hate these ads?, log in or register to hide them
Page 432 of 433 FirstFirst ... 332382422429430431432433 LastLast
Results 8,621 to 8,640 of 8645

Thread: I don't need sanity, work in IT (thread) every day

  1. #8621
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    11,459
    I have multiple programs with auto-update features baked in (Firefox, iCUE, VLC, etc.), but I'm trying to figure out if they use HTTP or HTTPS to talk with the update server. I want to avoid MitM attacks. I know for a fact that VLC doesn't use HTTPS because it gives a HTTP URL when downloading an update.

    I used Resource Monitor to see the domains these programs are connecting to, but nothing is telling me whether the connection is HTTP or HTTPS. Is there a way to determine this?
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...
    Johns Hopkins CSSE COVID-19 Dashboard

  2. #8622
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,693
    Packet sniffer (maybe Wireshark), see if you're seeing GET ... HTTP/1.1 or encrypted comms?

    A more thorough assessment might include critiquing the CA certs being used by the OS (& apps where they use their own). As in a lot of people get MITM'd by their own "AV" or VPN choices after those drop in a few root certs.
    Last edited by Daneel Trevize; December 21 2019 at 02:03:22 PM.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  3. #8623
    Donor erichkknaar's Avatar
    Join Date
    April 9, 2011
    Posts
    14,718
    Quote Originally Posted by Nordstern View Post
    I have multiple programs with auto-update features baked in (Firefox, iCUE, VLC, etc.), but I'm trying to figure out if they use HTTP or HTTPS to talk with the update server. I want to avoid MitM attacks. I know for a fact that VLC doesn't use HTTPS because it gives a HTTP URL when downloading an update.

    I used Resource Monitor to see the domains these programs are connecting to, but nothing is telling me whether the connection is HTTP or HTTPS. Is there a way to determine this?
    I'm curious. Why do you think someone is going to MitM your browser updates?

    I have basically stopped using anything that supports http only now.

    Also, remote port 443 in resource monitor is what you are looking for in 99% of the cases.
    http is port 80
    https is port 443
    meh

  4. #8624
    walrus's Avatar
    Join Date
    April 9, 2011
    Location
    Fancomicidolkostümier- ungsspielgruppenzusammenkunft
    Posts
    6,578
    Don't these services use checksums and shit on their updates? Shouldn't that catch any mitm modifications to the update file?
      Spoiler:
    Quote Originally Posted by RazoR View Post
    But islamism IS a product of class warfare. Rich white countries come into developing brown dictatorships, wreck the leadership, infrastructure and economy and then act all surprised that religious fanaticism is on the rise.
    Also:
    Quote Originally Posted by Tellenta View Post
    walrus isnt a bad poster.
    Quote Originally Posted by cullnean View Post
    also i like walrus.
    Quote Originally Posted by AmaNutin View Post
    Yer a hoot

  5. #8625
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,693
    How are you going to checksum an arbitrary future update? You'd need to be sent that data too.

    Don't confuse checksums with signing, they tackle 2 very different integrity problems, even if they often involve a lot of the same data.

    Yes, you can have a previously-established (i.e. bundled in the prior, trusted, installed release) Public Key, and check the files received were encrypted & signed by the corresponding Private Key. IIRC Debian is/was doing this for http apt repos, but there's still downsides.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  6. #8626
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    11,459
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...
    Johns Hopkins CSSE COVID-19 Dashboard

  7. #8627
    Donor Spaztick's Avatar
    Join Date
    April 10, 2011
    Location
    No Longer up High Sierra's Ass
    Posts
    10,506
    Quote Originally Posted by Nordstern View Post
    Furries are the backbone of America.

    On an unrelated note I met my first brony in the wild. Weird fucker but seemed harmless at least in a physically intimidating sense.

  8. #8628

    Join Date
    May 31, 2011
    Posts
    5,112
    Quote Originally Posted by erichkknaar View Post
    Quote Originally Posted by Nordstern View Post
    I have multiple programs with auto-update features baked in (Firefox, iCUE, VLC, etc.), but I'm trying to figure out if they use HTTP or HTTPS to talk with the update server. I want to avoid MitM attacks. I know for a fact that VLC doesn't use HTTPS because it gives a HTTP URL when downloading an update.

    I used Resource Monitor to see the domains these programs are connecting to, but nothing is telling me whether the connection is HTTP or HTTPS. Is there a way to determine this?
    I'm curious. Why do you think someone is going to MitM your browser updates?

    I have basically stopped using anything that supports http only now.

    Also, remote port 443 in resource monitor is what you are looking for in 99% of the cases.
    http is port 80
    https is port 443
    Alternatively: NETSTAT -A
    Code:
    PS C:\DATA> netstat -a
    
    Aktive Verbindungen
    
      Proto  Lokale Adresse         Remoteadresse          Status
      [...]
      TCP    10.49.255.104:49364    51.105.249.223:https   HERGESTELLT
      TCP    10.49.255.104:49730    par03s13-in-f74:https  HERGESTELLT
      TCP    10.49.255.104:53989    52.97.189.66:https     HERGESTELLT
      TCP    10.49.255.104:54149    ec2-35-167-176-149:https  HERGESTELLT
      TCP    10.49.255.104:56077    52.97.163.2:https      HERGESTELLT
      TCP    10.49.255.104:56498    51-159-20-151:https    WARTEND
      TCP    10.49.255.104:56551    par03s13-in-f78:https  HERGESTELLT
      TCP    10.49.255.104:56559    mil02s05-in-f67:https  WARTEND
      TCP    10.49.255.104:56560    par03s13-in-f68:https  WARTEND
      TCP    10.49.255.104:56563    ham04s01-in-f246:https  HERGESTELLT
      TCP    10.49.255.104:56564    ham02s15-in-f1:https   HERGESTELLT
      TCP    10.49.255.104:56573    ns3121917:https        WARTEND
      TCP    10.49.255.104:56574    151.101.120.193:https  HERGESTELLT
      TCP    10.49.255.104:56625    ham02s17-in-f10:https  WARTEND
      TCP    10.49.255.104:56647    104.28.24.14:https     WARTEND
      TCP    10.49.255.104:56692    server-13-35-250-20:https  WARTEND
      TCP    10.49.255.104:56704    93.184.220.29:http     WARTEND
      TCP    10.49.255.104:56706    151.101.12.157:https   HERGESTELLT
      TCP    10.49.255.104:56707    104.244.42.200:https   HERGESTELLT
      TCP    10.49.255.104:56763    81.19.104.117:https    WARTEND
      TCP    10.49.255.104:56804    a92-123-194-163:http   HERGESTELLT
      TCP    10.49.255.104:56805    81.19.104.117:https    WARTEND
      TCP    10.49.255.104:56806    81.19.104.117:https    WARTEND
      TCP    10.49.255.104:56827    52.109.88.37:https     HERGESTELLT
      TCP    10.49.255.104:56840    104.26.15.96:https     HERGESTELLT

  9. #8629
    rufuske's Avatar
    Join Date
    April 9, 2011
    Posts
    2,923
    You're all paranoid. Noone is after your furry porn collection.

  10. #8630
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    11,459
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...
    Johns Hopkins CSSE COVID-19 Dashboard

  11. #8631

    Join Date
    May 31, 2011
    Posts
    5,112
    Holy shit, the new Firefox version (72) breaks almost every website I'm visiting on a regular basis, including Office 365 and anything Google that requires a login (contacts, drive, calendar ...)

    Granted, I have it locked down quite heavily, but up until this version, I was able to give the necessary permissions to get sites to work while still blocking most of the annoying BS.

  12. #8632
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,693
    Github (Microsoft) buying NPM. Can only end well...
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  13. #8633

    Join Date
    April 13, 2011
    Posts
    7,708
    Quote Originally Posted by Daneel Trevize View Post
    Github (Microsoft) buying NPM. Can only end well...
    can't be any worse, place is a shitshow

  14. #8634
    Donor halbarad's Avatar
    Join Date
    April 9, 2011
    Posts
    5,024
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Daneel Trevize View Post
    Github (Microsoft) buying NPM. Can only end well...
    can't be any worse, place is a shitshow
    They've done a good job with github so far and keeping it its own thing. And it's a good sign that github is getting it rather that MSFT proper

  15. #8635
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    11,459
    We've had a few database glitches over the past few months due to the new decade. Our system uses the last digit of the year in lot numbers, so things get wonky when you have stuff from 2010 still in the system and you're trying to start new stuff with the same lot number. We also have some Excel files that started putting 2020 lots before 2019 (because 0 comes before 9), so retrieves weren't working right.

    I have dubbed these issues "the Y2K20 bug".
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...
    Johns Hopkins CSSE COVID-19 Dashboard

  16. #8636

    Join Date
    April 12, 2011
    Posts
    2,730
    Quote Originally Posted by Nordstern View Post
    I have dubbed these issues "the Y2K20 bug".
    All this has happened before and will happen again.

  17. #8637
    Malcanis's Avatar
    Join Date
    April 12, 2011
    Posts
    17,218
    "Live and don't learn, that's our motto!"

    - Calvin
    Quote Originally Posted by Isyel View Post
    And btw, you're such a fucking asshole it genuinely amazes me on a regular basis how you manage to function.

  18. #8638
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    11,459
    Ubiquiti EdgeRouter X and AP finally arrived a few days ago, decided this evening was the time to get setup started. Took a few hours to figure out the configuration using the guide and YouTube. Windows 10 was fussy with the adapter manual settings, so I used a Raspberry Pi, which worked much better. A firmware upgrade and several resets later and it looks ready to go. The amount of features in this $55 router is quite impressive. Lots of terms used in the UI that I've never heard of, so research is in order. The AP will have to wait until later, when I can figure out the Unifi Controller software.

    Current Netgear router will be ditched before the week is over.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...
    Johns Hopkins CSSE COVID-19 Dashboard

  19. #8639
    Mashie Saldana's Avatar
    Join Date
    April 10, 2011
    Location
    Peterborough, UK
    Posts
    1,160
    Welcome to the Ubiquiti family. I have been using their UniFi range for years at home. I didn't go with the EdgeRouter simply because I wanted a single pane of glass for managing everything (gateway, 2x AP, 2x switches and cloud key).
    How to tell the difference between Machine Learning and AI:
    If it is written in Python it is most likely Machine Learning.
    If it is written in PowerPoint it is most likely AI.

  20. #8640
    Joe Appleby's Avatar
    Join Date
    April 9, 2011
    Location
    in front of the class
    Posts
    15,245
    I just had a moment that is perfectly described by the thread's title.

    I just got off a phone call with my vice principal (acting principal).

    I have finally found out why certain basic IT stuff like a school email is so hard to get:

    The work council has decided that forcing a teacher to use a work supplied email is an infringement of the right to free development of his personality.

    I am at a loss for words. I mean, "right to free development of his personality" is the article 2 of the German constitution.

    nevar forget

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •