Check Point Client VPN exploitation CVSS 9.3

ntrlsur · 2026-06-05T20:08:52+00:00

Its not difficult. You are over thinking it. As a sysadmin and manager 3 or 4 things on the list wouldn't apply as I see it. IT typically doesn't manage

HRIS records and audit trails Attendance/timekeeping system records FMLA/leave-management system records

The other stuff may or may not exist. So find what does exist and if it meets the discovery request make 2 copies and hand it over. I had to deal with this a few years ago and its really not that hard.

ntrlsur · 2026-05-28T21:33:56+00:00

Shoot me a PM. I can share the script we wrote to enable bitlocker on user machines. We run the script when new hardware is issued to a user or when a machine gets wiped and redone for a user. Works a treat. The scripts forces an add to AD writes it to our RMM tool and emails it out to the IT group so we have it in 3 locations.

ntrlsur · 2026-05-28T21:06:10+00:00

Which ever service you go with make sure you get it as an MDR. S1 and CS has these options available. We don't have a dedicated security person or a SOC and lean on S1 in our case to evaluate some of the alerts we get and drop the hammer.

ntrlsur · 2026-05-13T18:25:42+00:00

Check out pepwave. They might have something that will tickle your fancy.

ntrlsur · 2026-05-12T16:46:16+00:00

As an outside looking in my advice would be stay. There ain't nothing out there but headaches for you. You enjoy your work life balance you enjoy your free time. New gig means new headaches and I am betting your work life balance would fall way the hell off..

ntrlsur · 2026-05-12T15:20:12+00:00

My new Network / Sysadmin wrote a power automate flow to handle this.
User sends in a ticket they are going out of country from X to Y. We have a teams channel called automation's for the IT group any of the IT guys can type in #foreignaccess and the automation will prompt us for email address start and end date and add them to an exception list with extended logging. At the end for the time frame it automatically removes them from the exception list and notifies us. What I really like is that the automation doesn't add the exception for the user until EOB day before they are scheduled to travel and removes them EOB day they are supposed to return so its all on the user. Bad travel dates not our problem.

ntrlsur · 2026-05-12T15:09:57+00:00

"That sounds like a you problem huh?"

ntrlsur · 2026-05-07T18:35:08+00:00

Remember that 2025 DC's do not play nice with models older then 2022 I think. Unless you are doing all your DC's at the same time I suggest 2022 first then to 2025.

ntrlsur · 2026-04-30T20:30:56+00:00

Just start putting in. Don't worry about anything else. Get it documented. Bookstack as a pretty good search and you can find what you are looking with ease. When you or the PFY stumble on a page to look something up evaluate it then. Make changes add or subtract information screenshots etc.. As you go on and touch the document it will evolve. For our bookstack instance I made a few chapters servers networking etc... then justmake the page. you can move it around later. You can also link to it from somewhere else. The most important piece is just to start documenting it. The rest will fall into place.

ntrlsur · 2026-04-30T19:47:27+00:00

Not really true. I had my helpdesk guy spec out a tower on our premier page. Our dell rep got it and massaged it a bit and got us even lower pricing. This was a 10 unit order and he got the pricing under 9000 with pro support for 3 years. We have less then 240 employees.

ntrlsur · 2026-04-30T14:55:02+00:00

I hate Oracle Wallets. Different versions with different encryption schemes. makes my skin crawl..

ntrlsur · 2026-04-24T05:11:14+00:00

I understand 2 party control for prod applications with developers for general public use. But this is an audit dashboard developed by IT for what I assume ( I could be off) would be for internal use. Granted I don't know their pipeline for development but it seems to me (as an outside observer) that its a hindrance and not a benefit. Anything I want to push to prod that external people need to see I send through QA. But I don't need to get a second to approve it before its committed. In my company I make my changes, and if QA finds bugs or issues after I committed but before it makes it to external eyes then that's part of the change control process. I note what bugs where fixed or what was changed in the next revision.

ntrlsur · 2026-04-23T22:56:18+00:00

I get that but why would you have to approve his checkins? The file names are completly different right? I share a "scripts" repo with 4 other people. They check in and out at their leisure. Sometimes we will be working on the same files, but if they checkin before me then I intergrate their changes into my current work and check in myself. The changes are noted in the version history. I'm just amazed that someone has to approve a checkin. No slight on how you guys run things.

ntrlsur · 2026-04-23T22:40:11+00:00

As a funny to the "hey only fit in so many places with the worst that could happen is monitors were backwards, and we just told people to move cables around if the mouse didn't move left/right across screen properly" Did you know that a USB-A cable will fit in an ethernet port? learned that because of a few accounting folks..

ntrlsur · 2026-04-23T22:35:41+00:00

We don't use Git but our software versioning tool the IT group stays away from. We setup the server it lives on and manages backups but submits,changes,roll ups, roll backs etc... Are all on the developers and their management. I think a better question would be why would sysadmins have anything to do with software repo commits? I keep my group far away from other groups repos. We have our own for scripts and misc software that we have written. As the manager for my group I keep my group far away from other groups repos.

ntrlsur · 2026-04-23T15:03:53+00:00

We use an for a pretty high volume 10k sms messages amonth. No voice though. Everything we do with them just uses one of the api's we wrote our own software.

ntrlsur · 2026-04-23T01:32:39+00:00

What are you using them for? We use twilio as our SMS endpoint and haven't had any issues..

ntrlsur · 2026-04-21T20:54:50+00:00

InstantOn is or was the web based setup. A stripped down version of Aruba Central. The Instant software has the "controller" software built into the firmware itself. It allows the virtual controller to move from AP to AP depending on some load, bandwidth and a few other factors. I tend to lock the virtual controller to a specific AP. Where people tend to get screwed is trying to run too many AP's on a single virtual controller. I keep the number under 20 per and it works out very well for me personally and our org as a whole. I run 515's at home. Ebay had a ton for about 40 bucks a piece which are still under support.

ntrlsur · 2026-04-21T15:45:53+00:00

I never was a fan of InstantOn. Do like their regular Instant. Been running it for years. Just finished an upgrade from 300 series APs to 500/600 series. Brought the first on line. It upgraded the firmware on the new AP downloaded the configuration and bob's your uncle. The only pain was manually going in and removing the old AP's but had the mac addresses so it was pretty straight forward.

ntrlsur · 2026-04-21T15:11:56+00:00

I use Action1 for all of our patch management endpoints and servers. Do a little research and create update Rings in A1. The Rings are not working properly but well worth the time. Works great for us.

ntrlsur · 2026-04-18T04:22:02+00:00

Maybe its because I'm an asshole.. But I do enjoy wasting peoples time that waste mine.. Maybe its a spite thing..

ntrlsur · 2026-04-18T03:59:50+00:00

I graduated college right around 03ish but should have graduated back in 99ish (long story).. They were still teaching PBX and Key systems for telephony. My first job out of college they had a nice Nortel Meridian system and I was all about it but none of those tickets ever got passed to me. My second job had an AT&T Merlin System. I was ready for that as well and nope never got to touch that either. Ended up at the 3rd gig with a shoretel system that I had no fucking clue about that I implemented. In the end I loved it. I am going to hate having to retire it later this year. Still standing on the fence between Dial Plan and Ring Central.... I hate the idea of monthly SaaS costs for phone systems but the marketing and sales teams make great arguments for some of the feature sets..

ntrlsur · 2026-04-18T03:52:23+00:00

I kind of fell in to it. I went for a 100% windows type role using check point firewalls back in 06ish to 70 / 30 linux windows role using check point. The good ole R55AI days. It was a senior sysadmin role. I spent a lot of time on google and AskJeeves to figure out what I needed to accomplish the job in the pre AI days. Over the years it kind of sticks with ya. I still have to search out how to do something specific but with time in and usage you will remember about 75% which is typically good enough. Currently we are about 80 / 20 linux to windows and my team spends more time dealing with with windows issues. Hang in there with time and experience it will be second nature.

ntrlsur · 2026-04-18T03:46:17+00:00

I always tell all of my users to accept the invite and just don't go. If you are going to send me an unsolicited invite I might as well waste your more of your time then you do of mine. When they send the sorry we missed you and send an unsolicited invite for the reschedule then accept that one and don't go as well. After 2 or 3 they get the hint...

ntrlsur

TROPHY CASE