Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Martytoof
Feb 25, 2003







Oh I'd like it more for the scrape API and keyword notifications. I don't ever actually use pastebin to post.

Adbot
ADBOT LOVES YOU

Buff Hardback
Jun 11, 2019



Martytoof posted:

Does pastebin pro ever actually go on sale? It's "sold out" every time I check.

It went on sale at some point since I have a pro account (back in December of 2018)

RFC2324
Jun 7, 2012

http 418



BaseballPCHiker posted:

I have read, and Im not 100% sure on this, that the above was limited to the "major" carriers in the US, meaning some podunk regional providers might still be affected.

I'm gonna guess all the resellers or whatever 5.95/month plan you find on the internet are also going to still be affected.

because they will start getting a cut

DrDork
Dec 29, 2003
commanding officer of the Army of Dorkness

BaseballPCHiker posted:

I have read, and Im not 100% sure on this, that the above was limited to the "major" carriers in the US, meaning some podunk regional providers might still be affected.

That was my read on it, too. An additional open question is the behavior of MVNO's riding on the major carriers--I honestly don't know enough about how mobile numbering works to know if the major carrier's actions effectively protect MVNOs on their networks or not.

Tryzzub
Jan 1, 2007



Mudslide Experiment

Hello friends, itís time to update Exchange (again)!

https://twitter.com/thezdi/status/1382023848422473734?s=20

Tryzzub fucked around with this message at 18:21 on Apr 13, 2021

rafikki
Mar 8, 2008

I see what you did there. (It's pretty easy, since ducks have a field of vision spanning 340 degrees.)

~SMcD

Anyone seen any IOCs for the new exchange vulns floating around yet?

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

rafikki posted:

Anyone seen any IOCs for the new exchange vulns floating around yet?

The current set above or the last set that set off the patching panic?

If its the last set, Microsoft released a toolset for detecting IOCs:
https://us-cert.cisa.gov/ncas/current-activity/2021/03/06/microsoft-ioc-detection-tool-exchange-server-vulnerabilities

rafikki
Mar 8, 2008

I see what you did there. (It's pretty easy, since ducks have a field of vision spanning 340 degrees.)

~SMcD

Naw, the ones just released. If it's not being actively exploited yet, probably not going to be much unless MS decides to share more info I suppose.

Wiggly Wayne DDS
Sep 11, 2010





rafikki posted:

Naw, the ones just released. If it's not being actively exploited yet, probably not going to be much unless MS decides to share more info I suppose.
the new ones were released by nsa, so either they did some rca around the last vulns or they decided to release some of their old stock. either way we aren't getting iocs for them

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

Wiggly Wayne DDS posted:

the new ones were released by nsa, so either they did some rca around the last vulns or they decided to release some of their old stock. either way we aren't getting iocs for them

Yeah I'm assuming Microsoft will provide a tool for detecting IOCs if its being detected as actively being compromised.

Internet Explorer
Jun 1, 2005


Oven Wrangler

hopefully this time I can avoid having to rebuild our exchange server. wouldn't that be nice.

Biowarfare
Nov 8, 2010

I JUST WISH THIS WAS A PONY SO I COULD JERK IT WHILE I PLAY WOW

have you considered g suite instead

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget.

Biowarfare
Nov 8, 2010

I JUST WISH THIS WAS A PONY SO I COULD JERK IT WHILE I PLAY WOW

as someone that generally has not had to deal with legacy systems, i'm actually curious - how the gently caress do some of these things work? how does it take a full team more than a year to migrate from onprem exchange to o365? was everyone just not using SSO and signing in directly with AD or even given the ability to connect on port 25 over the internal network and send emails completely unauthenticated? do people have 30 terabyte deleted items folders? exchange onprem already requires every single user to be licensed with one or more than one required CAL, how much different is that than paying for o365 per user?

droll
Jan 9, 2020


Methinks the size of the company and their IT beurocracy matters. IT department of 5? Much easier than an IT org of 3,000. I'm in the latter's hell right now after being acquired and its nightmarish.

We migrated from o365 to gsuite years ago which apparently surprises people but we don't have calendaring tickets every day any more. But now we are helping move everyone back to the parent company's o365 lol

Internet Explorer
Jun 1, 2005


Oven Wrangler

We're already using O365, we just have Exchange on-prem for management and internal relay. I insisted that we don't open firewall rules for HTTP/S and SMTP to our server, which seems to be paying off right now. Although details seem scarce on this new exploit.

Sickening
Jul 15, 2007

Black summer was the best summer.

CommieGIR posted:

Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget.

I would think that even for large orgs this is an extreme glacial pace. The process is about as streamlined as it can be especially if you use some of the 3rd party resources out there.

Kazinsal
Dec 13, 2011






CommieGIR posted:

Can't wait for another round of "Just move to O365" recommendations that ignores moving on prem Exchange to O365 is easily a 6month to 1 year project all on its own that needs a budget.

If your org has so much insane bureaucracy that moving to O365 takes a year, it's probably going to take you that long just to get the OK to patch all your Exchange servers.

Sickening
Jul 15, 2007

Black summer was the best summer.

I guess my first question is what in the hell your org is investing time into instead.

Biowarfare
Nov 8, 2010

I JUST WISH THIS WAS A PONY SO I COULD JERK IT WHILE I PLAY WOW

Microsoft onprem licensing training sessions and webinars

Internet Explorer
Jun 1, 2005


Oven Wrangler

Meanwhile, our CIO is scrambling to figure out how we do O365 things on-prem because O365 keeps going down.

Sickening
Jul 15, 2007

Black summer was the best summer.

Internet Explorer posted:

Meanwhile, our CIO is scrambling to figure out how we do O365 things on-prem because O365 keeps going down.

Your risk only goes up with it being on prem. Also, without an incredibly investment in people and resources, your uptime is not going to be able to compete just from the patching alone.

Internet Explorer
Jun 1, 2005


Oven Wrangler

I know that. We're talking about a CIO here. He wants us to be able to press a button and have everything that's in O365/Azure running on-prem, and then press a button for it to go back.

droll
Jan 9, 2020


They are at month 7 of trying to get 500 of our users from gsuite to megacorps o365. They're targeting to have it complete in 9. I haven't seen them send any change management comms or trainings for people that don't know Outlook.

Sickening
Jul 15, 2007

Black summer was the best summer.

Internet Explorer posted:

I know that. We're talking about a CIO here. He wants us to be able to press a button and have everything that's in O365/Azure running on-prem, and then press a button for it to go back.

Is that even possible?

Biowarfare
Nov 8, 2010

I JUST WISH THIS WAS A PONY SO I COULD JERK IT WHILE I PLAY WOW

yes, you pay for both to always be on, connect them to each other via imap/pop3/whatever the gently caress sync emails and meetings, and whenever the CIO is bored of the outlook colour scheme, the big red button changes your company domain's mx record from outlook.com to google.com

klosterdev
Oct 10, 2006

Na na na na na na na na Batman!

Sickening posted:

Is that even possible?

With Hybrid Exchange and Hybrid-Added Azure AD systems, sort of? File access would probably be your biggest enemy, some way to immediately mirror and sync files edited on SPO or on-prem SMB or something would probs be pretty intensive

Internet Explorer
Jun 1, 2005


Oven Wrangler

Sickening posted:

Is that even possible?

Not really. But that's not what the vendors in CIO Magazine say.


klosterdev posted:

With Hybrid Exchange and Hybrid-Added Azure AD systems, sort of? File access would probably be your biggest enemy, some way to immediately mirror and sync files edited on SPO or on-prem SMB or something would probs be pretty intensive

It would be so incredibly complex. User auths, SSO, SharePoint, Teams, Teams PBX, etc. There's no way.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

Kazinsal posted:

If your org has so much insane bureaucracy that moving to O365 takes a year, it's probably going to take you that long just to get the OK to patch all your Exchange servers.

It's really not. I've done it with 4 different clients now and is not a small task.

Recommending moving to O365 is good, don't get me wrong. But assuming it's some simple task is underestimating the scale of the project for medium to large orgs. Even Microsoft themselves will not openly state a time other than saying it can be as quick as two weeks or as long as 6 months.

Sickening posted:

I would think that even for large orgs this is an extreme glacial pace. The process is about as streamlined as it can be especially if you use some of the 3rd party resources out there.

You engaged a third party, congrats in most cases this is now a project requiring a lot of funding.

i am a moron posted:

Not really unless youíre hellbent on holding your users hands. Iíve been part of mega huge migrations that had strict requirements for users if they wanted to ensure things moved over and basically telling them to gently caress off otherwise. Migrations are turnkey af

Gonna disagree. But you are also basically admitting that in most cases you told users AND clients to shutup and accept a brand new clean O365 instance, which of COURSE is turnkey versus an actual migration. Shockingly migrations are easy when you can just flip your client the bird.

CommieGIR fucked around with this message at 23:46 on Apr 13, 2021

i am a moron
Nov 12, 2020

Gettin' woke about vaccines

Not really unless youíre hellbent on holding your users hands. Iíve been part of mega huge migrations that had strict requirements for users if they wanted to ensure things moved over and basically telling them to gently caress off otherwise. Migrations are turnkey af

My favorite was the DoD migration. ĎHereís your separate and new username/password cause thereís eighty billion forests, shut up and gently caress youí

Sickening
Jul 15, 2007

Black summer was the best summer.

CommieGIR posted:



You engaged a third party, congrats in most cases this is now a project requiring a lot of funding.


I said third party resources. BitTitan for example was maybe the easiest 3rd party tool I have ever engaged and I have moved more than 100k email accounts through it over the course of my career.

If you can't spend any money, then you are going to run into a roadblock to do most anything so how long a project realistic takes is kind of pointless to debate.

And btw the "so congrats" posting loving sucks, can you do less of that? Thanks.

i am a moron
Nov 12, 2020

Gettin' woke about vaccines

CommieGIR posted:

Gonna disagree. But you are also basically admitting that in most cases you told users AND clients to shutup and accept a brand new clean O365 instance, which of COURSE is turnkey versus an actual migration. Shockingly migrations are easy when you can just flip your client the bird.

O365 migrations are lame, boring garbage and outside of helping to sell a couple as a consultant I havenít been anywhere near one since being at a big rear end financial institution in 2015 that absolutely didnít care about its users feeling and handled it internally.

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

Sickening posted:

If you can't spend any money, then you are going to run into a roadblock to do most anything so how long a project realistic takes is kind of pointless to debate.

This was kinda my point: You are making very big assumptions about the capabilities of people who many be struggling with patching, and yet assume they can handle an O365 migration by adding just third party tools rather than resources.

And yes, I'll apologize, the "congrats" was not meant to be antagonistic, but more in disagreement that I don't think you understood what I meant. Sorry

https://twitter.com/Shadow0pz/status/1382121406280970243?s=20

klosterdev
Oct 10, 2006

Na na na na na na na na Batman!

Does "tangible" have a traditional legal definition, or is it entirely contextual if you mean something literally physical, or just something not-abstract?

CommieGIR
Aug 22, 2006

If Godzilla can do it, you know I can deliver!


Pillbug

klosterdev posted:

Does "tangible" have a traditional legal definition, or is it entirely contextual if you mean something literally physical, or just something not-abstract?

I think in this context they mean in property and ownership.

Adbot
ADBOT LOVES YOU

Acer Pilot
Feb 17, 2007
put the 'the' in therapist





CommieGIR posted:

This was kinda my point: You are making very big assumptions about the capabilities of people who many be struggling with patching, and yet assume they can handle an O365 migration by adding just third party tools rather than resources.

And yes, I'll apologize, the "congrats" was not meant to be antagonistic, but more in disagreement that I don't think you understood what I meant. Sorry

https://twitter.com/Shadow0pz/status/1382121406280970243?s=20

Page 9 of 11

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply