|
Boiled Water posted:friends don't let friends telnet jesus jesus is always listening, even on port 23
|
#
?
Apr 30, 2019 22:48
|
|
|
|
| # ? Apr 20, 2024 01:37 |
|
|
There's No Key To Dial Jesus And His Words Are Always Clear Text
|
|
#
?
Apr 30, 2019 23:04
|
|
|
In this case assuming the traffic is not being captured , telnet or SSH or whatever doesn’t matter - same dif
|
|
#
?
Apr 30, 2019 23:07
|
|
|
i didn't know telnet supported cert authentication
|
|
#
?
Apr 30, 2019 23:15
|
|
|
The Fool posted:i didn't know telnet supported cert authentication $ telnet secure.yourcompany.biz login: root is your certificate valid? [Y/n] 
|
|
#
?
Apr 30, 2019 23:28
|
|
|
Just tunnel telnet over ssh
|
|
#
?
May 1, 2019 00:23
|
|
|
ok i configured telnetd to listen on port 22 instead, that's what you meant right?
|
|
#
?
May 1, 2019 00:25
|
|
|
one time I added a nginx block to respond with the exact header response some metasploit script was expecting based on the hardcoded input, instead of fixing the CVE. is that a fuckup? (the exploit only applied to apache but the testers dont understand that for some reason)
|
|
#
?
May 1, 2019 01:01
|
|
|
DrPossum posted:Just tunnel telnet over ssh Life got way easier when I first put a foot down and insisted DBAs use ssh to the exclusion of everything else for remote access
|
|
#
?
May 1, 2019 01:29
|
|
|
why would a dba be using ssh or telnet?
|
|
#
?
May 1, 2019 01:31
|
|
|
why would a DBA not use SQL Server Management Studio?
|
|
#
?
May 1, 2019 02:16
|
|
|
Lain Iwakura posted:newer hyundais run android. there's an escape for my 2017 ioniq floating about that is more or less useless for me since i use iOS which clock though?
|
|
#
?
May 1, 2019 03:49
|
|
|
Soricidus posted:jesus is always listening, even on port 23 Jesus take the Sguil
|
|
#
?
May 1, 2019 12:11
|
|
|
jesus sees all my dirty bits
|
|
#
?
May 1, 2019 13:03
|
|
|
nazi pants fall off
|
|
#
?
May 1, 2019 15:54
|
|
|
Crime on a Dime posted:nazi pants fall off now im thinking of the song with these lyrics and im lollin at work
|
|
#
?
May 1, 2019 16:28
|
|
|
Athena Health are a bunch of dipshits who don't know email from the puddle of brain that leaked out the side of their idiot heads
|
|
#
?
May 1, 2019 17:35
|
|
|
waa waa waa! you're email gateway isn't secure because it doesn't enforce strict TLS transport and RC4 is on despite it not having a viable attack vector on SMTP. waa waa waa! you broke delivery of our loving temp password emails when you turned on strict transport because we send those plaintext. waa waa waa! our stuff is getting sinkholed because our lovely IPs are on a million block lists because our boxes keep getting popped and we don't check mail logs for the very clear notification message that comes back.
|
|
#
?
May 1, 2019 17:37
|
|
|
email is always bad, just move to exchange in teh cloud and never touch it again imo
|
|
#
?
May 1, 2019 20:04
|
|
|
Shaggar posted:why would a dba be using ssh or telnet? tunnelling traffic through a bastion server imo
|
|
#
?
May 1, 2019 22:39
|
|
|
BangersInMyKnickers posted:Athena Health are a bunch of dipshits who don't know email from the puddle of brain that leaked out the side of their idiot heads all healthcare IT is and will forever remain a dumpster fire, moreso than regular IT one of my fave epic systems cool features was the "use TLS when communicating with the DB" switch that did literally nothing (or maybe something, but definitely didn't turn on TLS) and went unnoticed forever until the navy finally bothered to look at some pcaps. when NMCI is somehow more on the ball than you wrt IT best practices you've hosed up p drat hard.
|
|
#
?
May 2, 2019 06:14
|
|
|
florida lan posted:one of my fave epic systems cool features was the "use TLS when communicating with the DB" switch that did literally nothing (or maybe something, but definitely didn't turn on TLS) and went unnoticed forever until the navy finally bothered to look at some pcaps. can they get sued for fraud? 
|
|
#
?
May 2, 2019 07:08
|
|
|
florida lan posted:one of my fave epic systems cool features was the "use TLS when communicating with the DB" switch that did literally nothing (or maybe something, but definitely didn't turn on TLS) for efficiency, instead of wasting valuable resources on encryption, it just flipped the tcp "treat as encrypted" bit, which the nsa and other surveillance agencies have all solemnly promised to respect
|
|
#
?
May 2, 2019 09:32
|
|
|
servers could have been configured with null_null fallback the "we tried nothing and nothing worked" of encryption
|
|
#
?
May 2, 2019 12:44
|
|
|
Munkeymon posted:servers could have been configured with null_null fallback the "we tried nothing and nothing worked" of encryption i would die laughing if the "use TLS" option deliberately negotiated TLS_NULL_WITH_NULL_NULL on both sides
|
|
#
?
May 2, 2019 14:01
|
|
|
Pass your security audit with this one WEIRD trick! socket dumps to /dev/null
|
|
#
?
May 2, 2019 14:41
|
|
|
|
|
#
?
May 2, 2019 18:21
|
|
|
i sat here for like 10 to 15 seconds carefully reading the left-hand text to figure out why you'd link this, then was just like "oh" out loud
|
|
#
?
May 2, 2019 18:29
|
|
|
im very immature
|
|
#
?
May 2, 2019 18:40
|
|
|
Pounded in the Butt by my Law Enforcement Network
|
|
#
?
May 2, 2019 18:51
|
|
|
Ur Getting Fatter posted:Pounded in the Butt by my Law Enforcement Network
|
|
#
?
May 2, 2019 20:11
|
|
|
Ur Getting Fatter posted:Pounded in the Butt by my Law Enforcement Network
|
|
#
?
May 2, 2019 21:00
|
|
|
good news everyone Intel is pushing out microcode updates for new CVEs that become public on the 14th
|
|
#
?
May 2, 2019 21:01
|
|
|
pseudorandom name posted:good news everyone Intel is pushing out microcode updates for new CVEs that become public on the 14th hell yeah I love microcode updates
|
|
#
?
May 2, 2019 21:21
|
|
|
Ur Getting Fatter posted:Pounded in my Law Enforcement Network by the Butt
|
|
#
?
May 2, 2019 21:22
|
|
|
lol new jersey
|
|
#
?
May 2, 2019 22:07
|
|
|
my bitter bi rival posted:lol new jersey
|
|
#
?
May 2, 2019 22:12
|
|
|
BangersInMyKnickers posted:hell yeah I love microcode updates gentlemen, update your boot loafers
|
|
#
?
May 2, 2019 22:22
|
|
|
BangersInMyKnickers posted:hell yeah I love microcode updates looks like there's also OS updates to go along with it and OS devs aren't happy that Lenovo leaked the CVE reveal dates.
|
|
#
?
May 3, 2019 08:08
|
|
|
|
| # ? Apr 20, 2024 01:37 |
|
|
pseudorandom name posted:good news everyone Intel is pushing out microcode updates for new CVEs that become public on the 14th
|
|
#
?
May 3, 2019 10:37
|
|
