|
RFC2324 posted:what? https://arstechnica.com/information-technology/2018/03/atlanta-city-government-systems-down-due-to-ransomware-attack/
|
#
?
Mar 22, 2018 22:48
|
|
|
|
| # ? Apr 20, 2024 05:28 |
|
|
https://arstechnica.com/information-technology/2018/03/atlanta-city-government-systems-down-due-to-ransomware-attack/ efb
|
|
#
?
Mar 22, 2018 23:02
|
|
|
Methylethylaldehyde posted:Curling: The only Olympic sport where the silver medalists all look like various dads out drinking. Only? You know there are a number of shotgun and rifle events where dad bodies are on display in their full glory as well. Completely shameful that bowling isn’t an Olympic sport by the way.
|
|
#
?
Mar 22, 2018 23:17
|
|
|
Today at work: "Town hall meeting" (i.e. a video presentation with attached all-hands moderated chat) about a new primary net connection / proxy server / etc which is going to be the Wave of the Future and Make Everything Better For Everyone: Todd Smith has raised a hand Moderator has unmuted Todd Smith (Todd Smith) With the new server, is the company doing any sort of man in the middle SSL monitoring? Moderator has muted Todd Smith (Presenter) We have not started HTTPS / SSL traffic inspection with this change. (Hmm. I noticed the careful way he phrased that without actually answering the question...) You have raised your hand Moderator has unmuted you (sfwarlock) Were we already doing https / ssl monitoring before the change? Moderator has muted you You have been permanently muted You have been removed from presentation audience "Tomorrow's Network Today"
|
|
#
?
Mar 23, 2018 00:58
|
|
|
sfwarlock posted:Today at work: "Town hall meeting" (i.e. a video presentation with attached all-hands moderated chat) about a new primary net connection / proxy server / etc which is going to be the Wave of the Future and Make Everything Better For Everyone: Do not question our authority. Also hello to the packet sniffers at sfwarlock's place of work.
|
|
#
?
Mar 23, 2018 01:08
|
|
|
Surely you'd know if SSL inspection was being done because the root certs would need to be on your machines
|
|
#
?
Mar 23, 2018 01:22
|
|
|
Zil posted:Also hello to the packet sniffers at sfwarlock's place of work. Phone posting, yo. Thanks Ants posted:Surely you'd know if SSL inspection was being done because the root certs would need to be on your machines It's not something I would have thought to look for before. Then again, I don't do personal poo poo on work machines anyways.
|
|
#
?
Mar 23, 2018 01:58
|
|
|
sfwarlock posted:Then again, I don't do personal poo poo on work machines anyways. This is a solid and good rule. And one that has not steered me wrong.
|
|
#
?
Mar 23, 2018 02:18
|
|
|
I don't work in IT but a ticket came in regardless from my sister. She got a new job and she received training documents from her manager to read that turn out to be encrypted and she didn't get the details to decrypt them. So instead of following my careful suggestion of e-mailing her manager back for help on opening those files, she instead sees this as an opportunity to prove that she can come up with a creative solution and find the documents somewhere random on the internet. I'll be pouring one out for the IT personnel that'll be assisting her in the future.
|
|
#
?
Mar 23, 2018 10:40
|
|
|
Thanks Ants posted:Surely you'd know if SSL inspection was being done because the root certs would need to be on your machines I'm uninformed in this regard, but curious. Can I get an explanation for this?
|
|
#
?
Mar 23, 2018 10:43
|
|
|
Crowley posted:I'm uninformed in this regard, but curious. Can I get an explanation for this? If you want to do SSL inspection by MitM, the inspecting device needs to be able to decrypt and re-encrypt the data. Because the inspecting device doesn't generally have access to the private key to the certificate the originating server uses, the inspecting device needs to use a different certificate that looks like, but is not, the original certificate. Usually this certificate won't be signed by a commonly trusted authority (nobody would give you a cert for google.com if you aren't Google), so instead it's signed by a private authority. If the clients being MitM'ed for inspection don't trust this private root authority, the user gets the usual certificate warning about an untrusted chain. So you'd install your private root certificate on the internal clients via group policy. But the user will still be able to inspect the certificate chain on their client and see that it's not the regular root. However if you as a user can set up certificate pinning or similar, while your machine is not being MitM'ed, your client would still warn you that it's the wrong certificate for the service.
|
|
#
?
Mar 23, 2018 11:20
|
|
|
I thought it'd be something like that. Thanks.
|
|
#
?
Mar 23, 2018 12:06
|
|
|
Bob Morales posted:edit: that reminds me of the custom email filter the owner of a place I once worked at had me set up. It had a crazy word list of things that would cause an email to be silenty forwarded to him. Certain product names, companies, words like resume, pay, etc
|
|
#
?
Mar 23, 2018 19:25
|
|
|
Bob Morales posted:edit: that reminds me of the custom email filter the owner of a place I once worked at had me set up. It had a crazy word list of things that would cause an email to be silenty forwarded to him. Certain product names, companies, words like resume, pay, etc This poo poo is beyond insane lol
|
|
#
?
Mar 23, 2018 19:30
|
|
|
DACK FAYDEN posted:Hope nobody under him had the habit of phrasing restarting anything as "resume [X process]". I hope Bob had that habit after setting it up.
|
|
#
?
Mar 23, 2018 19:33
|
|
|
Oh poo poo. Stuff is about to get exciting. Just had a talk with HR. At 3:45 they are firing someone who is 'known to get verbal and or physical'. I can think of a couple people out in the production floor that would fit the description, but they all go home at 3:00, so it has to be someone from the office. So here's the floor layout:  They are going to bring the person into the conference room to sit down and talk. At that point they want me to go out to the front desk (the IT office is right by the front desk), get the lady that sits out there, and bring her into the IT office and close the door. Then I have to make sure the mystery person doesn't 'escape' or something and walks straight out the front door after they fire him. 
|
|
#
?
Mar 23, 2018 20:17
|
|
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. I appreciate the diagram. Please report back
|
|
#
?
Mar 23, 2018 20:20
|
|
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. This is where you call the local police department and politely ask for someone to come visit if they have have someone to spare. Explain the past issues and the fear of this person being violent. At worst they say no. If they do send someone, simply wait for the officer to get there and fire them then. Easy and done with.
|
|
#
?
Mar 23, 2018 20:22
|
|
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. so you have to shut the front desk person in your office and then you yourself wait at the front desk to tackle this crazy person if they bolt? HALT RIGHT THERE! *tackle* THEY'RE NOT DONE FIRING YOU YET
|
|
#
?
Mar 23, 2018 20:24
|
|
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. So are you going to tell the front desk person "Come with me if you want to live"?
|
|
#
?
Mar 23, 2018 20:26
|
|
|
Bob Morales posted:
You haven't diagrammed the tranquilizer dart supply, was that intentional?
|
|
#
?
Mar 23, 2018 20:26
|
|
|
It must be pretty embarrassing to get tackled by the IT guy of all people.
|
|
#
?
Mar 23, 2018 20:27
|
|
|
My mental image of bob is as a big hairy biker dude, so this story all checks out.
|
|
#
?
Mar 23, 2018 20:28
|
|
|
Are they worried about the person being violent or about him/her talking to others or about others knowing who they are firing or they street the firing?
|
|
#
?
Mar 23, 2018 20:31
|
|
|
Methanar posted:It must be pretty embarrassing to get tackled by the IT guy of all people. 
|
|
#
?
Mar 23, 2018 20:31
|
|
|
ilkhan posted:Are they worried about the person being violent or about him/her talking to others or about others knowing who they are firing? Apparently they might yell at the front desk lady or sucker punch her or something I don't know I don't know who the person is, they might be from her old department (she was in customer service until last week) so maybe they hate her or something.
|
|
#
?
Mar 23, 2018 20:32
|
|
|
The Fool posted:My mental image of bob is as a big hairy biker dude, so this story all checks out. He’s a weightlifter who was completely obsessed with bench at the expense of everything else, so not far off. Seriously, though, they expect you to be ready to tackle the possibly violent employee? gently caress that. Bring front desk lady in, lock her and yourself in, wait until the guy is out one way or another.
|
|
#
?
Mar 23, 2018 20:39
|
|
|
Current status is they are waiting for the owners of the company to leave (they have an appointment at 4:30 so they should be leaving any minute) before they do this.
|
|
#
?
Mar 23, 2018 20:46
|
|
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. Oh nooo, someone getting fired might have WORDS TO SAY ABOUT IT. BETTER GET OUT THE GODDAMN TASERS. WE GOT A TALKER HERE
|
|
#
?
Mar 23, 2018 20:47
|
|
|
Bob Morales posted:Current status is they are waiting for the owners of the company to leave (they have an appointment at 4:30 so they should be leaving any minute) before they do this. You're going to shut the door and do nothing no matter what this guy does, right?
|
|
#
?
Mar 23, 2018 21:17
|
|
|
 Absolutely nothing happened. They sat down with him, someone came out and boxed up his desk, and the he left.
|
|
#
?
Mar 23, 2018 21:22
|
|
|
Bob Morales posted:
What a letdown. You coulda lied and said there was some gumballs and the deed to Draculas castle in his desk.
|
|
#
?
Mar 23, 2018 21:33
|
|
|
Bob Morales posted:
There's still a valuable takeaway here about your current leadership's ability to manage risk.
|
|
#
?
Mar 23, 2018 21:42
|
|
|
18 Character Limit posted:There's still a valuable takeaway here about your current leadership's ability to manage risk.
|
|
#
?
Mar 23, 2018 21:53
|
|
|
Thanatosian posted:I think they did a great job at managing risk, here. The owners left before they fired the guy; pretty much zero risk, see? They never, ever fire anyone when they are here. When they go on vacation, they bring the axe down.
|
|
#
?
Mar 23, 2018 21:58
|
|
|
Bob Morales posted:They never, ever fire anyone when they are here. When they go on vacation, they bring the axe down. good way to motivate people to never take pto
|
|
#
?
Mar 23, 2018 22:19
|
|
|
Thanatosian posted:I think they did a great job at managing risk, here. The owners left before they fired the guy; pretty much zero risk, see? And they left the big IT guy there as their security force!
|
|
#
?
Mar 23, 2018 22:21
|
|
|
A ticket came in:quote:Can someone please lock my account-my car has been stolen and it has my iPad and [company] email and contacts. Please call me at [wrong area code].111.2222. I'm reasonably certain she makes six figures.
|
|
#
?
Mar 23, 2018 22:29
|
|
|
TITTIEKISSER69 posted:A ticket came in: Whats the issue? That she made a typo with her phone number or that her car was stolen? IDGI
|
|
#
?
Mar 23, 2018 22:47
|
|
|
|
| # ? Apr 20, 2024 05:28 |
|
|
That fact that she's notifying you that company data is out in the wild is a step in the right direction. If you are not able to remotely wipe the ipad, that's a different problem.
|
|
#
?
Mar 23, 2018 22:49
|
|