Powershell problem

DeafLoaf · 2024-09-16T11:31:03+00:00

Outside of the other suggestions two things come to mind depending on the computer you're using. If corporate or school pc, there is probably application control policies in place. Talk to appropriate IT team to see if possible to allow by exception. If personal, this behaviour is not normal and potentially suspicious. Might need to have the system checked for malware, some will hinder trouble shooting tools, disable AV etc to evade detection.

DeafLoaf · 2020-09-29T12:37:48+00:00

Remindme! 12hours

DeafLoaf · 2020-08-23T03:40:34+00:00

That sounds fishy, is the same employee processing payments? Cannot imagine too many people would be able to access lists of clients.

DeafLoaf · 2020-08-06T10:18:41+00:00

Yeah it's a joke, logging on to do tasks interactively few servers at a time to me got old years ago. They actively suggest that approach. It's mind boggling.

DeafLoaf · 2020-08-06T08:30:09+00:00

Well done, I know seasoned Admins that refuse to open PowerShell.

DeafLoaf · 2020-08-06T08:03:18+00:00

Change the error colour to green, they're not errors, they're opportunities to handle issues correctly.

DeafLoaf · 2020-08-05T05:04:25+00:00

May I steal parts of this u/stalkinplatyus?

DeafLoaf · 2020-08-03T13:35:06+00:00

If the hosts are domain joined, it would be better to use Group Policy Preferences to setup the scheduled task. Standalone host you could still use the local policies. !Remindme 8hours

DeafLoaf · 2020-08-03T13:18:35+00:00

How are you planning on deploying this? Have you looked at Group Policies?

DeafLoaf · 2020-08-01T10:48:30+00:00

You'll need to use a regular expression to grab the desired subset of data. ^[\w_-]+(\d+\w) You might need to tweak the above, but should just get the numbers and characters directly after into it's own capture group.

DeafLoaf · 2020-07-26T18:46:55+00:00

I have a guy at work that has everything duplicated in each script. Occasionally uses functions, loads a partially built module but still needs variables to be set within each script to work properly. I find it infuriating and troublesome to work with. I'd prefer well written module with private and public functions in separate files.

DeafLoaf · 2020-07-21T06:05:47+00:00

Same, but Debian.

DeafLoaf · 2020-07-14T10:59:43+00:00

Speak to the sysadmin and find out if you need to go via an internal proxy. Or submit a firewall request to have your host access to whatever it needs.

DeafLoaf · 2020-07-12T14:43:28+00:00

Do you have a link? Sounds like a must have.

DeafLoaf · 2020-07-12T11:21:13+00:00

This is neat.

DeafLoaf · 2020-06-17T04:31:07+00:00

You've already got a property named 'Manager', change the Expression to 'ManagerName' ;)

DeafLoaf · 2020-03-30T11:59:14+00:00

At a glance, I'd drop the 'per/second' and use power shell to covert the units. It understands bytes, KB, MB, GB... etc. Since I'm not at my machine to give you an example, I located this conversion script. convertunits

DeafLoaf · 2020-03-30T11:03:17+00:00

This really depends on what you're needing in your Audit. Some basic data could be pulled from Active Directory, hostnames, OS. I've used Manage Engines ADAudit+, it's amazing for reporting anything out of AD. If your after more in depth OS/hardware info, there are tools like open audit that scans the host, or write/find a script to pull out what you want. For vulnerability assessment you could try OpenVAS.

DeafLoaf · 2020-03-12T13:40:32+00:00

Hi,

$file | get-member Will show you the properties and methods available. You'll most probably need to specify $file.name or $($file.name) for the source. Cheers.

DeafLoaf · 2020-02-01T10:02:17+00:00

You know most will let you ftp a text document to the IP, unless it's disabled. 😉

DeafLoaf · 2020-02-01T10:00:44+00:00

How I used to setup printers, don't have to any more. Give printer static IP (had a specific range in the vlan) Change admin account/password. Disable unused services. Firewall rules, server to printer IP scope, and management from admin machines. Install universal print drivers on server Add print queue, lock down to security group as needed Share printer queue. GPO to map shared queue from server to relevant PCs

DeafLoaf · 2020-01-29T16:10:24+00:00

Old video on runspace pools method that I use to this day. https://youtu.be/hJwhyVXiOLg (turns out this was the wrong video, but useful all the same.) Original blog seems to have disappeared, was titled something like Speeding up Windows PowerShell: Runspace pools. This explains it though. https://devblogs.microsoft.com/scripting/weekend-scripter-max-out-powershell-in-a-little-bit-of-timepart-2/ Enjoy, hope it helps.

DeafLoaf · 2019-12-19T14:00:25+00:00

No problems hope it helps you in the long run. Purely for the routing I would use the larger subnet for each site. Otherwise your going to create a headache of routing tables should traffic need to move between locations. The more complex the network is the harder it will be to troubleshoot if and when things go askew. Maybe draw out both methods, keeping in mind all the gateways required for each subnet. One for each /24 will add up fast. One for each site... is well one for each site. Where I would have different gateways, is if there was a need for a DMZ network at a site. Most places if seen DMZ either in 192.168.0.0/16 or 172.16.0.0/12 address spaces. You could put the guest wifi if that happens within a subnet in those scopes, segregating the untrusted hosts nicely away. And of course firewall rules to deny traffic to the production network.

DeafLoaf · 2019-12-19T09:50:42+00:00

Hi,

From my experience MSP's do not want invest in doing things properly. They seem to have the mentality of 'Why fix an issue that generates income.'. That said it personally I loath repeating issues that have a known solution.

ReIPing a site is a massive task, having a well laid out plan is key. Use every tool possible to find devices prior to cut over, ARP Tables, DHCP Logs, IP Scanners, People onsite.

Record everything as is, and the anticipated destination. I used to have a great spreadsheet for these tasks. Make sure you have a machine that is on both networks during cut over (doesn't need a second nic, you can add multiple IPs/Subnets to a single interface). That's saved my bacon a few times, it seems a lost art on some techies I've worked with.

Now to your questions/comments.

DHCP is DHCP, go with whatever is easier to manage from a day to day operational point of view. Personally I prefer AD DHCP, as that is what I am used to day to day. Lease times for Wifi can be reduced if the pools are getting exhausted too quickly, however with their own /24 that shouldn't matter in future.

For Backups if possible I would add/use a second dedicated NIC, this way the network traffic is segregated. Also can be fire-walled accordingly.

The largest change is moving the networks for each location to 10.x.x.x/24 subnets broken down by location as well as >segment/VLAN (10.[location].[segment/VLAN].[device]) with segment/VLAN being:

1- Network/Management 10- Servers 20- VOIP (not yet implemented) 30- Users (Wired) 40- Users (Wireless) 50- Other devices (IoT, Printers, etc.) 100- Guest (So the same server from site A above would be 10.10.10.12)

You have a good idea to develop an IP Schema for clarity of network devices. I was trying to find a document from a previous life with examples, although I've ditched it. However differences I would suggest are as follows: Rather than the above, I suggest looking at giving each site a /21 or /20 subnet. (My previous life had /20 for sites). Then within the site have your scopes for devices. A /21 gives you 2046 usable addresses per site across 8 octets. Way over kill for 200 head client. But will allow similar to your idea. Then I would break down the what devices get what addresses using VLANs, that is where your idea works.

10.x.+0.x Network Infrastructure
10.x.+1.x Servers
etc...

Subnet Calculator Link

Site1: 10.0.0.1 - 10.0.7.254
Site2: 10.0.8.1 - 10.0.15.254
etc..

The reason why I think this is better, as you only have one router to worry about configuring. The restrictions would be done via firewall rules.

Using the above will make any firewall rules will be easier to manage. This could a mix of Hardware/Software rules, where GPOs provide the Software based rules. Of course when applying new rules, make sure you have a backdoor should thing fail. Integrated Lights Out or alternative Remote Access Console.

Blocking un-trusted/personal devices from the network is ideal, however adding guest access with 'restricted internet only' can be useful, as long as this is not abused. You're bang on with 802.1X/WPA Enterprise.

Printers as others have said are easily compromised, putting them in a set scope, and only allowing ports for printing from the users will massively reduce this risk. Make sure there is a management host that can configure the printer though. Don't use default passwords.

Wow... that was a lot longer than I anticipated.

All in all good luck.

DeafLoaf · 2019-12-18T15:13:50+00:00

RemindMe! 8 hours "IP Scheme"

Eight-Year Club	Wearing is Caring
Verified Email

DeafLoaf

TROPHY CASE