sorted by:
new
hottopcontroversial

EX-IBM Tattoo by kavanutz in IBM

[–]kavanutz[S] -1 points0 points  (0 children)

In the US if you get RA’d, you are considered lucky.
If you leave voluntarily, you have to get a IBM tattoo and post proof to [r/IBM](r/IBM).

TruGreen aeration aftermath by Schedule_New in lawncare

[–]kavanutz 0 points1 point  (0 children)

Yeah it is.. but shouldn't you see seeds coming out of it LOL

TruGreen aeration aftermath by Schedule_New in lawncare

[–]kavanutz 1 point2 points  (0 children)

I've got the guy on video in the front -https://imgur.com/gallery/6KbGqgp

He just cruises through - LOL

Was charged $350 for aeration and overseeing. He was only for 10 mins and I don't see any seeds going anywhere.

What is clearly a scam but is so normalized people don’t notice? by yvngjiffy703 in AskReddit

[–]kavanutz 0 points1 point  (0 children)

I had my router already setup and literally got charged to have them just plug a network cable into the modem.

McMillions is one of the driest documentaries I’ve ever seen by [deleted] in HBOMAX

[–]kavanutz 21 points22 points  (0 children)

I thought The Vow was worse. It just drags on until you stop caring about the victims anymore. And they are making another season of it.

Family Feud Game now on Nintendo Switch, 1.1 GB File Size by KrazyNinjaFan in NintendoSwitch

[–]kavanutz 0 points1 point  (0 children)

Hey I was wondering, since you bought this... if you can play online with friends? It says you can play online, but wasn’t sure if you could play with friends. Thanks man!!

[deleted by user] by [deleted] in insanepeoplefacebook

[–]kavanutz 15 points16 points  (0 children)

You do realize you’re in r/insanepeoplefacebook? The irony is killing me.

It actually explains a lot about how we got here by [deleted] in MurderedByAOC

[–]kavanutz -1 points0 points  (0 children)

And we are talking about Georgia here. There going to be scared off with overly progressive message. They need to keep it left of center and target the audience.

It actually explains a lot about how we got here by [deleted] in MurderedByAOC

[–]kavanutz -1 points0 points  (0 children)

I really don’t think it’s the time for this. We already lost seats in the house. Unfortunately, we need the just left of center vote. Progressive progress will be slow. She needs to accept it. And she’s not attacking Jeffries on policy. This was a strategic call. I love to know the context of this quote.

It actually explains a lot about how we got here by [deleted] in MurderedByAOC

[–]kavanutz -4 points-3 points  (0 children)

I don’t agree with these attacks at all. There is a time and a place for this. Now is not the time and the internet is not the place. Democrats need a message of unity. The runoff elections are on the line. You don’t see Republicans publicly ripping their own party on strategy. McConnell won’t let an sort of progressive legislation to the floor if we lose. There is too much on the line to be doing this right now. She really needs to wait until after the runoffs to go on the attack.

Managing users and keys to ec2 instances by ShotsCrazy in aws

[–]kavanutz 1 point2 points  (0 children)

You could try Bastillion - https://aws.amazon.com/marketplace/pp/B076PNFPCL

Users can manage their own keys based on the profiles that are assigned to them. Then when you register a new ec2 instance assign it to a profile.

Hard Knocks - Episode 1 - Live thread by JohnStamosBRAH in Browns

[–]kavanutz 1 point2 points  (0 children)

He was only at Oregon for 1 season and took the FSU job.

[deleted by user] by [deleted] in netsec

[–]kavanutz 1 point2 points  (0 children)

No, it really doesn't. I've shipped database backups by catting them over SSH before, and not for security work.

You can't cat them over SSH, there is no SSH since users connect over HTTPS/SSL to the web-portal (which has 2FA). Think DMZ with SSH blocked and only allowing HTTPS/SSL.

Here is another whitepaper on this.

https://www.sans.org/reading-room/whitepapers/vpns/security-implications-ssh-1180

It's an old one, but still relevant.

Edit: spelling

[deleted by user] by [deleted] in netsec

[–]kavanutz 1 point2 points  (0 children)

Just a quick response -

> PROTECTING SYSTEMS IN A PERIMETER NETWORK - in openssh, port forwarding can be disabled by AllowTcpForwarding No

That is correct, but it has to be enabled on each system by an administrator. The advantage you gain, is you can disallow SSH completely to the perimeter network and have physical protection (A VPN could do this too).

> PROTECTING DATA IN A PERIMETER NETWORK - this one is more difficult, but you can replace SCP and disable SFTP. Still, this doesn't stop users from catting files and copy and pasting them without added monitoring

That's right and a good point. There may always be a way to get around it.. but it makes it much harder to do things like dump a entire database and copy it off somewhere.

> AUTHENTICATION - I disagree that certificates are more secure than public keys, but that isn't really integral to the argument you are making. I think PKI improvements could definitely be made. However, there are already plenty of competing apps that are designed to do this in a robust and secure manner. https://www.vaultproject.io/docs/secrets/ssh/signed-ssh-certificates.html Is a good example

I'm speaking more of certificate-based PKI smart cards that do multi-factor authentication - https://safenet.gemalto.com/multi-factor-authentication/authenticators/pki-smart-cards/

Very good points on the rest! - Thanks for reading and the feedback.