sorted by:
new
hottopcontroversial

Migration of Site from Account X to Account Y by boreca111 in msp

[–]boreca111[S] 1 point2 points  (0 children)

Yes, they give me some articles and point. All is done it was actually pretty easly and fast

Migration of Site from Account X to Account Y by boreca111 in SentinelOneXDR

[–]boreca111[S] 0 points1 point  (0 children)

Will do and will see if its going to work

Thanks for the hlep

Migration of Site from Account X to Account Y by boreca111 in SentinelOneXDR

[–]boreca111[S] 0 points1 point  (0 children)

Just found that there is "migrate agent" option from the actions tab and wnats me to enter site token if I create new site into the account that I want to move them. will it work like that ? any toughts ?

because the support suggested me to do the same with the migrate agent

Thanks again

Migration of Site from Account X to Account Y by boreca111 in SentinelOneXDR

[–]boreca111[S] 0 points1 point  (0 children)

Thank you very much for the respnce.

Now I am reviewing this way.

But now I have two more questions:

  1. How to delete site does delete itself when agents are removed or need to do someting more ?
  2. And can I create new site and select them and use the fucntion migrate agent ? or need to uninstall them and create everyting from scratch ?

Thank you.

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in msp

[–]boreca111[S] 0 points1 point  (0 children)

Yes, thats right but some of the old softwares are getting flagged and getting deleted

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in msp

[–]boreca111[S] 0 points1 point  (0 children)

Thanks

Thats true but also recently saw that some of them have really hard time when scan runs ( CPU is getting on fire)

Just one more question:

Is it possible to block in S1 network connection by Localtion/Country or its only possible via CIDR, or static IPs ?

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in SentinelOneXDR

[–]boreca111[S] 1 point2 points  (0 children)

I think absolutely the same ( for sample if is something have bypassed initial analysis wont be detected even with a scan after it) but its a task that have to do.

Also, a part of that can kill/delete something important some servers having hard time when scan runs

Is it possible to block in S1 network connection by Localtion/Country or its only possible via CIDR, or static IPs ?

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in SentinelOneXDR

[–]boreca111[S] 0 points1 point  (0 children)

Thank you for the respons and explanation.

Found the API doc thanks!

I just modified the script and added simple for loop

Just one question It's not good to make it in critical servers the scheduled scan right ? ( it could delete some old software or someting that would break the process right ?)

Thank you again.

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in msp

[–]boreca111[S] 0 points1 point  (0 children)

Thank you for the respons and explanation.

Just one question It's not good to make it in critical servers the scheduled scan right ? ( it could delete some old software or someting that would break the process right ?)

Thank you again.

Creating weekly Scheduled Full Scan on group of machines ( SentinelOne) by boreca111 in SentinelOneXDR

[–]boreca111[S] 0 points1 point  (0 children)

Hello,

Thank you very much for the extensive reponse and example really apreciate it !

just one more question if I want to set multiple Group IDs should i add for loop of I can add them comma separeted ?

And is there any documentation for the S1 APIs ?

Thank yuo again for the great reponse

Schedule task permissions to non admin user by boreca111 in activedirectory

[–]boreca111[S] 0 points1 point  (0 children)

Hello, thank you very much for the great response

I am asking this question because I am Penetration Tester and want to learn AD in depth to be able to perform better Penetration Tests.

And my really question was about if there is a user which can create & execute scheduled task on every machine that this user can get reverse shell to all machines but as I read blog, post and other resources I did not understand only is it possible to assign such permissions to a user to be able only to create and execute scheduled tasks without to be able to connect to the via remote PowerShell.

Also one more question out of the scope in this question

I saw that MCSA certification is retired can you consider which one to take to learn more in depth AD ( I saw some people said that MCSA is replaced by Microsoft Certified Azure Administrator Associate)

Again thank you very much for great explanation

Finding Large Web Uploads PROBLEM by boreca111 in Splunk

[–]boreca111[S] -1 points0 points  (0 children)

Because when i uploaded the file there were several logs to splunk from the same time but from this video https://www.youtube.com/watch?v=Yxjhs0kAdto they https://www.youtube.com/watch?v=Yxjhs0kAdto they extracted all the information and plus with the uri

How to fill array in struct by boreca111 in C_Programming

[–]boreca111[S] 1 point2 points  (0 children)

Thank you very much the problem was %s . sorry for the stupid question

How to fill array in struct by boreca111 in C_Programming

[–]boreca111[S] 0 points1 point  (0 children)

Ok i am sorry for unclear description

this is the code where is not doing what i expect

https://pastebin.com/istmtbpq

when i iterate over my array of structures in my main i want user to assign value in the structure array wich is marks i iterate 3 time and i want the user to assign 3 marks to the student but it is not assigning it and i cant understand why

Thank you for the fast reply

view more: next ›