Ah ouais, la fameuse erreur HTTP inconnue.

#Stormshield #vismaviededirtech #vismaviedetech

@Kaliah It was bad here around the same time, here in IA. Local radio station was playing an extended weather report thing for a bit, and I don't know how many of those emergency warnings with the beeps and TTSes came across the radio, nor just how many times my #StormShield app was blowing up at me. and the weather itself really only got intense for us for a short time.

Suite à sa reprise par la Cybergrange, le Shadok cherche un·e admin réseau. Il y a un firewall #Stormshield derrière une livebox pro, plusieurs switchs, plusieurs réseaux locaux, des antennes wifi, de la vidéosurveillance et d’autres systèmes de sécurité (notamment Castel).

Si vous avez les compétences requises, n’hésitez pas à écrire à Jérôme : jerome.tricomi [at] cybergrange.eu

#Strasbourg #jeproposeunjob #adminreseau #SNS

And if you ignore the doc and configure 0.0.0.0/0 as local and remote selectors on the #stormshield, it will try to put all traffic through the tunnel and you've essentially bricked your firewall (been there, done that, on a test VM fortunately)...

#neteng #ipsec

How will this work with such SAs you ask ? Well if, on the #stormshield router, you add a route towards the remote end of the tunnel, it will happily send encrypted traffic ! Which will be dropped by the Linux end because it does not match any xfrm policy !

In other words, a Stormshield will ask to narrow the IPSEC selectors to a point they are useless and then ... ignore them !

#neteng #ipsec

Currently setting up IPSEC tunnels in VTI mode and I have to say... WTF #Stormshield? Are you drunk ?

Usually, traffic selectors negotiated in VTI mode are 0.0.0.0/0, and only traffic routed through virtual ifaces are fed to these policies (this is achieved with marks in linux).

But the Stormshield doc recommends setting up only the interco IPs as selectors, and a classic Strongswan install will happily "narrow" the selectors from the conf'ed 0.0.0.0/0s down to these two /32s.

#neteng #ipsec

I tried an experiment tonight. I put a screenshot of a #Stormshield map into #BeMyAI, and I’d say I got some pretty decent interpretation. #Accessibility #Weather #QuadCities #storms #WeatherRadar
https://share.bemyeyes.com/chat/DFquHwCzKq

Is there an attack actually on #stormshield security appliances ?

I see multiple customers having multiple SSL vpn connections initiated from the same IPs in the logs (South Africa), with an "undef" user. The port column gets bugged too.

Different versions of appliances but same thing on different customers

ping @Nasher

@Shanitoba I’m hoping it misses us, too early #StormShield

@Shanitoba Nowhere near what was predicted. The #Winnipeg #StormShield holds!

A casinha da árvore p as crianças da cidade 🥰

#stormshield #ternbicycles #cargobike #bicicleta #boschebike #ebike #bosch #lisboa #portugal

Хакеры похитили исходный код у французской ИБ-фирмы Stormshield #Stormshield, #взлом, #Франция https://t.co/zHwxDZZFCw https://t.co/159XlkCVhl

Источник: https://twitter.com/SecurityLabnews/status/1357587276176494592

(🇫🇷) Incident de sécurité chez #Stormshield https://www.ssi.gouv.fr/actualite/incident-de-securite-chez-stormshield/

#ANSSI @ANSSI@mastodon.etalab.gouv.fr