switch to room list switch to menu My folders
Go to page: First ... 15 16 17 18 [19]
[#] Thu May 19 2022 16:37:38 EDT from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Well it did specifically call out DNS hijacking as the permissible "remedy", and not actual network hijacking.

Fortunately, secure DNS servers plus DNSSEC were designed to prevent bad actors from altering DNS results in-stream. This is good because now the ultimate bad actor wants to do it.

The more the Empire tightens its grip, the more star systems slip through its fingers.

[#] Thu May 19 2022 18:08:18 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Right, there are ways around it, but if they stop the unwashed masses, then they consider it a success. 

[#] Thu May 19 2022 18:12:02 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

I take it back there is one way:

Mandate a compromised IP stack + backdoored CPU ( vpro, for example ) on every machine that connects to the network. 

I remember in the old days of dial-up how some companies had their own custom IP stack + software to be able to connect to their service.  Sure, it was not nefarious at the time as it was still the early days, but i was thinking "this could be really bad if used the wrong way"

[#] Fri May 27 2022 09:25:08 EDT from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Sure, if it was AOL or Prodigy, they had a custom IP stack, but it was only there so you could run "regular" TCP/IP software while using them as a network provider. Most of the others just shipped a skinned version of Trumpet Winsock.

[#] Fri May 27 2022 11:43:01 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

A few others did too, the 'local' one i used for a while ( i forget the name now, its been too long ) also did it.

I do realize its long ago not everyone did it, etc. bla bla.  Just pointing out that they could do it, again. 

[#] Mon Dec 05 2022 18:17:34 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

So at the office they are in the process of "denying iis verbs" on all web servers.

Wont that make many of the apps useless?

[#] Tue Dec 06 2022 09:30:22 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

WTF is a "verb" ? Is that what the rest of the world calls "methods" ?

[#] Tue Dec 06 2022 11:06:48 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

ya,  get. post, head. etc.


i had to go look it up too..  I heard about it a few months ago  ( i was asked to automate something about it ) then just saw the CMR yesterday that its really going to happen.

[#] Tue Dec 06 2022 14:55:38 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

And sites are going down as they make the changes.

Not all. but there is fallout.

[#] Wed Dec 07 2022 09:13:41 EST from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Ok so its not ALL methods, err verbs. The CMR said 'disabling verbs on all IIS servers' and that was all it said, other than listing which servers were in each "batch".  it implied all, and i had zero idea how anything was going to function. But in reality, its only some of the more "dangerous" ones ( in their eyes ) such as delete, patch, and nuke.  But stuff like post and get are still allowed.

Still killing a few of our apps. But at least not a complete implosion. 

[#] Sat Dec 17 2022 15:04:02 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Well, shame on them for using IIS-proprietary methods, I guess.

Go to page: First ... 15 16 17 18 [19]