@scottalanmiller said in How do YOU provide a physical VDI demo?:
Try to look at it without the trained eye of an IT pro. To grandma or Ether in accounting or Frank in HR, the Dell desktop and the Wyse thin client look essentially the same. It's just that "Dell computer on my desk."
yes, that was my point too.
well hell. I fired up wireshark and I can see the full queries, returns, and everything else in plain text. I cannot seem to find the user name or password, but everything else is there.
what I know for sure:
@Dashrender said in SQL security over the LAN:
@travisdh1 said in SQL security over the LAN:
@Donahue said in SQL security over the LAN:
The user never sees this, they only see their application specific login info. Everything is all setup from the initial install. But the application uses the SA account for all it's communications with SQL under the hood.
That's still not how it works. If they missed just one place where someone could inject code..... your boned.
Yeah - one area where they don't check the data - someone could field input drop table and bye bye.
yeah, I would be surprised if there was any santiation going on within the program. I've never seen any yet.
The user never sees this, they only see their application specific login info. Everything is all setup from the initial install. But the application uses the SA account for all it's communications with SQL under the hood.
I am trying to figure out if my setup is less than ideal security wise. I am gathering information to make a case that our ERP must evolve, or we must move on.
I am specifically looking at security from the point of view of a rogue device that is already on my LAN. My ERP application, being a legacy 2 tier design, has a direct connection from every client straight to the SQL database, going over the LAN. All the clients connect using the SA account, and all security and permissions are handled inside the application. What I am wanting to know is if the traffic being sent to and from the database is able to be sniffed and if this vulnerability would go away if we had a more modern ERP. What are the chances that this is all being sent in the clear, over the wire?
I am not well versed in wireshark, so I am not sure how to measure this directly yet. Is this a known thing that DBA's talk about and discuss, or am I making bad assumptions?
you can look at the event viewer and see when the security definitions were updated, and when scans are initiated.
"you can view Windows Defender "Operational" events in Event Viewer
Click your Start Button, type event viewer and hit Enter
Look under: Applications and Services Logs - Microsoft - Windows - Windows Defender."
FYI, on my W10 workstation, updates do not trigger an automatic scan, at least not with my current settings which are all on default AFAIK
@WrCombs said in Security Updates Not Listening to Times.:
@Donahue said in Security Updates Not Listening to Times.:
@WrCombs said in Security Updates Not Listening to Times.:
@Donahue said in Security Updates Not Listening to Times.:
@WrCombs said in Security Updates Not Listening to Times.:
5:30-6:00 pm and he manually restarts everything and then everything works fine.
Right now ISo for us following along at home, what was the actual problem and what was the fix? It looks like you were saying that the MSE updates were running at 5:30 or whenever, but was it actually trying to run a scan at that time? Was that the actual cause of the slowdowns?
The problem was that MSE was installing updates daily at 5-5:30 causing the Point of Sale that runs off of that PC to freeze and lock up until they were restarted.
The fix?
I excluded our application directory from MSE updates and havent had a problem in 3 days.
I have checked and the updates are still coming in , but no system lock ups.I don't see the correlation. How is excluding a directory from updates even a thing? I can see excluding a directory from a scan, but MSE doesn't get updates based on directories.
This is what I know : okay? Stay with me here;
My terminals on the front of house were locking up every time a Security Update came through on my Back office PC. Causing the Site to have to restart the terminals manually every time at the same time, Daily.
After excluding the Directory for my application, I haven't had an issue in 3 days, and counting at multiple of my Windows 7 Sites.
Could it be that the updates were spinning up more RAM to install these updates?
Could it be that The System was False Positive hitting as @Dashrender suggested?
I wonder if it wasn't also running a scan at the same time using the newly installed updates? That is the only thing that makes sense. I wont argue with the results, I was just not satisfied with the explanation, because I couldn't follow the logic.
@DustinB3403 said in VOIP voicemail hacked aka DISA toll fraud:
@Donahue most phone systems have a lockout function enabled. If this phone system did or didn't I don't know. But I also don't know if a 4 digit pin was the maximum length a pin could be.
true
@WrCombs said in Security Updates Not Listening to Times.:
@Donahue said in Security Updates Not Listening to Times.:
@WrCombs said in Security Updates Not Listening to Times.:
5:30-6:00 pm and he manually restarts everything and then everything works fine.
Right now ISo for us following along at home, what was the actual problem and what was the fix? It looks like you were saying that the MSE updates were running at 5:30 or whenever, but was it actually trying to run a scan at that time? Was that the actual cause of the slowdowns?
The problem was that MSE was installing updates daily at 5-5:30 causing the Point of Sale that runs off of that PC to freeze and lock up until they were restarted.
The fix?
I excluded our application directory from MSE updates and havent had a problem in 3 days.
I have checked and the updates are still coming in , but no system lock ups.
I don't see the correlation. How is excluding a directory from updates even a thing? I can see excluding a directory from a scan, but MSE doesn't get updates based on directories.
There are only 10k 4 digit pin combo's anyways. It's never been a very secure mechanism, and without some sort of lockout for too many bad guesses, it's trivial to break any pin.
@WrCombs said in Security Updates Not Listening to Times.:
5:30-6:00 pm and he manually restarts everything and then everything works fine.
Right now I
So for us following along at home, what was the actual problem and what was the fix? It looks like you were saying that the MSE updates were running at 5:30 or whenever, but was it actually trying to run a scan at that time? Was that the actual cause of the slowdowns?
I would argue that most people see the monitor as "the computer", at least the end users themselves. If the computer boots into something like windows, that is a PC regardless of it's physical form. People that do not understand what VDI actually is will assume that whatever physical box is plugged in is "the PC", they are just black boxes to them. How would they know the difference between a thick client box that boot into local windows 10, and a black box that boots straight into a windows 10 VDI? All the user can see is the physical appearance, and PC's come in all manner of physical appearances these days, thick and thin.
@scottalanmiller said in Some New Macs Risk Bricking from Third Party Repairs:
@Donahue said in Some New Macs Risk Bricking from Third Party Repairs:
@scottalanmiller said in Some New Macs Risk Bricking from Third Party Repairs:
@Donahue said in Some New Macs Risk Bricking from Third Party Repairs:
I am fine with the idea that apple would not honor warranties when third party attempted repairs, but the consumer should still have that right to get the service done without fear of triggering booby traps.
That's a huge violation of warranty law. You can't make warranties dependent in that way, or you can effectively use that, like the false security concerns, as an effective end run around the right to repair law.
I wont disagree, but that is still much better than actually taking steps to brick the device with unauthorized repair. One is a legal issue, the other is a functional issue.
Both are legal, actually.
you're being pedantic. They both have legal components, but the latter also has functional issues. Do you disagree that shady warranty practices are less bad than purposely and actively bricking devices?
@scottalanmiller said in Some New Macs Risk Bricking from Third Party Repairs:
@Donahue said in Some New Macs Risk Bricking from Third Party Repairs:
I am fine with the idea that apple would not honor warranties when third party attempted repairs, but the consumer should still have that right to get the service done without fear of triggering booby traps.
That's a huge violation of warranty law. You can't make warranties dependent in that way, or you can effectively use that, like the false security concerns, as an effective end run around the right to repair law.
I wont disagree, but that is still much better than actually taking steps to brick the device with unauthorized repair. One is a legal issue, the other is a functional issue.
It should be the same as cars, and probably will be regulated at some point to be similar by the government. With cars, you are supposed to be able to have the right to repair it using 3rd parties if you desire so. It helps reduce the possibility of a monopoly for that car maker. Tesla is kind of fighting that idea at the moment, but any time the consumer is forced to only use the OEM, it gives the OEM all the leverage and the consumer is left with no option but to use them at whatever price point the OEM thinks they can get away with. It also puts the consumer at risk of the OEM arbitrary deciding that they no longer wish to offer that service at any price, and the consumer is now completely screwed. This is like MS arbitrarily deciding they dont like your o365 or azure account, and just disabling or deleting it. Imaging if MS tried to say that if you were going to run windows in the cloud, you HAD to use azure or else windows would lock itself out and become inoperable.
I am fine with the idea that apple would not honor warranties when third party attempted repairs, but the consumer should still have that right to get the service done without fear of triggering booby traps.
@Dashrender said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@Dashrender said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@WrCombs said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@WrCombs you've never heard that? weird.
Nope.
I live kinda of Land Locked - I don't meet very many people from west or east coast - Being in the Literal Middle of the US and all.what's funny is that I don't think I have ever heard anyone call the east coast the right coast, just people from the west coast calling it the left coast.
Well - it's really not all that right leaning - at least not in the big cities.
i've never thought of it as political, its just on the right hand side or left hand side of a map.
I've never, let me say that again, never considered it because of the side of the map it was on when calling it the left coast
I guess it does fit both ways, and that might explain why the east coast isnt called the right coast.
@Dashrender said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@WrCombs said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@WrCombs you've never heard that? weird.
Nope.
I live kinda of Land Locked - I don't meet very many people from west or east coast - Being in the Literal Middle of the US and all.what's funny is that I don't think I have ever heard anyone call the east coast the right coast, just people from the west coast calling it the left coast.
Well - it's really not all that right leaning - at least not in the big cities.
i've never thought of it as political, its just on the right hand side or left hand side of a map.
@WrCombs said in What Are You Doing Right Now:
@Donahue said in What Are You Doing Right Now:
@WrCombs you've never heard that? weird.
Nope.
I live kinda of Land Locked - I don't meet very many people from west or east coast - Being in the Literal Middle of the US and all.
what's funny is that I don't think I have ever heard anyone call the east coast the right coast, just people from the west coast calling it the left coast.
@DustinB3403 said in Miscellaneous Tech News:
https://futurism.com/artificial-sun-china-temperature-record/
does this mean we might see actual production fusion in our lifetime?
