ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    What Are You Doing Right Now

    Scheduled Pinned Locked Moved Water Closet
    time waster
    88.9k Posts 287 Posters 52.3m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • EddieJenningsE
      EddieJennings @NerdyDad
      last edited by

      @NerdyDad said in What Are You Doing Right Now:

      @EddieJennings said in What Are You Doing Right Now:

      @NerdyDad No, epic win. I was curious to see how Dokuwiki was receiving group information, so I put Wireshark on to view the traffic and try to gain some insight. What I discovered was the aforementioned credentials-in-the-clear problem. Had I not been curious about something else, it would've probably taken me a while to realize this problem was happening.

      Win for you, fail for Dokuwiki for not properly setting up encryption before sending authentication credentials, such as SSL.

      Now that being said, I'm not using https right now. I think even if I did configure SSL, which would encrypt traffic from me to dokuwiki, traffic from dokuwiki to my domain controller would still be unencrypted.

      NerdyDadN 1 Reply Last reply Reply Quote 0
      • NerdyDadN
        NerdyDad @EddieJennings
        last edited by

        @EddieJennings said in What Are You Doing Right Now:

        @NerdyDad said in What Are You Doing Right Now:

        @EddieJennings said in What Are You Doing Right Now:

        @NerdyDad No, epic win. I was curious to see how Dokuwiki was receiving group information, so I put Wireshark on to view the traffic and try to gain some insight. What I discovered was the aforementioned credentials-in-the-clear problem. Had I not been curious about something else, it would've probably taken me a while to realize this problem was happening.

        Win for you, fail for Dokuwiki for not properly setting up encryption before sending authentication credentials, such as SSL.

        Now that being said, I'm not using https right now. I think even if I did configure SSL, which would encrypt traffic from me to dokuwiki, traffic from dokuwiki to my domain controller would still be unencrypted.

        That is true. However, with Kerberos, it would be one more level of security instead of open creds. But lets look at the bigger picture here. We're inside of your network already. What is being kept on this wiki? How-to's? Not really that important. So probably don't need Kerberos security on a bunch of security manuals. If your users are using wireshark to try to get them into your wiki, then you either need to hire them into the IT dept or fire them. Your choice.

        EddieJenningsE 1 Reply Last reply Reply Quote 1
        • EddieJenningsE
          EddieJennings @NerdyDad
          last edited by EddieJennings

          @NerdyDad said in What Are You Doing Right Now:

          @EddieJennings said in What Are You Doing Right Now:

          @NerdyDad said in What Are You Doing Right Now:

          @EddieJennings said in What Are You Doing Right Now:

          @NerdyDad No, epic win. I was curious to see how Dokuwiki was receiving group information, so I put Wireshark on to view the traffic and try to gain some insight. What I discovered was the aforementioned credentials-in-the-clear problem. Had I not been curious about something else, it would've probably taken me a while to realize this problem was happening.

          Win for you, fail for Dokuwiki for not properly setting up encryption before sending authentication credentials, such as SSL.

          Now that being said, I'm not using https right now. I think even if I did configure SSL, which would encrypt traffic from me to dokuwiki, traffic from dokuwiki to my domain controller would still be unencrypted.

          That is true. However, with Kerberos, it would be one more level of security instead of open creds. But lets look at the bigger picture here. We're inside of your network already. What is being kept on this wiki? How-to's? Not really that important. So probably don't need Kerberos security on a bunch of security manuals. If your users are using wireshark to try to get them into your wiki, then you either need to hire them into the IT dept or fire them. Your choice.

          Ha! Alas, most of my users (other than the IT folks themselves) who'd be using this probably don't know Wireshark exists. Stuff that in a bunch of text files on our IT share is going into the wiki, and I can control access to pages from within Dokuwiki, as I don't think the average sales person needs to the see a document of "How to configure the web server."

          At this point, my quest is more of curiosity and learning of what traffic is visible when folks authenticate on their workstations against AD.

          coliverC 1 Reply Last reply Reply Quote 2
          • EddieJenningsE
            EddieJennings
            last edited by

            I really could spent all day going through a Wireshark capture and not become bored, but in 10 minutes, my office day ends, and I go teach a percussion lesson. 😄

            1 Reply Last reply Reply Quote 1
            • coliverC
              coliver @EddieJennings
              last edited by

              @EddieJennings make sure you are using ldaps and not straight ldap. This doesn't sound like a failure of the application just not using the correct authentication mechanism.

              EddieJenningsE 1 Reply Last reply Reply Quote 1
              • EddieJenningsE
                EddieJennings @coliver
                last edited by

                @coliver said in What Are You Doing Right Now:

                @EddieJennings make sure you are using ldaps and not straight ldap. This doesn't sound like a failure of the application just not using the correct authentication mechanism.

                Yeah. I'll see what options I have.

                1 Reply Last reply Reply Quote 0
                • NerdyDadN
                  NerdyDad
                  last edited by

                  Just not digging the new logo.

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @NerdyDad
                    last edited by

                    @NerdyDad said in What Are You Doing Right Now:

                    Just not digging the new logo.

                    Whose?

                    NerdyDadN 1 Reply Last reply Reply Quote 0
                    • NerdyDadN
                      NerdyDad @scottalanmiller
                      last edited by

                      @scottalanmiller said in What Are You Doing Right Now:

                      @NerdyDad said in What Are You Doing Right Now:

                      Just not digging the new logo.

                      Whose?

                      SW

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @NerdyDad
                        last edited by

                        @NerdyDad said in What Are You Doing Right Now:

                        @scottalanmiller said in What Are You Doing Right Now:

                        @NerdyDad said in What Are You Doing Right Now:

                        Just not digging the new logo.

                        Whose?

                        SW

                        Oh. I really liked it.

                        NerdyDadN 1 Reply Last reply Reply Quote 0
                        • NerdyDadN
                          NerdyDad @scottalanmiller
                          last edited by

                          @scottalanmiller said in What Are You Doing Right Now:

                          @NerdyDad said in What Are You Doing Right Now:

                          @scottalanmiller said in What Are You Doing Right Now:

                          @NerdyDad said in What Are You Doing Right Now:

                          Just not digging the new logo.

                          Whose?

                          SW

                          Oh. I really liked it.

                          Maybe it just needs to grow on me.

                          KellyK 1 Reply Last reply Reply Quote 0
                          • KellyK
                            Kelly @NerdyDad
                            last edited by

                            @NerdyDad said in What Are You Doing Right Now:

                            @scottalanmiller said in What Are You Doing Right Now:

                            @NerdyDad said in What Are You Doing Right Now:

                            @scottalanmiller said in What Are You Doing Right Now:

                            @NerdyDad said in What Are You Doing Right Now:

                            Just not digging the new logo.

                            Whose?

                            SW

                            Oh. I really liked it.

                            Maybe it just needs to grow on me.

                            I was ambivalent until they started putting it everywhere. Now the mosh duck is just annoying.

                            1 Reply Last reply Reply Quote 1
                            • DominicaD
                              Dominica
                              last edited by

                              Watching a show while @scottalanmiller and the kids play Minecraft

                              1 Reply Last reply Reply Quote 1
                              • NerdyDadN
                                NerdyDad
                                last edited by

                                Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @NerdyDad
                                  last edited by

                                  @NerdyDad said in What Are You Doing Right Now:

                                  Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                  Why not just use KVM?

                                  NerdyDadN 1 Reply Last reply Reply Quote 0
                                  • NerdyDadN
                                    NerdyDad @scottalanmiller
                                    last edited by NerdyDad

                                    @scottalanmiller said in What Are You Doing Right Now:

                                    @NerdyDad said in What Are You Doing Right Now:

                                    Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                    Why not just use KVM?

                                    I like the idea of segregation and security. Would it be possible to install KVM on a qube? That way I could potentially run CentOS and the other servers that I am wanting to explore.

                                    Or is this going back to the idea "If you're going to learn enterprise-level server linux OS, might as well run it on enterprise-level hardware, such as vultr or something"?

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @NerdyDad
                                      last edited by

                                      @NerdyDad said in What Are You Doing Right Now:

                                      @scottalanmiller said in What Are You Doing Right Now:

                                      @NerdyDad said in What Are You Doing Right Now:

                                      Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                      Why not just use KVM?

                                      I like the idea of segregation and security. Would it be possible to install KVM on a qube? That way I could potentially run CentOS and the other servers that I am wanting to explore.

                                      Or is this going back to the idea "If you're going to learn enterprise-level server linux OS, might as well run it on enterprise-level hardware, such as vultr or something"?

                                      That doesn't explain the why though. Why Qubes instead of KVM. And why would you want KVM on top? What is Qubes adding here?

                                      NerdyDadN 1 Reply Last reply Reply Quote 0
                                      • NerdyDadN
                                        NerdyDad @scottalanmiller
                                        last edited by

                                        @scottalanmiller said in What Are You Doing Right Now:

                                        @NerdyDad said in What Are You Doing Right Now:

                                        @scottalanmiller said in What Are You Doing Right Now:

                                        @NerdyDad said in What Are You Doing Right Now:

                                        Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                        Why not just use KVM?

                                        I like the idea of segregation and security. Would it be possible to install KVM on a qube? That way I could potentially run CentOS and the other servers that I am wanting to explore.

                                        Or is this going back to the idea "If you're going to learn enterprise-level server linux OS, might as well run it on enterprise-level hardware, such as vultr or something"?

                                        That doesn't explain the why though. Why Qubes instead of KVM. And why would you want KVM on top? What is Qubes adding here?

                                        For learning, IT? Absolutely nothing. Security/Paranoia? Its very difficult to become fully compromised.

                                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @NerdyDad
                                          last edited by

                                          @NerdyDad said in What Are You Doing Right Now:

                                          @scottalanmiller said in What Are You Doing Right Now:

                                          @NerdyDad said in What Are You Doing Right Now:

                                          @scottalanmiller said in What Are You Doing Right Now:

                                          @NerdyDad said in What Are You Doing Right Now:

                                          Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                          Why not just use KVM?

                                          I like the idea of segregation and security. Would it be possible to install KVM on a qube? That way I could potentially run CentOS and the other servers that I am wanting to explore.

                                          Or is this going back to the idea "If you're going to learn enterprise-level server linux OS, might as well run it on enterprise-level hardware, such as vultr or something"?

                                          That doesn't explain the why though. Why Qubes instead of KVM. And why would you want KVM on top? What is Qubes adding here?

                                          For learning, IT? Absolutely nothing. Security/Paranoia? Its very difficult to become fully compromised.

                                          How is that different than KVM?

                                          NerdyDadN 2 Replies Last reply Reply Quote 0
                                          • NerdyDadN
                                            NerdyDad @scottalanmiller
                                            last edited by NerdyDad

                                            @scottalanmiller said in What Are You Doing Right Now:

                                            @NerdyDad said in What Are You Doing Right Now:

                                            @scottalanmiller said in What Are You Doing Right Now:

                                            @NerdyDad said in What Are You Doing Right Now:

                                            @scottalanmiller said in What Are You Doing Right Now:

                                            @NerdyDad said in What Are You Doing Right Now:

                                            Playing with Qubes OS. Have me an IT qube, a HAM qube, and working on a Kali qube. Unfortunately its all in debian instead of fedora. Oh well.

                                            Why not just use KVM?

                                            I like the idea of segregation and security. Would it be possible to install KVM on a qube? That way I could potentially run CentOS and the other servers that I am wanting to explore.

                                            Or is this going back to the idea "If you're going to learn enterprise-level server linux OS, might as well run it on enterprise-level hardware, such as vultr or something"?

                                            That doesn't explain the why though. Why Qubes instead of KVM. And why would you want KVM on top? What is Qubes adding here?

                                            For learning, IT? Absolutely nothing. Security/Paranoia? Its very difficult to become fully compromised.

                                            How is that different than KVM?

                                            Okay. So far, impressed with KVM. Is there an HCL?

                                            Side note: Interesting how the web-bar icon is Red Hat. Merely hosted on red hat servers?

                                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1985
                                            • 1986
                                            • 1987
                                            • 1988
                                            • 1989
                                            • 4446
                                            • 4447
                                            • 1987 / 4447
                                            • First post
                                              Last post