35 replies to this topic

[+sc302]

Shane Nokes, on 20 November 2012 - 19:31, said:

Tell you my firewall setup? Sorry, but I'll decline to share that, especially with how often I have people try to get in.

telling someone your firewall setup is like telling someone what type of car I have....


At work I have a ASA 5510. At home I have a ea6500 with some qos based on device, certain devices that stream get priority over pc's.

o how it is setup, like every other standard firewall. I have some ports open for email servers, ftp, www, and https.

go ahead and hack away at my networks...what exactly have I given out that pertains to anything having to do with who I am or what my address is for you to do such a thing? I can even give you a firewall config if you want out of my asa...I will mask the external ips...again what exactly would that give anyone trying to get in my network...absolutely positively nothing.

[Shane Nokes]

Ah. I still prefer not to mention my specific hardware...trust me if you knew my situation you'd understand.

[episode]

Shane Nokes, on 20 November 2012 - 20:34, said:

Ah. I still prefer not to mention my specific hardware...trust me if you knew my situation you'd understand.

Edit: Nevermind.

[+sc302]

Shane Nokes, on 20 November 2012 - 20:34, said:

Ah. I still prefer not to mention my specific hardware...trust me if you knew my situation you'd understand.

I get hits about 100 times a minute with bots trying to get in, probably more, haven't checked in a while.

[Shane Nokes]

sc302, on 20 November 2012 - 20:26, said:

telling someone your firewall setup is like telling someone what type of car I have....


At work I have a ASA 5510. At home I have a ea6500 with some qos based on device, certain devices that stream get priority over pc's.

o how it is setup, like every other standard firewall. I have some ports open for email servers, ftp, www, and https.

go ahead and hack away at my networks...what exactly have I given out that pertains to anything having to do with who I am or what my address is for you to do such a thing? I can even give you a firewall config if you want out of my asa...I will mask the external ips...again what exactly would that give anyone trying to get in my network...absolutely positively nothing.

Spoken like someone who isn't an SME in network security.

I spent years working security for various folks...government and big corporations.

There are certain things I will discuss when it comes to security, and certain things I won't.

The hardware that protects my personal network? That's not one of the things I will talk about...again due to the number of attempts I have from people trying to get in...in this case any information is too much information.

sc302, on 20 November 2012 - 20:39, said:

I get hits about 100 times a minute with bots trying to get in, probably more, haven't checked in a while.

This isn't your usual bot attacks. I actually have specific folks that are not a fan of me that love to try to screw around with my stuff on a regular basis.

I've had to ream several large corporations out for handing out my PII like it's candy.

[compl3x]

Shane Nokes, on 20 November 2012 - 20:34, said:

Ah. I still prefer not to mention my specific hardware...trust me if you knew my situation you'd understand.

Sorry, but you always seem to talk about this sensitive information you have access to, or be vague about issues which suggests you're privy to info mere mortals like us are simply unable to know about or comprehend. No disrespect intended, but how would telling someone your opinion about anti-virus/security software compromise your security, exactly? No one is asking you to reveal anything about your security setup, just what might be useful to the average user. Actually, if you are particularily skilled and learned about security, your opinion would be specifically useful to the OP.


To address the OP's question: MSE seems to work pretty well. I don't know how it works where you are, but in Australia some banks actually offer free anti-virus/security software from third parties for free. Right now I am running bitdefender with a 12/mo license and I didn't pay a cent for it. I wouldn't have shelled out for it personally, but free is free.

[Shane Nokes]

compl3x, on 20 November 2012 - 20:47, said:

Sorry, but you always seem to talk about this sensitive information you have access to, or be vague about issues which suggests you're privy to info mere mortals like us are simply unable to know about or comprehend. No disrespect intended, but how would telling someone your opinion about anti-virus/security software compromise your security, exactly? No one is asking you to reveal anything about your security setup, just what might be useful to the average user. Actually, if you are particularily skilled and learned about security, your opinion would be specifically useful to the OP.


To address the OP's question: MSE seems to work pretty well. I don't know how it works where you are, but in Australia some banks actually offer free anti-virus/security software from third parties for free. Right now I am running bitdefender with a 12/mo license and I didn't pay a cent for it. I wouldn't have shelled out for it personally, but free is free.

It has nothing to do with comprehension or my views on the level of people (ie the mere mortal thing). I can talk about my knowledge and experience, but will not talk about what particular hardware I use for securing the network.

This won't change no matter who is asking. I haven't refused to offer my views on specific questions like what I think of Product A, or Software B. I just won't state what I use.

If I told you even a quarter of a half of what goes on and why I won't comment you'd think I was making it up or a paranoid dude...and neither is the case.

Suffice it to say due to projects I've worked on I'm a fairly high-profile target in certain communities...so I've made the choice to not give out that data.

[+sc302]

Shane Nokes, on 20 November 2012 - 20:41, said:

Spoken like someone who isn't an SME in network security.

I spent years working security for various folks...government and big corporations.

There are certain things I will discuss when it comes to security, and certain things I won't.

The hardware that protects my personal network? That's not one of the things I will talk about...again due to the number of attempts I have from people trying to get in...in this case any information is too much information.



This isn't your usual bot attacks. I actually have specific folks that are not a fan of me that love to try to screw around with my stuff on a regular basis.

I've had to ream several large corporations out for handing out my PII like it's candy.

lol ok...

BTW, I have secured government networks, smb networks, large enterprise networks...Sorry I call bs on your knowledge or trival garbage you may think you know. Giving you anything on my config pertains to nothing that you couldn't get from looking at any standard doc from cisco. I wouldn't hand out my trust ips of my site to site vpns or private vpns and do you think I would be stupid enough to give you my secure hash on my asa or even post anything other than config? I can give my interal ips as they don't matter for squat. What exactly is 192.168.1.x going to give or 10.x.x. or 172.16.x.x? Those are all private ranges that any company can use....as a matter of fact the us government uses 10.x.x for their networks, as well as td bank, as well as citibank, as well as....... go for it hack in.

I have secure networks that don't have access to anything or have routes outside of their network with 172.16.200.x feel free.

[Shane Nokes]

sc302, on 20 November 2012 - 21:04, said:

lol ok...

BTW, I have secured government networks, smb networks, large enterprise networks...Sorry I call bs on your knowledge or trival garbage you may think you know. Giving you anything on my config pertains to nothing that you couldn't get from looking at any standard doc from cisco. You think I would be stupid enough to give you my secure hash on my asa or even post anything other than config? I can give my interal ips as they don't matter for squat. What exactly is 192.168.1.x going to give or 10.x.x. or 172.16.x.x? Those are all private ranges that any company can use....as a matter of fact the us government uses 10.x.x for their networks, as well as td bank, as well as citibank, as well as....... go for it hack in.

I have secure networks that don't have access to anything or have routes outside of their network with 172.16.200.x feel free.

/Facepalm

Did you really try to tell me that you're a subject matter expert while posting that?

No one asked about what private ranges I use. Hell I know grade school kids who understand what a private range is and that there's a very limited range of them...you're not impressing anyone.

You're still not getting me to talk about my particular setup so you can quit digging.


Some people lol...they think they can bully info out of you by tossing out stuff anyone should know...and acting like an internet tough guy...

I have to admit today has been very amsuing.

[+sc302]

I am not digging, just stating you aren't as smart as you think you are or really that impressive for me to go out of my way to screw with you and you really have that tin foil hat on real tight.

never said I was or wasn't an expert in the subject matter, nor was anything really questioned for me to give a response to in said subject matter. I know where I am and what I do for a living and so do my employers.

[Shane Nokes]

sc302, on 20 November 2012 - 21:15, said:

I am not digging, just stating you aren't as smart as you think you are or really that impressive for me to go out of my way to screw with you and you really have that tin foil hat on real tight.

Quit being an *******. You have 0 idea of the ****ing hell I have been through this last year due to companies not securing their **** properly.


When you've worked on a network with over 4,000,000 concurrent users...come back to me and then start talking ****.

In fact with that attitude I'm wondering how you got an MVC badge...oh well doesn't matter...another post of this variety and I'll just kick you on the ignore list...it's getting full quick.

[Kpssst]

sc302, on 20 November 2012 - 21:15, said:

I am not digging, just stating you aren't as smart as you think you are or really that impressive for me to go out of my way to screw with you and you really have that tin foil hat on real tight.

never said I was or wasn't an expert in the subject matter, nor was anything really questioned for me to give a response to in said subject matter. I know where I am and what I do for a living and so do my employers.

Dude, if he doesn't want to tell, then he doesn't want to tell. No need to insult him; it's his business.

[Shane Nokes]

Kpssst, on 20 November 2012 - 21:20, said:

Dude, if he doesn't want to tell, then he doesn't want to tell. No need to insult him; it's his business.

Thank You. That was my point...the fact that he's pressing so hard is a bit odd...but since I don't happen to own a tin-foil hat I'm pinning it more on him just being socially inept than actually being malicious.

[compl3x]

Shane Nokes, on 20 November 2012 - 21:14, said:

Some people lol...they think they can bully info out of you by tossing out stuff anyone should know...and acting like an internet tough guy...

I have to admit today has been very amsuing.

Just so we're straight, I wasn't trying to bully, troll or act like a tough guy. You're just very mysterious about some things. Hey, it's entirely your right to be, I just don't see the need to post about it an draw attention to it if you, by your own admission, don't wish to talk about it.

[Shane Nokes]

compl3x, on 20 November 2012 - 21:22, said:

Just so we're straight, I wasn't trying to bully, troll or act like a tough guy. You're just very mysterious about some things. Hey, it's entirely your right to be, I just don't see the need to post about it an draw attention to it if you, by your own admission, don't wish to talk about it.

I was referring to sc302. I originally just posted simply that I wouldn't discuss my setup for specific reasons.

Other folks are the ones who kept insisting on pushing it over and over again.

sc302, on 20 November 2012 - 21:15, said:

never said I was or wasn't an expert in the subject matter, nor was anything really questioned for me to give a response to in said subject matter. I know where I am and what I do for a living and so do my employers.

Well I am an SME on this subject. One of the first rules you're taught (if you're taught properly) is don't give out anything that isn't absolutely necessary. If there's not a practical need to share information on your setup...then avoid it at all costs.