--- Log opened Thu Apr 05 00:00:47 2018
02:18 -!- dfused [~dfused@c-73-11-137-36.hsd1.wa.comcast.net] has quit [Ping timeout: 276 seconds]
02:20 -!- dfused [~dfused@c-73-11-137-36.hsd1.wa.comcast.net] has joined #se2600
03:09 -!- crashcartpro [uid29931@gateway/web/irccloud.com/x-amkqojstaevodoua] has quit [Read error: Connection reset by peer]
03:10 -!- crashcartpro [uid29931@gateway/web/irccloud.com/x-mcyzhjjqoqatstli] has joined #se2600
03:11 -!- shapr [~shapr@haskell/developer/shapr] has quit [Ping timeout: 264 seconds]
03:11 -!- dc0de[m] [dc0dematri@gateway/shell/matrix.org/x-jkvtasilqcucstaw] has quit [Ping timeout: 248 seconds]
03:16 -!- shapr [~shapr@162.243.9.169] has joined #se2600
03:17 -!- shapr is now known as Guest12920
03:25 -!- dc0de[m] [dc0dematri@gateway/shell/matrix.org/x-rzuzlrpvkdblqeun] has joined #se2600
06:24 -!- Dolemite [~scott@24-158-118-59.dhcp.kgpt.tn.charter.com] has quit [Quit: security patch reboot]
06:54 -!- Dolemite [~scott@24-158-118-59.dhcp.kgpt.tn.charter.com] has joined #se2600
06:54 -!- mode/#se2600 [+o Dolemite] by ChanServ
06:54 <@Dolemite> mr0ning, be0tches and h0ez!
07:05 -!- sicsscam_ is now known as sicsscam
07:10  * aestetix_ hugs Dolemite 
07:14 <@Dolemite> Is that a _ in your pocket or are you just happy to see me?
07:25 < aestetix_> Dolemite: there's always a _ for you
08:59 -!- NotLarry [~NotLarry@dhcp-129-59-132-27.n1.vanderbilt.edu] has joined #se2600
08:59 -!- mode/#se2600 [+o NotLarry] by ChanServ
09:27 -!- Dagmar [dagmar@unaffiliated/dagmar] has quit [Ping timeout: 264 seconds]
09:28 -!- Dagmar [dagmar@c-69-180-254-140.hsd1.tn.comcast.net] has joined #se2600
09:28 -!- Dagmar [dagmar@c-69-180-254-140.hsd1.tn.comcast.net] has quit [Changing host]
09:28 -!- Dagmar [dagmar@unaffiliated/dagmar] has joined #se2600
09:28 -!- mode/#se2600 [+o Dagmar] by ChanServ
10:16 -!- strages [uid11297@gateway/web/irccloud.com/x-vxgaepoudupnfxpc] has joined #se2600
11:21 <@Mirage> anyone ever tried to set a db connection object to an array vs a normal variable?  ie $mslink['prod'] vs $mslink_prod
11:22 <@Corydon76> Not in PHP, no.  I have done that in Perl; however, I also wasn't using SQL Server at the time.
11:23 <@Corydon76> But it should work fine to an array element.
11:24 <@Mirage> I figured it should.  Since they keep adding more and more DBs to the list of ones I need to add to my custom web pages and scripts I'm trying to make life easier on myself manging all of them.
11:27 <@Mirage> I already swicthed to having all the connection info in an array to make creating/validating the connections easier, and setting them to ${"mslink_".$db} with $db being set using foreach ( $dblist_conn as $db).
11:28 <@Mirage> Would be cleaner to just do foreach( $mslink as $key=>$val ) and do close on $mslink['db'] values.
11:33 <@Dolemite> Mirage: You see my email from this weekend, or did your auto-trash script process it? :)
11:48 <@Mirage> Shouldn't need anything too specialized.  Should be able to just to pickup precision drivers from Lowes/HomeDepot/etc.
11:52 <@Dolemite> I've got bits that fit for it.   I just can't figure out how to separate it out without breaking it.
11:52 <@Mirage> TSA might frown on trying to carry-on my "laptop repair" toolkit.
11:52 <@Dolemite> Well, there's one teeny tiny star bit
11:52 <@Mirage> torx
11:52 <@Dolemite> But I had a straight head that actually fit it rather well without any stripping of it
11:52 <@Dolemite> I can go find a small TORX bit for it
11:53 <@Dolemite> So basically I'll bring tools, and some beer.   You figure out how to get it open without breaking it. :)
11:53 <@Mirage> Should be doable.
11:53 <@Dolemite> I paid $135 for it on eBay last year, and got about a year's life out of it, so I'm not too sad if it does break...   but it's a decent system that would do well for Mr. 12
11:54 <@Mirage> At least it's not some Apple product.
11:55 <@Dolemite> The replacement arrived yesterday.   Definitely the nicest laptop I've personally owned.   Backlit keyboard and all.   Stinkpad T540P with Core i7 and 16 GB RAM, and included a sled for a second drive and a docking station.   $335 eBay special - former leased equipment.  LOL
11:58 <@_NSAKEY> Mirage: That's what blacksmith hammers are for.
11:58 <@Mirage> _NSAKEY: bah, I dunno how I'm gonna be able to take it apart without my pocket knife.
11:59 <@Dolemite> ok, time to go visit the dentist and have her fix this cracked filling...   maybe I can eat crunchy things on the left side of my mouth, again
11:59 <@Dolemite> Later
12:05 <@Corydon76> I've been in Apacheland today, working out VirtualDocumentRoot with mod_rewrite.
12:06 <@Corydon76> Really neat stuff, but heavy voodoo
12:08 <@Corydon76> Basically, how to let our Alias-dependent legacy system run on a development machine, allowing us to create developer branches on the fly without restarting Apache.
12:35 <@_NSAKEY> Corydon76: How many chickens did you behead before getting it right?
13:32 <@Corydon76> Yes.
13:40 -!- sicsscam [~sicsscam@24.154.71.208] has quit [Read error: Connection reset by peer]
13:48 < ^020d> At least you didn't have to go through and remove a few thousand hard coded paths right?
13:49 <@Corydon76> Who, me?  Yeah, I'm not much for that.  This was a modification so that we didn't have to add symlinks on the checkout to emulate the Alias commands on the production servers.
13:52 < ^020d> I had to "productize" an internal app that had the domain name allllll over the place.   Then removing the company name...  everything was hard coded.
13:53 < ^020d> I don't know what was sadder, me removing them all, or the original devs typing that over and over and over.  Hope they at least copied and pasted.
13:58 <@_NSAKEY> ^020d: Did you at least use sed?
14:22 < ^020d> I wish.  It was PHP with inconsistent quote use so had to check each use or it might output a variable name.
15:04 <@Mirage> woohoo, part came in and i just spent my 'lunch' fixing my old Kodak Carosel 700 projector.
15:04 <@Mirage> No more manually advancing slides!
15:08 <@Mirage> ^020d: if you ever saw all the rewrite rules that Dagmar and I used to have to manage for www.vanderbilt.edu you's shit yourself.
15:08 <@Mirage> ^s/you's/you'd/
15:31 <@Dagmar> Fuckin' _thousands_ of them
16:11 < dasunt> Great.  Someone I know fell for a phishing attempt.
16:12 < dasunt> I had them reset the account passwords.  Anything else I should do?
16:20 <@Corydon76> Call the cell phone provider and ask to change the passcode.
16:20 <@Corydon76> Also, place a fraud alert with the credit monitoring agencies
16:21 <@Corydon76> On the off chance that the phisher got in before you changed the passwords, you want to ensure that the damage is limited.
16:21 <@Corydon76> If the accounts have a way of logging out all logged in users, make sure you do that.
16:22 <@Corydon76> i.e. force reauthentication
16:26  * dasunt nods.
16:26 < dasunt> I did that as far as I can.
16:28 < dasunt> Re:  authentication.
16:28 < dasunt> WTF is a passcode for a cell phone?
16:28 < dasunt> DIYM voicemail passcode?
16:29 <@Corydon76> Cell phone providers have an optional passcode which is needed to make changes to the account, like redirecting your cell phone number to another phone.  If you're using SMS as a form of 2factor authentication, then an attacker redirecting your cell phone number can do a lot of damage.
16:30 < dasunt> Ah, okay.  Thanks.
16:30 <@Corydon76> T-Mobile publicized this attack vector a few months ago; apparently, they had some customers victimized by this.
16:31 < dasunt> One other thing I found while checking out OMG WHAT TO DO which isn't obvious, is to tell the person to change their password to something completely different.
16:31 <@Corydon76> https://newsroom.t-mobile.com/news-and-blogs/unauthorized-porting-protecting-your-account.htm
16:31 < PigBot> Unauthorized Porting: Protect Your Account | T-Mobile Newsroom (at newsroom.t-mobile.com) http://tinyurl.com/ydhwfewc
16:33 < dasunt> Or should I say, it's obvious for us.  It may not be obvious to other people that changing your password from "Password7&" to "Password8*" isn't that secure.
16:34 <@Corydon76> In terms of the simplicity of it, I agree.  In terms of having a published system of changing it, I agree.  However, simply adding or changing a character in a password can generally be sufficient, at least in the short term, to foil a would-be attacker
16:35 <@Corydon76> Most of them won't try to get into guessing how it changed; most will simply move on to the next victim.
16:35 < dasunt> Depends how targetted the attack is.  This sounds pretty generalized, tbh.  It was one email contact that was doing the "click on the login in the attachment" spam.
16:36 < dasunt> And I'm in an industry that probably isn't being targeted specifically.  (I can think of reasons why it should be, but it isn't right now.)
16:36 <@Corydon76> If the attack is automated, changing everything is your best bet.
16:37 <@Corydon76> You just don't know how much an automated attack was able to glean.  But most of the attacks tend to be collection points, where an attacker goes back to the collection point days or weeks later, and starts going through the list of collected data.
16:38 <@Corydon76> What they want is the victim who was caught unawares and whose password is still unchanged a week later, because they're unlikely to be proactive enough to stop any complicated scheme to bilk the victim out of funds.
16:40 <@Corydon76> The guy who realizes he just got suckered and locks down his accounts is not their prime target.
16:40 <@Corydon76> That's the guy most likely to get the criminal caught.
16:42 < dasunt> Y'know, that is an interesting point.
16:44 <@Corydon76> But you're still better off acting quickly as if you got hit with a targeted attack, because on the remote chance that it was, you want to be ultra conservative in ensuring that the damage is limited.
16:56 < TheDukh> So... how bad is the Georgia anti-infosec legislation?
17:07 < Warcop> http://www.legis.ga.gov/Legislation/20172018/177608.pdf
17:16 < Warcop> Depending on how you're operating it may have little to no impact. Ethically you can operate without this being an issue. You can also have the backing of an EO policy. This still only applies if you're entering into business with a company to do pen testing.
18:26 -!- tomato_yak [~ident@c-24-98-134-16.hsd1.ga.comcast.net] has joined #se2600
18:31 -!- Guest12920 is now known as shapr
18:31 -!- shapr [~shapr@162.243.9.169] has quit [Changing host]
18:31 -!- shapr [~shapr@haskell/developer/shapr] has joined #se2600
18:31 -!- mode/#se2600 [+o shapr] by ChanServ
18:35 -!- tomato_yak2 [~androirc@c-24-98-134-16.hsd1.ga.comcast.net] has joined #se2600
18:38 -!- tomato_yak [~ident@c-24-98-134-16.hsd1.ga.comcast.net] has quit [Quit: AndroIRC - Android IRC Client ( http://www.androirc.com )]
18:38 -!- tomato_yak2 [~androirc@c-24-98-134-16.hsd1.ga.comcast.net] has quit [Client Quit]
18:39 -!- tomato_yak [~androirc@c-24-98-134-16.hsd1.ga.comcast.net] has joined #se2600
18:40 -!- tomato_yak2 [~ident@c-24-98-134-16.hsd1.ga.comcast.net] has joined #se2600
18:43 -!- tomato_yak2 [~ident@c-24-98-134-16.hsd1.ga.comcast.net] has quit [Client Quit]
20:44 -!- NotLarry_ [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has joined #se2600
20:44 < NotLarry_> damn storm took out my cable modem.  Just got back online:|
21:50 -!- tomato_yak [~androirc@c-24-98-134-16.hsd1.ga.comcast.net] has quit [Remote host closed the connection]
22:40 -!- LastChild [~RasPi@c-68-53-5-70.hsd1.tn.comcast.net] has joined #se2600
22:41 -!- mode/#se2600 [+o LastChild] by ChanServ
--- Log closed Fri Apr 06 00:00:48 2018