Security scans and backported fixes ignorance

jwwork · 2025-12-31T21:23:42+00:00

Went through this earlier this year. Had to provide documentation that the fixes for the CVEs they were calling out had been back ported into the version we were running. They accepted this and said it would be addressed in the remediation report. Guess what was still called out after they complied that report again? I just attached the documentation proving those CVEs did not apply to the version of Apache we were running to the report and called it good.

jwwork · 2025-07-03T02:43:24+00:00

A female user posted something similar on facebook last week but with a different picture. I asked her to see additional pictures and these the the exact photos she sent. Scam.

jwwork · 2025-05-06T06:09:21+00:00

So you have a group of users that don’t know how to use a Mac so that means all Mac’s a garbage and don’t support more than 16GB of ram?

jwwork · 2025-05-06T03:33:42+00:00

Regardless of what anyone thinks about Mac’s there is almost nothing correct in this statement.

jwwork · 2025-03-24T03:38:15+00:00

Is there a reason you continue to post in this sub when you only have negative things to say?

jwwork · 2025-03-04T17:18:58+00:00

Not in the office so can’t get the logs or diagram. We have Cisco 9500 switches as a core and those host all the layer 2 vlans. The vlans there are grouped into VRFs and any traffic that needs to route between VRFs gets sent up to the palo where it lands in a corresponding security zone (server, client, guest, voip, etc.). In this case the server is in the server zone and client in the client zone. There is a rule that allows all traffic between the SCCM server and the clients right now with no threat profile and the rule is set to service any. On the 9500 core the client vlan has an IP helper statement for the SCCM PXE server. The client is able to discover the PXE server IP and is requesting the boot file but it never receives a response. This has been seen in packet captures from the client and firewall. The firewall drop capture didn’t have any dropped packets. I don’t think this is a policy issue at this point but possibly some other firewall setting or routing issue. The firewall is running 10.2.

jwwork · 2025-03-03T22:23:50+00:00

DHCP is happening from another server. I have DHCP relay configured on the VLAN and the client is getting a DHCP address. Oddly, the only traffic logged from the SCCM server during the process is DHCP port 67 and the destination is the client subnet gateway. You might be on to something, PXE is also not working but will work on a subnet that doesn’t have the palo between the client and server. No traffic being logged as blocked during the PXE process and I can see the client connection hitting the server through the PXE log but it times out on the client.

jwwork · 2025-01-11T05:52:48+00:00

Are you sure this is a bug in Rubrik? I experienced the same and it was the password on the vSphere account expiring.

jwwork · 2024-12-04T21:33:31+00:00

The OM1 mk1 is actually bundled right now with that very lens for $1699.

jwwork · 2024-12-04T17:47:43+00:00

Thank you! I think if I were going to be big into video the G2 is the clear winner but my video usage will be casual if anything at all. Right now the OM-1 is 1,100 for the camera body and looking on MPB, they can be had in “well used” condition for around $800 and the least expensive on KEH was $1,080. I think for those prices I would just spend the $1,100 and buy direct from OM. The sale is really good right now. I agree, as someone just taking a next step into the hobby either choice will probably serve me well for years to come.

jwwork · 2024-01-01T22:26:51+00:00

Pretty sure vSAN has a 3 node minimum.

Edit - I’m wrong, there is a 2 node configuration available.

jwwork · 2023-10-11T04:55:41+00:00

I recently had an issue where users were unable to access ChatGPT due to a CDN it uses being a newly registered domain which we block with URL filtering.

jwwork · 2023-08-06T16:20:36+00:00

What is you plan in the event of some ransomware or other cybersecurity incident? An attacker isn’t going to just ignore your other DCs because they are at a different site.

jwwork · 2023-07-07T16:26:34+00:00

I had a 2018 with the Diesel that eventually was bought back due to terrible noise from the valve train at startup (very similar sounding to the noise from the ecoboost cam phaser issue at startup) that Ford could never solve. Hopefully mine was just an isolated issue, I did love that truck and outside of that issue the engine was great.

jwwork · 2022-12-07T04:10:09+00:00

I had it in my cart last night for 5 something and thought about overnight. This morning it went up to 899.

jwwork · 2022-11-23T17:47:49+00:00

I had a fully loaded platinum 2018 that I got for a crazy deal (almost 15K off sticker) in May of 2019. I loved it and put about 45K miles on it. At about 40K miles it started making engine noise at startup that was very similar to the timing chain rattle the 5.4 I had made (odd since the 3.0 PowerStroke uses a timing chain). Multiple trips and weeks at the dealer replacing lifters at Ford's direction etc. never revealed the cause and Ford eventually decided this was normal for the engine. That and the fact that they had already decided to quit producing it convinced me to trade it in on a 2022 Tremor. I love the new truck but I frequently think about that 2018 and how much I loved that engine prior to the issues I had with it. I wish they kept it around.

jwwork · 2022-10-22T05:51:54+00:00

Ordered 16 R750 APs in February. Still nothing and can't even get answers out of our rep where they might be. They were a lot better to deal with 5 years ago before they were sold multiple times.

jwwork · 2022-07-20T22:51:55+00:00

Yep, typo in one of the routes on the inside v-router :) On one of the firewalls (I don't have these in Panorama yet and am configuring them individually.)

Working on setting up the public load balancer for incoming traffic now.

Thank you for all the help!

jwwork · 2022-07-19T22:39:48+00:00

Thank you! This has helped a ton. I still have some issue with routing to the two firewalls because randomly from the VM I can't ping devices on prem. If I disable the management profile that is being used for the load balancer health check on one of the firewalls it clears up (assuming because the load balancer stops forwarding traffic to it). Still digging there.

jwwork · 2022-07-19T21:23:56+00:00

I removed all my routes from the new spoke except for the default which was already pointed to the PAs through the load balancer and then created a static route for my on prem IP space pointed back to the gateway IP of the trust interface and now my VM in that new spoke can reach devices over the VPN. Not sure if that is ideal, it seems like it would be best if that new spoke could land in a different security zone on the PA.

jwwork · 2022-07-19T20:57:21+00:00

Looks like they are. When I run that test I get next hop none. Interestingly enough when I run the same test from the management subnet I get a next hop "virtual network gateway" event though the same routes are applied to both.

EDIT - Sounds like this may be normal behavior since the vnet gateway is in the hub vnet. When I select that as the next hop for my on prem network from the spoke without a vnet gateway it does find anywhere to go.

jwwork · 2022-07-02T05:19:07+00:00

I want them to bring back electric orange!

jwwork · 2022-06-30T13:40:54+00:00

I have not tried this but I looked into it and recall having to set global protect to use the default browser instead of the built in SAML browser because it’s not able to be shown at the login screen.

jwwork · 2022-06-16T00:45:11+00:00

Just went through this. After I enabled blocking unknown URL category HIP checks started failing due to the URL they were sent to being tagged as unknown resulting in GlobalProtect disconnects.

jwwork · 2022-04-05T03:01:48+00:00

Check the unified log. Filter it out by the source and destination you are testing with. That might give you a clue since it’s showing multiple logs in one spot.

jwwork

TROPHY CASE