There are ways to circumvent cloudflare. Think of cloudflare as a wall, and like nearly all walls, there are ways around if you know where and how to look.
i work for a in network security and 95% of the time any firewall regardless of the vendor is barely configured correctly.
This is so true. So often it is a shitty network admin that couldn't get something to work so they just made huge holes. I have see rule sets that were super selective in permitting services and destinations, then having a permit any rule at the end because "SAP updates were not working and that fixed it."
I'm was a developer but it works the same way in network security, managers do not know what they are hiring, they think one security professional is the same as all the others. It's pathetic. Hiring talent matters as much in the security field as it does on the football field, if someone was to say all Quarterbacks were at the same skill level it would be thought of as hilarious, yet that is how managers think about IT staff.
That is the main reason why I left IT, got so tired of working with incompetent, lazy fools.
Same here I got tired of making cool shit, and our company getting bought out by a richer company who brings in a team of boneheads to fuck it all up. Moved into healthcare.
Yeah, and products have way too many features. For security, you really want a product that can't be configured insecurely for the environment it is in. Its when companies want convenience that security gets compromised.
The other weak link is that a lot of "security" protocols were installed inside systems to give Certain People (TM) access of the sort they want for various reasons.
I know you can go through the front gates if you just impersonate someone. But does this mean that the platform that hosts TDW has a gaping security flaw, or does it just mean that they should test the system under an assumption that someone will get phished?
Cloudflare is a reverse proxy sitting in front of origin servers. There are ways to attain origin server IP addresses with some work, then use those origin IPs to "go around" Cloudflare. In a proper setup the origin servers would only accept traffic from Cloudflare IPs but that would require Dominion to actually implement security which is the point of this video. I am guessing that Russ was giving them the origin server IPs and they would only use the public Cloudflare IPs saying it was secure.
That is EXACTLY how this works. A secure setup would make the origin server reject all requests from non-cloudflare IPs but this needs to be configured. Cloudflare even provides examples on how to get and update that list of IPs. Most admins are too lazy or incompetent to do this or do not understand the risk.
No, the point was that there was another path that didn't involve hacking Cloudflare. He didn't explain, however my guess is that it was Dominion's backdoors into the system which are well established at this point, and were actually used to provide live, immediate tech support for the supposedly non connected EPB's.
Hol' up.
What's this about Cloudflare having a security vulnerability?
There are ways to circumvent cloudflare. Think of cloudflare as a wall, and like nearly all walls, there are ways around if you know where and how to look.
This is so true. So often it is a shitty network admin that couldn't get something to work so they just made huge holes. I have see rule sets that were super selective in permitting services and destinations, then having a permit any rule at the end because "SAP updates were not working and that fixed it."
I'm was a developer but it works the same way in network security, managers do not know what they are hiring, they think one security professional is the same as all the others. It's pathetic. Hiring talent matters as much in the security field as it does on the football field, if someone was to say all Quarterbacks were at the same skill level it would be thought of as hilarious, yet that is how managers think about IT staff.
That is the main reason why I left IT, got so tired of working with incompetent, lazy fools.
Same here I got tired of making cool shit, and our company getting bought out by a richer company who brings in a team of boneheads to fuck it all up. Moved into healthcare.
Yeah, and products have way too many features. For security, you really want a product that can't be configured insecurely for the environment it is in. Its when companies want convenience that security gets compromised.
The other weak link is that a lot of "security" protocols were installed inside systems to give Certain People (TM) access of the sort they want for various reasons.
See:
PROMIS/Inslaw
Octopus and Kraken
I know you can go through the front gates if you just impersonate someone. But does this mean that the platform that hosts TDW has a gaping security flaw, or does it just mean that they should test the system under an assumption that someone will get phished?
Cloudflare is a reverse proxy sitting in front of origin servers. There are ways to attain origin server IP addresses with some work, then use those origin IPs to "go around" Cloudflare. In a proper setup the origin servers would only accept traffic from Cloudflare IPs but that would require Dominion to actually implement security which is the point of this video. I am guessing that Russ was giving them the origin server IPs and they would only use the public Cloudflare IPs saying it was secure.
That is EXACTLY how this works. A secure setup would make the origin server reject all requests from non-cloudflare IPs but this needs to be configured. Cloudflare even provides examples on how to get and update that list of IPs. Most admins are too lazy or incompetent to do this or do not understand the risk.
No, the point was that there was another path that didn't involve hacking Cloudflare. He didn't explain, however my guess is that it was Dominion's backdoors into the system which are well established at this point, and were actually used to provide live, immediate tech support for the supposedly non connected EPB's.
SolarWinds? No, it was about Dominion.
Watch the video.