|
Tab8715 posted:Can't some kind of network security appliance or deep packet inspection stop shell shock? You can drop the traffic at the IPS level by setting whatever identifying rule you have (VRT or ET here) to generate alerts and drop traffic from the sensor the traffic comes across. Internet/DMZ/Internal/etc. It's still signature based though so only as good as the matched conditions in the rule.
|
#
?
Sep 26, 2014 19:55
|
|
|
|
| # ? Apr 26, 2024 00:19 |
|
|
psydude posted:Who else's leadership is freaking out about ShellShock today right before the weekend? So far we don't have any known-vulnerable public facing services/devices (  ) so not really! Still working on patching though. Defense in depth and whatnot.Also gives me a window to update some other poo poo I've been meaning to get to.
|
|
#
?
Sep 26, 2014 19:57
|
|
|
psydude posted:Who else's leadership is freaking out about ShellShock today right before the weekend? I'm in the clear until someone looks at Yahoo news.
|
|
#
?
Sep 26, 2014 20:07
|
|
|
We knew about it quite literally as it was being released to the public, so we were proactive as poo poo; however it's slowly starting to trickle up to higher levels of management, all of whom are increasingly worried. Detecting and blocking it right now depends on signatures. But the real problem will be everything that's not behind an IDS.
|
|
#
?
Sep 26, 2014 20:11
|
|
|
Does anyone use SalaryFairy? I feel like the salary estimates are a bit inflated
|
|
#
?
Sep 26, 2014 20:16
|
|
|
ZetsurinPower posted:Does anyone use SalaryFairy? I feel like the salary estimates are a bit inflated I tried using it, but apparently I have to guess correctly 100 times in a row to see my own estimate, which seems dumb since if I knew what a title was worth I wouldn't be on the site to begin with. Plus you can apparently go into negative points?!
|
|
#
?
Sep 26, 2014 20:18
|
|
|
Inspector_666 posted:I tried using it, but apparently I have to guess correctly 100 times in a row to see my own estimate, which seems dumb since if I knew what a title was worth I wouldn't be on the site to begin with. I think the closer you are to the group average the more points you receive. I probably rated about 10-15 people before I got mine put in the queue to get rated. Then I got an email about 15 minutes later with people confirming to me that I'm underpaid 
|
|
#
?
Sep 26, 2014 20:25
|
|
|
psydude posted:We knew about it quite literally as it was being released to the public, so we were proactive as poo poo; however it's slowly starting to trickle up to higher levels of management, all of whom are increasingly worried. It's patched. Grab the new packages.
|
|
#
?
Sep 26, 2014 20:25
|
|
|
Inspector_666 posted:I tried using it, but apparently I have to guess correctly 100 times in a row to see my own estimate, which seems dumb since if I knew what a title was worth I wouldn't be on the site to begin with. You get a varying number of points based on how close you are to the current estimate. It took me about 15-20 appraisals before I hit 100 and my appraisal results usually varied wildly from the established estimate. My beef with SalaryFairy is that it's stupidly inaccurate and doesn't factor in your location. Case in point, it told me I should be making $96k which is ridiculous for my area and level of experience. I'm two years out of college, have a CCNA, and live in Missouri. If I walked into every interview asking for $96k, I'd be perpetually seeking employment. When I was trying to build up to 100 points, I lost 30 on one single appraisal. This person is currently a freshman in college, had 1-2 intern positions and one developer gig, then out of nowhere became a "CEO" or something. SalaryFairy pegged him at $100k+.  So... ZetsurinPower posted:Does anyone use SalaryFairy? I feel like the salary estimates are a bit inflated
|
|
#
?
Sep 26, 2014 21:15
|
|
|
penga86 posted:I think the closer you are to the group average the more points you receive. I probably rated about 10-15 people before I got mine put in the queue to get rated. Then I got an email about 15 minutes later with people confirming to me that I'm underpaid Yeah same with me, it estimated my salary at about $15k more than I make, which is funny because I think I'm already overpaid. Which further drives the point home that job titles in IT are meaningless when presented without context.
|
|
#
?
Sep 26, 2014 21:17
|
|
|
SalaryFairy: You get a 100k salary, and you get a 100k salary! Everyone gets a 100k salary!
|
|
#
?
Sep 26, 2014 21:41
|
|
|
internet jerk posted:Zorak (sweet Space Ghost ref btw), when do you find out if you're moving over? I think SA needs more sec dudes posting about sec things. I'm at the state of asking for cover letter advice. Figure I finish the application before Monday, might be a couple weeks for a callback, a week or two to schedule the interview, several weeks for them to make a hiring decision, so probably a couple months.
|
|
#
?
Sep 26, 2014 21:46
|
|
|
Sepist posted:SalaryFairy: You get a 100k salary, and you get a 100k salary! Everyone gets a 100k salary! Maybe this is an experiment. "Can we counteract even slightly the decades of wage-suppressing efforts by businesses?" If more people, especially people of our industry who tend to underestimate our own skill - and therefore our own worth - think that they should be making significantly more money, expectations as a whole should go up. Intentional or not, I can't help but cheer sites like SalaryFairy on if they make even a tiny difference.
|
|
#
?
Sep 26, 2014 21:48
|
|
|
.
Methanar fucked around with this message at 06:21 on Aug 6, 2016 |
|
#
?
Sep 26, 2014 23:55
|
|
|
Methanar posted:If everybody is rich, nobody is.
|
|
#
?
Sep 27, 2014 00:00
|
|
|
ZetsurinPower posted:Does anyone use SalaryFairy? I feel like the salary estimates are a bit inflated It told me I was underpaid for my previous job. (I was.) I'm now making more than what it thinks I should be, no complaints there.
|
|
#
?
Sep 27, 2014 00:52
|
|
|
.
Methanar fucked around with this message at 05:17 on Aug 6, 2016 |
|
#
?
Sep 27, 2014 01:08
|
|
|
Methanar posted:If everybody is rich, nobody is. If everybody lives in houses, nobody does not live in houses. If everybody can afford food, nobody can not afford food. Yeah you have a point.
|
|
#
?
Sep 27, 2014 01:09
|
|
|
Methanar posted:Serious question, why not? If everyone has an exorbitantly high income doesn't that devalue the currency? Rich isn't having more than others, it's having an abundance or more sufficient amount. It's not impossible for everyone to have a decent apartment, car and decent meal everyday.
|
|
#
?
Sep 27, 2014 01:20
|
|
|
.
Methanar fucked around with this message at 05:17 on Aug 6, 2016 |
|
#
?
Sep 27, 2014 01:46
|
|
|
Ya'll are starting to sound like socialists 
|
|
#
?
Sep 27, 2014 01:57
|
|
|
Inspector_666 posted:I tried using it, but apparently I have to guess correctly 100 times in a row to see my own estimate, which seems dumb since if I knew what a title was worth I wouldn't be on the site to begin with. People use the site to see their own salary. If you don't want to spend 20 minutes rating other people, you should try to guess what other people have guessed as those are worth more. The site's accuracy is skewed thanks to game theory. Here's 100 points in 2 minutes: Helpdesk 55k Non-senior sysadmin/network engineer 70k Senior sysadmin/network engineer 85k Of course, everyone else is doing this too, so you can save yourself the trouble of signing up and just apply the above numbers to your own position. Edit: Apparently a CCNA is worth almost six figures these days. Thanks Salary Fairy! Contingency fucked around with this message at 02:30 on Sep 27, 2014 |
|
#
?
Sep 27, 2014 02:26
|
|
|
Fiendish Dr. Wu posted:Ya'll are starting to sound like socialists I was arguing about the theoretical benefits of socialism and communism with my dad when I was fifteen and he was so incensed about it he was threatening to throw me out of the house and find out how well it worked in practice (this was 27 years ago, and he was a Vietnam veteran, so just the word Communism was enough to send him over the edge). I wasn't smart enough to tell him the police and Children's Services would go all socialism on his rear end if he did it. I miss arguing with my dad.
|
|
#
?
Sep 27, 2014 12:36
|
|
|
Contingency posted:Edit: Apparently a CCNA is worth almost six figures these days. Thanks Salary Fairy! Couple years of experience + CCNA + secret clearance in DC will net you around 100k, so I believe it. Despite the doomsayers, it seems like infrastructure jobs, along with their salaries, are continuing to explode in all of the major tech hubs. psydude fucked around with this message at 02:55 on Sep 29, 2014 |
|
#
?
Sep 29, 2014 02:53
|
|
|
Oh drat, it's time for job appraisal season. Now I have to figure how to quantify my Agile skillset and "Connectedness" to justify a bonus!
|
|
#
?
Sep 29, 2014 15:56
|
|
|
Tailored Sauce posted:Oh drat, it's time for job appraisal season. Now I have to figure how to quantify my Agile skillset and "Connectedness" to justify a bonus! Reference SalaryFairy
|
|
#
?
Sep 29, 2014 16:18
|
|
|
Not sure if this is the place but I'm trying to get a serial connection between my laptop T440s and a Power 8 Server. Do I have to use one of those USB to Serial dongles or is there a way I can just use an Ethernet my Ethernet cable and port? Google isn't giving me a definitive answer.
|
|
#
?
Sep 29, 2014 16:19
|
|
|
Salaryfairy says I should be making 32k less than I do now. Shenanigans.
|
|
#
?
Sep 29, 2014 16:40
|
|
|
joe944 posted:Salaryfairy says I should be making 32k less than I do now. Shenanigans. In your case, don't reference SalaryFairy.
|
|
#
?
Sep 29, 2014 17:18
|
|
|
I think I have rebooted a server 8 times today already while configuring ADFS related services. I really don't like dealing with windows. I think windows admins that say they actually enjoy it and thing it is good must be suffering from Stockholm syndrome. It feels like I am in some fantasy world where normal internet standards get their own Microsoft names (and there are also magical wizards to help you configure things)
|
|
#
?
Sep 29, 2014 17:27
|
|
|
JHVH-1 posted:I think I have rebooted a server 8 times today already while configuring ADFS related services. I really don't like dealing with windows. I think windows admins that say they actually enjoy it and thing it is good must be suffering from Stockholm syndrome. It feels like I am in some fantasy world where normal internet standards get their own Microsoft names (and there are also magical wizards to help you configure things) I love being a Windows sysadmin and if you had to reboot a server 8 times while setting up AD FS, you're doing something wrong, it's not the OS. vvvv It totally is, I don't use it, but 8 reboots to set up is just wrong. CLAM DOWN fucked around with this message at 17:36 on Sep 29, 2014 |
|
#
?
Sep 29, 2014 17:31
|
|
|
I've heard ADFS is a royal pain and many of our clients (20-30 users) just said gently caress it and deal with having several credentials for services.
|
|
#
?
Sep 29, 2014 17:35
|
|
|
I love when people that don't like Windows call it a bad operating system, just because they don't understand it. The only truly bad OS is Solaris, and that's only because nobody understands it.
|
|
#
?
Sep 29, 2014 17:38
|
|
|
CLAM DOWN posted:I love being a Windows sysadmin and if you had to reboot a server 8 times while setting up AD FS, you're doing something wrong, it's not the OS. I'm reworking a test server which has AD and everything else needed on the same machine because we frankly don't really use Windows. This is just for testing product features with SSO integration for development and customer experience. So I wanted to change a few things, so uninstall services and it starts rebooting each time. Then I change the hostname and it needs to reboot again, then I install the services again and it reboots again each time. When you are used to just editing a few config files and running a service restart command to get things done this stuff is a pain in the rear end.
|
|
#
?
Sep 29, 2014 17:42
|
|
|
Well if you're wanting help and not just wanting to complain about Windows, we have a really useful enterprise Windows thread here: http://forums.somethingawful.com/showthread.php?threadid=3327309 It's full of us Stockholm Syndrome patients and we're happy to help!
|
|
#
?
Sep 29, 2014 18:15
|
|
|
I spun up baby's first barebones CentOS 7 instance this weekend after learning system administration on Windows 2008R2/2012R2 (only hobbyist experience with Ubuntu 12.x LTS before that) and love it. I must have spent 8 hours on it so far doing hobby server stuff over the weekend. Systemd, you're cool. Firewalld, you're way cool. SELinux, you are hosed  Every time I got confused or blocked from doing something, the answer seemed to have been "well, we didn't develop the package with SELinux on, so you probably shouldn't run it with it enabled."
|
|
#
?
Sep 29, 2014 19:02
|
|
|
Just disable SElinux. It's such a pain to get things running with it enabled.
|
|
#
?
Sep 29, 2014 19:06
|
|
|
Roargasm posted:I spun up baby's first barebones CentOS 7 instance this weekend after learning system administration on Windows 2008R2/2012R2 (only hobbyist experience with Ubuntu 12.x LTS before that) and love it. I must have spent 8 hours on it so far doing hobby server stuff over the weekend. Systemd, you're cool. Firewalld, you're way cool. SELinux, you are hosed Stop running janky software from lovely devs. Srs. I'd be surprised if there was a single official Red Hat (and CentOS correspondingly) package was wasn't developed with SELinux on. Yes, it's painful for us, but it removes the pain for you to have us do it, and it's a bit deal internally. audit2allow is your friend, as long as you don't start randomly enabling file_t stuff HatfulOfHollow posted:Just disable SElinux. It's such a pain to get things running with it enabled. Security is hard. Let's go shopping!
|
|
#
?
Sep 29, 2014 21:38
|
|
|
rget it. No worth argument.
jaegerx fucked around with this message at 23:50 on Sep 29, 2014 |
|
#
?
Sep 29, 2014 22:16
|
|
|
|
| # ? Apr 26, 2024 00:19 |
|
|
jaegerx posted:Prepared for a poo poo storm of Xen in a few days. I'm under NDA but if you have a vendor that you can contact, I suggest you do so. What does this even mean?
|
|
#
?
Sep 29, 2014 22:23
|
|
