| Deutsch English Français Italiano |
|
<vjj6av$1ss1$1@nnrp.usenet.blueworldhosting.com> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail From: "Edward Rawde" <invalid@invalid.invalid> Newsgroups: sci.electronics.design Subject: Re: Win11 explorer bug? Date: Sat, 14 Dec 2024 00:50:22 -0500 Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com) Lines: 83 Message-ID: <vjj6av$1ss1$1@nnrp.usenet.blueworldhosting.com> References: <vjg7dh$kf$2@nnrp.usenet.blueworldhosting.com> <vjgm11$396oa$1@dont-email.me> <vjhupn$1ds9$1@nnrp.usenet.blueworldhosting.com> <vji6qd$3jsoc$1@dont-email.me> <vjib0c$2u4n$1@nnrp.usenet.blueworldhosting.com> <vjii9m$3ltn2$2@dont-email.me> <vjiq87$5dl$1@nnrp.usenet.blueworldhosting.com> <vjj4gd$3sa72$1@dont-email.me> Injection-Date: Sat, 14 Dec 2024 05:50:23 -0000 (UTC) Injection-Info: nnrp.usenet.blueworldhosting.com; logging-data="62337"; mail-complaints-to="usenet@blueworldhosting.com" Cancel-Lock: sha1:ltX3rYUj5wWCbfNR7PbVSkVT5YE= sha256:kTIgq30oALGz+eAYaWR/w8tABuC19/JFEoWOmHPXqr8= sha1:jBoEtmmCwX330r0P0qLszc7oDOQ= sha256:0c1wAJeeRwkgD3DnRj1eMcHgTHM5+b4TBmPP81CoZxs= X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 X-MSMail-Priority: Normal X-RFC2646: Format=Flowed; Response X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-Priority: 3 Bytes: 4882 "Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjj4gd$3sa72$1@dont-email.me... > On 12/13/2024 7:24 PM, Edward Rawde wrote: >> "Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjii9m$3ltn2$2@dont-email.me... >>> On 12/13/2024 3:03 PM, Edward Rawde wrote: >>>> "Don Y" <blockedofcourse@foo.invalid> wrote in message news:vji6qd$3jsoc$1@dont-email.me... >>>>> On 12/13/2024 11:35 AM, Edward Rawde wrote: >>>>>> "Don Y" <blockedofcourse@foo.invalid> wrote in message news:vjgm11$396oa$1@dont-email.me... >>>>>>> On 12/12/2024 7:50 PM, Edward Rawde wrote: >>>>>>>> I'm getting 441 header line too long while trying to reply to Don Y in the other thread so I'm going to leave it there. >>>>>>>> >>>>>>>> Some organizations are obviously doing a lot better then others at cybersecurity. >>>>>>> >>>>>>> <https://www.crn.com/news/security/2024/10-major-cyberattacks-and-data-breaches-in-2024-so-far> >>>>>>> >>>>>>> at least, the ones that we KNOW about... >>>>>>> >>>>>>> >>>>>> >>>>>> They are all large organizations rather than a single location with a single firewall. >>>>>> >>>>>> Large organisations don't have a single individual doing firewall configuration and security for the entire organisation. >>>>> >>>>> No. They have automated tools doing this work. No one spends their time >>>>> manually browsing log files. >>>> >>>> You must have worked for may different large organizations to know how they all do things. >>> >>> Yes. And have colleagues at (or who have consulted with) others. >>> >>>> Did you miss the part where I said I have automated tools (python scripts) to deal with log files? >>>> >>>> I maintain a blacklist of 200,000 IPv4 addresses and networks in otherwise friendly countries. >>>> Doing that manually would be ridiculous. >>> >>> And I rely on a knock sequence. Who's spending LESS time on maintaining their >>> service? >> >> Spending less time on cybersecurity will mean lower knowledge and increased risk of compromise. > > And, in 40+ years, online, I've lost nothing. I guess I must be doing > something wrong... Same here. So I must be too. > >> And it's fun to see where the brute force and other attacks come from. >> >> Knock sequences aren't very useful outbound. The last phishing site I visited (out of curiosity) didn't require one. > > Why would a SERVER be making *unsolicited* outbound connections? Huh? Phishing sites run web servers. No-one said that such servers make outbound connections. I don't use knocking because it's inconvenient and it's debatable whether or not it's any better than a firewall which drops everything which isn't from specific IP addresses or networks. Whether knocking or IP filtering is used in front of a server, the server should still reject anything which doesn't have valid login credentials. But I don't wish to waste time debating it any further. > >>> >>>>> >>>>>> The ones who have breaches more likely have managers who don't want anything touched if it's working. >>>>>> >>>>>> So the individual who suggests that changes should be made to restrict database connections to nothing other than known IP >>>>>> addresses >>>>>> or networks, rather than having them open to the entire world, is likely to be ignored. This is, of course, just one of the >>>>>> myriad >>>>>> reasons why breaches occur. >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> >>> >>> >> >> > >