| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Comments:
<0> i don't do eur..
<0> only uk sterling ;)
<1> John_Dow_: yes. per hour. 8 hours a day. 5 days a week.
<2> maybe I should look up how to set up a private gpg keyserver
<1> Isaac-Lew: maybe we should set up our own company and ask these insane prices
<1> :D
<0> lol
<2> lol
<2> I do need extra money
<0> quick everyone get their company's db's leaked, push em together, undercut atleast 1/2 of the clients ..
<3> Enchanter_tim, no consulting business has 100% coverage unless on a long term contract. OVerhead for billing and such.
<0> we'd make a few mil each ;)
<0> s/each/easy
<0> j/k.. i'de get so battered for doing that,.
<1> John_Dow_: except fr now (and this was planned) my appointments cover every working day
<0> just sign up to tipping_point's 0day
<0> you can get $10k for a remote microsoft vuln..
<1> :)
<0> although if your company catches you, kiss your job goodbye..
<1> :)
<0> ;)
<1> yeah
<1> welshiD: see, there is the difference between our companies.
<3> Enchanter_tim, do you go home after those 8 hours, or do you work yet another half an hour with 'keeping up with the other stuff in company'?
<1> welshiD: my job basically is to make companies understand and mitigate the risks. not breaking into their network per se
<0> job i'm in now, good company, real chilled out :) last company, absolute bastards.
<1> John_Dow_: umm.. im doing this for 10 or more hours a day if need be.
<0> bs7799 consulting type stuff?
<1> welshiD: no, although it is part of it.
<0> knew it'd fit in there somewhere..
<1> heh
<3> Enchanter_tim, uh, well, if you only bill for 40 hours a week there are 10 magic hours missing.
<0> hate bs7799, it's stupid "i know i'll certify my d.c. but not my organisation.."
<1> basically we have multiple types of consultants. the auditors, developers, pentester(s), and so on.
<0> yeah i know the type..
<1> and its more of a mix & match company.
<0> (nearly ended up at delloite..)
<1> ah, that place ****s
<1> (i have friends there)
<0> yeppers..
<0> ncc aswell (yuck)
<1> John_Dow_: well, it is more of a hobby. so i would be doing something like that anyway (checking mailinglists and so on). those few extra mails are a bonus
<0> aint gonna carry on with the company naming b.s :)
<0> hehe i'm coding atm ;)
<1> welshiD: same here. its partly in my resume
<1> :D
<0> woo :)
<3> Enchanter_tim, you're free to do whatever you wish with your time, but you work more hours than you are billing - which confirms the theory that very few bill for 100% of the time.
<0> hehe i like the arguement John_Dow_
<0> i don't bill clients for what i do in my private time, but sometimes i use something i may or may not of created in my private time in my job
<0> but i don't do company work in my private time, only my own, but my company may benefit from it, or may not.. depends :)
<1> anyway, the point is, i like to see myself as the guy who knows enough about the administrators point of view and enough about the security point of view to help an organisation secure their environment without having to resort to "you need to shut down all databases" kind of advice
<0> aww Enchanter_tim i don't do that..
<1> yeah, but you know the type, dont you ?
<1> :)
<0> i just explain stuff about locking networks down aswell, it's just more a practical demonstration more than anything ;)
<0> lol yeah i do know them types..
<0> just telling ppl to move the damm sql server off the trusted network into it's own dmz normally helps..
<1> :D
<0> yay :D
<0> it's like..
<1> and the "you need to runa firewall on all your servers" crap is bs anyway
<3> Enchanter_tim, well. They'd save ****loads of money if they just stopped maintaining those databases. ;)
<1> what isnt there cant be exploited.
<0> 80-90% of sql injections with a reverse shell always ends up with a shell on the trusted network..
<1> yeah
<0> dunno Enchanter_tim a good firewall policy is vital..
<1> thats mostly app security though.
<0> i mean.. most ppl don't consider outgoing security..
<1> im more of a infra/os kind of guy :D
<0> ahh :) lucky sod..
<4> helo
<0> is that more a kind of "dont for ****'s sake use oracle" kind of job?
<1> welshiD: well, at the place where i am, if you are not on the update servers on the internet using https, you wont get a reverse shell
<1> heh
<0> private circuits?
<3> welshiD, bah. There is no point with security if you don't have your data left. Oracle works.
<1> welshiD: umm..no. ffs, dont use win nt4 in your network. and please, shut down telnet on your unix boxen. you have ssh.
<0> lol in the way thats it's a crap db..
<0> :)
<0> Enchanter_tim :)
<1> well, yes. but is it worse than a unsecured lotus domino sever?
<0> lol..
<0> lotus gave me a headache today..
<0> :(
<1> oh, and another pet peeve.... management applicatiosn dont belong on the internal network. you need to create a seperate network for these
<0> had to lower MTU on either side of damm vpn to get it working across it..
<1> :D
<0> yeah ..
<0> we kinda have a policy on that type of consulting :) we don't do it anymore..
<1> elo? rac ? very nice tools. but do your clients/workstations/the internet need to access these?
<4> hey guys how can I change user directory...
<0> like we just get ppl bitching about how it "used to work" but now it "doesn't because they're too restricted.."
<5> [root@agresor root]# apt-get
<5> -bash: apt-get: command not found
<5> is there any other command
<5> for downloading ?
<5> aplications
<3> AgreSor, uh, what distribution are you running?
<5> Red Hat Linux release 8.0 (Psyche)
<3> welshiD, they're right though.
<0> ouchies..
<0> John_Dow_ about what?
<5> John_Dow_ : Red Hat Linux release 8.0 (Psyche)
<1> welshiD: that is where i come in as well :D
<3> AgreSor, wow. Thats an ancient piece of history.
<3> welshiD, that it used to work, and now doesn't.
<5> ;P
<5> John_Dow_ so how to download aplications ?
<5> :D
<5> yum not working..
<5> ;]
<0> lol John_Dow they just have teething problems, it goes away after 4weeks or so normally.
<3> AgreSor, what is preventing you from upgrading to some distribution that is maintained?
<3> welshiD, wow, thats quick.
<5> its Virtual Dedicated server
<5> :)
<5> its not my home comp
<0> is it from dsvr?
Return to
#linux
or
Go to some related
logs:
#allnitecafe
c c++ print time microsec
#allnitecafe
dowilita
ordunun dereleri kim
#chat-world
#india
#india
sallam namaste
planetfaw
|
|