MNSBR: Hey Computer Nerds! - MNSBR

Jump to content

  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Hey Computer Nerds! Cybersecurity

#1 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 06 March 2018 - 09:24 AM

I keep getting weird requests from our IT dept, but I've never had some of these requests at other companies. Why do you need to close web browsers before you leave work? They said that was how Target was hacked, but I've found that was done through "spear phishing" a vendor that had access to Target's network. Some idiot opened a false email.

We're told to close out of our ERP system, yet IT tells people to check the box for "remember my password" in Outlook so it opens without a password... Doesn't make sense.


0

#2 User is offline   POE Icon

  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Moderator
  • Posts: 16,989
  • Joined: 01-February 08
  • Gender:Male
  • Location:Circle Pines
  • Ride:600RR street
    '17 Grom
    '14 Grom
    SV650 race
    YZ250F

Posted 06 March 2018 - 09:36 AM

I suppose an unsecure web page could leave certain connections open that a hacker could piggy back on. Just a guess. Not sure if that's a thing currently.
0

#3 User is offline   mike4king Icon

  • Weeeeeee!
  • PipPipPipPipPipPipPip
  • Group: Member
  • Posts: 1,810
  • Joined: 25-April 11
  • Gender:Male
  • Location:Maple Grove
  • Ride:2003 600rr track, 2012 V-Star1300 street

Posted 06 March 2018 - 09:40 AM

My knowledge is more than average but still limited on this topic. I can't think of a cybersecurity reason to close your browser when you're not using it. It's a good idea to shut down your apps/machine when you're not using them, which will help keep your computer running cleaner/faster and clear out some of the temporary memory/cache, but that's not really related to cybersecurity.

The best (reasonable) cybersecurity recommendations that I'm aware of:
- don't use public or unsecured wifi networks
- don't open weird emails
- don't open weird links in emails
- don't go to weird websites
- don't install weird browser extensions or software
- verify that any request for personal information is coming from a legitimate source (knowing that people can fake/spoof their phone number that they call from, the email address they send from, or the look of the website that they send you to)

Some people go much further, like booting off CDs or exclusively using virtual machines. However, it's my opinion that the big browsers and operating systems are pretty secure and the weakest link BY FAR is the user 99% of the time.

A weird thing that most people don't know is that it's actually much safer to use one of the password managers (like LastPass), as you're then depending only on the security of one website to maintain your password integrity (and that one website's business revolves around them being and staying secure). If you don't use a password manager, then you either have to remember different passwords for every site or (like most people) use the same password for multiple sites. If you use the same password for multiple, then you're again dependent on the weakest of those sites to not get hacked, because then the hackers have your password to a bunch of stuff.
0

#4 User is offline   ripperd Icon

  • aka Dean
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,100
  • Joined: 05-May 08
  • Gender:Male
  • Location:Victoria MN
  • Interests:snowmobiles, bikes
  • Ride:08 WR250X/R, Kymco 125, CRF50

Posted 06 March 2018 - 09:43 AM

Your web browser will keep secure session state and credentials cached while it is open. If an attacker takes over your PC with the browser still open, they can obtain those things. Closing the browser will delete temporary credential caches or cookies, alleviating the issue.
0

#5 User is offline   JohnnyCage Icon

  • No Ragrets
  • PipPipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 4,610
  • Joined: 19-March 08
  • Gender:Male
  • Location:Burnsville, MN
  • Interests:Roadracing & Guitar
  • Ride:At the back of the expert grid

Posted 06 March 2018 - 11:32 AM

You should be required to shut down your device every night when you leave. Without question.
0

#6 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 06 March 2018 - 12:48 PM

View Postripperd, on 06 March 2018 - 09:43 AM, said:

Your web browser will keep secure session state and credentials cached while it is open. If an attacker takes over your PC with the browser still open, they can obtain those things. Closing the browser will delete temporary credential caches or cookies, alleviating the issue.
It makes sense to close out of any software we use for business, just in case. Like mike noted, the biggest threat does go back to the users allowing malware in by getting baited by emails. I still can't believe people get suckered by the stupid stuff out there. They would be screwed if they ever tried Craigslist.


View PostJohnnyCage, on 06 March 2018 - 11:32 AM, said:

You should be required to shut down your device every night when you leave. Without question.
This really is the easiest solution. Just make everyone restart their computers at night so everything is closed out and the computer can still get updates after hours.
0

#7 User is offline   rochambo Icon

  • Portrait of the artist as a fucking asshole
  • PipPipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 6,371
  • Joined: 03-October 06
  • Gender:Male
  • Location:Nordeast
  • Interests:Killing cops and reading Kerouac...
  • Ride:grom

Posted 06 March 2018 - 01:23 PM

Open taco cookies
0

#8 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 06 March 2018 - 01:57 PM

View Postrochambo, on 06 March 2018 - 01:23 PM, said:

Open taco cookies
I think we're talking about Phish Tacos...? The old guy loves to bite on them, no matter how sketchy they look. He gets them from whatever bad malware stand is selling the damn things.
0

#9 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 20 March 2018 - 09:34 AM

New topic related to IT crap... has anyone heard of, or used, Checkpoint Security? It's hosing up computers left and right here
0

#10 User is offline   mike4king Icon

  • Weeeeeee!
  • PipPipPipPipPipPipPip
  • Group: Member
  • Posts: 1,810
  • Joined: 25-April 11
  • Gender:Male
  • Location:Maple Grove
  • Ride:2003 600rr track, 2012 V-Star1300 street

Posted 20 March 2018 - 09:37 AM

View PostDVS DAN, on 20 March 2018 - 09:34 AM, said:

New topic related to IT crap... has anyone heard of, or used, Checkpoint Security? It's hosing up computers left and right here


Is this a ploy to get people to share information about what security systems they're currently using and/or familiar with? Are you secretly a hacker trying to hack us all, Dan? :hmm2:
0

#11 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 20 March 2018 - 09:41 AM

View Postmike4king, on 20 March 2018 - 09:37 AM, said:

Is this a ploy to get people to share information about what security systems they're currently using and/or familiar with? Are you secretly a hacker trying to hack us all, Dan? :hmm2:
Ha haa, nope. Someone has to figure out IT around here. They've bricked a couple computers already
0

#12 User is offline   mike4king Icon

  • Weeeeeee!
  • PipPipPipPipPipPipPip
  • Group: Member
  • Posts: 1,810
  • Joined: 25-April 11
  • Gender:Male
  • Location:Maple Grove
  • Ride:2003 600rr track, 2012 V-Star1300 street

Posted 20 March 2018 - 09:46 AM

It's interesting that I've heard that from multiple people at multiple companies lately. Fortunately, I don't have any concerns about the abilities of the IT people at my work.

I'm not familiar with Checkpoint Security, but it's not what we use here.
0

#13 User is online   ludedude Icon

  • EDITED!
  • PipPipPip
  • Group: Newb
  • Posts: 248
  • Joined: 24-August 06
  • Gender:Male
  • Location:Crystal
  • Ride:R3, 09 zoooooma

Posted 22 March 2018 - 08:50 AM

I've used the encryption part of Checkpoint a few years ago. Let's just say I'm glad we don't use it anymore.
0

#14 User is offline   DVS DAN Icon

  • You can legally lane split if there is a Polish road block
  • PipPipPipPipPipPipPipPipPipPip
  • Group: Member
  • Posts: 3,098
  • Joined: 19-July 07
  • Gender:Male
  • Location:Elk River, MN
  • Interests:Goin fast & getting air
  • Ride:Naked wheelie scoot

Posted 22 March 2018 - 10:55 AM

View Postludedude, on 22 March 2018 - 08:50 AM, said:

I've used the encryption part of Checkpoint a few years ago. Let's just say I'm glad we don't use it anymore.
Well WTF? Everything is getting encrypted throughout the day and then all of the sudden MS forces Windows updates and screws things up, apparently.
0

#15 User is offline   POE Icon

  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Moderator
  • Posts: 16,989
  • Joined: 01-February 08
  • Gender:Male
  • Location:Circle Pines
  • Ride:600RR street
    '17 Grom
    '14 Grom
    SV650 race
    YZ250F

Posted 22 March 2018 - 02:28 PM

I hated working with encrypted computers. Even with my admin rights to the encryption server it was a huge pain in the ass to get access to any encrypted hard drive in the company that had no creds or a security lock out. Dan, if the computers' drives are encrypted and are getting locked out from Windows Updates screwing up access, that sounds like a nightmare. Cause if windows isn't letting the encryption software do it's thing, you're jolly well fooked.

Are the computers encrypted individually? Or do you have an encryption server that manages the encrypted devices and stores all the encryption keys? If it's the latter, you at least have a chance at possibly fixing the computers, and at least recovering data. I can't think of a way to fix a standalone encrypted drive if there's no way to authenticate.
0

Share this topic:


  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users