Little Daemon shirts and hoodies are available only at based.win/?s=little+daemon&post_type=product 10% discount when you pay in Monero (XMR)

8 ай бұрын

bruv it looks gay as hell respectfully i would never wear that in public

@Matt-hc1fi

8 ай бұрын

​@If I were a woman i would, but as a man that looks really stupid on a dude who works out.

8 ай бұрын

@@Matt-hc1fi same

@dom_xi-dzopa720

8 ай бұрын

it looks gay?? it looks like an animated demon and i that is what i think he was going for, that's like saying a pokemon shirt on a man looks gay, wtf are you talking lol but in all seriousness it does look like a very very happy and exuberant demon, which again i think was the aim.😶‍🌫

@dom_xi-dzopa720

8 ай бұрын

and i am replying to my own msg like a dork to say im buying one or gonna provide him what he requested for one rather, but still

As a former Cisco engineer, I still crack myself thinking about the switch model where if you conected an ethernet cable to the console port, the cable would push the power buttons located next to the port, immediately switching off the device.

@GooogleGoglee

8 ай бұрын

Cisco ISR C1100 still out there , same design..

@handler_music

8 ай бұрын

that was my first thought the second i saw the thumbnail

@ao4514

8 ай бұрын

Hello, I'm currently working on my networking course. What would you suggest is the best way to secure a Switch and VLANs ?!

@GooogleGoglee

8 ай бұрын

@@ao4514 best way? Turning it off.

@clickhum

8 ай бұрын

@@ao4514making a course and asking for advice in youtube comments? Not a good look.

When I hear about network administrators making basic mistakes like this, I feel like I should be making 100k more than I do now.

@qlippoth13

8 ай бұрын

This has nothing to do with fiver tier admins. This is a Lua programming language and consists of 29 lines of code that facilitates the arbitrary command execution. This is a problem within the IOS code itself... and that's where the fiver tier outsource comes in. Cut and paste coding.

@mememan9890

8 ай бұрын

@@ultimatums1As someone who is technically LGBT, how do I take advantage of this to get me a job?

@Kim_YoJong

8 ай бұрын

​@@mememan9890ikr all of a sudden I'm gay

@_wayward_494

8 ай бұрын

@@mememan9890 be a different colour smh my head

@Zaycancode

8 ай бұрын

@@ultimatums1that’s DEI gone haywire but edge cases like that will happen overall it’s not a bad way to add diversity to the field most people will be qualified on average.

Just wanted to point out that every single on-site pentest I did where they used a cisco switch the "cisco:cisco" credentials never failed, it's like smoke alarm chirp for corporations, you would be amazed

@codemiesterbeats

8 ай бұрын

Haha that's wild.

Circa 2004, we disabled the web UI "by default" on Cisco switches and routers and only allowed ssh.. this kept internal idiots from doing stupid things, NM external idiots...

@qlippoth13

8 ай бұрын

The Access-control part of TACACS was also a good idea, even in the late 1900s.

Same thing for your home security system. If a third party can push updates to your router or alarm system without your consent, your system is compromised.

@iRunKids

8 ай бұрын

I only but routers that I can flash dd-wrt onto, some of these new routers you can’t even disable WPS, it’s like they want your equipment to get pwned

@SuperGiggun

7 ай бұрын

Meraki?

"That brother should flip burgers" - Hackers to the sys admins that configured the login panel to the public internet

Any incompetent IT people are welcome to come to Denmark and get reeducated into the construction sector or adjacent crafts, we have a big shortage of workers in this area, also care home workers. Enjoy a luxurious Danish middleclass lifestyle, with a high median income, a good work/life balance, and if you are the type that enjoys honesty from your peers then you'll enjoy the Danes for being very direct with you when there is anything they'd like to have a word with you about. Come to Denmark now!

@TracksWithDax

8 ай бұрын

Only problem is learning the language (norwegian-speaking American here 😂) pronunciation seems much more difficult than Norwegian and Swedish haha

@chralexNET

8 ай бұрын

@@TracksWithDax True - but at least people in Denmark speak English very well, I think most professionals that come from English speaking countries actually never bother to learn Danish properly. Edit: actually most people learn to understand Danish but never to speak it, which is a good compromise.

@baleeet7323

8 ай бұрын

Are you going to sponsor my visa?

@qlippoth13

8 ай бұрын

Jeg pakker mine tasker nu, anon!

@chralexNET

8 ай бұрын

@@baleeet7323 How much does it cost?

I worked for a startup for about a year some time ago. They did outsorce their "security research" to somebody else. First week of actually looking into what they had in their repos, found 3 obvious RCE exploits... You know who fixed them? The same guy doing the research. Two of them turned from RCE to RegExp DoS (a flawed string-searching method that scaled exponentially in time the more characters you added, pretty bad stuff). Believe me, outsourcing anything "security" is asking yourself for trouble. Either opensource the thing and charge for service or do the job yourself.

@shapelessed

8 ай бұрын

​@@urbanistiq8009 Well, Cisco is most certainly big enough to afford some, especially that they would have complete control and insight into what is being tested. It's not uncommon for the research to omit silly small things which many developers could notice and point out.

@qlippoth13

8 ай бұрын

You could have replaced them all with Nessus for free.

@FloodPower

8 ай бұрын

What startup has the budget for an in house app pentester. Salary could be 200K USD. Many reason for outsourcing security needs, you get specialized competent people for less money.

@VivekYadav-ds8oz

8 ай бұрын

​​@@urbanistiq8009But it's simply not scalable to write code without thinking of security. If you always code for the happy path and assume your user are law-abiding saints with only alphanumeric sanitised inputs, then there'll be too much to fix by the time you get a pentester.

@Criticalmaze

8 ай бұрын

@@FloodPowerI don’t think he really worked or started up anything 😅

Unfortunately, at this point in time, a smart circular saw with connection to the internet doesn't sound like a total joke

@1997saltydog

8 ай бұрын

Why does my blender need wifi in order to work?

@scienceface8884

8 ай бұрын

​@1997saltydog So that it can receive security updates, obviously.

@thechronic555

8 ай бұрын

Yay ble locate my stolen zip gun!

@marcogenovesi8570

8 ай бұрын

@@1997saltydog to make sure you are blending the right amount and type of Ze Bugz

@thesenamesaretaken

7 ай бұрын

​@@dadigitechmanah, but how's it going to verify your subscription without access to the internet?

Man, talk about failing the CCNA.

@qlippoth13

8 ай бұрын

this is fail level CCDA

@MiGujack3

8 ай бұрын

That's a scam anyway.

I know an IT guy who doesn't even know what a VLAN is. He somehow has a better paying job than most of us in his circle. He is lazy, patronizing, and arrogant and puts no effort into his work. Only problem here is he manages a large Hospital's IT infrastructure. So, just use your imagination on what could go wrong. By the way his got this "negative energy" so none of his colleagues actually like him. Also he doesn't listen to advice.

@VictoriousGardenosaurus

8 ай бұрын

MoveIt is the kind of thing that happens

@joaopedroalbernaz

8 ай бұрын

I think I know this dude you are talking about. Maybe not, maybe they are all like that anyways.

@l4kr

8 ай бұрын

Yeah I keep encouraging newbie/junior IT guys into getting better paying jobs because they just have no idea what they could be getting paid lmao

@qlippoth13

8 ай бұрын

Nice to know cube dwellers have not changed

@sirtra

8 ай бұрын

Sounds as though this IT guy is a manager. Managers don't need to know the gory technical details to be an effective manager - their job is to manage the people who do. They also will sometimes make decisions or give directions which aren't in line with what would be best from a technical standpoint, because sometimes that isn't what is important to the business or company - for example installing the worlds most secure vending machine into the staff lunchroom would be overkill if the business requirement is to simply implement "free drinks and snacks for staff" with controls in place to discourage abuse by staff (such as a junior staffer taking 12 cans of Coke home at the end of their shift every day). Perhaps you don't need to prevent such a situation but merely be alerted or be able to detect it should it happen - worst case scenario. But i digress as none of this is why i'm even typing a comment in the first place. What i really want to know is this... What is this "negative energy" that you speak of? Are we talking like hippie aura healing crystals vibe or frizzled hair static electricity zaps when you get close vibe? Genuine question as it's not often to see such a statement on a channel like this.. you have piqued my curiosity and my undivided attention should you care to answer. No hate, i promise 🥰

Time to sneed!!!

@PhoenixKrusader

8 ай бұрын

💀

@wyattrivers700

8 ай бұрын

do the sneedful

I have no classical IT training whatsoever but I saw this setting on my personal router and even I thought "Why is this here? Who would need this?"

"10/10 critical" HOO BOY HERE WE GO

I edge to your videos Kenny

@Cartiisthegoat29

8 ай бұрын

Microsoft Edge

@notafbihoneypot8487

8 ай бұрын

​@@Cartiisthegoat29no windows allowed

@the_hanged_clown

8 ай бұрын

is that you, Scout Master Steve?

@imgladnotu9527

8 ай бұрын

deranged individual

@4lfie-

8 ай бұрын

@@evanesoteric sit down and evaluate your persona.

Security flaws, vulnerabilities, and hacking are just sucking all the fun out of what use to be a challenging but rewarding career. I am so burnt out on the chasing of tails to cover the latest big flaw or compromise. I know there are some out there that love this stuff, but I go into IT to design and implement infrastructure and make the blinkies blink. Dealing with this crap is just exhausting.

@Lysergic_

8 ай бұрын

sometimes these battles aren't meant to be enjoyed, rather to be remembered and shared. Imagine when you get to tell your grandkids of all the war stories

@good-frog

8 ай бұрын

You went into the wrong field I suppose, friend.

@psyckojoe

8 ай бұрын

That's like saying you went into bridge construction to make big arches and don't want to worry about load capacity or wind tolerance. If you don't think it's worth it, get another job and keep it as a hobby or something.

@dfgdfg_

8 ай бұрын

​@@psyckojoenot quite the right metaphor, solid steel cable doesn't sometimes just spontaneously combust, and sand never turns into manure

@marcogenovesi8570

8 ай бұрын

@@dfgdfg_ solid steel cable (or reinforced concrete) deteriorates with time or with shoddy construction and can "spontaneously fail". Sand/concrete ratios/types in a building to optimize weight and strenght of the material are not for the faint of heart.

I personally dont agree with you that the UI should be disabled by competent security engineers, cisco should create enterprise grade level products and dont have critical vulnerabilities or at least fix them quickly. The UI is part of the product, this is 100% cisco fault.

@gabrielmontiel486

8 ай бұрын

But yes, having an admin console on public internet is stupid as fuck, even in some very strange cases that i have admin consoles on the internet i have them with known public ip whitelisted only

@leahvance1856

8 ай бұрын

L take. A good security engineer would realize that no hardware manufacturer can account for or prevent every possible security vulnerability, so they should plan accordingly.

@Phasma6969

8 ай бұрын

​@@leahvance1856true true true true true

@marcogenovesi8570

8 ай бұрын

@@leahvance1856 L take. Disabling the UI is different from making it publicly accessible.

@the_expidition427

8 ай бұрын

Seethe this is the same as blaming a manufacturer as someone wrecked their performance car.

I'm glad you commented on it; anyone busted through this should have never touched these devices. All this stuff is outsourced and dumbed down to the most useless people because they see IT as a cost instead of looking at IT as the only reason their entire company can make money. An IT security professional I studied under said, "If you want IT to be funded properly, you make every team that uses the service take from their budget to fund what they use." The only way to make sure IT doesn't turn into a mess.

YOU GOTTA have your router exposed to the net.. like.. it has electrolytes

@gamtax

8 ай бұрын

What are electrolytes? 😂

This is why I use boxes with TempleOS on it instead of Cisco.

Thankful for incredible news outlets like you sir !

6:30 This was uncalled for and in bad taste. What happened was terrible and if those network admins had enough brain cells to communicate, they'd be deeply hurt by what you said.

Any time Jayson is on the court it’s a security vulnerability for the defense! Thanks for another video, looking forward to seeing another great season from you.

@torrtoise

8 ай бұрын

Who is Jayson?

@remsee1608

8 ай бұрын

@@torrtoise Jayson Tatum, the creator of the Mental Outlaw youtube channel

@TActually

8 ай бұрын

@@remsee1608 Assuming that is his real name, you do know that he is a big privacy advocate... right? like why would you put his real name out there? or maybe it's not and this is just a big funny....

@carsoccerpain

8 ай бұрын

⁠@@TActuallyJayson Tatum is an nba player bro. He’s joking because he looks like him.

oh no not my third favourite food distribution company

@TracksWithDax

8 ай бұрын

😂🤣

@Shade_Tree_Mechanic

8 ай бұрын

Lmfao 😂

Some day I'm gonna sneak in while you're out, and hang up a couple of velvet Elvis's and put down a throw rug... maybe toss in a couple of side tables too..

@MentalOutlaw

8 ай бұрын

Damn, I was hoping for a casting couch

@zrdtc

8 ай бұрын

​@@MentalOutlawadd it into deepfake

@evanesoteric

8 ай бұрын

Be fair y'all, OP deserve a equal love here. Don't be too fanboyish. I've got your six YerBrownGlowSpook; wielding that RF-One with great vengeance. "We strike, with full force" - Englishnese. Na, but if you ever need a Hen sitter MO, I'm not too far. 🙌🏻.

One thing speaking volumes for how Cisco is doing things, is that there are several, seemingly unrelated features (at least up until a year ago I can confirm) that won't work if you disable http server on the router - most likely cause they run stuff internally through it.

The competency crisis strikes again.

Most consumer routers let you access the GUI over the Internet (not by default though). Even as a kid, I knew how silly that feature was and never turned it on.

Regarding why an HTTP server would be accessible to the Internet, it's about more than just making the administration interface accessible. It is common for these types of devices to offer clientless VPN access which utilizes an HTTP server of some kind. The problem with this approach is that HTTP servers are inherently complicated. So it's more likely that an RCE could be hidden in all that code. Add in the fact that many administrators don't think about these systems as full blown web servers, and you have a recipe for disaster.

@inverlock

8 ай бұрын

As someone who has recently began administrating business systems, it's crazy how often I've been looking at random devices and thinking "that's a web server". Printers, Access Points, switches, cameras, literally anything that is able to serve a panel at the most basic capacity.

@domg6041

8 ай бұрын

@@inverlock Printers are some of the worst, printer jobs are saved in the thousands in those things.

@DeadlyDragon_

8 ай бұрын

Not in Cisco land, thats a separate product line. IOS XE is primarily switches / routers where clientless VPNs are typically handled on firewall tier devices.

When you read that out loud, it sounded to me like storing passwords in plaintext. And I know pretty much nothing about network security, so that says a lot.

Just incredible competence. Man I love shareholder thinking.

I'm just gonna say here that using the web interface it completely fine, especially when you're working in a small branch or company with maybe 3 Cisco devices, however you should never expose that interface to an untrusted network. In fact you probably only want to expose it to a specific VLAN that really only your machine is part of. Edit: Note I prefer the CLI most of the time but sometimes the web UI is faster and easier. I also went through CCNA training and Cisco REALLY pushes the web interface on you nowadays.

@ghosthunter0950

8 ай бұрын

"Cisco REALLY pushes the web interface on you nowadays." Probably the reason for those terrible setups in the first place.

@Ruchikun

6 ай бұрын

@@ghosthunter0950 I challenge people here to configure their first UCS fabric without using the web ui . Go ahead :D . The ERA of the CLI is pretty much over anyway. APi's is where it's at now.

This is why we, by default turn off web mgmt on all of our switches. Feels good.

Most hiring people lack the necessary technical skills to properly evaluate the competence of IT professionals...

4:40 Actually the only performance "loss" in there is extra storage required for static files. And all these dashboard types are rendered client-side, so an http API on top. But majority of the time said API just mirrors the functionality of the underlying CLI API, so it's no more overhead than creating API for the CLI.

Please cover the Grayjay app that Louis Rossmann helped create.

Your thumbnail game is simply unmatched. Amazing

A note on the possible mitigation of not allowing the gui petal on a public ip address; a lot of institutions were given public cidrs early on and is those addresses for internal networks instead of nating rfc1918 addresses. Also it's an enterprise device like you said.

I was wondering why Firefox kept saying Cisco certifications were untrusted.😂

@abrokenpal

8 ай бұрын

Unfathomably based browser

At what point do we have to start thinking about accountability and administering justice against companies/entities that fuck up this badly? Undoubtedly government systems are vulnerable as a result and that’s a risk to us the people. We can’t accept this

@vxicepickxv

7 ай бұрын

Competent people would want that. Unfortunately, competent people aren't in charge of writing laws after getting bribes from the company owners.

whenever I hear about Cisco it's always either vulnerability or outright backdoor, and yet it keeps being de-facto industry standard.

Incredibly based shirt. Fellow fan of Gabriel Dropout I see🔥

I don't even have experience as a network engineer and I know you shouldn't have your routers management access/panel/ssh/whateverthequack accessible by the outside internet in any regard.

10/10 critical 💀

I've never seen the web-UI enabled on a single device, but also didn't know it came enabled by default. The worst we had (not public-facing, mind you) was authenticated unencrypted telnet on devices to old for SSH. And the network traffic there was monitored closely for rogue access. This advisory feels more like a "Warning, coffee in cup is hot!"-deal, even if the authentication in the web-UI should ideally not let people pick their own access-level to be fair.

I love that the Cisco IP phone on my desk at work is vulnerable to HeartBleed.

Great work, man 👏

Considering what cisco has done in China i dont feel bad for them. I do feel bad for normal customers tho.

@keylanoslokj1806

8 ай бұрын

What did they do in China

@mckstellar1005

8 ай бұрын

@@keylanoslokj1806 they essentially built China's iron wall aswell as track down ppl to throw in their camps

@marcogenovesi8570

8 ай бұрын

@@keylanoslokj1806 the usual, bent the knee to government doing things to people

@MiGujack3

8 ай бұрын

Explain

@ondrejsedlak4935

8 ай бұрын

Cisco built what is known as the Great Firewall of China, which enables the CCP to partition the Chinese internet from the general global internet. They basically enabled a dictatorship to oppress their already oppressed populace even further. Great bunch of scumbags.

As somebody who once listened to The Thong Song by Sisqo rather than study for my Cisco final in college and passed the class with a C, I am in no way surprised by this

There are almost 330 million citizens here, the numbers aren't that bad in comparison. That all being said, as soon as someone finds they got hacked or used in conjunction with a hack, then they see the downwind negative aspects (authorities involved, loss of revenue, negative PR, etc), then the math to hire an actual security focused employee starts to make a whole lot more sense. I agree, let these places fuck up, it's just more work for me and everyone else. Every hack makes me smile.

@marcogenovesi8570

8 ай бұрын

that can't be more wrong. Most companies that get hacked only hire experts to do a cleanup and don't fix the issue. In a few cases they just paid the ransom for the cryptolocker and kept going. It's usually cheaper to just pay because nobody holds them accountable for a data breach where they lose all the data of their customers. The main loss is the downtime to pay the ransom (which is usually higher than the ransom itself) and get back online

And nobodys talking about israels backdoors...

@S.O.N.E

8 ай бұрын

Boom

@damianateiro

8 ай бұрын

🔥🔥🔥

I used to work at an IT place serving the swedish government. The swedish government chronically uses Cisco products. This vulnerability was expected, but not welcomed. I feel bad for my old mates who have to solve this.

You get what you deserve if your network team is comprised of the "please good sir we will do the needful" types.

@Lisa_Minci96

8 ай бұрын

how many of you seeing this use /g/?

Sheet at my old work they didnt even have the web gui on, it was turned off as one of the first things you'd do when setting up a fresh device. And that was behind a firewall, that was only accessible via VPN, with 2 factor, and had access control to only certain users (network guys) for ssh access to certain devices. Let alone having the device itself accessible directly to the internet, with the web gui still on. Holy yikes.

I do red teaming at my company and they had cisco switches with """"smart"""" install VStack enabled. You could essentially pull and update the running config without logging in. It's supposed to be a default setting used for initial remote deployment. Was able to change the vlan on my port and jump to a restricted vlan that normally blocked my VLAN using an ACL on the layer 3 Core

That Uwen BSD logo is nice.

Nice to see you on the video in person, sir!

I love your news and update videos on security. Keep it up.

The fact there's over 10,000 public facing cisco devices with http web gui's freely available is what really blows my mind. Send these people to dig ditches.

Ah I remember my days at university, on a Cisco class for engineers and my laptop running Artix Linux programming the switches and routers for the final exam with a simple console cable. My prof was shocked by the fact that I bought a Chinese console cable to code every device and not the PCs with the Serial PCI devices 😂. That being said these vulnerabilities are not okay jesust. Imagine paying huge money on Cisco devices to get hacked anyways LOL Great video as always bro 😎 🤙

SSH switch stack conf t no ip http server no ip http secure-server exit copy running-config startup-config exit But honestly why would you have the web GUI enabled on an IOS device anyway .

@patrik_x86

8 ай бұрын

so that non-technical execs can feel like they know what they are doing when they demand access to critical network infra

@qlippoth13

8 ай бұрын

write erase reload

In my CCNA classes we have *never* used the web UI lol now I’m glad

Love how after however many months since you started coming on camera regularly your background has gained a folding table.

Thats why control plane policing is important, especially at the edge.

Former Executive Director of ET&I at Cisco.... Cisco is not a networking company, it's a government co-opted company like Huawei...

Lol, it is ALWAYS acceptable to haze your colleagues if they do not handle the commandline 😄

You either manage your machines locally with a console cable or have a secure network that is separated from anything else for management and requires an additional level of authentication. Oh yes, MikroTik disables any configuration interfaces from public facing networks by default.

have you heard of Louis Rossman greyjay app?

@drane4563

8 ай бұрын

yeah, i also would like to see reaction video from our beloved deepfake creator

For some reason was reminded of the psblock thing on supermicros a few years back.

Outsourcing isn't the issue, the amount of money you spend directly reflects the quality of outsourced talent you get.

@000Krim

8 ай бұрын

XD

Agreed, this should not be an issue because you'd never expose the Web ui to nay untrusted networks. It should be on an oob network with no access to the internal network.

Soul Glow in Coming to America -> Cisco Glow

@qlippoth13

8 ай бұрын

God says...

Well, SECURITY is the part which I HATED the MOST ...but sadly we All NEED it the MOST!!! ...this horrible tedious work must be kept IN HOUSE ...I cannot understand what kind of gullible uneducated manager would even think about OUTSOURCING SYSTEM SECURITY??? ...allowing my Routers and Switches to be controlled from the web? NO WAY!!! ...my Public internet vlan has NO SVI... I have various firewalls... - my Internet router is always a separate entity......

I disagree on the whole "No padded corners on enterprise devices." part. There is a reason why industrial machinery has emergency stop buttons, blow out valves, and guardrails.

Disable the GUI that's what they taught me in my cybersecurity course at the university.

Hey Kenny, how trustworthy are the products sold on your store, I mean I know the merch is high quality, but stuff like pc components, I could really use some, but they're mostly random chinese brands, are they any good?

@Mental Outlaw I see that qubes os tittle bar, good choice. 👀

We have a lot of clients who outsource their netsec and it's a pain to work with them and they have no idea what's going on

The other big issue is, not everyone has a Cisco account to know or apply patches. They just use the equipment and see the fee as being a costly rub over time. So they will just ignore anything util there is a problem.

My dad used to work at Cisco, there are a ton of really, really talented engineers who USED to work there… but I get the impression from every Cisco employee I talk to that their priorities are far more social justice oriented than making good products oriented

@wafflesarelove

8 ай бұрын

ESG and DEI baby

@traplover6357

8 ай бұрын

Thinking a Cisco employee cares about social justice more than getting the bag for doing less is ludicrous ☠️

@qlippoth13

8 ай бұрын

All the OG talent left Cisco for Juniper in the late 1990s

@WelcomeToDERPLAND

8 ай бұрын

Soooo literally every big company in existence? cool.

@Peglegkickboxer

8 ай бұрын

Does bridging a required ISP Cisco router through to my own more secure one prevent a lot of these exploits and issues? I hate Cisco but my ISP requires their router/modem combo box to function.

that design is cool too gonna get a purple one it looks heavily saturated the richness of the pink is what does it

That's why go full OpenWrt.

The daemon-design is really cute, though by the lack of a shipping policy, I'm guessing that the products are far too based to make it overseas to europe yet.

terry davis had a good clip talking about cli vs gui users

So happy we are a Juniper shop for once.

other thing if your going to open web ports please use a custom facing port too

I wish more companies thought about this/outsourcing.

@vxicepickxv

7 ай бұрын

It doesn't matter. Companies have a legally drfined fiduciary responsibility to maximize shareholder profits on a quarterly basis.

You said it, the current problem with IT right now is over outsourcing. Is better for companies to hire 5 or 20 people with the salary of one, no matter their expertise; and this is huge, lot of outsourcing is made by underqualified technicians (I seen myself).

I have a Cisco router/firewall. I would be very motivated to update, except for the reason that Cisco dropped software updates for my device a year ago.

Love the Windows XP theme, KDE?

The worst part about this is that companies will use this as an excuse to even more so not hire juniors instead of realizing they need to train them Because. Y’know People retire or die eventually

Routers with HTTP/HTTPS enabled 99% are not beucase of the WebGUI (which at the IOS level doesn't even com with files installed nor enabled by default) but actually for the use of APIs, for example WSAPI

@yuukil5522

8 ай бұрын

why would you need websockers on a router.. not disagreeing with you just seems questionable to have outward facing

The good ol' web router admin port facing WAN

Watching this through Invidious, but need to login into KZread to comment and like.

I don't understand. How come web GUI is enabled by default on public facing interface? Isn't open source stuff like OpenWRT only enable on WAN interface by default? Funny that something free is more secure than something that needs to be paid a lot...

Cisco Pwnt :D great video ty.

I imagine a CVSS Score 10 is like the nuclear raid siren of the IT world lol

You should make a video on the end of the lawsuit with LBRY and the SEC and how it could possibly affect GitHub and Odyssey. Not to mention just general internet privacy and open source as a whole

I've never measured the memory usage of a web server, but I feel like it shouldn't be large enough to matter.