|
cinci zoo sniper posted:some polite secfuck comedy Url is giving some chuck tingle vibes
|
# ? Jan 24, 2022 17:24 |
|
|
# ? Apr 26, 2024 19:04 |
|
Pwnded in the butt by my cloud costs
|
# ? Jan 24, 2022 17:25 |
|
cinci zoo sniper posted:some polite secfuck comedy I kinda feel like an alert for "month x spend is 100*(month x-1)" should be on by default and maybe be a circuit breaker too
|
# ? Jan 24, 2022 17:26 |
|
haveblue posted:I kinda feel like an alert for "month x spend is 100*(month x-1)" should be on by default and maybe be a circuit breaker too "oh no it seems like you're paying too much money for our service might want to take a look at that" - no company ever
|
# ? Jan 24, 2022 17:27 |
|
Volmarias posted:One weird trick to eliminate libertarian cold calls
|
# ? Jan 24, 2022 17:30 |
|
at the same time "we'll put up reasonable obstacles to you shooting yourself in the foot that hard" would be an appealing bullet point of course they did offering monitoring options and he didn't turn them on, lol
|
# ? Jan 24, 2022 17:31 |
|
Had a fun one this weekend: AWS EC2s hosting Windows servers running IIS hosting Wordpress sites. As far as we could tell, no indicators that the box was compromised, lots of the usual drive bys in the logs. But somehow, somewhere, someone scraped an email password stored in the config files and was spamming phish from it. Granted, the devs had that password committed to their repo and it was in every deployment, so who knows where it got take from.... This was a recent acquisition too so a lot of devops stuff to clean up to address the findings.
|
# ? Jan 24, 2022 20:24 |
|
i recently discovered that you can DoS someone's backups on hosts that scan with CLAMAV by just writing a string into the URL field so that it gets committed to the 404 log table. the webhost sent a whole lot of very urgent emails telling me the site had been compromised and i needed to change all my credentials asap
|
# ? Jan 24, 2022 20:57 |
|
Ars Technica posted:Hactivists say they hacked Belarus rail system to stop Russian military buildup show me your secfuck face Ars Technica posted:At the time this post went live, several services on the railway’s website were unavailable. Online ticket purchases, for instance, weren’t working and instead returned the following message: Article has screenshots posted by the attackers as proof and more: https://arstechnica.com/information-technology/2022/01/hactivists-say-they-hacked-belarus-rail-system-to-stop-russian-military-buildup/
|
# ? Jan 24, 2022 23:19 |
thread poll: where/how do you store 2fa backup codes and equivalent
|
|
# ? Jan 24, 2022 23:49 |
|
so, a honeypot
|
# ? Jan 24, 2022 23:53 |
|
cinci zoo sniper posted:thread poll: where/how do you store 2fa backup codes and equivalent I'm kind of thinking that there isn't much point to "backup codes" though and I should just print out the qr codes with the TOTP secrets and maybe store a securely encrypted copy in the cloud somewhere (separate from my passwords).
|
# ? Jan 24, 2022 23:55 |
|
i somewhat begrudgingly put them in my password manager. same with the qr codes that have the secret embedded
|
# ? Jan 25, 2022 00:02 |
|
cinci zoo sniper posted:thread poll: where/how do you store 2fa backup codes and equivalent authy e: oh backup codes, yeah those go in the keep rear end
|
# ? Jan 25, 2022 00:41 |
|
cinci zoo sniper posted:thread poll: where/how do you store 2fa backup codes and equivalent Inside Keepass in the comments for the associated account credentials. The Keepass DB gets copied to both my Google Drive and my NAS. Authy on my phone for the 2FA tokens. CommieGIR fucked around with this message at 00:48 on Jan 25, 2022 |
# ? Jan 25, 2022 00:46 |
|
e;dpmystes posted:I have them printed out on paper at home. Yeah and in most cases if I need to recover the 2FA there's alternative ways like Phone or Email to recover it, Steam being a good example. I think I've used a backup code to recover my 2FA all of once.
|
# ? Jan 25, 2022 00:48 |
|
sticky note on my monitor unsecured webcam pointed at the sticky note in case i'm not home (also shows entire monitor so i can tell if someone is sitting at my workstation) (which is never locked)
|
# ? Jan 25, 2022 00:51 |
|
palm, with sharpie
|
# ? Jan 25, 2022 01:01 |
|
I just use Kesper North's login credentials.
|
# ? Jan 25, 2022 01:10 |
|
Kesper North posted:sticky note on my monitor lmao I made a ctf challenge once where you were supposed to find this exact thing but it was a webcam pointed at a server with a sticky note containing creds
|
# ? Jan 25, 2022 01:14 |
|
Shame Boy posted:"oh no it seems like you're paying too much money for our service might want to take a look at that" - no company ever I’ve had multiple conversations with AWS employees whose entire job is to help people optimize their spending, and I haven’t done that much cloud stuff really.
|
# ? Jan 25, 2022 01:23 |
|
cinci zoo sniper posted:remember the faker (fakener?) incident? lol at the 2-3 yosposters who wanted to suck this domestic terrorist off after he pushed malware to npm
|
# ? Jan 25, 2022 01:40 |
|
Subjunctive posted:I’ve had multiple conversations with AWS employees whose entire job is to help people optimize their spending, and I haven’t done that much cloud stuff really. preemptively? like offering it if you seek it out is one thing but preemptively being like "hey we noticed you're giving us way too much money!" seems... odd...
|
# ? Jan 25, 2022 02:43 |
|
yeah they want to prevent the cloud sticker shock you get when you throw up a ton of VMs without planning that sit there mostly unused. my azure guy called me about it the other week. its also a sales channel to promote other services.
|
# ? Jan 25, 2022 02:49 |
|
lol "guys hey can we just trivialize loving around with critically important software components? "...guys?"
|
# ? Jan 25, 2022 02:53 |
|
if npm is critical to you, its your own fault and you deserve to get owned
|
# ? Jan 25, 2022 02:56 |
|
Shame Boy posted:preemptively? like offering it if you seek it out is one thing but preemptively being like "hey we noticed you're giving us way too much money!" seems... odd... yeah they reached out periodically to offer help optimizing spend
|
# ? Jan 25, 2022 04:12 |
|
the problem aws has is that most cloud migrations where the customer lifts their current architecture to the cloud are both the most valuable in terms of total spend and also the least sticky and the most likely to lose them business if competitors lower prices aws cost analysis and cloud native architecture recommendations allows them to push the stickier services that might be cheaper to run but make it more expensive to migrate to another vendor
|
# ? Jan 25, 2022 04:22 |
|
in addition to being stickier they’d much prefer you to have a bunch of lambdas being called because they can be scheduled anywhere in the az whereas your idling ec2 instance is actually some real percentage of a server sitting there that can run stiff for other customers until you have more requests cheaper services generally map to stuff that’s easier for them so by architecting for cost you’re letting aws have more customers
|
# ? Jan 25, 2022 04:26 |
|
modern devops is 80% knowing which aws instance to use, 15% using the the various kubernetes commands, and 5% copying code from stackoverflow
|
# ? Jan 25, 2022 07:23 |
|
im paid to know when we should stop using awscli commands and when to start using kubectl commands
|
# ? Jan 25, 2022 07:30 |
Tankakern posted:so, a honeypot not really btw how do you store your ssh keys
|
|
# ? Jan 25, 2022 16:15 |
|
cinci zoo sniper posted:not really they are stored on a yubikey and a paper backup copy is made via https://www.jabberwocky.com/software/paperkey/ and turned into like 3-4 QR codes
|
# ? Jan 25, 2022 16:16 |
|
CRIP EATIN BREAD posted:they are stored on a yubikey and a paper backup copy is made via https://www.jabberwocky.com/software/paperkey/ and turned into like 3-4 QR codes Not sure how it is on windows though. mystes fucked around with this message at 16:42 on Jan 25, 2022 |
# ? Jan 25, 2022 16:34 |
|
PIV still makes me giggle each time it comes up
|
# ? Jan 25, 2022 16:55 |
|
hmmm someone signed up for a tesco club card with my email so i reset their password theres a phone number & card associated but i cant see them as that apparently requires 2fa via the card or phone also the delivery address is a market place, and lol i can see the phone number there
|
# ? Jan 25, 2022 17:41 |
|
russian phone number? it starts 0789...
|
# ? Jan 25, 2022 17:44 |
Carthag Tuek posted:russian phone number? it starts 0789... british mobile phone numbers start with 07 for domestic purposes 07123 456789 becomes +44 7 123 456789 for international dialling
|
|
# ? Jan 25, 2022 17:49 |
|
ah thx
|
# ? Jan 25, 2022 17:50 |
|
|
# ? Apr 26, 2024 19:04 |
|
Blinkz0rz posted:the problem aws has is that most cloud migrations where the customer lifts their current architecture to the cloud are both the most valuable in terms of total spend and also the least sticky and the most likely to lose them business if competitors lower prices yeah and most lift/shift stuff just winds up kicking the can down the road if you have any involved modernization you might need to do. we do a lot of explaining that generic "move to kube! works on anything!" tools don't actually help you make your app work well some people try to run full blown websphere in containers and wonder why their app doesn't work well in kubernetes
|
# ? Jan 25, 2022 18:27 |