Hacking in the morning over coffee is great; he's kinda right. I'm positive that there is plenty of anonymous in Russia. Did Trump hurt your feelings too? Well no validation for you, sorry. I did not vote for him. I'm an anarchist.
Slashdot can help the internet by not having 3+ minutes of ads before giving us content on a video stream; sickening, so sickening I turned it off & never got what I came for, BYE!
Nuclear is bad; I'll be happy to continue to be part of the movement for many years to come. I realize what you are writing is true but the problem, to me, is that we do not have efficient reactors to burn the fuel. I'm not happy with fuel laying around the country like it is. This madness; we do not have much in the way of nuclear waste repositories to deal with the refuse. I found it funny how you wrote how comments like mine "pollute the debate." Kind of ironic.
NRC, I live 40 miles away from a pile of unsecured spent uranium sitting next to Lake Michigan. I and my neighbors are not happy that your agency is allowing this spent fuel to sit there until 2080 next to the Point Beach nuclear reactor. How many accidents is it going to take for us to wake up? Your policies & lack of proper oversight at Brookhaven National Laboratory in New Jersey & the Indian Point plant in New York are deplorable. This nation cannot afford any more nuclear pollution. There is no reason to put our USN personel at risk either. I trust that the USN can do good maintenance but even that causes problems. Someone I know really well was responsible for pulling a reactor head & the technicians made a mistake by not fully draining the CORE WATER. It ended up flooding the damned lot and destroyed crane mats, rig tires, equipment tires, and many tons of aggregate right next to the lake. Not cool & he got a good dose of radiation too. STOP this!
I have wrote it before and I will write it again; Nothing Snowden released was a mystery to most IT people. All he did was wake up a bunch of sheep that will continue to slumber. I do not agree with a lot of things my country does but when you put yourself into a position like Snowden did in a country that has nukes aimed at us IT PISSES ME OFF!!! You can praise Snowden all you want but personally I would shoot him in the face.
Show them the Cisco Packet Tracer and explain how the internet really works fundamentally. If you need more show them Wireshark. That should fill up 40 minutes nicely and could be made hands-on easily in a moderately equipped computer lab.
(I forget who wrote this but I am posting it knowing that this advice will certainly help you!)
The EVIL Lecture
It's really, really, really hard. It requires a very complete audit. If you're very sure the old person left something behind that'll go boom, or require their re-hire because they're the only one who can put a fire out, then it's time to assume you've been rooted by a hostile party. Treat it like a group of hackers came in and stole stuff, and you have to clean up after their mess. Because that's what it is.
Audit every account on every system to ensure it is associated with a specific entity. Accounts that seem associated to systems but no one can account for are to be mistrusted. Accounts that aren't associated with anything need to be purged (this needs to be done anyway, but it is especially important in this case) Change any and all passwords they might conceivably have come into contact with. This can be a real problem for utility accounts as those passwords tend to get hard-coded into things. If they were a helpdesk type responding to end-user calls, assume they have the password of anyone they worked with. If they had Enterprise Admin or Domain Admin to Active Directory, assume they grabbed a copy of the password hashes before they left. If they had root access to any *nix boxes assume they walked off with the password hashes. Also reset any public-key SSH keys that may be in use for root-login SSH (don't do that at all, but if you have it, clear 'em). If they had access to any telecom gear, change any router/switch/gateway/PBX passwords. This can be a really royal pain. Fully audit your perimeter security arrangements. Ensure all firewall holes trace to known authorized devices and ports Ensure all remote access methods (VPN, SSH, BlackBerry, ActiveSync, Citrix, SMTP, IMAP, WebMail, whatever) have no extra authentication tacked on, and fully vet them for unauthorized access methods. Ensure remote WAN links trace to fully employed people, and verify it. Especially wireless connections. You don't want them walking off with a company paid cell-modem or smart-phone. Contact all such users to ensure they have the right device. Fully audit internal privileged-access arrangements. These are things like SSH/VNC/RDP access to servers that general users don't have, or any access to sensitive systems like payroll. Start hunting for logic bombs. Check all automation (task schedulers, cron jobs, or anything that runs on a schedule) for signs of evil. By "All" I mean all. Check every single crontab. Check every single Windows Task Scheduler. Even workstations. Validate key system binaries on every server to ensure they are what they should be. This is tricky. Start hunting for rootkits. By definition they're hard to find, but there are scanners for this. Not easy in the least. Justifying the expense of all of that can be really hard without definite proof that the now-ex admin was in fact evil. The entirety of the above may not even be doable with company assets, which will require hiring security consultants to do some of this work.
If actual evil is detected, especially if the evil is in some kind of software, trained security professionals are the best to determine the breadth of the problem. This is also the point when a criminal case can start being built, and you really want people who are trained in handling evidence to be doing this analysis.
But, really, how far do you have to go? For routine admin departures where expectation of evil is very slight, the full circus is probably not required; changing admin-level passwords and re-keying any external-facing SSH hosts is probably sufficient. Again, corporate security posture determines this.
For admins who were terminated for cause, or evil cropped up after their otherwise normal departure, the circus becomes more needed. The worst-case scenario is a paranoid BOFH-type who has been notified that their position will be mad
I was able to check out 8 a year and a half ago in a class at my local college. Not much has changed since that initial offering. I was disappointed by the Metro overlay on non-haptic monitors. The new OS basically has Metro stapled over the top of 7 and it is not an ideal productivity rig; especially without haptic support. I've seen estimates thrown around lately that suggest less than 2% of the bare metal 8 is installed on is capable of haptic interfacing. Big mistake M$.
I lived in Washington state during the Mt. St. Helens eruption. We had to put nylons over our air cleaners to try to keep the ash out of the engine. Alot of engines were destroyed by volcanic ash very quickly during the eruption. The glass comment is very funny and not probable in many areas of the engine due to turbulent airflow. The biggie here is the extremely abrasive nature of volcanic ash. If you fly a jet through vlocanic ash it will most likely destroy the engines. While the plane may not be taken down, enough exposure could possibly cause a crash.
5 years ago I and some friends of mine were "playing" and we seen the F.B.i.. I'm not trying to be nonsensical but this is LOL in teen-age terms. Really, feds, you NEED juice.
daed
Should I laugh now, or later. Hehe I made my login on Slashdot just to say that; After I have been watching it for years. DARPA, DARPA, offend thy maker.
Slashdot Mirror
Why didn't she just set up a server in her closet and let the Geek Squad take care of it like she did before?
Hacking in the morning over coffee is great; he's kinda right. I'm positive that there is plenty of anonymous in Russia. Did Trump hurt your feelings too? Well no validation for you, sorry. I did not vote for him. I'm an anarchist.
Holsters just hold it and no amount of gurgling, licking or sucking was intended in Colbert's joke. Trump leaves that for cleanup time.
On the moon we're going to build a YMCA!!!!!!! He he he; exclaimed the hardhat guy.
Slashdot can help the internet by not having 3+ minutes of ads before giving us content on a video stream; sickening, so sickening I turned it off & never got what I came for, BYE!
Fine with me as long as we can ship our nuclear waste to DC & let it pile up there instead of our neighborhoods.
Nuclear is bad; I'll be happy to continue to be part of the movement for many years to come. I realize what you are writing is true but the problem, to me, is that we do not have efficient reactors to burn the fuel. I'm not happy with fuel laying around the country like it is. This madness; we do not have much in the way of nuclear waste repositories to deal with the refuse. I found it funny how you wrote how comments like mine "pollute the debate." Kind of ironic.
Great, we are on the verge of finding out where all the Wild Things are! Right?
Weird, Hey! I was just getting comfortable!
NRC, I live 40 miles away from a pile of unsecured spent uranium sitting next to Lake Michigan. I and my neighbors are not happy that your agency is allowing this spent fuel to sit there until 2080 next to the Point Beach nuclear reactor. How many accidents is it going to take for us to wake up? Your policies & lack of proper oversight at Brookhaven National Laboratory in New Jersey & the Indian Point plant in New York are deplorable. This nation cannot afford any more nuclear pollution. There is no reason to put our USN personel at risk either. I trust that the USN can do good maintenance but even that causes problems. Someone I know really well was responsible for pulling a reactor head & the technicians made a mistake by not fully draining the CORE WATER. It ended up flooding the damned lot and destroyed crane mats, rig tires, equipment tires, and many tons of aggregate right next to the lake. Not cool & he got a good dose of radiation too. STOP this!
I have wrote it before and I will write it again; Nothing Snowden released was a mystery to most IT people. All he did was wake up a bunch of sheep that will continue to slumber. I do not agree with a lot of things my country does but when you put yourself into a position like Snowden did in a country that has nukes aimed at us IT PISSES ME OFF!!! You can praise Snowden all you want but personally I would shoot him in the face.
Show them the Cisco Packet Tracer and explain how the internet really works fundamentally. If you need more show them Wireshark. That should fill up 40 minutes nicely and could be made hands-on easily in a moderately equipped computer lab.
The very best advice I have ever found:
(I forget who wrote this but I am posting it knowing that this advice will certainly help you!)
The EVIL Lecture
It's really, really, really hard. It requires a very complete audit. If you're very sure the old person left something behind that'll go boom, or require their re-hire because they're the only one who can put a fire out, then it's time to assume you've been rooted by a hostile party. Treat it like a group of hackers came in and stole stuff, and you have to clean up after their mess. Because that's what it is.
Audit every account on every system to ensure it is associated with a specific entity.
Accounts that seem associated to systems but no one can account for are to be mistrusted.
Accounts that aren't associated with anything need to be purged (this needs to be done anyway, but it is especially important in this case)
Change any and all passwords they might conceivably have come into contact with.
This can be a real problem for utility accounts as those passwords tend to get hard-coded into things.
If they were a helpdesk type responding to end-user calls, assume they have the password of anyone they worked with.
If they had Enterprise Admin or Domain Admin to Active Directory, assume they grabbed a copy of the password hashes before they left.
If they had root access to any *nix boxes assume they walked off with the password hashes. Also reset any public-key SSH keys that may be in use for root-login SSH (don't do that at all, but if you have it, clear 'em).
If they had access to any telecom gear, change any router/switch/gateway/PBX passwords. This can be a really royal pain.
Fully audit your perimeter security arrangements.
Ensure all firewall holes trace to known authorized devices and ports
Ensure all remote access methods (VPN, SSH, BlackBerry, ActiveSync, Citrix, SMTP, IMAP, WebMail, whatever) have no extra authentication tacked on, and fully vet them for unauthorized access methods.
Ensure remote WAN links trace to fully employed people, and verify it. Especially wireless connections. You don't want them walking off with a company paid cell-modem or smart-phone. Contact all such users to ensure they have the right device.
Fully audit internal privileged-access arrangements. These are things like SSH/VNC/RDP access to servers that general users don't have, or any access to sensitive systems like payroll.
Start hunting for logic bombs.
Check all automation (task schedulers, cron jobs, or anything that runs on a schedule) for signs of evil. By "All" I mean all. Check every single crontab. Check every single Windows Task Scheduler. Even workstations.
Validate key system binaries on every server to ensure they are what they should be. This is tricky.
Start hunting for rootkits. By definition they're hard to find, but there are scanners for this.
Not easy in the least. Justifying the expense of all of that can be really hard without definite proof that the now-ex admin was in fact evil. The entirety of the above may not even be doable with company assets, which will require hiring security consultants to do some of this work.
If actual evil is detected, especially if the evil is in some kind of software, trained security professionals are the best to determine the breadth of the problem. This is also the point when a criminal case can start being built, and you really want people who are trained in handling evidence to be doing this analysis.
But, really, how far do you have to go? For routine admin departures where expectation of evil is very slight, the full circus is probably not required; changing admin-level passwords and re-keying any external-facing SSH hosts is probably sufficient. Again, corporate security posture determines this.
For admins who were terminated for cause, or evil cropped up after their otherwise normal departure, the circus becomes more needed. The worst-case scenario is a paranoid BOFH-type who has been notified that their position will be mad
http://www.youtube.com/watch?v=hberRWM13Tw
Tell me something I don't know and try to avoid getting your balls smashed by King Hyperion. ;)
I was able to check out 8 a year and a half ago in a class at my local college. Not much has changed since that initial offering. I was disappointed by the Metro overlay on non-haptic monitors. The new OS basically has Metro stapled over the top of 7 and it is not an ideal productivity rig; especially without haptic support. I've seen estimates thrown around lately that suggest less than 2% of the bare metal 8 is installed on is capable of haptic interfacing. Big mistake M$.
I lived in Washington state during the Mt. St. Helens eruption. We had to put nylons over our air cleaners to try to keep the ash out of the engine. Alot of engines were destroyed by volcanic ash very quickly during the eruption. The glass comment is very funny and not probable in many areas of the engine due to turbulent airflow. The biggie here is the extremely abrasive nature of volcanic ash. If you fly a jet through vlocanic ash it will most likely destroy the engines. While the plane may not be taken down, enough exposure could possibly cause a crash.
If you cannot see the abject honesty here you are not a hacker. daed
Energy Parity. It stands true now.
Just leave the Anarchist Arguement Club alone. Now you've asked for it!!!
5 years ago I and some friends of mine were "playing" and we seen the F.B.i.. I'm not trying to be nonsensical but this is LOL in teen-age terms. Really, feds, you NEED juice. daed
Should I laugh now, or later. Hehe I made my login on Slashdot just to say that; After I have been watching it for years. DARPA, DARPA, offend thy maker.