 |
Post AX8yG8rhFSVdQfYAca by [email protected] |
 |
More posts by [email protected] |
|
Post #AX6x4jWUdllnNPhznM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter it's just a phone, right. Right?? š¼ |
|
|
|
Post #AX6y9T25TkAvdPJ8ts by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter |
|
|
|
Post #AX71nv1r6mJPuRBCmO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter yeah, you can do a hell of a lot of damage with a spreadsheet. … |
|
|
|
Post #AX77O5zUKUME6Q8sOu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter just for a laugh, I'll bet a coffee and lamington you know … |
|
|
|
Post #AX77QJwPQvtLwplMlE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter yes, but everyone hates me for it. |
|
|
|
Post #AX786yUX3gCnsK3x1k by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter OFC I do have my stuff documented. |
|
|
|
Post #AX78HT0aS445Py3jEW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter ... What firewall?š |
|
|
|
Post #AX796UERf7Y7ytrxT6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter yes and it's a huge workload to manage |
|
|
|
Post #AX7BwkyMrjVertOwEa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Sure! ALLOW ANY/ANY is a rule, right? |
|
|
|
Post #AX7DeESbCu3EjEpuhE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter I have to say, this is one area where cloud deployments can eas… |
|
|
|
Post #AX7GIipDvjccOZqynY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriterFiltering outbound is 'too hard'. |
|
|
|
Post #AX7MRga0FQ2NlKOLLs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter I love these little zero-trust tidbits! Newb question: do loca… |
|
|
|
Post #AX7OCZdHzgzZmUqnFQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter the public IP thing bothers me less, but thatās because Iāv… |
|
|
|
Post #AX7YPfFjPR02W9iE4W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter I googled after I typed that, and seems it hasnāt been create… |
|
|
|
Post #AX7YU80kQcbQrtpffs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriterWhy bother restricting it when your admins use DCs as jump boxes? |
|
|
|
Post #AX7ZAxslxiN7uIWnzM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter to go to StackOverflow and read up on how to lock down AD? |
|
|
|
Post #AX7jBc1RipS7wMX4s4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter how else would Azure manage them? š |
|
|
|
Post #AX7kHGEZk7xM3avmbo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter The DCs almost always will need to at least be able to perform … |
|
|
|
Post #AX7lNM29C2eZjfaTOi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Fair. And given how low the bandwidth via DNS exfil is, it'… |
|
|
|
Post #AX7lieKYMRhIZ0LoLg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter @sassdawe i wish my hackcon norway talk was recorded. i went af… |
|
|
|
Post #AX7xwNVYtzbRtToSKO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter are there other ways? :) |
|
|
|
Post #AX8SwlrxQOwQ1mxIg4 by [email protected] |
|
0 likes, 3 repeats |
|
|
|
@SecurityWriter it was either this or sleep. |
|
|
|
Post #AX8qGIrPHpv2nOyr6u by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Microsoft Teams requires it :-( |
|
|
|
Post #AX8qZchZjzsxppav6u by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter @sassdawe i had chatgpt write me a two stage bash script to suc… |
|
|
|
Post #AX8qZclpUBHw31aJk0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Viss @SecurityWriter I love the idea of running DCs in the Azure where everyon… |
|
|
|
Post #AX8qZcqRD2yUHJjzvM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sassdawe @SecurityWriter i have recently become aware of devopsy types doing d… |
|
|
|
Post #AX8vv207NGNy9PIM9Q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter I have all my ports restricted to whitelisting only... |
|
|
|
Post #AX8vv2t44yL0tp0EnQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@kkarhan @SecurityWriter Hmm. Machines need to be accessible. Whitelisting req… |
|
|
|
Post #AX8yG8rhFSVdQfYAca by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter since when is iptables a "dedicated network d… |
|
|
|
Post #AX8zl0XaLdj0XiQPgW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Authenticated gateway means what to you? A web console that doe… |
|
|
|
Post #AX96EbR6qk5x5xtJwG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter I only have a personal VPS hosting my blog, but this has given … |
|
|
|
Post #AX97ZnwfdW8NvWKMF6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Noted, cheers |
|
|
|
Post #AX97yeZvbCZs7EXSEq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Lol, just run sshd on port 443. No brute force attempts, and cl… |
|
|
|
Post #AX98nmB36gEeS3HLZA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriterAWS's Session Manager is my hammer and everything is a nail. |
|
|
|
Post #AX98uziVAJasTFMsGe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @campuscodi @SecurityWriter you made the correct choice. |
|
|
|
Post #AX991GLaFNOlmodZ3I by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@mikemacleod @SecurityWriter I used to work at a telco, so bottom right cuts de… |
|
|
|
Post #AX99KMeJ2Zt2pkVEcC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@datenritter @SecurityWriter I'd assume some sort of "box" that d… |
|
|
|
Post #AX99KMjGk7rB58pCLo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@kkarhan I thought that's normal. Block everything except required services… |
|
|
|
Post #AX99KMnAVcyZHEeJQe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@datenritter @SecurityWriter yes and no.You should always firewall on WAN!On LA… |
|
|
|
Post #AX9BRr56Ub699XjkAK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Every device can be a firewall if you operate it w… |
|
|
|
Post #AX9EqyPChLQmyEo7Ci by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter š. But yes. |
|
|
|
Post #AX9I4JC51DR14Uie6i by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter bottom left, though I have used an F5 for a lot more than it sh… |
|
|
|
Post #AX9NDu2zrotZkPrgSe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Excavator is undefeated in making a network almost… |
|
|
|
Post #AX9NP8dZxhi0BQKj6u by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter @shootfilmridesteel cooling failureās wondering why no one is… |
|
|
|
Post #AX9OVNDel9xX6FkGcC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter and have certificate based authentication on it? |
|
|
|
Post #AX9PlMNljrv95kf78y by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Teams voice, screen sharing, and video prefers peer to peer tra… |
|
|
|
Post #AX9PrUQOkZoTlwoa00 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Important to start learning early. My toddler'… |
|
|
|
Post #AX9XDgSpMvc9A3Ttaa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@avuko @mikemacleod @SecurityWriter you're really digging into your positio… |
|
|
|
Post #AX9cA9yMDLtfIDMsEa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter @mihailim Weird. I thought MS has been recommending to ditch lo… |
|
|
|
Post #AX9hNAzCFzGFyImpUG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter @mihailim Better question: What security issues are actually pr… |
|
|
|
Post #AujWxksHYQoFoVSEgC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Having lived through "Excavator is a firewall… |
|
|
|
Post #AujWxshwQlI86kg5fk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod Spanning tree being on this is really next level insanity. |
|
|
|
Post #AujWxvC9BQdpp0pF20 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter interesting the Excavator is the only firewall tha… |
|
|
|
Post #AujWxw8HhH96jK1feK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@crh it was either that or ārogue DHCP serverā |
|
|
|
Post #AujWxwDxMBgP0ugCUS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod I think you should add a rodent operating the excavator. Squirrel,… |
|
|
|
Post #AujWyBAxlbCXNyOWPI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Only one can create true security: a working Air G… |
|
|
|
Post #AujWyBHhMYaZirXtuC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@raminf @SecurityWriter what is an excavator if not spontaneous air-gap as a se… |
|
|
|
Post #AujWz7GdmeCnYNUsJE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter yeah, I think we've all had excavators in the … |
|
|
|
Post #AujWzJbHvhqrntFX9s by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@guenther @SecurityWriter Iād never be caught dead deploying a white box PC w… |
|
|
|
Post #AujWze3frsRRFigUBE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter |
|
|
|
Post #AujWzhWqxqZ415MKZs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod someone needs to put this in the Louvre, incredible |
|
|
|
Post #AujX0xhWK3RYSkwx28 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter A boss of mine once used an old PC, put four netwo… |
|
|
|
Post #AujX16x5vWFV9fJ13g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter After having a 24 hour outage due to a fibercut, t… |
|
|
|
Post #AujX172laQmnRFxXto by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@riskymanag3ment @SecurityWriter itās not an outage, itās the spontaneous i… |
|
|
|
Post #AujX1dSP4eJ5y2CTIm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter A strong pair of scissors makes a great layer-1 fi… |
|
|
|
Post #AujX2tkVzB8mmnH2MS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter I have a colleague that calls anything that featur… |
|
|
|
Post #AujX3NFMJa2oGqvZxo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod Where is NAT on this chart? Somewhere near WRT54G? |
|
|
|
Post #AujX3eUsB9YTltJi0O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter |
|
|
|
Post #AujX3yxy4giDFv5E8G by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod thanks, now I need to clean the spat-out coffee off of my screen. … |
|
|
|
Post #AujX4WpIBRyUGrHmKW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@WanderingBeekeeper @mikemacleod @SecurityWriter In the late 80s at a meeting a… |
|
|
|
Post #AujX70BZzriDuHtEoK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter A shark is a firewall |
|
|
|
Post #AujX7hIpgm41dEc8aO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Green Ethernet is a firewall.Oh you turned off tha… |
|
|
|
Post #AujX7qOTt8vhpMKH8i by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter I'm bottom right but slightly different: |
|
|
|
Post #AujX8aXGKpHovumwDI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter anything is a firewall if you use enough fire. |
|
|
|
Post #AujX8q58XAIN9Jkhay by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter @iamtjg |
|
|
|
Post #AujX95KvoiqISeG1nU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter nice, but where is OpenOffice in this chart |
|
|
|
Post #AujX9gBIpU7ojV2MQS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Aww you redefined the axes. Otherwise I was gonna … |
|
|
|
Post #AujXBD2O9kRSvMb5Dk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod Missed opportunity for "NAT is a firewall" |
|
|
|
Post #AujXBVXXMg3MJBJDGq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter Fibre-seeking backhoes *do* make effective firewal… |
|
|
|
Post #AujXCMVERyhWZNdcXI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod well that lives in my work Slack now... |
|
|
|
Post #AujXCXikk33JMV34dc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter I was just telling people of my appreciation for t… |
|
|
|
Post #AujXDg0ZPmthM1vI80 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mikemacleod @SecurityWriter The last image reminds me of the phrase "back… |
|
|
|
Post #Auk6l0xO2uq8HG4ATI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Apropos of nothing, when I first got cable internet in my neigh… |
|
|
|
Post #Auk9uIB9gScY9wccIy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter This was probably 2009ish maybe? I honestly canāt remember. B… |
|
|
|
Post #Auk9zpYl0EIx8TIoDI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter Actually probably earlier than that because Iām fairly sure i… |
|
|
|
Post #AukD8g1U830c1jeK7E by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SecurityWriter A-[modem noises]-men my friend. |
