OT: HSTS garbage

JasonTheSparky

Member
J
Join Date
Aug 2015
Location
Detroit, MI
Posts
177
Our plant IT gurus are slowly killing off everybody's ability to do anything productive around here, including my ability to search RA's knowledgebase. This has been a problem for awhile now, and lately seems to be getting exponentially worse. I've tried doing some research on the matter, only to find half a million *possibilities*. As I am still learning the ins and outs of intranet security, I would appreciate a gentle shove in right direction 🔨 This problem does not affect me while on home network, or on mobile network. Only on plant wifi. We have other laptops that are company issued that work on way more sites such as Grainger.com (I have issues just loading pictures!) to which I've tried copying/exporting certificates, which didn't help. I know enough to know that I don't know what I'm doing. Any suggestions are much appreciated. 🤞🏻

I fear the day I am locked out of PLCS.net....I think it might just be a matter of time...

HSTS_Problem.JPG
 
There is probably little you can do. They are likely limiting access via their proxy server.

Luckily our IT guys aren't complete tossers and i can just fill out a form and get access. However they can unblock some outgoing ports e.g. VNC.

So all I do is use the hotspot feature on my mobile. Company data plan, problem solved.
 
As saffa said, it is probably related to some proxy. However, they might not be blocking the site, they may "just" be capturing/monitoring the traffic. Proxy software used to be able to get away with removing the encryption or doing a man in the middle attack where they take establish the connection with the site, and then a different connection with you, and forward data from one to the other.

Nowadays websites can basically sign up to say "I require encryption, and this is my certificate", and the browsers automatically track/check that. If the browser sees no encryption or the wrong certificate it won't let you go to the page. It's "for your own good", but super annoying that you can't get around it, especially when it's your own IT that's causing the problem in the first place.
 
I was so fortunate to work for the IT department in my plant. I was a machine control and distribution guy, of course. But a problem with the proxy? No problem. Log onto the DC and give myself access. Need an email released? NP get on the exchange server and do it. Setting up a controls network somewhere? Log onto the switch and configure my ports. I LOVED it.
 
Try changing your network adapter's DNS server settings to use Google's (8.8.8.8 and/or 8.8.4.4). That works in our office, but our IT department is pretty low tech. This method may cause issues with network drives not wanting to connect though.
 
As already suggested, the use of a proxy server restricts users and sites.

Corporate tells us what to totally block. We can white list sites if required (done by my boss) and I can grant user access to the internet. some users we limit the daily amount of data, others have unrestricted .

Why restrict?
workers will look for anything if allowed.
****, guns, fishing, hunting, and the list goes on. You would think they would understand what the term working for someone means. But time has proven otherwise, that is why companies do this.
By restricting access, the change of getting hacked or a virus on the company network is greatly reduced.

I agree with it all, I'm asked all the time to grant access to lots of sites, I tell them it's out of my control. The virus part I will never argue about.
almost 500 infected pc's ! it took 3 of us a week working 18 hour days to kill it!

Here I ware many h, ts as does my coworker.
Electrical engineer, mechanical designer, quotations, requisitions, IS/IT, administrators.
regards,
james
 
Last edited:
Time to write a memo to your boss stating you need Rockwell open to do your job and support production to avoid downtime. Then copy the head of IT and production. Write it as IT blocking this site could cause downtime. That always seem to get their attention.
 
I know of a factory where controls engineers and electricians were having similar issues with IT.

Someone got into the IT offices on 3rd shift and stole all of the mice (mouses?) off of the desks to prove that you need certain tools to do the job. IT did not react well.
 
dogleg43 said:
I know of a factory where controls engineers and electricians were having similar issues with IT.

Someone got into the IT offices on 3rd shift and stole all of the mice (mouses?) off of the desks to prove that you need certain tools to do the job. IT did not react well.
Click to expand...

Love it!:ROFLMAO:

a friend of mine works for a County IT. Sometimes they will swap wireless mice and watch the havoc...
 

Similar Topics

A
Reading text file with Asian fonts in Codesys results in garbage
Hello. I have a problem which may be common in this part of the world. My CoDeSys program reads data from a text file that I generate from the...
Replies
10
Views
2,445
AlfredoQuintero
A
V
RS232 ASCII Works in HyperTerminal but Garbage Data with CompactLogix
Hello, I am trying to communicate with a resistance tester that will allow me to read the current resistance being tested via RS232. In order to...
2
Replies
16
Views
12,698
vv1s34ss
V
M
RS-232 garbage due to pinout?
I am trying to make a Symbol LS4208 BC scanner talk to a Micrologix 1500 LSP through the Ch0 port via ASCII protocol. I have verified the output...
Replies
7
Views
3,520
mordred
mordred
R
String files filing up with garbage????
I am currently working with a Compactlogix and I am trying to get a barcode scan into a string file to be compared by another barcode scan later...
Replies
9
Views
3,170
rdugan
R
Back
Top Bottom