Nice! No, didn't see this yet. We have a copy of the file systems
though, so hopefully can apply recovery keys there.
Thanks muchly,
--Bart
On 2/8/2023 7:45 AM, Wade W7ITL wrote:
Bart,
Have you guys tried to get the decryption keys
for esxiargs ? I work in cyber security and it was announced
that CISA had released the keys to help decrypt folks impacted
by the ransomware attacks
On Wed, Feb 8, 2023 at
4:09 AM Bart Kus <me@bartk.us> wrote:
Your background sounds like you'd make meaningful
contributions, so I'd encourage you to consider
participating in read-write mode, not just read-only.
I'll avoid getting into the technical weeds question, to
keep this thread focused on working group formation.
--Bart
On 2/8/2023 3:55 AM, Jamie Owens wrote:
What\when was the most recent beach?
The hypervisors are accessible
publicly? Why no VPN/VPC.
I've been in admin/networking/devops
world since 2000 and currently attending to get my
BS in CIS/Cyber Security... so if nothing more,
I'd like to tag along and learn more from this
real world scenario from I'm sure way more
experienced users.
On Wed, Feb 8,
2023, 3:34 AM Bart Kus <me@bartk.us>
wrote:
All
of the network's control points are on public
non-firewalled IPs.
This is the worst security. It was done this way
for the sake of
simplicity. Our netops volunteers had to get up
to speed with
unfamiliar concepts like routing, funky netmasks,
dynamic routing
protocols, policy routing, VRRP, firewalls, MTUs,
MSS control, IPsec,
etc. We reaped the rewards of KISS from broader
volunteer engagement,
but lately we've been paying too heavy of a price
for the awful security
this simplicity creates. In the most recent
breach we've lost important
source code that will now need to be re-created.
We escaped total
disaster by the thinnest of margins, as one
critical hypervisor just
happened to be patched to 1 version higher than
exploitable. This
simplicity is not a good tradeoff anymore, so the
time has come to
introduce more complexity to the network to
protect all control points.
This is not a simple problem, since there are many
fragility vs security
tradeoffs, as well as complexity cost concerns.
If you have experience
or thoughts around this area, and can commit to a
few weeks of design
and implementation work on this project, please
indicate your interest.
We'll assemble a small working group in the next
few days and start
discussions. I expect the working format will
involve some virtual
meetings, since email is not high bandwidth enough
to hash out
everything quickly.