Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
cyberplace.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Cybersecurity, fandom, video games, technology, dog photos and most importantly, you.

Administered by:

Server stats:

939
active users

cyberplace.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Kevin Beaumont

Enjoying this fully patched Ivanti Pulse Connect box (yes, the kernel has dirty in it)

Linux version 2.6.32-00366-gsd3b182-dirty - December 2009

curl 7.19.7 2009-11-04 (14 years)
openssl 1.0.2n-fips 2017-12-07 (6 years)
perl 5.6.1 2001-04-09 (23 years)
psql 9.6.14 2019-06-20 (5 years)
cabextract 0.5 2001-08-20 (22 years)
ssh 5.3p1 2009-10-01 (14 years)
unzip 6.00 2009-04-29 (15 years)

Feb 09, 2024, 06:38 PM·Public
43boosts·83favorites
Public
Kevin Beaumont

US Federal agencies plugging their Ivanti boxes back into the internet after factory resetting them

Public
Kevin Beaumont

TIL it doesn’t matter what me and @wdormann think, it’s only real when people read about it on Hacker News.

Public
Claude

@GossiTheDog The 1/31 directive should have ended after this sentence:

Quiet public
Alan Miller :verified_paw: 🇺🇦

@GossiTheDog I feel like there's an awful lot of stuff Ivanti has acquired over the years that's probably similar.

Public
Brian Clark

@GossiTheDog come on now, that’s what vendors refer to as a fully hardened appliance! 😉

Public
*sigh*Ber nard

@GossiTheDog stop worrying, it's FIPS certified crypto! (crapto?)

Public
postmodern

@GossiTheDog note the attribution license doc mentions a bunch of python modules, some frontend and some backend. noirbizarre/flask-restplus, rptlab/reportlab (PDF gen library), scikit-learn/scikit-learn (Python machine learning library using SciPy). Python is probably on there somewhere.
help.ivanti.com/ps/help/en_US/
#ivanti #ivantivpn

Public
BibbleCo

@GossiTheDog looks much like the stack used by $big.SaaS org to host vast amounts of customer email did, 10y ago. (I'm sure they've fixed all that by now. Right, kids?)

Public
Allan Friedman

@GossiTheDog but the important thing is that SBOMs are too hard, and no one needs them.

Public
Will Dormann

@GossiTheDog What version of the appliance comes with the 2.6 Linux kernel?
22.3R1 runs 4.15.18.34.

Public
David Krause

@wdormann @GossiTheDog Ivanti does publish a list of all the third party software in each version, just change the URL for whatever release:
help.ivanti.com/ps/help/en_US/

ExploreLive feeds
About