ah, why not give him a shot... Seeing as Trump is going all out on filling the swamp, instead of draining it, he'd fit right in.
436 posts • joined 23 Mar 2007
Build a (fire)wall - and make the hackers pay for it!
My friend asked me to look at her dad's PC and dropped it off. He'd left a DVD in the drive, which duly spun into action with lesbian porn.
Opening a beer, I decided to take a well deserved break from my IT investigations. As the can reached my lips, performer #1 crouched above #2 and let loose.... well... a #2.
Beer down, computer off, knocked on door, "sorry, nothing I can do with this one!"
Krebs says not:
A free hip, says it's ransomware...
Fine, you don't advocate hacking back.
Now, it only takes *one* of you to deviate from that, and put a stop to these miscreants. I wouldn't lose much sleep over it in this instance, if it were done properly.
Re: Do people really buy them
Not desktops - but their laptops are actually pretty awesome.
Please change all the passwords on those insecure devices to something random.
Morning, Microsoft !
Funny you should ask about the whole "trust us" thing.
I've come in to work this morning to find 175 servers out of ~600 that are refusing to install Endpoint Protection AV updates. No known cause as of yet.
I'll keep working on it, but thanks for reminding me we can totally trust you not to screw things up.
Wouldn't cause a problem if they use Deep Freeze...
Unsafe computing practices, plus people with too much access = customers affected.
Nice work indeed...
Still, at least the ransomers know who to target in the future!
I was surprised to find I had a Yahoo account - it looks like it went over when I registered for flickr years ago.
Logged in to find an inbox that was full of nothing but incredibly-obvious spam. So their spam filters suck for sure. Oh, and the page design... it was like a teenagers Myspace page.. :(
Most-Recently-Used, most likely...
There's a lot of MRU lists populated in your typical windows installation - recent word, excel, publisher documents. Recent jpegs opened, recent folders visited, network locations browsed, internet history etc. Lots of places that a "real" machine will populate with evidence of actual work.
"You're only supposed to lock the bloooody dooors off!!!"
Re: it only takes only four lines of code and a local config file
Bother because you can potentially grab credentials that will get you to other parts of the infrastructure you don't already have access to.
"Clearly no harm was done"?
How do you know?
*cough* how much? *cough*
That doesn't work well when the people this most typically affects (home users) are local admins on their own machine, and the first thing the malware does is turn of versioning and deleting any existing snapshots...
Re: Ahh yess
Probably just as well they removed Classic Shell then...
How dare you take credit for this, El-Reg...????
Don't you know - he ALONE CAN SOLVE!
"Up, Periscope!" ??
I see SNORT signatures, but has anyone come up with an easy way to scan/test for this? (SNORT being reactive of course, I'd rather know in advance..)
nmap, nessus, some funky python script etc?
Re: Use a benchmark or compile a large project
May be worth trying diskspd as well?
I did see an article recently about some kit that could stress disks magnificently, but can't find it now...
Re: cratered during file copy?
Ignore the "how were you copying" - screenshots (that I couldn't see too well on mobile) clearly show Windows Explorer.
That's buffered IO and it absolutely WILL bring a server to its knees. Next time, watch the memory tab go through the roof and when it approaches maximum, that's when your server starts dying. If you're using Windows Explorer for benchmarking to copy files, then you're doing it wrong - the amount of memory in your server is taking up the slack and your results are therefore invalid.
Next time, use "xcopy /j".
cratered during file copy?
How were you copying, because if it wasn't unbuffered then no wonder it died...
Ah.. I saw what you did !!
On the "many tabs open" thing, (and aware this is an FF post), on Chrome I use "The Great Suspender" extension which puts idle tabs to sleep. Works great in terms of keeping the resources low.
Branchcache and WSUS - should solve most of his issues.
How about an automated email is sent to me whenever someone logs in to my account?
Costs nothing, low overhead, instant notification. Thankyouverymuch.
CAIDA? As in AL CAIDA ???
Errr... Illuminati confirmed or something.
Remarks about immigrants: ✔️
Anonymous coward: ✔️
Ironically, he's probably crying for his mum round about now...
But who will get in first with the "ah but he just kept repeating that I should turn to the right, and we ended up going round in circles" bit...?
And this is why we get a regular penetration test.
I'll skip this one tho - it's not something I want a hand in..
Before the post was removed, he had laid a comment saying that he'd managed to recover it all. There was a further comment asking the obvious "how did you do that" which hadn't been replied to before the thread was locked.
Stinks to high heaven, this one... It has to be a troll/fake.
So does that mean their Drupal installation is off the hook then?
Either way, some very slack admins there..
Never read "A cultural history of the Anus", but I did glance a "A passage of time". I presume it's a similar story.
WORST. PUNCHLINE. EVER
A friend gave me her dad's PC to fix once... I fired it up, and there was a videoCD in it with a suggestive label. Being an inquisitive fellow, I double-clicked.
A couple of rather nice young ladies taking an interest in each other, so I let it play for a bit. Until one crapped in the other one's mouth. Ewww...
Plug out the wall, knock on the door, "sorry, nothing I can do with it!!". Ruined my "he can fix anything" reputation for a bit, but yikes. I can't pass a coffee table without retching any more.
"one that’s 20 per cent of Nutanix's cost"
"all at 20 per cent lower cost than Nutanix.”
Which is it?
"A team of researchers from universities in Germany, the US and Israel as well as two OpenSSL developers - implemented the attack and can decrypt a TLS 1.2 handshake using 2048- bit RSA in under eight-hours using Amazon EC2, at a cost of $440."
Mine was totally fanless for a while - a Zalman reserator (basically, a big fanless external radiator tower) cooled the CPU, NB and GPU. It was a superb bit of kit. I had the drives in aluminium accoustic caddies and it was pretty eerie hearing only a beep at POST. QuietPC must have had a small fortune out of me ;-)
Only sold it because the toddler was far too attracted to those lovely blue (and easy to reach) water pipes.
What if you drive relatively smoothly and don't stand on the brakes at every junction..?
Doesn't read to me like there's a design flaw - FBI are asking if it's possible to do this ("make a new version of the iPhone OS"), and Apple are saying "we've been asked to do this and we're not, as it's a bad thing; it introduces a design flaw" - which by implication would suggest that it's not already there and as such it's currently a pretty watertight design.
Trevor's argument sounds a bit like saying "if you reprogram trucrypt and can somehow install it, then you can have the contents of my hard disk without my password". Which I don't think sounds very likely to anyone.
Targetted attack, spear phishing. Equipment doesn't need to be available from the internet for that. Also, if cryptowall, then it's files and network shares. Which would pretty much be guaranteed to be internal, behind any firewall. These things don't go out looking for open file shares on the internet to infect.
Re: Is it just me?
Because "full device encryption"...?
10 grand for that?
Fuck me.... what must the other entries have been like !
Already exists anyway:
Yawn.. Call me when it's Steven Avery and aliens...
It's a Land Rover - if there isn't a pool of oil underneath it, that means there's none in it.