your dns just hasn't been refreshed either by you or your provider - the issue is actually with the whois record being updated so the authoritative nameservers are set to ns1.yumurtakabugu.com and ns2.yumurtakabugu.com. As a result this can take a while to finish propagating and can take a while to fix!
You are a moron if you think this is a cryptography problem. The cryptography works fine. The chain of trust is the problem. If you were to drive over to google with a thumb drive, get their certificate, install it and use just that for your encrypted connection to google.com you are fine. The problem is you are trusting some unknown third party for google's keys. If you think that is a good plan for security I have a plankpad errrr..... ipad I can sell you tonight in a parking lot.
once you have access to the command line you can then use it to transfer exploitable code to the windows temporary folder. This puts an attack vector in place. Disconnect, then reconnect with the command to execute your payload - this command is executed before policies are enforced. tah-dah.
Would you rather have 1000 bots attacking a server or 900? Obviously in a perfect world we would cut it down to 0, but eliminating scripted attacks on poorly secured servers is better than doing nothing.
Yes, we people have VPNs, but you know all those small business whose IT staff is "the guy who knows some stuff about computers" and gets stuck "managing the server"? Well, those business don't have VPNs, are rarely patched and are the cause for those shenanigans. For companies who are unwilling to pay for the time it takes to properly clean up the mess they have and install proper protections a port change and administrator username change is the "better than nothing" approach. While yes, it is "security through obscurity" the reality of the world is that we don't live in a paradise where every small business is willing to listen to their IT consultants or willing to shell out the money to do things properly. For those cheap companies we do this at minimum to help protect the rest of the world from their ignorance.
actually once you have rdp access privilege escalation is pretty trivial as you can access the command line regardless of local and group policies by exploiting a flaw in how command line switches are handled.
I've found you don't want to work for companies that don't listen to their IT departments as that is bad for job security. A smart boss will listen to a reasoned explanation as to why something is a bad idea. If they don't you should work for them as a consultant and not as an employee - companies with bad IT policies make great clients for consultants, because they spend far more on IT than companies that listen to their IT staff.
Yes. the balance is security >= convenience. If your security fails and you embarrass/endanger your customers or expose your secrets to your competition you go out of business, so the convenience has no intrinsic value. Being inconvenienced is different than not being able to get things done, and good security is rarely much of an inconvenience, because overly complex systems tend to have flaws that are missed due to their complexity. In many cases simple=best.
wow, an anonymous poster with a point. Seriously though, A server is a sum of its components. If you buy the cheapest components they will fail regardless of brand.
Can I add proper detection of image dpi to you list? Gimp seems to think every jpeg is 72dpi which is kind of a non-starter when using it for anything but web images.
Yes, there are bad programmers. Yes, some bad programmers use php. That said, some of us want to get things done in hours on a deadline and budget and not wait years for a project that has been changed so many times it will never work, which often happens with large programming projects written in C. I've also seen crappy code with oracle and good code used with mysql, but I don't go around telling people that all oracle db programmers terrible and should go back to programming VB, because that is painting with some seriously broad brushes.
ummm.... which ones don't? Even godaddy supports sftp and scp now. As for windows, who cares if it comes with it or not? You can get filezilla, putty, or a number of other free alternatives. Heck, you can even install some of them using software deployment group policies.
nonsense. Tell them they can use sftp or scp and if they complain tell them you will restore the ftp access when they finish removing the locks from the building because "they aren't necessary".
That's nothing, I spoke with a colleague and they have an intern from a large state college with a computer engineering school that is considered pretty decent. The intern didn't even know what FTP was, and it wasn't because they knew about more secure protocols like sftp. I was shocked to say the least. What are they teaching in school these days? I'm really at a loss...
Yes. Getting rid of benefits with no replacement is gutting. Now if they wanted to raise everyone's pay by the amount it would cost for them to each individually replace this benefit then fine, but they are essentially decreasing the salary of the workers.
Yep, I've seen more HPs fail from this than Dells personally, but Dell support for known hardware issues sucks - same deal with the bad nvidia chips. I had to threaten to remove Dell from my list of approved suppliers to get them to exchange a bad laptop motherboard that they had already admitted was bad. Eventually I got to talk to someone high enough up the chain to get the issue resolved, but it never should have gone that far. That said, I can't tell you how many times HP equipment has failed less than a month out of warranty (particularly consumer hardware).
Slashdot Mirror
your dns just hasn't been refreshed either by you or your provider - the issue is actually with the whois record being updated so the authoritative nameservers are set to ns1.yumurtakabugu.com and ns2.yumurtakabugu.com. As a result this can take a while to finish propagating and can take a while to fix!
That is really cool.... it won't go terribly wrong, right?
You are a moron if you think this is a cryptography problem. The cryptography works fine. The chain of trust is the problem. If you were to drive over to google with a thumb drive, get their certificate, install it and use just that for your encrypted connection to google.com you are fine. The problem is you are trusting some unknown third party for google's keys. If you think that is a good plan for security I have a plankpad errrr..... ipad I can sell you tonight in a parking lot.
How about we all just provide the public key via a nameserver record and cut the CA out of the mix altogether. Use secure DNS and you are good to go.
you are mixing up platter storage with solid state... I won't even get into the other issues with that statement.
http://www.slideshare.net/bsideslondon/breaking-out-of-restricted-rdp
once you have access to the command line you can then use it to transfer exploitable code to the windows temporary folder. This puts an attack vector in place. Disconnect, then reconnect with the command to execute your payload - this command is executed before policies are enforced. tah-dah.
Would you rather have 1000 bots attacking a server or 900? Obviously in a perfect world we would cut it down to 0, but eliminating scripted attacks on poorly secured servers is better than doing nothing.
Yes, we people have VPNs, but you know all those small business whose IT staff is "the guy who knows some stuff about computers" and gets stuck "managing the server"? Well, those business don't have VPNs, are rarely patched and are the cause for those shenanigans. For companies who are unwilling to pay for the time it takes to properly clean up the mess they have and install proper protections a port change and administrator username change is the "better than nothing" approach. While yes, it is "security through obscurity" the reality of the world is that we don't live in a paradise where every small business is willing to listen to their IT consultants or willing to shell out the money to do things properly. For those cheap companies we do this at minimum to help protect the rest of the world from their ignorance.
actually once you have rdp access privilege escalation is pretty trivial as you can access the command line regardless of local and group policies by exploiting a flaw in how command line switches are handled.
Well on earth you can tell with C-14 as beta decay eventually converts it into nitrogen-14.
I've found you don't want to work for companies that don't listen to their IT departments as that is bad for job security. A smart boss will listen to a reasoned explanation as to why something is a bad idea. If they don't you should work for them as a consultant and not as an employee - companies with bad IT policies make great clients for consultants, because they spend far more on IT than companies that listen to their IT staff.
Yes. the balance is security >= convenience. If your security fails and you embarrass/endanger your customers or expose your secrets to your competition you go out of business, so the convenience has no intrinsic value. Being inconvenienced is different than not being able to get things done, and good security is rarely much of an inconvenience, because overly complex systems tend to have flaws that are missed due to their complexity. In many cases simple=best.
Given that divide between science and match, would you categorize as Chemistry as Math or Science?
Someone want to let their sysadmin know about that? Or perhaps that sysadmin's boss?
wow, an anonymous poster with a point. Seriously though, A server is a sum of its components. If you buy the cheapest components they will fail regardless of brand.
Can I add proper detection of image dpi to you list? Gimp seems to think every jpeg is 72dpi which is kind of a non-starter when using it for anything but web images.
Yes, there are bad programmers. Yes, some bad programmers use php. That said, some of us want to get things done in hours on a deadline and budget and not wait years for a project that has been changed so many times it will never work, which often happens with large programming projects written in C. I've also seen crappy code with oracle and good code used with mysql, but I don't go around telling people that all oracle db programmers terrible and should go back to programming VB, because that is painting with some seriously broad brushes.
ummm.... which ones don't? Even godaddy supports sftp and scp now. As for windows, who cares if it comes with it or not? You can get filezilla, putty, or a number of other free alternatives. Heck, you can even install some of them using software deployment group policies.
nonsense. Tell them they can use sftp or scp and if they complain tell them you will restore the ftp access when they finish removing the locks from the building because "they aren't necessary".
That's nothing, I spoke with a colleague and they have an intern from a large state college with a computer engineering school that is considered pretty decent. The intern didn't even know what FTP was, and it wasn't because they knew about more secure protocols like sftp. I was shocked to say the least. What are they teaching in school these days? I'm really at a loss...
Yes. Getting rid of benefits with no replacement is gutting. Now if they wanted to raise everyone's pay by the amount it would cost for them to each individually replace this benefit then fine, but they are essentially decreasing the salary of the workers.
Yep, I've seen more HPs fail from this than Dells personally, but Dell support for known hardware issues sucks - same deal with the bad nvidia chips. I had to threaten to remove Dell from my list of approved suppliers to get them to exchange a bad laptop motherboard that they had already admitted was bad. Eventually I got to talk to someone high enough up the chain to get the issue resolved, but it never should have gone that far. That said, I can't tell you how many times HP equipment has failed less than a month out of warranty (particularly consumer hardware).
Dell servers lack HP's quality
Apparently you are wrong about a lot of things. I've used plenty of dell servers and they are well designed and incredibly reliable.
That ought to help with QC...