Starting to search for the Dell evil certificate: http://www.theregister.co.uk/2015/11/23/dell_security_nightmare_gets_worse/ I’ll start looking for the eDellRoot cert on all the machines I can find and update this. Please comment if you have any results. Machines that do have it: Machines that do not: Precision t7610 Latitude e6510 Latitude e7440 optiplex 790
Anyone have an enterprise level password manager they recommend? http://techcrunch.com/2015/10/09/logmein-acquires-password-management-software-lastpass-for-110-million/ Logmein is a scary company. Large price boosts with little warning, they lie about HIPAA compliance. The thing that makes me the most angry about Logmein is that they couldn’t just say NO. No we don’t meet the conduit exemption. No, we aren’t built for […]
Look my ecobee is spamming a q9 datacenter in Canada. It’s not someone’s splunk server monitoring me on 8089 as I feared. Now on to fixing my kbox connection and see if otis notices I’m pinging the snot out of him while I mess with rules.
We are trying to figure out how to change our Kace community passwords. Dell/Kace is the last one keeping us down on a little lastpass score competition. Kace will reset your password by asking for your email address and sending a new one to you via email. Thus far we can’t find another way to […]
https://isc.sans.edu/diary/OpenSSL+SSLv3+POODLE+Vulnerability+Official+Release/18827 IE – Go to policies>All settings>filter SSL in the options if you want to go fast. Choose the one on the right: Use SSL 2.0, TLS 1.0, TLS 1.1, and TLS 1.2. Google Chrome- working on that right now.
I have been forced to work with McGladrey for quite a while now in order to maintain our accounting server and clients. I like the guys doing the work, they are good at what they do and pleasant to work with. What I can’t stand is the lack of oversight McGladrey employees get when it […]
As of now, 9ish AM MST, 3 PM GMT, lastpass is still down for many users. Not all, I am in and working fine. Most my my company is not. Lastpass has not published my comment in the forums which is a little disappointing. It was very professional and offered some data points for them […]
This is the basic list, not anything fancy: Step 1. Remove crappy software first Step 2. Add good software second- Emet 5.0 Secunia PSI 3.0 Some paid antivirus or MS defender. Do not do free antivirus, if you believe the conspiracy theory crap go to another website. You are like the anti vaccine people. Install […]
It looks like the Dell Kace folks could use a talking to from the Dell Secureworks folks. http://www.itwire.com/opinion-and-analysis/the-linux-distillery/63397-new-security-exploit-found-in-dell-kace-k1000-appliance My recommendation (changed 3-12 after taking the time to look at the source code) 1. Disable ports 80 and 443 in a manner you choose 2. Instruct users to submit tickets using email and respond with email […]
A few friends with wordpress pages have asked about this company lately. You might have seen something like this on your jetpack stats http://semalt.com/competitors_review.php?u=http%3A%2F%2Fwindowsnerd.com I keep running in to the theme of SEO and brand management companies this week. I suspect they are part of one or a tool used by one. Overall I’m not worried […]