Re: [AFMUG] Bash specially-crafted environment variables code injection attack

2014-09-25 Thread Matt Hardy via Af 
http://community.ubnt.com/t5/EdgeMAX/Re-Bash-shell-vuln-Is-ER-also-vulnerable/m-p/1024737/highlight/true#M43038



On Thu, Sep 25, 2014 at 4:54 PM, Josh Reynolds via Af  wrote:

>  UBNT not vulnerable as AirOS doesn't have bash, it uses busybox (already
> tested this myself).
>
> EdgeRouters all vulnerable. You can either download bash from debian
> stable/security, or wait for an incoming patch.
>
> Josh Reynolds, Chief Information Officer
> SPITwSPOTS, www.spitwspots.com
>  On 09/25/2014 12:04 PM, Ty Featherling via Af wrote:
>
> Yeah I am trying to figure out what else I may be operating that is
> vulnerable. UBNT? Mikrotik? Cisco?
>
>  -Ty
>
> On Thu, Sep 25, 2014 at 3:00 PM, Josh Baird via Af  wrote:
>
>> It can be exposed by anything that invokes bash - which is a ton of stuff
>> typically on Linux systems.
>>
>> On Thu, Sep 25, 2014 at 2:25 PM, Peter Kranz via Af  wrote:
>>
>>> PS.. This vulnerability can be exploited via HTTP/Apache attack vectors,
>>> so you need to patch any vulnerable system running Apache.
>>>
>>> Peter Kranz
>>> Founder/CEO - Unwired Ltd
>>> www.UnwiredLtd.com
>>> Desk: 510-868-1614 x100 <510-868-1614%20x100>
>>> Mobile: 510-207-
>>> pkr...@unwiredltd.com
>>>
>>> -Original Message-
>>> From: Af [mailto:af-bounces+pkranz=unwiredltd@afmug.com] On Behalf
>>> Of Matt via Af
>>> Sent: Thursday, September 25, 2014 10:27 AM
>>> To: af@afmug.com
>>> Subject: [AFMUG] Bash specially-crafted environment variables code
>>> injection attack
>>>
>>> Bash specially-crafted environment variables code injection attack
>>>
>>>
>>> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
>>>
>>>
>>
>
>

Re: [AFMUG] ot: may be some interesting listening here in an hour

2014-11-25 Thread Matt Hardy via Af 
I worked retail in high school & college, and every Black Friday, we'd put
up some signs saying we were having deals, but everything was the same
price.

The lines from the cash registers would line up to the back of the store,
people waiting in line to pay the same price they'd pay the week before or
after. Never understood it ;)



On Tue, Nov 25, 2014 at 2:17 PM, Mike Hammett via Af  wrote:

> I have another set of words for BF regarding those..  "deals".
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> 
> 
> 
> 
>
> --
> *From: *"Caleb Knauer via Af" 
> *To: *af@afmug.com
> *Sent: *Tuesday, November 25, 2014 1:00:56 PM
> *Subject: *Re: [AFMUG] ot: may be some interesting listening here in an
> hour
>
> Man I guess I wasn't sticking my tongue into my cheek far enough ;-)
>
> It is kinda interesting the analysis and psychology that goes into the
> BF "deals".
>
> On Tue, Nov 25, 2014 at 1:25 PM, Travis Johnson via Af 
> wrote:
> > It more that the big stores are "technically" in the red until that
> > Friday... then from that Friday forward for the rest of the year is when
> > they make all their profit for the year.
> >
> > Travis
> >
> > On 11/25/2014 11:15 AM, Caleb Knauer via Af wrote:
> >
> > If your books are in the red for every day other than that Friday, your
> > business is bad and you should feel bad.  And you won't see next year.
> >
> > On Tue, Nov 25, 2014 at 12:59 PM, Josh Luthman via Af 
> wrote:
> >>
> >> Black because people doing the books make positive numbers black and
> >> negative numbers red.  Black Friday is when the numbers on the books
> turn
> >> black.
> >>
> >>
> >> Josh Luthman
> >> Office: 937-552-2340
> >> Direct: 937-552-2343
> >> 1100 Wayne St
> >> Suite 1337
> >> Troy, OH 45373
> >>
> >> On Tue, Nov 25, 2014 at 12:44 PM, That One Guy via Af 
> >> wrote:
> >>>
> >>> thats supposedly the first day of the year a business will be in the
> >>> black, at least thats what I was told.
> >>>
> >>> On Tue, Nov 25, 2014 at 10:54 AM, James Howard via Af 
> >>> wrote:
> 
>  It hasn’t been that many years since there were basically mobs at
>  Walmart and other stores when they opened for “Black Friday”.  Does
> anyone
>  know what the actual history of the name is?  I always thought it was
> a
>  reference to the stores trying to increase sales enough to “get in the
>  black” financially for the year.  Is it really a reference to the
> almost mob
>  atmosphere that has occurred over the years?  If so, that is racist.
> Of
>  course just because something is racist doesn’t mean it isn’t true.
> 
> 
> 
>  From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown via
> Af
>  Sent: Tuesday, November 25, 2014 10:40 AM
>  To: af@afmug.com
>  Subject: Re: [AFMUG] ot: may be some interesting listening here in an
>  hour
> 
> 
> 
>  Black Friday... now that is just racist!
> 
> 
> 
>  From: Mathew Howard via Af
> 
>  Sent: Tuesday, November 25, 2014 9:38 AM
> 
>  To: af@afmug.com
> 
>  Subject: Re: [AFMUG] ot: may be some interesting listening here in an
>  hour
> 
> 
> 
>  I saw a comment somewhere last night... "Early Black Friday sale,
>  everything 100% off in Ferguson".
> 
>  
> 
>  From: Af [af-boun...@afmug.com] on behalf of Chuck McCown via Af
>  [af@afmug.com]
>  Sent: Tuesday, November 25, 2014 10:31 AM
> 
> 
>  To: af@afmug.com
>  Subject: Re: [AFMUG] ot: may be some interesting listening here in an
>  hour
> 
>  A good looting is a perfect warm-up exercise for the holiday season.
> 
>  When we ran the Radio Shack, this was the time of the year for break
> ins
>  and burglaries.
> 
>  One time they threw a large rock through the window and were in and
> out
>  in 2 minutes.
> 
>  The next incident happened before we could even get the window fixed.
> 
> 
> 
>  Security cameras satisfied our curiosity as to what happened, but they
>  never helped the cops catch anyone.
> 
> 
> 
>  From: That One Guy via Af
> 
>  Sent: Tuesday, November 25, 2014 9:27 AM
>
> 
>  To: af@afmug.com
> 
>  Subject: Re: [AFMUG] ot: may be some interesting listening here in an
>  hour
> 
> 
> 
>  yes, no questions asked. There were nikes and flat screens in those
>  stores that needed liberated from the oppressors. The news could have
>  ignored it all together and they would have rioted and looted, thats
> who
>  they are, its what they do, kind of like how when we see jobs, we
> take them
>  and d

Re: [AFMUG] [WISPA Members] UBNT equipment - Atlanta

2014-12-29 Thread Matt Hardy via Af 
We do have a top-secret office in Midtown ;)
Mostly development; we don't keep a lot of equipment here though... what do
you need?

On Mon, Dec 29, 2014 at 10:05 AM, Josh Reynolds via Af  wrote:

>  UBNT does actually have an Atlanta office...
>
> and Chicago, Los Angeles, San Diego, Taiwan, and a few other places... :P
>
> josh reynolds :: chief information officer
> spitwspots :: www.spitwspots.com
>
> On 12/28/2014 05:40 PM, Josh Luthman via Af wrote:
>
> Matt lives down there...
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> On Dec 28, 2014 9:32 PM, "Tyson Burris @ Internet Comm. Inc" 
>  wrote:
>
>
>  I need help.  Who here has some UBNT equipment in Atlanta ? Came down to
> my brother in laws.  They moved to another house in Cobb County.  Have a
> three story home with a Belkin.  Wifi sucks.  Will never be able to work
> here !  Doesn't UBNT have a downtown Atlanta office ?
>
> Sent from my iPhone
> ___
> Members mailing 
> listMembers@wispa.orghttp://lists.wispa.org/mailman/listinfo/members
>
>
>