Viewing a single comment thread. View all comments

L00pback t1_j6064kf wrote

Everyone worries about ingress traffic rules and never egress. A good network admin controls both for just this reason.

7

JohnGillnitz t1_j60dkod wrote

Yup. One of my clients got hit a couple of years ago. Nasty. We had all the security boxes checked at the time, but it got in anyway. Encrypted everything, which was the bad news. The good news is that we could check the router logs and confirm that none of the data had been exfiltrated. All attempts were blocked because Tor was blocked.
That sucked, but we were able to recover everything from offline backups. Even the delta from them was recovered when a decryption tool became available a couple of months later. We didn't have to go out and get a credit monitoring service for the entire customer base, which would have bankrupted the place.

16

Stinkyclamjuice15 t1_j61z4rp wrote

Thank you for having a huge pair and working infosec, that shit seems really stressful king

7