We’re not talking about some punch card COBOL machine he jimmy rigged with network access, it’s an old Debian Linux box with SSH enabled.
It’s not like Metasploit would have a tough time finding unpatched vulnerabilities for it…
We’re not talking about some punch card COBOL machine he jimmy rigged with network access, it’s an old Debian Linux box with SSH enabled.
It’s not like Metasploit would have a tough time finding unpatched vulnerabilities for it…
I’m assuming they meant that they were company phones, and that additionally they were required for any work related MFA requirements.
If that’s the case, it would be YubiKey in addition to, not instead of.
As for the time tracking software, those are often part of a much larger accounting, payroll, and/or HR software suite. Having his team spin up Windows vms, or even have separate older windows boxes somewhere, probably makes more financial sense than not. At least, until they can switch to a more modern suite that has a web portal.
Imposter. That was a test. The real 4Chan would know that I use:
FileName.ACTUAL_REAL_LATEST_FINAL_PROD_VERSION
And it works everytime, about 70% of the time.
Are you the hacker known as 4Chan? How else could you know my version naming convention?
Regardless, all will be forgiven if you can remind what folder and file actually contains the final version. So… which is it?
Security expenditures are just numbers on an Excel sheet, just like HR, and legal…it’s a business.
You know what else is a big threat? Executives of cost-center departments not understanding how to articulate their needs in terms of profit, or profit loss.
HR and legal departments are generally much better at explaining their concerns and needs in terms of profit, and not abstract concepts i.e. security.
AliExpress is not even close to Amazon except for the fact that it does a great job at providing a wide selection of Chinese products, but cheaper and with longer lead times.
What makes Amazon, Amazon, is its customer service. Without that, it’s like eBay. But even eBay has significantly better customer service than AliExpress.
Speaking as someone who has used AliExpress a lot, it’s pretty good, but only if you understand that all sales are final. Best cast scenario, the seller makes you pay for shipping which generally costs anywhere from 50% to 250% of your original purchase price.
Their customer service always defers to sellers in my experience, and even if they approve a return, what’s the point if you lose money by shipping it back?
Unless it’s for SMTP only, it’s probably a back end sever to some other front facing box, or service, that has IP addresses whitelisted for email.
I’m pretty sure I read one of his comments elsewhere talking about tunneling everything over SSH, so I assume that’s what he meant, but I could be mistaken.
Regardless, using an EOL distro as an internet facing SSH server that’s 8 years behind on SSH updates, is probably a bad idea.