Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

[It is] best to confuse only one issue at a time. -- K&R


computers / comp.os.linux.misc / Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN

SubjectAuthor
* Kaseya Says KEEP YOUR SERVERS SHUT DOWNFifthRootOfPi
`* Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWNAndrea Croci
 `* Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWNNSquared
  `* Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWNRich
   `- Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWNNSquared

1
Kaseya Says KEEP YOUR SERVERS SHUT DOWN

<3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5324&group=comp.os.linux.misc#5324

 copy link   Newsgroups: comp.os.linux.misc comp.os.linux
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!news.uzoreto.com!tr1.eu1.usenetexpress.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Wed, 07 Jul 2021 00:29:48 -0500
Newsgroups: comp.os.linux.misc,comp.os.linux
X-Mozilla-News-Host: news://news.west.earthlink.net:119
From: 5thRtOfP...@nowhere (FifthRootOfPi)
Subject: Kaseya Says KEEP YOUR SERVERS SHUT DOWN
Date: Wed, 7 Jul 2021 01:29:47 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Message-ID: <3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com>
Lines: 37
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 98.77.165.195
X-Trace: sv3-GHyAuhgblged480rnRjxqPzB5X3j+jdUBP1EY2LTqEts2PyFMy71SchZBsmgVzJ7OxXH+8/jpTnIaV+!8xwA+STtrKCnENfrwpC37bMlyz5/xb9F/kn2dLqgSooO5wfqFzyAh2QjZH3+D5zJleR7kj11A/wm!L/lU4UEYThGWXS9AKpmL
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2395
 by: FifthRootOfPi - Wed, 7 Jul 2021 05:29 UTC

Kaseya, focus of the most recent ReEVIL ransomware
attack, "apologizes" for its protracted delay in
getting its services back up and urges users to
KEEP THEIR SERVERS SHUT DOWN until it can, maybe,
get going again.

Clue - DON'T get their "services" back up.

Clue - DON'T use remote server management software.

The bad people have FIGURED THIS OUT. It will just
be another RSM package next week and then they'll
get back to the latest security hole in Kaseya
and the others and hit everybody up again and
again and again.

No insurance company should foot this bill.

RSM lets the bad people send their evil far and
wide, a rectal injection into YOUR precious
systems.

Why RSM ? CHEAP-ASSNESS, that's why. Proper local
sysadmins COST MONEY. Well, what has this, and
the previous attacks, cost you ? What will
cheap-assness cost you tomorrow ? Wise up !

Despite the cost, it is now absolute insanity
to think you gain by having a few people handle
every little tweak and upgrade from afar. If you
do it, you deserve what you get - and should be
sued out of existence by your customers.

Oh well, just keep those servers shut down ; you
will go flat broke all on your own .....

But I'm sure the CEO still gets the golden parachute.

Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN

<sc3p6v$1qob$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5325&group=comp.os.linux.misc#5325

 copy link   Newsgroups: comp.os.linux.misc comp.os.linux
Path: i2pn2.org!i2pn.org!aioe.org!34ZXmtYi+89Y/qSPSJpfGg.user.gioia.aioe.org.POSTED!not-for-mail
From: andrea.c...@gmx.de (Andrea Croci)
Newsgroups: comp.os.linux.misc,comp.os.linux
Subject: Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN
Date: Wed, 7 Jul 2021 10:38:56 +0200
Organization: Aioe.org NNTP Server
Lines: 55
Message-ID: <sc3p6v$1qob$1@gioia.aioe.org>
References: <3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com>
NNTP-Posting-Host: 34ZXmtYi+89Y/qSPSJpfGg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.11.0
Content-Language: de-DE
X-Notice: Filtered by postfilter v. 0.9.2
 by: Andrea Croci - Wed, 7 Jul 2021 08:38 UTC

On 07.07.21 07:29, FifthRootOfPi wrote:
> Kaseya, focus of the most recent ReEVIL ransomware
> attack, "apologizes" for its protracted delay in
> getting its services back up and urges users to
> KEEP THEIR SERVERS SHUT DOWN until it can, maybe,
> get going again.
>
> Clue - DON'T get their "services" back up.
>
> Clue - DON'T use remote server management software.
>
> The bad people have FIGURED THIS OUT. It will just
> be another RSM package next week and then they'll
> get back to the latest security hole in Kaseya
> and the others and hit everybody up again and
> again and again.
>
> No insurance company should foot this bill.
>
> RSM lets the bad people send their evil far and
> wide, a rectal injection into YOUR precious
> systems.
>
> Why RSM ? CHEAP-ASSNESS, that's why. Proper local
> sysadmins COST MONEY. Well, what has this, and
> the previous attacks, cost you ? What will
> cheap-assness cost you tomorrow ? Wise up !
>
> Despite the cost, it is now absolute insanity
> to think you gain by having a few people handle
> every little tweak and upgrade from afar. If you
> do it, you deserve what you get - and should be
> sued out of existence by your customers.
>
> Oh well, just keep those servers shut down ; you
> will go flat broke all on your own .....
>
> But I'm sure the CEO still gets the golden parachute.

On the other hand I can indeed picture a situation where hiring more
people would not make a lot of sense. Say a company has a small
subsidiary somewhere, where the local network is very small and needs to
be changed too seldom for a local sysadmin to be busy more than 1% of
the time. I would understand that business not wanting to hire an extra
person. On the other hand the main sysadmin should have an overview of
the entire network, even the one at the remote site, so the extra person
would mean they (the two sysadmins) have to communicate (not that it
would be a problem, but an extra layer where communication could go wrong).

Sure enough they could send the main sysadmin in every now and then and
fix the things on site, but my question is: is there really no safe way
to manage a server and the locally connected clients from remote? I know
you can ssh into it, but is there software that allows you to have a
graphical overview of the network and the software you have installed on
any computer without compromising safety?

Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN

<o9CdnZBJ27SuUXr9nZ2dnUU7-c_NnZ2d@earthlink.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5329&group=comp.os.linux.misc#5329

 copy link   Newsgroups: comp.os.linux.misc comp.os.linux
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!tr3.eu1.usenetexpress.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Thu, 08 Jul 2021 23:10:27 -0500
Subject: Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN
Newsgroups: comp.os.linux.misc,comp.os.linux
References: <3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com> <sc3p6v$1qob$1@gioia.aioe.org>
From: Squared2...@nowhere (NSquared)
Date: Fri, 9 Jul 2021 00:10:25 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <sc3p6v$1qob$1@gioia.aioe.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Message-ID: <o9CdnZBJ27SuUXr9nZ2dnUU7-c_NnZ2d@earthlink.com>
Lines: 71
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 98.77.165.195
X-Trace: sv3-VsNyCYBihEf13G0ePBAI8yBS6QGc9rn2kWsvLxMp50vhOSsT5TFItNIk0LuHj7ClLPl3BZpFOz7fQwi!lSIhZf4jQNaWzoCWFzABQyi8HNKZGaVZSsCQBKYYiF6dq0oHRygs+Ov20hmcagi6bbTc4PLotbEF!um79kYAMuP/bJ7MI0N/g
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 4238
 by: NSquared - Fri, 9 Jul 2021 04:10 UTC

On 07/07/2021 04:38 AM, Andrea Croci wrote:
> On 07.07.21 07:29, FifthRootOfPi wrote:
>> Kaseya, focus of the most recent ReEVIL ransomware
>> attack, "apologizes" for its protracted delay in
>> getting its services back up and urges users to
>> KEEP THEIR SERVERS SHUT DOWN until it can, maybe,
>> get going again.
>>
>> Clue - DON'T get their "services" back up.
>>
>> Clue - DON'T use remote server management software.
>>
>> The bad people have FIGURED THIS OUT. It will just
>> be another RSM package next week and then they'll
>> get back to the latest security hole in Kaseya
>> and the others and hit everybody up again and
>> again and again.
>>
>> No insurance company should foot this bill.
>>
>> RSM lets the bad people send their evil far and
>> wide, a rectal injection into YOUR precious
>> systems.
>>
>> Why RSM ? CHEAP-ASSNESS, that's why. Proper local
>> sysadmins COST MONEY. Well, what has this, and
>> the previous attacks, cost you ? What will
>> cheap-assness cost you tomorrow ? Wise up !
>>
>> Despite the cost, it is now absolute insanity
>> to think you gain by having a few people handle
>> every little tweak and upgrade from afar. If you
>> do it, you deserve what you get - and should be
>> sued out of existence by your customers.
>>
>> Oh well, just keep those servers shut down ; you
>> will go flat broke all on your own .....
>>
>> But I'm sure the CEO still gets the golden parachute.
>
> On the other hand I can indeed picture a situation where hiring more
> people would not make a lot of sense. Say a company has a small
> subsidiary somewhere, where the local network is very small and needs to
> be changed too seldom for a local sysadmin to be busy more than 1% of
> the time.

There IS such a thing as "travel" ....

And remember, the problem is not that "small subsidiary", but
all your BIG subsidiaries that are also remotely administered.
You may be prepared to sacrifice the Mayberry branch, but what
about the NYC/LA/London branches ? All linked-in, ALL fall.

I would understand that business not wanting to hire an extra
> person. On the other hand the main sysadmin should have an overview of
> the entire network, even the one at the remote site, so the extra person
> would mean they (the two sysadmins) have to communicate (not that it
> would be a problem, but an extra layer where communication could go wrong).
>
> Sure enough they could send the main sysadmin in every now and then and
> fix the things on site, but my question is: is there really no safe way
> to manage a server and the locally connected clients from remote? I know
> you can ssh into it, but is there software that allows you to have a
> graphical overview of the network and the software you have installed on
> any computer without compromising safety?

I agree with the assessment that RSM is "professional
malpractice compromising national security" at this point
in time. No excuses.

Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN

<sc9fk5$5n3$2@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5330&group=comp.os.linux.misc#5330

 copy link   Newsgroups: comp.os.linux.misc comp.os.linux
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: ric...@example.invalid (Rich)
Newsgroups: comp.os.linux.misc,comp.os.linux
Subject: Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN
Date: Fri, 9 Jul 2021 12:32:05 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 20
Message-ID: <sc9fk5$5n3$2@dont-email.me>
References: <3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com> <sc3p6v$1qob$1@gioia.aioe.org> <o9CdnZBJ27SuUXr9nZ2dnUU7-c_NnZ2d@earthlink.com>
Injection-Date: Fri, 9 Jul 2021 12:32:05 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="fdcb9d3fc43c39acaccdc32b90c8debe";
logging-data="5859"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19a6XZwoPA05owZYpbDHuLe"
User-Agent: tin/2.0.1-20111224 ("Achenvoir") (UNIX) (Linux/3.10.17 (x86_64))
Cancel-Lock: sha1:TWp760yMl90r4waMmk8z5PPrcXA=
 by: Rich - Fri, 9 Jul 2021 12:32 UTC

NSquared <Squared22i.net> wrote:
> On 07/07/2021 04:38 AM, Andrea Croci wrote:
>> On the other hand I can indeed picture a situation where hiring more
>> people would not make a lot of sense. Say a company has a small
>> subsidiary somewhere, where the local network is very small and
>> needs to be changed too seldom for a local sysadmin to be busy more
>> than 1% of the time.
>
> There IS such a thing as "travel" ....

While true, "travel" costs, plus hourly wage costs, for a "traveling"
employee in an expensive country can often be substantially larger than
providing the same support 'remotely' using workers that are willing to
work for a fraction per hour of the expensive country worker.

Which is the "draw" to these types of 'remote' setups by CIO/CTO/etc.
types. When they run the numbers they see cost savings on the order of
1/10th or more by using the 'remote worker' option, and they ignore the
potential security risks while being starry-eyed over the cost savings
they "found".

Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN

<sZmdnfFjHdgDvXT9nZ2dnUU7-VPNnZ2d@earthlink.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5337&group=comp.os.linux.misc#5337

 copy link   Newsgroups: comp.os.linux.misc comp.os.linux
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!news.uzoreto.com!tr2.eu1.usenetexpress.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 09 Jul 2021 23:22:54 -0500
Subject: Re: Kaseya Says KEEP YOUR SERVERS SHUT DOWN
Newsgroups: comp.os.linux.misc,comp.os.linux
References: <3dqdnfR6IbNRpnj9nZ2dnUU7-bfNnZ2d@earthlink.com> <sc3p6v$1qob$1@gioia.aioe.org> <o9CdnZBJ27SuUXr9nZ2dnUU7-c_NnZ2d@earthlink.com> <sc9fk5$5n3$2@dont-email.me>
From: Squared2...@nowhere (NSquared)
Date: Sat, 10 Jul 2021 00:22:53 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <sc9fk5$5n3$2@dont-email.me>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Message-ID: <sZmdnfFjHdgDvXT9nZ2dnUU7-VPNnZ2d@earthlink.com>
Lines: 32
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 98.77.165.195
X-Trace: sv3-ZHadRcERQKfB7TaDvnyJ5RZtvDfMapzBWzAMQRrAWtjRviHZ2ToDAfMWdd23GhAwY8cdXlJ4BuwZ9OZ!hmmAjovrV25HNisKlsbULsr8uGkJCyEkyLg/3IZFp4sJLA1f9L8hn9SL13YVp7K5V6MYlUJMTKSu!/R3LeLUjcOBKAjiwAuIx
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2841
 by: NSquared - Sat, 10 Jul 2021 04:22 UTC

On 07/09/2021 08:32 AM, Rich wrote:
> NSquared <Squared22i.net> wrote:
>> On 07/07/2021 04:38 AM, Andrea Croci wrote:
>>> On the other hand I can indeed picture a situation where hiring more
>>> people would not make a lot of sense. Say a company has a small
>>> subsidiary somewhere, where the local network is very small and
>>> needs to be changed too seldom for a local sysadmin to be busy more
>>> than 1% of the time.
>>
>> There IS such a thing as "travel" ....
>
> While true, "travel" costs, plus hourly wage costs, for a "traveling"
> employee in an expensive country can often be substantially larger than
> providing the same support 'remotely' using workers that are willing to
> work for a fraction per hour of the expensive country worker.
>
> Which is the "draw" to these types of 'remote' setups by CIO/CTO/etc.
> types. When they run the numbers they see cost savings on the order of
> 1/10th or more by using the 'remote worker' option, and they ignore the
> potential security risks while being starry-eyed over the cost savings
> they "found".

The word "cheapness" has been mentioned in conjunction with
this issue. It is a businesspersons instinct. However in
todays environment, that instinct may easily cost you 10,000
times what those sitting/traveling experts would.

If you're selling anything I'm paying for and RSM cheapness
makes it go away I will sue yer ass - and so will mass
quantities of others.

Think, and CHOOSE. MAYBE you'll get away with it, maybe ...

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor