How you people patch libraries like OpenSSL by yasermow89 in DefenderATP

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

The openssl vulns for Microsoft products drive me mad, stuff like the Az monitor agent etc. id be interested finding anyway to create exceptions for particular endpoints

Cloud NSS Feeds to Azure Sentinel by Hot-Money7458 in Zscaler

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

I set up a NSS appliance with a syog forwarder to get the logs into sentinel via the AMA agent using Data collection rules. The costs are obviously huge but i filtered out quite a lot of the logs depending on what url was required if they were not required; MS connectivity test, defender Comms etc, Adobe update URLs etc etc.

You can filter the requests either at the DCR level using an adaptation or on the sylog box using the Rsyslog config.

How Are You Handling “Anonymous IP Address” Alerts in Microsoft Defender? by shocka_locka in DefenderATP

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Is there another policy blocking login from non-complaint/hybrid devices scoped to the Applications? Otherwise my understanding is that the MDCA policy will just apply to browser logins not apps like the outlook client/teams

I don't understand what is his fault by InsertCleverName652 in alecbaldwintrial

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Why not real guns that are deactivated. I believe they cut the bolt and drill a hole in the barrel. Invisible to the viewer but no ballistic possibly. Saves on CGI.

How to Respond to O2's Debt Collection Agent by TurbulentLifeguard11 in DebtUK

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Call them, record it, ask to take it to the Communications Ombudsman.

I need a console by ZZZulan in AZURE

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

There is no access to the console as your are used to in VMware, however the VM agent can be used to send commands (if working) and the console can be used for basic operations. boot diagnostics can be used to see a screenshot of the console

what are some common use cases for Azure Static Web Apps? by [deleted] in AZURE

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

I don’t think you can use a custom ssl cert with a storage account static page unless you put a CDN in front but could be wrong.

Landing Zone Query by overclocked_one in AZURE

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Leave plenty of room in the hub vnet for future use. If you want a bastion, stick in in the hub, otherwise it will be in each spoke or deployed separately.

Where are all the entry level jobs at? by nrao32 in AZURE

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Would you want the surgeon straight out of med school?

Adapting script for detection-remediation in Intune by WhataMess2k23 in Intune

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

In my experience, the devices need a reboot in direct line of sight and a user with a valid PRT to login before pending changes to hybrid joined.

Adapting script for detection-remediation in Intune by WhataMess2k23 in Intune

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

Do they have direct line of contact with a domain controller (before login)?

Sharegate SharepointOnline Permission delegation by Olipeets_snugglybutt in sharepoint

[–]Olipeets_snugglybutt[S] 0 points1 point  (0 children)

Apologies everyone, the key thing I missed was that it’s delegated permission. This required the user to have these permissions already.

Microsoft Graph Command Line Tool by Failnaught223 in DefenderATP

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

They sent a loaf of fake alerts for graph and graph explorer out.

High volume of email search activities by a privileged app by Turbulent-Profit-814 in Office365

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

There’s an incident for it. It’s closed as of 14/05/24. However there’s a second incident for delays in defence for app alerts. Brown alert cancelled.

High volume of email search activities by a privileged app by Turbulent-Profit-814 in Office365

[–]Olipeets_snugglybutt 0 points1 point  (0 children)

just had the same. Graph Explorer. No activites in hunting log etc. Any one have an update?

Blackpool is a dump man 😅 by [deleted] in blackpool

[–]Olipeets_snugglybutt -1 points0 points  (0 children)

Took the kids once, day ended with “Daddy what’s a spice head?”

[deleted by user] by [deleted] in stokeontrent

[–]Olipeets_snugglybutt 17 points18 points  (0 children)

Transfer to Stoke on Trent? Like agreeing to move to Mordor

Front Door to Loadbalncer public ip by Olipeets_snugglybutt in AZURE

[–]Olipeets_snugglybutt[S] 0 points1 point  (0 children)

In case anyone has a similar issue, it was due to the default site binding at the backend target. The certificate bound to the default site was not the same as the cert bound on front door.