This one beats them all and it’s going to make me laugh until tonight:
Uncategorized
20
Posts
12
Posters
1
Views
-
This one beats them all and it’s going to make me laugh until tonight:
“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”
I had to read it three times just to make sure I’d understood it properly.
@stefano "little pig, little pig, let me come in?"
"That's not how pen testing works, big bad wolf."
-
@stefano the assessment: "adding firewall, some protection, and blacklist would significantly improve security of the server".
Can I send them my bank account number?
In all fairness security shouldn't depend on any one layer of protection, but yes, this is really rather ridiculous. So yes, Stefano, I'm pretty sure you understood the request correctly.
Let's also make sure indeed that they also have login credentials that will let them log in as root. Maybe email them the SSH host private keys while we're at it?
😆
-
This one beats them all and it’s going to make me laugh until tonight:
“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”
I had to read it three times just to make sure I’d understood it properly.
@stefano "please open an attack vector for me. I need to get paid"
-
This one beats them all and it’s going to make me laugh until tonight:
“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”
I had to read it three times just to make sure I’d understood it properly.
@stefano yeah these are ridiculous. Why the hell would you disable your firewall? Also these aren't penetration tests, they're just vulnerability scanners.
-
This one beats them all and it’s going to make me laugh until tonight:
“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”
I had to read it three times just to make sure I’d understood it properly.
@stefano "my nmap isnt coming back with anything and I need something to put in my report"
-
@stefano "little pig, little pig, let me come in?"
"That's not how pen testing works, big bad wolf."
@jspath55 yes, exactly!
-
In all fairness security shouldn't depend on any one layer of protection, but yes, this is really rather ridiculous. So yes, Stefano, I'm pretty sure you understood the request correctly.
Let's also make sure indeed that they also have login credentials that will let them log in as root. Maybe email them the SSH host private keys while we're at it?
😆
-
This one beats them all and it’s going to make me laugh until tonight:
“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”
I had to read it three times just to make sure I’d understood it properly.
@stefano Are they testing the equipment or are they testing the staff? (Though anyone who falls for someone asking them to do that deserves to be sacked.)
-
@stefano "please open an attack vector for me. I need to get paid"
@clf or "open an attack vector, otherwise I don't know how to proceed"
-
@stefano Are they testing the equipment or are they testing the staff? (Though anyone who falls for someone asking them to do that deserves to be sacked.)
@beecycling officially, "how the services are protected from the Internet"
Gli ultimi otto messaggi ricevuti dalla Federazione
-
#Meloni andrà dove uno spazientito #Bannon dice che deve andare o sceglierà il bene del Paese?
La parabola di Berlusconi insegna: dopo averlo usato per trasformare l'Italia nella piattaforma di lancio delle guerre USA,gli USA l'hanno sputato via come un chewing gum vecchio
-
@valhalla
Urge creare l'istanza feliverso per postare solo gatti
@falsomodesto
-
-
@hongminhee yes AND I can’t wait to finally meet you tomorrow 🥳
-
@smaurizi certo che quando Bannon se la prende con la Meloni perché la definisce opportunista, mi sembra un ingenuone. Chi credeva che fosse?
-
@aeva imagine carrying around cheap single use swords where it insta break on every swing, you have to grab a new one each and every time
-
@sharan watch out you may draw the ire of Fedi enthusiasts. Maybe we can say that the Fediverse (with all its FOSS software solutions) is the only viable option?
There’s so much good stuff here, from Friendica to Sharkey, GoToSocial, PeerTube. Something for everyone ☺️
-
@reiver YES. We are having a meetup at A La Mort Subite in the old town. Come after 8pm. Wear a Fediverse symbol ⁂ so people can find you. It's a popular spot especially during FOSDEM. #SocialWebFOSDEM #FOSDEM #fosdem2026
