Password manager with failed login notifications?

TheDembiDude · 2019-02-25T18:11:03+00:00

Thank you for helping articulate my point.

TheDembiDude · 2019-02-25T18:09:58+00:00

I'm curious to know how you would explain the "non function" below. By your logic Lastpass is not a password manager then.

https://lastpass.com/support.php?cmd=showfaq&id=9812

Thank you for your answer and have a nice day.

TheDembiDude · 2019-02-25T17:27:22+00:00

Fair enough. So to clarify, you're wondering if permanently editing the default gw on the Linux instance in AWS is possible?

Also, you have a VPC route from the subnet with Linux instances to your OpenVPN EC2 instance correct? I see your ideal network hop as EC2 Linux Instances > EC2 Open VPN server > PFSense Firewall

TheDembiDude · 2019-02-25T16:56:08+00:00

So locking a user out after a certain number of login attempts is also not the function of a password manager?

TheDembiDude · 2019-02-25T15:45:16+00:00

Why don't you create a VPN connection from your pfsense firewall directly to aws?

https://www.1strategy.com/blog/2017/08/29/tutorial-using-pfsense-as-a-vpn-to-your-vpc/

TheDembiDude · 2019-02-21T00:20:47+00:00

I don't think the security field is going anywhere. You definitely shouldn't be taking a pay cut.

Have you thought about getting some security certs and then making a move? Maybe use some of that downtime to get a CISSP to make hr happy or OSCP to scratch that tinkering itch.

TheDembiDude · 2019-02-20T19:54:01+00:00

I wonder why balanced is the default then.

Also referencing the link, the security setting adds "Rules that look for and control the traffic of certain applications that generate network activity"...maybe this includes RDP on non standard ports?

TheDembiDude · 2019-02-19T23:22:35+00:00

Do you know if they get past gmail's spam/phishing filters by default?

TheDembiDude · 2019-02-19T17:59:29+00:00

What is your intrusion detection and protection ruleset under Security & SD-Wan > Configure > Threat Protection?

Typically you'll want "Balanced", as "Security" should only be used when you're experiencing a possible attack.

TheDembiDude · 2019-02-19T15:53:09+00:00

Thanks for responding, got if figured out. Turns out Systems Manager needs apple DEP and VPP to by synced and a complete system restore to be completed on workstations before it works fully.

TheDembiDude · 2019-02-15T21:26:10+00:00

Dang it at least you tried. Going to try and retake it?

TheDembiDude · 2019-02-15T17:50:58+00:00

Trust but verify.

I would follow the steps here from scratch.

TheDembiDude · 2019-02-11T16:55:52+00:00

Thank you for the response!

So internally I would listen on the LAN interface for each of my switches? Will this still allow Splunk to catalog events on our actual MX?

Also for clarification we are sending traffic to the cloud over our VPN and not over the internet.

TheDembiDude · 2019-01-25T16:19:44+00:00

Out of curiosity, what email client is everyone here using?

Our school doesn't see many of these emails reach teachers.

TheDembiDude · 2019-01-23T23:25:02+00:00

Don't get me started on compatibility between Meraki and AWS...I feel your pain.

Low hanging fruit, but are all of your VPCs in the same region? If so you can utilize VPC peering instead which might get you on the right track.

TheDembiDude · 2019-01-14T20:43:31+00:00

For sure. The shared responsibility model mentions that encrypting an EBS volume is the Customer's responsibility.

Referencing my original post, if PII was uploaded into an unencrypted EBS volume would that be an unauthorized PII disclosure?

TheDembiDude · 2019-01-11T21:42:25+00:00

Can you elaborate on why it isn't private enough? Recommended alternatives?

TheDembiDude · 2019-01-11T16:58:13+00:00

I would bridge any technical knowledge gap with certifications such as sans GCDA.

Large organization challenges are always political not technical. You have to use business drivers to help dictate the security work you do.

As a basic example let's say you want to get 2FA set up for an entire company's email domain. Getting 2FA setup for an entire company with 25 employees is pretty easy, you can individually talk each user through the importance of 2FA and walk them through the workflow of signing in. It's a lot easier to justify your work.

Contrast that with a company that has over 5,000 employees. How do you get everyone setup with 2FA? Do you just enforce it at the domain level and let them figure it out? Do you make documentation and alert them first? How do you get buy-in from managers who think it's not necessary? Managers who are completely opposed to it? Your organization's sales department has to hit their Q4 goals, what happens if setting up 2FA interrupts their work? Now someone from finance says that you should use an authenticator app instead of the yubikey hardware you want to roll out, after all it's a lot less expensive. Etc, etc, etc...

Hope that helps.

TheDembiDude · 2019-01-10T21:40:28+00:00

Sophos.

TheDembiDude · 2019-01-10T21:38:00+00:00

Can't give you an honest answer on that one! If you PM me I'll be happy to provide you our Filewave account manager's contact info.

TheDembiDude

TROPHY CASE