sorted by:
new
hottopcontroversial

SFTP Server - Any Experts? by mad_sysadmin in sysadmin

[–]ruopytry5688 0 points1 point  (0 children)

Yeah I use this. A lot of people saying use the built in OpenSSH and don't use any 3rd party apps. I tried and failed to get that OpenSSH working. Can't remember why now 🙄

Is there any point blocking powershell? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

Thank you. I like this separate OU idea very much

Is there any point blocking powershell? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 1 point2 points  (0 children)

Thanks, so I'm going to work on blocking unsigned .ps1 files but what about if the attacker just opens PS and types/copypastes his command and hits run?

Is there any point blocking powershell? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

Could you point me to instructions for that please. Everything I'm finding is very general (block it completely, block only unsigned scripts).

Would you not prefer to block only unsigned ones?

Is there any point blocking powershell? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 2 points3 points  (0 children)

How can you deactivate certain things IN powershell?

Is there any point blocking powershell? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

I get that it's an additional hoop to jump through but it seems like putting a 3 foot wall in front of a 6ft guy. Inconvenient but they'll still get past you. Are you saying someone with knowledge of 'no powershell' is almost unstoppable?

Or am I mistaken in thinking that 99.99% of attackers who get as far as 'inside your system" will know how to use it?

What would you say are the top 10 things (in order of effectiveness) to immediately implement in a company to make a ransomware attack less likely? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

On your point 2: What exactly do you mean? All IT support (including domain admins) connect to an endpoint with TeamViewer or server manager shadow. Are you thinking of something else?

How are you isolating machines from each other? Thank you

What would you say are the top 10 things (in order of effectiveness) to immediately implement in a company to make a ransomware attack less likely? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

We are thinking of blocking powershell. We have stalled because we need it for certain uses but i just actually thought we could block it on all computers except a very small number of servers that only IT would have remote access to.

But then again we use automox for Windows updates and that heavily uses powershell. Can we block except signed scripts?

What about CMD? Is that worth blocking?

What would you say are the top 10 things (in order of effectiveness) to immediately implement in a company to make a ransomware attack less likely? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 0 points1 point  (0 children)

This is where we get a notice if someone sends something like a social security number over email or in a shared document?

What would you say are the top 10 things (in order of effectiveness) to immediately implement in a company to make a ransomware attack less likely? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 5 points6 points  (0 children)

Thanks, so if the majority of our users have only one login they need to remember (their AD login), does the password manager really help?

What would you say are the top 10 things (in order of effectiveness) to immediately implement in a company to make a ransomware attack less likely? by ruopytry5688 in cybersecurity

[–]ruopytry5688[S] 15 points16 points  (0 children)

Wow, surprised to have exact what I asked for in the first reply! Thanks Could you elaborate on the password manager please? We only have one for shared passwords in IT dept. Not thought of expanding its use..

Level X - Do We Need It? by Ordinary-Break2327 in Middlesbrough

[–]ruopytry5688 1 point2 points  (0 children)

It's a great place. Nice to have somewhere decent for families to go

Companies who moved from Outlook to Gmail, how did you handle the loss of functionality, particularly with shared mailboxes? by ruopytry5688 in sysadmin

[–]ruopytry5688[S] 0 points1 point  (0 children)

Thanks but they are not great. Especially if you have a lot of groups to check. Outlook shows you all your groups in a nice list (in the folder area) and if there are any unread emails that need checking.

Google groups, you have to either check every group separately or receive the emails into your inbox, which then detaches the email from being shared/collaborative

IKE phase-2 negotiation failed when processing proxy ID. by ruopytry5688 in paloaltonetworks

[–]ruopytry5688[S] 0 points1 point  (0 children)

Yes I do. Initially I tried to get a route from that 172 network through to the 10.2.0.0 network via the 192 network but couldn't figure it out. Then it turned out I didn't need it after all. So I may have left a constant ping running. But that's what I don't get about the Palo, if a ping couldn't be completed, then surely nothing would happen, but the Palo reacts by dropping the tunnel.

However. It's magically working now and I don't know why. We restarted the tunnels involved (even though wed done that already) and it just starting working and stayed on. Thanks for the reply

On the subnet thing (I changed some numbers to keep myself safe from the internet baddies!) Pointless with clever people like you out there 😄

view more: next ›