redfox

joined 9 months ago
[–] redfox@infosec.pub 9 points 1 month ago (2 children)

Won't someone please think of the investors...!

[–] redfox@infosec.pub 43 points 1 month ago (12 children)

I'm just glad they're still distracted with torrents...

[–] redfox@infosec.pub 6 points 1 month ago (1 children)

rawdawg some torrents

LOL! Did you spray 1's and 0's in their face when you were done?

[–] redfox@infosec.pub 1 points 1 month ago (1 children)

Good comments.

Do you think there's still a lot of traditional or legacy thinking in IT departments?

Containers aren't new, neither is the idea of infrastructure as code, but the ability to redeploy a major application stack or even significant chunks of the enterprise with automation and the restoration of data is newer.

[–] redfox@infosec.pub 3 points 1 month ago

Lol, even in 2024 with free VPN/overlay solutions...they just won't stop public Internet exposure of control plane things...

[–] redfox@infosec.pub 5 points 1 month ago (1 children)

Blank check

Funny how that seems to often be the case. They need to see the consequences, not just be warned. An 'I told you so' moment...

[–] redfox@infosec.pub 2 points 1 month ago

Agreed.

Dont we all use centralized management because there is cost and risk involved when we don't.

More management complexity, missed systems, etc.

So we're balancing risk vs operational costs.

Makes sense to swap out virtual for container solutions or automation solutions for discussion.

[–] redfox@infosec.pub 2 points 1 month ago

Yeah, that's pretty risky for this point in time.

I guess the MBA people look at total cost of revenue/reputation loss for things like ransomware recovery, restoration of backups vs the cost of making their IT systems resilient?

Personally, I don't think so (in many cases) or they'd spend more money on planning/resilience.

[–] redfox@infosec.pub 7 points 1 month ago (3 children)

Seems like your org has taken resilience and response planning seriously. I like it.

22
submitted 1 month ago* (last edited 1 month ago) by redfox@infosec.pub to c/technology@lemmy.world
 

After reading this article, I had a few dissenting thoughts, maybe someone will provide their perspective?

The article suggests not running critical workloads virtually based on a failure scenario of the hosting environment (such as ransomware on hypervisor).

That does allow using the 'all your eggs in one basket' phrase, so I agree that running at least one instance of a service physically could be justified, but threat actors will be trying to time execution of attacks against both if possible. Adding complexity works both ways here.

I don't really agree with the comments about not patching however. The premise that the physical workload or instance would be patched or updated more than the virtual one seems unrelated. A hesitance to patch systems is more about up time vs downtime vs breaking vs risk in my opinion.

Is your organization running critical workloads virtual like anything else, combination physical and virtual, or combination of all previous plus cloud solutions (off prem)?

[–] redfox@infosec.pub 1 points 2 months ago

I didn't know how much the sheriff has to do with impd department policy/culture. In a metro department, I think that's the chief of police, which I think is appointed?

Probably badger the city council and your local reps.

[–] redfox@infosec.pub 22 points 2 months ago* (last edited 2 months ago)

contract "options" are indeed normal. You could also lump in government contracts into the category your thinking about. I've never heard of a scenario where the vendor broke contract by not honoring the options. I also have never dealt with a vendor getting bought out and then not honoring existing contracts. Super fun to watch the corporate drama. I personally don't care for the private equity style business that seems to be an even bigger problem than the investor first/profit centric model that I thought was the worst thing.

[–] redfox@infosec.pub 1 points 2 months ago

There's a lot there, thanks.

 

The author of this article asserts some of the recent complaints I've either personally heard from others or some of my own opinions regarding the costs of higher education.

Scott Galloway has recently become well known for additional criticism of higher education creating artificial constraints on admissions or acceptance of potential students.

Do you believe any of these points have merit?

Do you believe the current costs of higher education either in the US or other first world countries provides appropriate return on investment?

Do you believe the assertion that senior lecturers don't have the same teaching skill requirements as primary education in addition to their subspecialty or focus?

How could higher education be improved or is the current model working well enough?

3
submitted 6 months ago* (last edited 6 months ago) by redfox@infosec.pub to c/cybersecurity@infosec.pub
 

This is a network defense design scheme question.

In a scenario where your organization is designing multi-layered firewall deployment and management, how granular  do you create rules at each of these three layers?

Example site is a main/HQ site that also houses your data center (basic 3 tier model).

  1. Site has your main internet gateway and VPN termination point. As am example, it's a Cisco or other ZBF. It has four zones: (1) Internet, (2) VPNs from other sites/clients, (3) your corporate LAN including data center, (4) Guest/untrusted/Iot.

  2. Between your gateway and the rest of your corporate network/datacenter, you have transparent proxy firewall/IPS/monitor. It's bridging traffic between gateway and data center.

  3. Within data center, hosts have software host based firewalls, all centrally managed by management product.

Questions:

  • How granular do you make ZBF policies at gateway? Limit it to broad zones, subnets, etc? Get granular by source/destination? Further granular by source/destination/port?

  • How granular do you make rules for transparent proxies between segments? Src/dst? Src/dst/port?

  • How granular do you make rules for host based firewalls? Src/dst? Src/dst/port? Src/dst/port/application/executable?

  • How have organizations you've worked for implemented these strategies?

  • Were they manageable vs effective?

  • Did the organization detect/prevent lateral movement if any unauthorized access happened?

  • What would you change about your organization's firewall related designs?

 

What sources of technical controls does your organization use?

Do you base device/operating system configurations on:

  • CIS workbench?
  • NIST/STIG?
  • Microsoft best practice?
  • Google searches and 'that looks good'?

How closely rigorously does your organization enforce change management for policies or settings?

  • Can you change GPOs/Linux/Network device settings as needed?
  • During maintenance window?
  • After a group meeting with code/change review and some sort of approval authority?
 

Does anyone fully implement workstation and server logon restrictions, and priviledged access workstations (PAW) as prescribed by NIST/STIG/CIS?

The URL is Microsoft's long description of the same concepts.

Specifically from the above, there's a few things like:

  • Establishing asset/systems tiers (domain controllers or entire org compromise tier 0, moving towards less consequence in the event of system compromise)
  • Accounts with the Active Directory Domain Admins or equivalent are supposed to be blocked from logging into lower tier assets
  • Workstations that have access to log into these super sensitive assets like Domain controllers for management are considered PAWs, and are blocked from internet access, highly locked down, might have extra hoops or management plane assets are air gapped?

Question:

Does anyone actually do any of this at their organization?

If so, to what degree?

People hated red forest because it was a whole other set of infrastructure to baby sit.

People hate air gapped systems because no remote access or work from home.

The above doesn't work well with cloud, and as a result Microsoft (just as an example) pushed for the new hybrid PIM models replacing their old red forest concept.

I'm just curious.

 

I don't even know where to begin with some of the quotes in this article, good or bad.

The topic of politics can be aggausting, but I wonder if there isn't merit to this idea?

If we'll have republican local reps regardless based on trends, should people jump party and vote for more moderate candidates, if any exist?

Even if you know your candidate isn't likely to win, do you vote them on principle to vote metrics and data, or do you vote for the lesser evil opponent, even if you feel dirty for it?

I'm not taking or endorsing a side or suggesting anyone should, just curious. Pretend it's the opposite parties than Indiana if it helps thinking through it.

 

My reason for posting this question is to get some perspective, since I don't live further west than Indiana.

Indiana has a lot of conservative tendencies, usually opposes progressive policies, and a little old school bigotry in the form of religion based disagreement with people's life styles, like letter community.

From an outsiders perspective, TX, OK, MO etc are even more extreme.

This permalink above from a comment from a person referencing recently proposed legislation against letter community people specifically, though there's tons of examples of bigotry like the school principal getting sued for discrimination due to a kid's hair (black hair).

We know Lemmy is a bit more populated with left than right thinkers, but regardless, what's going on in these western plains states? Is it as bad as it looks?

Do you personally know some sweet old church ladies who 'hate the gays because they'll going to hell' or are there just more extreme law makers being elected that don't represent the majority?

EDIT: tried to fix link to a conversation instead of a login page.

6
submitted 7 months ago* (last edited 7 months ago) by redfox@infosec.pub to c/cybersecurity@infosec.pub
 

This is not an ad.

Does anyone have experience with Tenable products?

I'm interested in real world experience regarding:

  • cost
  • effectiveness
  • ease of use

I'm playing with Tenable Security Center and Nessus Scanner. I'm early in the deployment, just looking for pointers and whether anyone has used it?

What alternatives is your org using if not?

Can you compare?

Edit, if anyone is interested, I can post results and opinions here also.

 

INDIANAPOLIS – Angry reaction from community leaders continue to pour in after a controversial punishment was handed down to the man who was convicted of killing Indianapolis Metropolitan Police Department officer Breann Leath.

Dorsey was sentenced on Thursday to 25 years in prison after he was found guilty but mentally ill on the following charges:

One count of reckless homicide Three counts of criminal recklessness committed with a deadly weapon One count of attempted murder One count of criminal confinement Dorsey was not convicted of murder by the jury. That charge was reduced to the lesser reckless homicide charge.

...

Snyder, who is the president of the Indianapolis FOP, said during a Friday afternoon news conference that residents of Indianapolis, as well as Indiana residents and those throughout the country, saw a “miscarriage of justice” through Stoner’s sentencing.

In response, Snyder said the maximum sentence of 63 years should have been implemented for Dorsey in this case, which Snyder called an attempt of “cold blooded murder.”

...

“As mayor and as a father, I’m shocked and disappointed in the decision that was handed down yesterday,” said Indianapolis Mayor Joe Hogsett.

 

INDIANAPOLIS — A traffic stop ended up leading investigators to a restaurant on Indy’s east side where police uncovered cocaine, methamphetamine, marijuana, fentanyl and enough firepower for a shootout.

William Collins, 45, was arrested by the Indianapolis Metropolitan Police Department on Monday for his role in the alleged drug trafficking. Collins also isn’t permitted to own a firearm due to being a convicted felon.

Police said Collins was arrested during a traffic stop after detectives witnessed a “hand-to-hand drug transaction” in a parking lot in the 3200 block of N. Emerson. During the traffic stop, police found a handgun in Collins’ possession.

The investigation eventually led police to 1313 Eatery, a chicken wing shop located at 5299 E. 38th Street. Detectives searched the business and seized approximately 600 grams of cocaine, five pounds of meth, one pound of marijuana and 70 grams of fentanyl pills.

Also found in the restaurant were three firearms, two of which were reported stolen, and nearly 900 rounds of live ammunition.

 

INDIANAPOLIS — Indiana State Police troopers made 120 traffic stops and cited a majority of those drivers for speeding during a two-hour ticket-writing blitz on the west side of Indianapolis Wednesday.

More than a dozen troopers, warned by lawmen with handheld laser speed detectors, pulled over drivers exceeding the 55-mile-per-hour limits on I-465 between 56th and 38th streets for two hours in the afternoon.

Sgt. John Perrine said troopers were stopping only drivers topping out at 75 MPH and above.

”We’re certainly not out here looking for the people who are minor speeding. We’re looking for the most egregious, most aggressive drivers who are really causing problems,” he said. ”We would like to lower that threshold but it’s really hard to go out and stop the people doing 10 over when we know a few seconds later there is somebody coming who is doing thirty over.”

Perrine said excessive speed is often to blame for road rage incidents.

”We have a group of drivers who want to drive slow in the left lane and say, ‘Hey, you’re not passing me. If I’m gonna drive the speed limit, you’re gonna drive the speed limit.’ And the other side of the selfish driver is, ‘I don’t care about anybody else. I’m gonna drive the way I want as fast as I want.’ We really need to get a handle on both of those.”

Perrine said troopers from across the state will be patrolling Indianapolis area interstates through the rest of this year engaging in occasional blitzes. ...

Why can't we go faster?

Why cant the speed limit of Indiana's 465 beltway be increased over 55 mph?

Copilot

The speed limit on I-465, despite most drivers exceeding it, remains at 55 mph due to Indiana state law. Specifically, because I-465 is considered to be within an urban area, its speed limit cannot exceed 55 mph. The Indiana Department of Transportation (INDOT) has the authority to lower the speed limit if an engineering study demonstrates that a lower speed is necessary for safety or traffic reasons1. So, even though many drivers find the current limit too low, it remains in place due to legal constraints.

Interestingly, the real-world data supports the notion that drivers consistently exceed the speed limit on I-465. For instance:

96.3% of vehicles recorded at one spot on the northwest side of I-465 were going over the speed limit. More than half of the vehicles were recorded at speeds exceeding 65 mph, which is more than 10 mph over the limit1. While there have been discussions about implementing variable speed limits on parts of I-465, the existing legal framework keeps the maximum speed at 55 mph2. So, despite the bustling traffic and the urge to go faster, the beltway remains a place where the Racing Capital of the World meets the 55 mph speed limit1! 🏎️🚗

southbendtribune.com indystar.com aaroads.com

52
submitted 7 months ago* (last edited 7 months ago) by redfox@infosec.pub to c/indiana@midwest.social
 

Let's Play Date, Marry, Kill...with Roundabouts.

What are your thoughts as Indiana starts adopting these modern traffic control measures (Europe has been doing them since...forever)?

Most people I talk to either love or hate these intersections. For some reason, I can't find people who are indifferent to them very often.

According to the Carmel's city webpage: "Carmel is internationally known for its roundabout network. Since the late 1990’s Carmel has been building and replacing signalized intersections with roundabouts. Carmel now has more than 150 roundabouts, more than any other city in the United States."

"The number of injury accidents in Carmel have reduced by about 80 percent and the number of accidents overall by about 40 percent."

https://www.carmel.in.gov/government/departments-services/engineering/roundabouts#:~:text=Carmel%20is%20internationally%20known%20for,city%20in%20the%20United%20States.

General PROs / CONs

  • Up to a 90 percent reduction in fatalities
  • 76 percent reduction in injury crashes
  • 30-40 percent reduction in pedestrian crashes
  • Reduces the severity of crashes
  • Keeps pedestrians safer
  • Roundabouts reduce the number of potential accident points within an intersection, 75 percent fewer conflict points than four-way intersections
  • No signal equipment to install and repair, savings estimated at an average of $5,000 per year in electricity and maintenance costs
  • Service life of a roundabout is 25 years (vs. the 10-year service life of signal equipment)
  • Reduces pollution and fuel use
  • 30-50 percent increase in traffic capacity, improves traffic flow for intersections that handle a high number of left turns, reduces need for turn lanes
  • While roundabouts can handle moderate to heavy traffic volumes more efficiently than traditional intersections, they may experience congestion and delays during periods of extremely high traffic volumes or if not designed properly for the anticipated traffic flow
  • Pedestrians and cyclists may face challenges navigating roundabouts, particularly multi-lane roundabouts with higher traffic volumes. Proper design considerations, such as providing safe crossing points, adequate sight lines, and dedicated pedestrian/cyclist facilities, are crucial to ensure their safety.
  • Drivers unfamiliar with roundabouts may initially experience confusion or hesitation when navigating them, potentially leading to increased risks or delays until they become accustomed to the traffic patterns.
  • Roundabouts generally require a larger footprint and more land area

https://www.in.gov/indot/traffic-engineering/roundabouts/#:~:text=Up%20to%20a%2090%20percent,points%20than%20four%2Dway%20intersections (CONs came from general searching, LLM compilation)

Indianapolis and the surrounding suburbs are implementing them more frequently now, how about your city?

Did you know that traffic circles are different from roundabouts? PA has a little comparison chart that was interesting (If you're into that sort of thing): https://www.penndot.pa.gov/PennDOTWay/pages/Article.aspx?post=24

view more: next ›