IT Professionals, Guilty

Ambrose_McNulty · July 7, 2020, 10:22am

I’d say you’d still need a good few around, depends on the environment. Nora in Payroll might fuck you over for giving her a USB headset.

TreatyStones · July 7, 2020, 10:33am

They’ll adapt very quickly. We had very little push back. Handsets in the offices and meeting rooms for conference calls, a few handsets for PA’s / receptionists and then everyone else on softphone. It was a very successful project and has obviously come into it’s own in the last few months.

You can PM me if you want more details.

EstebanSexface · July 7, 2020, 10:37am

anything that helps with something like this is a plus

technician-fix-telephone-exchange_38678-913

anon67715551 · July 7, 2020, 11:15am

Are you sure about this, as in absolutely certain… I’m somewhat skeptical myself.

Copper_pipe · July 15, 2020, 10:08am

I’m now in possession of one of these yokes.

http://www.grandstream.com/products/ip-voice-telephony/wifi-cordless/product/wp820

Is configured so that if someone calls me on teams the phone will also ring.

A daycent job to be fair.

I’ll be making all my calls to Eir on it now when the broadband at home goes down

TreatyStones · July 15, 2020, 9:07pm

@Copper_pipe @Ambrose_McNulty

#sigred #sigred

Copper_pipe · July 15, 2020, 9:08pm

FFS

Making more work for me.

Ambrose_McNulty · July 15, 2020, 9:10pm

Caused a stir just before taaaaay at 10am.

Copper_pipe · July 15, 2020, 9:13pm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

Only impacts Windows Server OS it seems.

Not my problem if that’s the case

EstebanSexface · July 15, 2020, 9:16pm

XP for the win

TreatyStones · July 15, 2020, 9:25pm

Well it is a DNS server vulnerability.

Copper_pipe · July 15, 2020, 9:26pm

Yeah I may have posted “FFS” a bit prematurely.

Next time I’ll actually google what the exploit is

EstebanSexface · July 15, 2020, 9:35pm

What’s the vulnerability mate?

TreatyStones · July 15, 2020, 9:42pm

They haven’t revealed the exact details for obvious reasons but in broad terms it seems there is the potential for RCE on the server by sending a certain type of response to a DNS request. It affects all versions of Windows server and is potentially wormable.

EstebanSexface · July 15, 2020, 9:47pm

Little bit pedantic but the server sends the response. Surely the query would have to be malicious? I presume it’s a sig record manipulation.

TreatyStones · July 15, 2020, 9:51pm

Ya that wasnt clear, it’s actually both incoming queries and in the response in the case of a forwarded query.

It’s been rated a 10/10 severity.

EstebanSexface · July 15, 2020, 9:52pm

Must be able to get domain admin or DC access. Fuck.

TreatyStones · July 15, 2020, 9:52pm

Ya that’s the fear, a lot of companies would be running the DNS service on a DC.

EstebanSexface · July 15, 2020, 9:58pm

Youd need to get inside the network first for internal DNS. Still, could have malicious intent from inside.

TreatyStones · July 15, 2020, 10:03pm

Very detailed post from Checkpoint here on it: