At my organization we have deployed NAC to block unauthorized devices, Vmware NSX, for micro segmentation, web and email content filters, DLP detection, email encryption and MS ATA. No one has a Domain admin account and Administrators must grant themselves access to systems they need to work on every day and those permissions are reset when they leave for the day. Our goal is to make sure any attacks are so noisy because of the restrictions so they will be detected.
We have 89 users and twenty five servers. The cost to move to managed hosting is 3x our current annual cost. We also still need bandwidth to servers that used to be local as well. It makes no sense at all. On top of that the managed services do not allow any bleeding edge deployments.
The article states the passwords were obtained through an SQL injection attack. They were stored as plaintext in the database. Having a strong password would have done nothing to prevent this problem. Passwords need to be encrypted during transport and when stored.
Even when the supplies are there security needs to be in place to preventing rioting or chaos when the supplies are distributed. A few greedy people with guns can wreck any relief effort. This slows the overall effort at the beginning of course but distribution must be organized to really be effective.
Consider an organization where every desktop has the full version of adobe acrobat and flash player. Both are pushed out with GPO's. Thank god I can push the updates.
It could also be possible one sub had detected the other and was shadowing it. The shadowed sub could have performed and unexpected maneuver and they collided. It's happened before.
I get somewhere between twenty and thirty attempts per day agianst my SSH server alone. The server blocks the IP permanently after 3 bad attempts and they always try repeatedly until blocked. most of the attempts come from cable or dsl address spaces. I use gibberish for usernames and only allow certificate based authentication. They still keep trying however.
How about having 2 voting machines? Machine one allows the user to vote. It stores the votes and prints out a card with the names voted for. You insert the card into a second machine which scans the names printed on the card, adds it to its running total and captures the card for a manual recount. You now have 3 different counts which would need to add up. Make sure each machine is from a different company. The card itself has no identifying information other then the names of the people who were voted for.
Considering the sheer volume of mail they get daily, An automated system is probably the only sane way to handle it. It would be interesting to hear from someone who works in such a department.
Slashdot Mirror
At my organization we have deployed NAC to block unauthorized devices, Vmware NSX, for micro segmentation, web and email content filters, DLP detection, email encryption and MS ATA.
No one has a Domain admin account and Administrators must grant themselves access to systems they need to work on every day and those permissions are reset when they leave for the day.
Our goal is to make sure any attacks are so noisy because of the restrictions so they will be detected.
I used to do this to a bunch of HP printer boards at one time and it worked nicely.
1. Publish your software on a P2P server.
2. Wait for people to download it.
3. Sue
4. PROFIT!
I'm sure the insurance companies will be having quite a fit with this and I would to. Texting and talking at 90 mph is going to get people killed.
Howard Stern's interview of the winner and his wife yesterday was pretty funny.
We have 89 users and twenty five servers. The cost to move to managed hosting is 3x our current annual cost. We also still need bandwidth to servers that used to be local as well. It makes no sense at all. On top of that the managed services do not allow any bleeding edge deployments.
The article states the passwords were obtained through an SQL injection attack. They were stored as plaintext in the database. Having a strong password would have done nothing to prevent this problem. Passwords need to be encrypted during transport and when stored.
Even when the supplies are there security needs to be in place to preventing rioting or chaos when the supplies are distributed. A few greedy people with guns can wreck any relief effort. This slows the overall effort at the beginning of course but distribution must be organized to really be effective.
I wonder if AT&T does fake steves web hosting?
Someone needs to welcome the new solar powered overlords.
Watching a flash presentation might just launch a nuke.
Consider an organization where every desktop has the full version of adobe acrobat and flash player. Both are pushed out with GPO's. Thank god I can push the updates.
Now that I cannot find any "erotic services", I'll have more time to read slashdot.
erotic services?
We figured that one out in about five minutes. Wrote a quick group policy file and moved on to the next problem.
It could also be possible one sub had detected the other and was shadowing it. The shadowed sub could have performed and unexpected maneuver and they collided. It's happened before.
I get somewhere between twenty and thirty attempts per day agianst my SSH server alone. The server blocks the IP permanently after 3 bad attempts and they always try repeatedly until blocked. most of the attempts come from cable or dsl address spaces. I use gibberish for usernames and only allow certificate based authentication. They still keep trying however.
I'd say timothy must find proofreading to be boring.
Maybe he just forgot the "where" clause in his SQL Statement?
If a minor is involved, parents have a right to set limits.
Can he get around them? Most likely.
Does that absolve her of responsibility. No.
Maybe they can just feed out of a bit bucket?
How about having 2 voting machines?
Machine one allows the user to vote. It stores the votes and prints out a card with the names voted for. You insert the card into a second machine which scans the names printed on the card, adds it to its running total and captures the card for a manual recount. You now have 3 different counts which would need to add up. Make sure each machine is from a different company. The card itself has no identifying information other then the names of the people who were voted for.
I use a KVM on my desk. I've not seen any dual monitor KVM stiches.
My bank used to routinely return cancelled checks. I got them back and noticed one was not even signed. Did not stop them from cashing it though.
Considering the sheer volume of mail they get daily, An automated system is probably the only sane way to handle it. It would be interesting to hear from someone who works in such a department.