windowsnerd.com

notes from an admin for himself. you can read it if you want.

Entries Comments


Custom Search






Category: security

Oh hell no, Logmein bought Citrix Goto products. No BAA/HIPAA compliance for you!

28 April, 2017 (11:12) | complaining, Mindless Blather, security, software | 2 comments

Logmein acquired the fleet of Goto products from Citrix last year. We moved away from logmein because they refused to offer or acknowledge they were responsible for a BAA for HIPAA data per the HITECH Omnibus of 2013. Now we are sad about our use of gotomeeting, webinar, training and gotoassist. Citrix offered us a […]

Dell Superfish 2.0 fishing – what has it and what doesn’t

23 November, 2015 (16:43) | antivirus/spyware, security | No comments

Starting to search for the Dell evil certificate: http://www.theregister.co.uk/2015/11/23/dell_security_nightmare_gets_worse/ I’ll start looking for the eDellRoot cert on all the machines I can find and update this. Please comment if you have any results. Machines that do have it: Machines that do not: Precision t7610 Latitude e6510 Latitude e7440 optiplex 790

Logmein buys lastpass… time to go shopping for a replacement. Also Logmein is NOT HIPAA compliant

12 October, 2015 (07:44) | security | 1 comment

Anyone have an enterprise level password manager they recommend? http://techcrunch.com/2015/10/09/logmein-acquires-password-management-software-lastpass-for-110-million/ Logmein is a scary company. Large price boosts with little warning, they lie about HIPAA compliance. The thing that makes me the most angry about Logmein is that they couldn’t just say NO. No we don’t meet the conduit exemption. No, we aren’t built for […]

port 8089 firewall block 236.­61.­220-216.­q9.­net Ecobee thermostat

28 February, 2015 (09:52) | security | No comments

Look my ecobee is spamming a q9 datacenter in Canada. It’s not someone’s splunk server monitoring me on 8089 as I feared. Now on to fixing my kbox connection and see if otis notices I’m pinging the snot out of him while I mess with rules.

Horrible password policies – Dell Kace #1

10 November, 2014 (12:59) | security | No comments

We are trying to figure out how to change our Kace community passwords. Dell/Kace is the last one keeping us down on a little lastpass score competition. Kace will reset your password by asking for your email address and sending a new one to you via email. Thus far we can’t find another way to […]

Poodle mitigation for IE and Google Chrome via group policy

16 October, 2014 (16:54) | security, Stupid windows tricks | No comments

https://isc.sans.edu/diary/OpenSSL+SSLv3+POODLE+Vulnerability+Official+Release/18827 IE – Go to policies>All settings>filter SSL in the options if you want to go fast. Choose the one on the right: Use SSL 2.0, TLS 1.0, TLS 1.1, and TLS 1.2.                               Google Chrome- working on that right now.

McGladrey security is downright awful

24 August, 2014 (11:32) | complaining, Mindless Blather, security | No comments

I have been forced to work with McGladrey for quite a while now in order to maintain our accounting server and clients. I like the guys doing the work, they are good at what they do and pleasant to work with. What I can’t stand is the lack of oversight McGladrey employees get when it […]

Lastpass is down. 8/12/2014

12 August, 2014 (09:17) | complaining, security | No comments

As of now, 9ish AM MST, 3 PM GMT, lastpass is still down for many users. Not all, I am in and working fine. Most my my company is not. Lastpass has not published my comment in the forums which is a little disappointing. It was very professional and offered some data points for them […]

Mid 2014 basic windows client hardening checklist

4 August, 2014 (11:22) | antivirus/spyware, security | No comments

This is the basic list, not anything fancy: Step 1. Remove crappy software first Step 2. Add good software second- Emet 5.0 Secunia PSI 3.0 Some paid antivirus or MS defender. Do not do free antivirus, if you believe the conspiracy theory crap go to another website. You are like the anti vaccine people. Install […]

Dell kbox exploit is out in the wild and probably being hammered on

12 March, 2014 (00:26) | antivirus/spyware, linux, security | No comments

It looks like the Dell Kace folks could use a talking to from the Dell Secureworks folks. http://www.itwire.com/opinion-and-analysis/the-linux-distillery/63397-new-security-exploit-found-in-dell-kace-k1000-appliance My recommendation (changed 3-12 after taking the time to look at the source code) 1. Disable ports 80 and 443 in a manner you choose 2. Instruct users to submit tickets using email and respond with email […]

« Older entries