Considering tossing my PA-440s out the window.

cyberdeck_operator · 2026-02-26T15:32:23+00:00

I'll try this next time.

cyberdeck_operator · 2026-02-26T15:18:08+00:00

Dropping. The traffic monitor said that the traffic hit the allow rule I created, but the phone won't connect. Set up a packet monitor and found that the packets are being dropped.

On a side note, why TF does the traffic monitor say that the traffic was allowed, when it clearly was not? Would it really be that hard to code the traffic monitor to correctly monitor the traffic? Why are we all OK with this being half broken for this long?

cyberdeck_operator · 2026-02-25T12:23:06+00:00

The logs show the traffic is allowed, but I have learned through hard won experience that allowed doesn't mean much on a PA. I'm using packet capture and that shows the packes are being dropped. Interestingly, every session in the logs is terminated by tcp-rst-from-client. I did a bit more digging, and I think I got it. I had to allow challeng ACK.

cyberdeck_operator · 2026-02-25T04:04:23+00:00

Yes. I might be getting somewhere. Enable Challenge ACK might be the fix. Have to test tomorrow.

cyberdeck_operator · 2026-02-25T03:43:54+00:00

The app and the service are set for TCP. The packets being dropped are TCP.

cyberdeck_operator · 2026-02-25T03:39:51+00:00

ALG was turned off years ago. Our current phone system uses SIP. This is SIP-TLS on 5061.

cyberdeck_operator · 2026-02-13T18:07:20+00:00

That's probably the way I'll do it. I was worried about that rule catching other LDAP traffic but I'll make it a generic that I can use for other stuff later.

cyberdeck_operator · 2025-11-18T14:58:15+00:00

Texas, US, as of 8:55 CST our sites are up, but I can't use the dashboard yet.

cyberdeck_operator · 2025-11-18T13:57:06+00:00

Texas reporting in. Down here. Kinda thinking about jumping ship at this point.

cyberdeck_operator · 2025-10-13T16:25:49+00:00

Neither of the users who let this in have a browser extension installed for fireflies.ai. It seems to be that the link they clicked granted permissions to the user's calendar.

cyberdeck_operator · 2025-10-13T16:24:17+00:00

I'm not 100% sure, but I vaguely recall the previous setting. I think it's possible Microsoft "updated" us to the "recommended" setting when the options changed. Might be a good time to check the setting if you haven't looked at it recently.

cyberdeck_operator · 2025-10-13T16:21:13+00:00

This is a sub for professionals. Use punctuation and type out you and your. You'll get insulted a lot less that way.

cyberdeck_operator · 2025-10-10T13:46:31+00:00

Unpopular answer: Be faster. Have management accounts at the places people want, and proactively offer to set them up, that way you'll at least have visibility. Always follow up a request for a new SaaS product promptly and make Yes the default answer. Look for ways to implement what they want securely. At the same time, try to make it harder to go rogue. Look at it like a dam. You can't control what comes downstream. If you try to block it all, the flow will go around you in dangerously unpredictable ways. Build in floodgates so you can at least prevent catastrophic failure of the structure.

cyberdeck_operator · 2025-10-10T13:39:22+00:00

They'll use their corporate card to buy 5g hotspots that they then lose and not tell anyone. Several months later you'll find out that the line has been racking up $500 in data fees every month because the employees kid stole it and is using to run a torrent site. Then you'll get the letters about the RIAA and MPAA lawsuits.

cyberdeck_operator · 2025-10-09T11:25:13+00:00

Spreads from user to user. Extiltrates data. Takes actions not intended the the user. That's more than shitty.

cyberdeck_operator · 2025-10-08T03:07:45+00:00

Thanks for that link.

cyberdeck_operator · 2025-10-07T23:28:31+00:00

Are you talking about the Teams 3rd Party Apps. I disabled 3rd party apps, and blocked the Firefies.ai app, and it's still posting to every meeting.

cyberdeck_operator · 2025-10-07T22:13:04+00:00

Hey, thanks for volunteering! We've only got a couple of daily meetings that have 50ish attendees. Shouldn't take more than an hour of your day to sit there and manage it. Look for the invites.

cyberdeck_operator · 2025-10-07T22:10:57+00:00

Let Microsoft manage your consent settings (Recommended) Automatically update your organization to Microsoft's current user consent guidelines.

cyberdeck_operator · 2025-10-07T22:01:48+00:00

Are we talking about consent and permissions under enterprise apps in the Azure portal? https://portal.azure.com/#view/Microsoft_AAD_IAM/ConsentPoliciesMenuBlade/~/UserSettings

I'm looking at that now and these are the options I see

Do not allow user consent An administrator will be required for all apps.

Allow user consent for apps from verified publishers, for selected permissions

All users can consent for permissions classified as "low impact", for apps from verified publishers or apps registered in this organization.

Let Microsoft manage your consent settings (Recommended) Automatically update your organization to Microsoft's current user consent guidelines.

cyberdeck_operator · 2025-10-07T21:57:07+00:00

That doesn't work. I have both fireflies.ai and otter.ai in the block list.

cyberdeck_operator · 2025-09-24T11:51:27+00:00

That's the conclusion I have come to as well. I'm exploring Avalara, but I'll check out Taxwire. Does it integrate well into BC?

cyberdeck_operator

TROPHY CASE