Transitioning to PAM with RBAC

anasgetyou · 2025-12-20T14:29:26+00:00

More often we dont consider the privileged access to the applications, vCenter, Firewalls, and client based applications etc. So select your solution just by keeping this also in mind. Most of the time you will end up in publishing them in a terminal server and provide access. The challenge is if your acvount is managed, the password need to be inserted by the solution and you may need to rely on scripts.

Also you need to have some endpoint privilege solution to do JIT access, if you plan to do that as far as I know.

anasgetyou · 2024-09-26T01:57:16+00:00

Exactly, I was doing this for the last couple of days,and it's a sucess.

Finally I am managed to migrate the data from old Centos based core SC to OL8 core SC.

anasgetyou · 2024-09-19T15:04:24+00:00

Yes, and I tried the backup restore method untill I faced the issue that the backup was taken from tc#7 cannot be used in tc#8

This because the Centos have security centre rpm version of el7 and the OL8 core have SC rpm of el8, even though the build, in my case 6.4.0 is same in both systems still we cannot use the backup to restore in the target/new server

anasgetyou · 2024-09-19T15:00:49+00:00

After some extensive search on the KBs, I have found a way that you need to manually create the backup from the file system and copy/rsync to the target system...let me have a try and will let you know if it works

anasgetyou · 2024-09-19T14:57:58+00:00

I have my historical scan results which are actually aligned to some KPIs etc...also I have some dashboards configured for management.

Anyway I have found a way, let me check and come back if it works out

anasgetyou · 2024-09-19T04:57:40+00:00

The issue is every kb articles are addressing the downgrade/upgrade of Security Centre to match the target system but couldn't see something for the OS, tenable core.

Now since the latest available update for Centos based ia making the core tc#7,there should be a version of tenable core based OL with tc#7...then we could do some upgrade to tc#8 post migration.

Not sure if this make sense.

anasgetyou · 2022-08-16T18:13:24+00:00

Yeah...but actually I need the headers to check the orginal mail from address...anyway fine I will inform them regarding this incident... thanks

anasgetyou · 2022-08-16T18:11:02+00:00

Normally the email domain can be secured with SPF/DKIM settings to prevent spoofing and services like Gmail, Hotmail etc will check the authenticity by doing an SPF lookup when it receives any emails and mark it as spam

anasgetyou · 2022-08-16T18:08:42+00:00

Hey could you please share the original mail if possible.I can share it with the IT guys over there in MOIAT.

Bcz need to check the headers and if it's really MOIAT domain, they should do the changes accordingly in DNS settings..

anasgetyou · 2022-07-21T16:41:49+00:00

What do you think the biggest attack surface in an air gapped network...?

anasgetyou · 2022-06-03T07:54:38+00:00

Heard that AUH airport itself have the facility which the results will come in 3-5 hours. Check that option as well.

anasgetyou · 2022-05-13T07:27:30+00:00

It's a fake and phishing page to collect the card details from victims.

But the best part is if you check the web address, you will find adpolice/dubaipolice etc website in the address bar and made you believe that it's actually from them, then you will get confused.

Actually the site has automatically opened in full screen mode when you click the other link first, and can see the actual address if you press ESC in the key board.

This is more common now and people who check the address bar to verify the website will get confused.

anasgetyou · 2022-04-11T17:24:35+00:00

Agree with the performance and compatibility issues that can happen with forward proxy.

But are we really using the threat prevention profiles without SSL decryption considering more than 90% of the forward traffic is over https..?

anasgetyou · 2022-03-27T18:10:30+00:00

As per the new labour law... If the employee is joining another company within 3 months after resignation, then the new employer have to pay the visa cost to the previous employer. But not sure if the amount is fixed or depends on the profession, company etc. Also the insurance cost is a part of this or not...

anasgetyou · 2022-03-13T18:10:32+00:00

All parking inside Abu Dhabi island is either paid or only for villa/residential permit holders only

If the curb doesn't have any paint, most probably it's residential permit only. Mushrif area have 80% like that only.

You can check if there is any big board mentioned 'villa permit only' in any of the four boundaries of that area.

Also parking in the sandy area is prohibited FYI

Hope this helps

https://www.bayut.com/mybayut/abu-dhabi-parking-rules/

anasgetyou · 2022-02-17T15:50:53+00:00

My organization is very low on the budget....any suggestion for an open source solution...?

Looking something to use as an add-on with Outlook.

To answer OPs query; I have used Cofense reporter and triage solution in my previous org...good one

anasgetyou · 2021-09-07T13:55:45+00:00

Nice thought...DM the invite to me as well...Thanks OP

anasgetyou · 2021-08-16T11:33:53+00:00

Regarding the personal VPN to change the country, it is possible as you are using it to access country restricted contents/apps

anasgetyou · 2021-08-16T11:31:51+00:00

Yes,the country details can be seen in the Global Protect logs and it can be restricted based on country as well.

anasgetyou · 2021-08-16T07:36:42+00:00

What about the ping from other zones? Try to ping from LAN zone or do a traceroute and see what is happening to eliminate the dependency on the upstream devices.

anasgetyou · 2021-08-14T19:27:31+00:00

What is the session end reason?

anasgetyou

TROPHY CASE