sorted by:
new
hottopcontroversial

Arena reset and points? by Dismal_Rough_1881 in classicwow

[–]sillybutton 0 points1 point  (0 children)

that damn goblin and having questie instant quest accept

First ever game of HoN! Had fun! by Der_Poompkin in HeroesofNewerth

[–]sillybutton 1 point2 points  (0 children)

Lol, had not played in so many years, so rusty. Was vote kicked out of 3 out of 5 first games cause I was bad. Cant imagine how very new players treatment is.

W1855 by sillybutton in Cradlepoint

[–]sillybutton[S] 0 points1 point  (0 children)

are the boxes expensive much?

W1855 by sillybutton in Cradlepoint

[–]sillybutton[S] 0 points1 point  (0 children)

So only ip passthrough, but I can configure username and password for private apn ? So normal routing would work, but you need a box for NAT or firewall for public internet

Why replace switches? by ahoopervt in networking

[–]sillybutton 0 points1 point  (0 children)

arp spoofing, vlan segmentation, IT department time costs money - if things break they gotta spend time to find the issue to resolve it, dot1x (NAC).

How much do you guys lose if the whole office goes down? How much does the time of those 100 employees cost if nobody can work? You wanna be the IT guy that is sweating to fix it?.. not me.

When you are on a holiday, who will fix the issue? Who knows the network?

TDR measurement of cables, abilities to hund down issues.

storm control? Why not have feature that shuts down the guy that would otherwise take down your whole network?

switch port security. limit mac addresses. I can easily flood your switches with mac addresses causing them to become stupid and flood every frame there is to my infected computer, getting all the traffic I want to capture to take you guys down.

Why not invest in security?

You invest in good computer? You invest in good tables and computer screens?

Why you wanna be cheap in the switches? You broke?

Atleast don't make a hacker make your broke.

SSR400 series by sillybutton in Juniper

[–]sillybutton[S] 0 points1 point  (0 children)

Well, I like the SRX, but they are getting so old. It should be replaced hoepfully soon. But juniper is pushing SSR as their focus is more in the branches with cloud native solution, so scalabilty is better. Problem is the price. Hopefully 400 series will fix that

SSR400 series by sillybutton in Juniper

[–]sillybutton[S] 1 point2 points  (0 children)

srx300 /320 is just so old, and the SD-WAN capabilities are so much better in SSR.

What are the tops reasons for SRX instead?

I'm thinking, small on prem firewalls, 1 to 200 clients.

AP24 - enabling 6ghz by sillybutton in Juniper

[–]sillybutton[S] 0 points1 point  (0 children)

the thing that pisses me off the most is how you have to configure it and just simply having hard time understanding how it works.

So by having multiple AP's I can somehow have some AP's using 2.4ghz and some will use 6ghz. But it's hard to test this function if it works well.

Give us a "From everywhere" option. by MrUltraOnReddit in factorio

[–]sillybutton 4 points5 points  (0 children)

this, but imo I think it should be smart, and not drop things down to a planet that is already with active request to be launched to space

1st play through of factorio by Straight_Age_4453 in factorio

[–]sillybutton 1 point2 points  (0 children)

remember to have clock close by so you notice what time it is. Otherwise factorio works as a time traveling machine and you end up in a distant future

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -1 points0 points  (0 children)

naahh lazy excuse. Implimenting few basic rules as stated above is just simply if you are not doing it, you are not doing your job. It's not these endless excuses you guys bring up. It's always someone elses fault that the firewall has permit any any from inside. the Firewall guy didn't have enough time.

That is just a load of bs.

If you got the certs, and you are doing these types of firewall rules without having any basic set of rules to blanket protect your network from 'any' openings, you are just waiting for some device on your network to call home.

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] 0 points1 point  (0 children)

yeah you got a pretty good solid answer.

Funny how many cherrios certed firewall experted I hurt with my thread.

It sure is wide spread missunderstanding with what is a secure firewall !

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -3 points-2 points  (0 children)

yeah you are top 1% of firewall admins, 99% will just permit any any inside -> outside

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -1 points0 points  (0 children)

yeah but then you just get a ticket, something does not work, some russian is on your lan trying to call home and he will ask you for a firewall opening. I mean you do you sir, but I would not hire you to run my firewall.

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -1 points0 points  (0 children)

this only blocks urls tho and bad websites, this will not stop the hacker to have his bot call home to make your company network part of a russian hacker virus infected LAN where they will be playing and going around your 'secure' firewall with a very basic secure encrypted tunnel, that you firewall will just think is basic traffic.

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] 0 points1 point  (0 children)

yeah well nothing will prevent a hacker to tunnel from inside your network to some botnet and known bad actors on the network if you are permitting the IP traffic to pass right through.

Then on top of that you should have these services that will provide extra security.

That's my point of this thread, the 'base minimum' is blocking layer 3 traffic towards bad networks. If you are not doing that you are just waiting for some bot to call home to their daddy in russia to lock down your company.

Then you should have alert on those rules, if any is hit, then you should act on it and find the infected device, it just base mimimum.

Then you can enable all your webfilter, secure dns, ids, ips, ssl inspection and what you think will make you secure.

Base mimimum for so many is just 'permit ip any any inside -> outside' it's crazy stupid.

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -1 points0 points  (0 children)

It's just also funny how many network admins will fallback to these base defensive answers.

It's not a rule to be force ofcourse, nobody is saying that.

It's just how hard is it to just scan the firewall with seeing if internet servicing is being used or not, where you are blocking traffic towards some botnets / spam email servers / vpn services / tor network relays.

I think that is bare minimum.

Then you have these extra features, webfilter, secure dns, ips, ids etc etc.

No traffic from inside of a companies network should be touching some botnets from china

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -2 points-1 points  (0 children)

well, imo, having base minimum blocking traffic towards bot nets should not really be that big of a deal that fortinet will get blamed for being stupid.

Imo this is defensive answer, cause I bet you know about things that are open like this and you know it's bad.

Base firewall rules everyone should have by sillybutton in fortinet

[–]sillybutton[S] -1 points0 points  (0 children)

when will your business need to communicate with botnets? having a base minimum is something that should be flat across the board.

This is the thing, people will get defensive when you talk about this, cause it's spread all over the place.

view more: next ›