- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Did y’all hear where the EMS security log was flooded with login query attempts?
Posted on 7/15/21 at 2:38 pm
Posted on 7/15/21 at 2:38 pm
I found that interesting when listening to the AZ hearing this afternoon. The Windows security log on a critical server used by the Maricopa county board of elections allows 20meg of storage to track login information. This login information is FIFO so once the memory allocated hits 20 meg the first login data is deleted to keep memory free for current login information. The security log only went back to 02/05/2021….why is that important? Obviously it’s important because the auditors couldn’t determine who was accessing the server just before the 2020 GE and just after the 2020 GE.
So rather than wiping the security log which would have been a flaming red flag they instead flooded the server with login queries/ attempts to overwrite the 20 meg memory allocation. In one day there was 37k attempted logins, in all likelihood it was a script designed to prevent anyone from seeing login information from the 2020 election.
So rather than wiping the security log which would have been a flaming red flag they instead flooded the server with login queries/ attempts to overwrite the 20 meg memory allocation. In one day there was 37k attempted logins, in all likelihood it was a script designed to prevent anyone from seeing login information from the 2020 election.
7
Posted on 7/15/21 at 2:40 pm to Bass Tiger
Easy, find who did it. If it's a program, it will be isolated with few ppl.
Posted on 7/15/21 at 2:42 pm to Bass Tiger
quote:
So rather than wiping the security log which would have been a flaming red flag they instead flooded the server with login queries/ attempts to overwrite the 20 meg memory allocation. In one day there was 37k attempted logins, in all likelihood it was a script designed to prevent anyone from seeing login information from the 2020 election.
That hearing had even more fraud and cheating identified than i could have expected and I'm of the belief it was totally stolen. The lengths the filth went to pull this off is massive. And to top it off, they don't care because they know nothing will happen.
Posted on 7/15/21 at 2:42 pm to Bass Tiger
But they also mentioned the log events could be retrieved from a splunk server, so they are storing logs remotely and then using splunk to parse them.
Good luck getting the county to turn over that info.
Good luck getting the county to turn over that info.
Posted on 7/15/21 at 2:42 pm to Bass Tiger
If I remember correctly, they also logged in with the same password that Dominion set it up with in 2019.
Posted on 7/15/21 at 2:44 pm to dakarx
quote:
But they also mentioned the log events could be retrieved from a splunk server, so they are storing logs remotely and then using splunk to parse them.
Good luck getting the county to turn over that info.
All they need is a list of who has access. The rest will solve itself after.
Posted on 7/15/21 at 2:45 pm to momentoftruth87
quote:
Easy, find who did it. If it's a program, it will be isolated with few ppl.
There was a request from the dudes presenting their audit findings today saying they needed additional access to router logs to determine what MAC was running the script…..that information is no longer on the security log of the server according to the cyber experts.
Posted on 7/15/21 at 2:45 pm to Bass Tiger
Pretty fricky.
Posted on 7/15/21 at 2:45 pm to CDawson
quote:
That hearing had even more fraud and cheating identified than i could have expected
Truth the presenters had to restrain themselves from blatantly stating there was fraud. Many of the items presented had the rebuttal from the senator asking how can you explain why this would be? Only answer was fraud to most of it but couldn’t be outright said so just a smirk and a shoulder hunch. These frickers are caught with their hand in the cookie jar and I can’t wait for the fireworks
Posted on 7/15/21 at 2:47 pm to Pockets
quote:
I remember correctly, they also logged in with the same password that Dominion set it up with in 2019.
Everybody was using the same admin password….frick me! Lol!
What a mess!
Posted on 7/15/21 at 2:50 pm to Bass Tiger
quote:
Everybody was using the same admin password….frick me! Lol!
What a mess!
Ask Solarwinds about that
Posted on 7/15/21 at 2:59 pm to Bass Tiger
If it is a web server, that isn't at all unusual.
Posted on 7/15/21 at 3:01 pm to mmcgrath
quote:
it is a web server, that isn't at all unusual.
Most secure election in history…lol!
Posted on 7/15/21 at 3:01 pm to Pockets
quote:
If I remember correctly, they also logged in with the same password that Dominion set it up with in 2019.
They did. With no updates or security patches since.
Posted on 7/15/21 at 3:02 pm to mmcgrath
For “browse” access? Possibly.
For insert / update / delete access? It would be incredibly stupid to do so.
For insert / update / delete access? It would be incredibly stupid to do so.
Posted on 7/15/21 at 3:09 pm to teke184
quote:
It would be incredibly stupid to do so.
That's the thing about Democrats. The only super smart ones are at the top. The rest are the low IQ people they trick into believing their lies. Those water heads are good and loyal but they are dumb so someone is always gonna have a misplaced decimal or some shite like that.
You guys at the bottom are pretty much the countless henchmen that get defeated by the hero with ease on his way to the boss.
Posted on 7/15/21 at 3:13 pm to Bass Tiger
Maograth...
Posted on 7/15/21 at 3:14 pm to mmcgrath
quote:
If it is a web server, that isn't at all unusual.
Hahahahaha
Posted on 7/15/21 at 3:15 pm to musick
Registration server was breached, he said the registration server was also a jump server. So while the dominion machines may not have been "directly connected" to the internet themselves, the jump server was. A jump server is a server that sits in two networks and acts as a go between, in order to log in to the dominion machines remotely, you first need to log in to the registration server.
The dominion machines didn't have virus updates since 2019, when dominion handed them over. The anti-virus server couldn't call out to the internet, because it wasn't programmed to route through the jump server. A hacker would've had to know the registration server was the go between, in order to get to the network that way. Which he said happened.
Dominion machines sat dormant and not updated since they received them, in 2019.
Dominion used solarwinds
https://nationalfile.com/confirmed-dominion-uses-solarwinds-software-denies-using-software-included-in-devastating-hack/
https://www.thegatewaypundit.com/2020/12/dominion-used-version-solarwinds-orion-platform-provides-backdoor-access-voting-machines/
https://www.reddit.com/r/conspiracy/comments/kdantl/dominion_used_solarwinds_software_the_same/
Solarwinds was breached in January 2019, and the vulnerabilities allowed remote code execution (the 37k query script) and also allowed privilege escalation.
https://www.pcmag.com/news/ceo-solarwinds-attack-dates-back-to-at-least-january-2019
Serv-U was discovered as breached by Chinese hackers in May 2021.
https://us-cert.cisa.gov/ncas/current-activity/2021/07/13/solarwinds-releases-advisory-serv-u-vulnerability
https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/
Solarwinds was used as part of this multifaceted attack on the election.
The dominion machines didn't have virus updates since 2019, when dominion handed them over. The anti-virus server couldn't call out to the internet, because it wasn't programmed to route through the jump server. A hacker would've had to know the registration server was the go between, in order to get to the network that way. Which he said happened.
Dominion machines sat dormant and not updated since they received them, in 2019.
Dominion used solarwinds
https://nationalfile.com/confirmed-dominion-uses-solarwinds-software-denies-using-software-included-in-devastating-hack/
https://www.thegatewaypundit.com/2020/12/dominion-used-version-solarwinds-orion-platform-provides-backdoor-access-voting-machines/
https://www.reddit.com/r/conspiracy/comments/kdantl/dominion_used_solarwinds_software_the_same/
Solarwinds was breached in January 2019, and the vulnerabilities allowed remote code execution (the 37k query script) and also allowed privilege escalation.
https://www.pcmag.com/news/ceo-solarwinds-attack-dates-back-to-at-least-january-2019
Serv-U was discovered as breached by Chinese hackers in May 2021.
https://us-cert.cisa.gov/ncas/current-activity/2021/07/13/solarwinds-releases-advisory-serv-u-vulnerability
https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/
Solarwinds was used as part of this multifaceted attack on the election.
Posted on 7/15/21 at 3:25 pm to ShoeBang
quote:
That's the thing about Democrats. The only super smart ones are at the top. The rest are the low IQ people they trick into believing their lies. Those water heads are good and loyal but they are dumb so someone is always gonna have a misplaced decimal or some shite like that.
You guys at the bottom are pretty much the countless henchmen that get defeated by the hero with ease on his way to the bos
They are called "Useful Idiots", The Marxist and Commies need them.
They are the Assholes that are doing the CCP & Russia's work to destroy the USA from the inside because they know they can't from the outside.
The Grand Poohbah of the Village of Useful Idiots is
Joe Biden.
Definition of useful idiot in English:
useful idiot
NOUN
derogatory Politics
(Originally) a citizen of a non-communist country sympathetic to communism who is regarded (by communists) as naive and susceptible to manipulation for propaganda or other purposes; (more widely) any person similarly manipulable for political purposes.
Page 1 of 2
Popular
Back to top
Follow TigerDroppings for LSU Football News