Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - icecream-guy

Forum Lobby / Re: Zero Trust
December 01, 2023, 07:13:02 AM
Quote from: config t on November 30, 2023, 07:23:52 PMHow about a section for ZT discussions?

Try - Everything Else in the Data Center
squeeze 'em out, if ya can. There's only a month left in the year.
Forum Lobby / Happy Thanksgiving
November 23, 2023, 12:35:11 PM
To all those that participate.
Happy Thursday to all the others.
what are the networks?   the easiest way to combine networks is to modify the subnet mask in all devices.

Have you decided on a subnet to use?

I think this is an old question, looking for IPv4 not IPv6.
Security / Re: Manage security on unmanaged PCs
November 10, 2023, 07:12:57 AM
I'm in network security, my job is to find vulnerabilities and weaknesses in systems.  But I can't even run a Tenable scan or NMAP, without authoritative permissions. otherwise it might be construed that I am hacking the network.
Security / Re: Manage security on unmanaged PCs
November 08, 2023, 05:22:00 PM
Doing anything against company policy is a path to nowheresville, IN.  you need buy in, and acceptance (in writing, to CYA) that anything you do is recommended and or approved by management. and only do what is approved by management, making decisions on your own leads to liability. liability leads to joblessness. not your company, not your decision, so all you can do is make recommendations, it's up to the company to make the final decisions and accept liability and task you to implement your recommendations, rather than you. if they decide not to do anything, it's not your call. it's not your company. (unless you have some stock sharing incentive that I am not aware of).

Security / Re: Manage security on unmanaged PCs
November 07, 2023, 06:33:37 PM
yes like deanwebb says, if this is a corporate network, to secure it, you NEED to have by in from management, otherwise you will probably be out of work shortly. Identify devices, build a case, make recommendations, provide solutions, request a budget for securing the network, and implement recommendations.  If management is not keen on securing their network, what was is that he (deanwebb) said,  hop into your Porsche Boxster and peel out of the parking lot...screaming it's all on you (expletive). cause you don't want to be there long.

The budget really depends on the solutions that management is will to support with your recommendations. I would suggest to contact 3 vendors build a Bill of Materials and present to management (with your recommendations) to support the budget request. it could be in 500K to 5M. it really depends on what you are trying to protect. and what the loss to the company would be if that data were compromised or lost, or encrypted.

Recovery cost would need to be determined by management or accounting,  if it's going to cost 2M to recover and you can protect with 500K, that's a no brainer. if it's going to cost 2M to recover and 2.5M to protect, that is not your decision but may be viable depending on what you are protecting. But that is risk assessment and not part of network security.
wow just wow!!!
 I never knew how complicated the middle east was...
this guy does a good explanation.
Homework Help / Re: An interesting homework problem
November 06, 2023, 05:18:10 AM
ping the broadcast network address?
Quote from: icecream-guy on November 05, 2023, 05:59:01 PM1. check if traffic is interesting source traffic is permitted trough the tunnel and will transverse. #2 check if response back is permitted.
It mat get there but return response is denied, packet capture on device or FW may be required.
1. check if traffic is interesting source traffic is permitted trough the tunnel and will transverse. #2 check if response back is permitted.
Quote from: deanwebb on October 26, 2023, 06:33:51 PMFrom a configuration server, as that likely is done securely. Or, rather, it could be done *more* securely than from a remote text file. That remote text file could be altered by someone else and I not be aware of it as I provision my computer. But the configuration server potentially keeps that information securely, tracks changes, and requires secure connections for provisioning new computers.

..and what if that configuration server is taken over by a bad actor?
we all need to learn stuff, and keep on learning, otherwise you will only know old technology, and we all know that is career suicide. (except if one is a mainframe operator or COBOL programmer)