with the US-based security vendor on November 11 urging customers to pull their management interfaces off the public internet or restrict them to known IP addresses.
Why would you EVER put management interfaces on the public internet? What terrible decisions led them down that path? VPN is so quick and easy at a minimum.
Evotech@lemmy.world
on 16 Nov 2024 17:46
nextcollapse
I know right, 99% of these caves are against management interfaces too
corsicanguppy@lemmy.ca
on 16 Nov 2024 19:42
collapse
Saw the writing on the wall, there.
qjkxbmwvz@startrek.website
on 16 Nov 2024 19:43
nextcollapse
The network gear I manage is only accessible via VPN, or from a trusted internal network…
…and by the gear I manage, I mean my home network (a router and a few managed switches and access points). If a doofus like me can set it up for my home, I’d think that actual companies would be able to figure it out, too.
www.paloaltonetworks.com → Leader in Cybersecurity Protection & Software for the Modern Enterprises - Palo Alto Networks
Thanks, I will avoid them.
VonReposti@feddit.dk
on 16 Nov 2024 18:04
nextcollapse
They’re spamming all web logs too with an advertisement for their services in the user agent. I decided to ban them from all my websites because the logs took up too much space.
TheKMAP@lemmynsfw.com
on 16 Nov 2024 22:12
nextcollapse
lmao that’s not an ad, dude.
VonReposti@feddit.dk
on 17 Nov 2024 05:49
collapse
They’re saying who they are, what they do, and are linking to their website and sometimes sends hundreds of requests in a minute. It might not say "For only €49.99 you can get your very own thing!”, but that does not mean they aren’t throwing their name up in every website owner’s arse whether they like it or not.
TheKMAP@lemmynsfw.com
on 17 Nov 2024 06:41
collapse
It’s so you know who is scanning you.
VonReposti@feddit.dk
on 17 Nov 2024 07:39
collapse
That could have been done by just having a single entry called GoogleBot or BingBot, not an entire sentence explaining their product offering let alone hundreds of times a minute.
mostlikelyaperson@lemmy.world
on 18 Nov 2024 09:24
collapse
Yeah fuck them.
cyberpunk007@lemmy.ca
on 18 Nov 2024 06:41
collapse
“urging customers to pull their management interfaces off the public internet or restrict them to known IP addresses.”
Sounds more like pebkac and less of a big deal. Management interface should be in your management VLAN, plus I don’t know another vendor that can touch them in terms of security features.
threaded - newest
Why would you EVER put management interfaces on the public internet? What terrible decisions led them down that path? VPN is so quick and easy at a minimum.
I know right, 99% of these caves are against management interfaces too
Paleo Alto?
Saw the writing on the wall, there.
The network gear I manage is only accessible via VPN, or from a trusted internal network…
…and by the gear I manage, I mean my home network (a router and a few managed switches and access points). If a doofus like me can set it up for my home, I’d think that actual companies would be able to figure it out, too.
Management interfaces shouldn’t even be accessible from the general LAN.
zero trust?
Once I read this I just stopped lol. You almost deserve to be explored if you do this, this is like security 101.
www.paloaltonetworks.com → Leader in Cybersecurity Protection & Software for the Modern Enterprises - Palo Alto Networks
Thanks, I will avoid them.
They’re spamming all web logs too with an advertisement for their services in the user agent. I decided to ban them from all my websites because the logs took up too much space.
lmao that’s not an ad, dude.
They’re saying who they are, what they do, and are linking to their website and sometimes sends hundreds of requests in a minute. It might not say "For only €49.99 you can get your very own thing!”, but that does not mean they aren’t throwing their name up in every website owner’s arse whether they like it or not.
It’s so you know who is scanning you.
That could have been done by just having a single entry called GoogleBot or BingBot, not an entire sentence explaining their product offering let alone hundreds of times a minute.
Yeah fuck them.
“urging customers to pull their management interfaces off the public internet or restrict them to known IP addresses.”
Sounds more like pebkac and less of a big deal. Management interface should be in your management VLAN, plus I don’t know another vendor that can touch them in terms of security features.