A Little-Known Microsoft Program Could Expose the US Defense Department to Chinese Hackers
Technology
13
Beiträge
11
Kommentatoren
173
Aufrufe
-
TLDR: They are talking about Chinese coders hired by MS have access to DoD related code, not a computer program.
Thank you for being on the front lines of the click bait war.
-
This post did not contain any content.
Wow. That's pretty bad.
-
TLDR: They are talking about Chinese coders hired by MS have access to DoD related code, not a computer program.
Here I thought it was going to be about telnet or something
-
Here I thought it was going to be about telnet or something
Fun Fact: I once worked with a team that were mapping Iran's internet infrastructure... for reasons. One of the ways we were able to zero in on the more important systems was because we kept finding these weird Cisco routers that had Telnet exposed to the open internet. All of which just so happened to share neighboring IPs (or close enough) with some pretty serious government systems. Fun times.
I'm not a CISCO tech, so I don't know the specifics beyond that. But I do remember that the Telnet connection would permanently ban any IP that failed even a single password attempt. So they had that going for them, I guess lol
-
Fun Fact: I once worked with a team that were mapping Iran's internet infrastructure... for reasons. One of the ways we were able to zero in on the more important systems was because we kept finding these weird Cisco routers that had Telnet exposed to the open internet. All of which just so happened to share neighboring IPs (or close enough) with some pretty serious government systems. Fun times.
I'm not a CISCO tech, so I don't know the specifics beyond that. But I do remember that the Telnet connection would permanently ban any IP that failed even a single password attempt. So they had that going for them, I guess lol
I once worked for a fairly large multinational and was the main data center admin.
We ordered two separate comcast business account lines to serve as an emergency management network juuuuuuuuuuuust in case everything enterprise level went down. A true catastrophe somewhere else.
My boss put a windows xp box on it, and it alone with a single linux router in between it any the internet, totally insecure except for fail2ban and port knocking.
The entire time we were waiting for the rest of the data center to be wired it stood up, never being penetrated. Maybe a month or so.
BUT we’d banned basically the entire public IP space.
This was back in the early 2010s
-
I once worked for a fairly large multinational and was the main data center admin.
We ordered two separate comcast business account lines to serve as an emergency management network juuuuuuuuuuuust in case everything enterprise level went down. A true catastrophe somewhere else.
My boss put a windows xp box on it, and it alone with a single linux router in between it any the internet, totally insecure except for fail2ban and port knocking.
The entire time we were waiting for the rest of the data center to be wired it stood up, never being penetrated. Maybe a month or so.
BUT we’d banned basically the entire public IP space.
This was back in the early 2010s
I've actually seen medical offices setup similarly. Some random computer in a back office with all of their patient data on it, completely exposed to the internet, protected by nothing but a few Windows Firewall rules limiting the connections to a few IP blocks. Just so they can share information office-to-office for say... a root canal and dental crown to be done on the same day, but at 2 separate locations due to limited space.
I'd run out of fingers if I were to count the number of times I've seen similar setups, 3-4 toes would be needed at least.
-
I've actually seen medical offices setup similarly. Some random computer in a back office with all of their patient data on it, completely exposed to the internet, protected by nothing but a few Windows Firewall rules limiting the connections to a few IP blocks. Just so they can share information office-to-office for say... a root canal and dental crown to be done on the same day, but at 2 separate locations due to limited space.
I'd run out of fingers if I were to count the number of times I've seen similar setups, 3-4 toes would be needed at least.
Terrifying.
We did it just as a for funsies test, when we actually began to put equipment in it was all properly secured.
-
Fun Fact: I once worked with a team that were mapping Iran's internet infrastructure... for reasons. One of the ways we were able to zero in on the more important systems was because we kept finding these weird Cisco routers that had Telnet exposed to the open internet. All of which just so happened to share neighboring IPs (or close enough) with some pretty serious government systems. Fun times.
I'm not a CISCO tech, so I don't know the specifics beyond that. But I do remember that the Telnet connection would permanently ban any IP that failed even a single password attempt. So they had that going for them, I guess lol
Telnet is a nightmare for security since it sends everything in plaintext - even with IP banning, anyone sniffing the network could intercept credentials and payload data without needing to guess passwords at all.
-
This post did not contain any content.
That program could, with grok it will
-
This post did not contain any content.
Windows isn't little-known.
-
-
-
The Ascendance Of Algorithmic Tyranny: As today’s platforms become all-powerful, the metaphors we use to describe our digitally infused world exemplify a new, stealthier domination that is emerging.
Technology
1
-
-
-
UK Office of Communications (Ofcom) launches nine Online Safety Act investigations, including into 4chan over alleged illegal content and into seven file-sharing services over possible CSAM
Technology
1
-
-
