see what X work is worth. If employee 1 makes X for a job, and employee 2 wants to know their own value, they have something to go on. If you don't know what others are paid you have almost nothing to go on.

Remember on Spiceworks when loads of people would claim that $65K was the IT industry cap? Imagine if people (and companies) were able to repeat that without anyone speaking up! People would surmise that if $65K is the top for a CIO, that a system admin must cap out at $50K and a helpdesk tech at $9/hr!

But in the real world, we know that CIOs make well into the seven figure range, admins can get well into the multiple six figures. Even good help desk leads can hit six figures. If we didn't have others to compare against, it's easy to see people misunderstanding the scope of the industry by an order of magnitude.

Sangoma has relased an updated (and likely final) statement.

https://www.sangoma.com/press-releases/sangoma-technologies-provides-update-on-ransomware-attack-expects-no-material-impact-on-sales/

The second paragraph has the relevant information from an IT point of view.

00a7b475-033f-4db6-8311-b115d6bb0a47-image.png

@Dashrender said in DNS Filtering with Ties to Google Groups:

the browser will use the system DNS if that DNS support DNS over HTTPS....

How can the browser know what the DNs mechanism is? DO you mean the browser will try a local DNS over HTTPS first? That I can see.

@dbeato said in Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10:

@pmoncho said in Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10:

Just wondering - Is anyone seeing a patch for 2019 with a reference to the KB article?
Checked yesterday, last night and this morning. No update that I can see.

Currently performing the workaround.

c46cc947-cad4-4bfc-877c-dbd1c1ddfd16-image.png

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4558998

Thanks. Forgot about the update catalog.

@JaredBusch said in Fedora 32 server disables root by default:

@scottalanmiller said in Fedora 32 server disables root by default:

@black3dynamite said in Fedora 32 server disables root by default:

@scottalanmiller said in Fedora 32 server disables root by default:

@black3dynamite said in Fedora 32 server disables root by default:

It's been like that since Fedora 31. At least with the netinstall everything iso.

Gotta be the Netinstall because we install this constantly, every few days, and in the Server Edition, it's not there by default.

root account is disabled with the following ISOs:
Fedora-Everything-netinst-x86_64-31-1.9.iso
Fedora-Server-dvd-x86_64-31-1.9.iso
Fedora-Server-netinst-x86_64-31-1.9.iso
Fedora-Workstation-Live-x86_64-31-1.9.iso

Must be in 1.9. We do these constantly and haven't seen it yet.

Was there more than one ISO release of Fedora 31? There is not always.

Not sure. I just looked and we are on the 1.9 ISO and it definitely has a different default.

@stacksofplates said in Securing SSH:

Another really good option is not letting them log directly into the systems at all and forcing them to use a config management tool. So something like Tower or a Jenkins server that logs all of the commands run and has the permissions set there.

Right. Just like the best defense is a good offense (or vice versa?) The most secure port, is a closed port. Locking down SSH, no matter how good, isn't as good as completely closing it.

Or using config management to only open it when necessary, is an "in between" step, too.