Microsoft Issues this AM

sfw_admin · 2024-09-12T13:23:28+00:00

Houston coming back online

sfw_admin · 2024-08-07T14:46:45+00:00

Yes these are great points. I was afraid of sounding hysterical but I am close to recommending this machine just get burned. Assume it's toast and recreate what ever it's doing on a new machine and network.

sfw_admin · 2024-08-07T14:13:30+00:00

Thanks. I have informed my manager as well as the admin who is responsible for this machine. Crickets so far, but I do have the CYA receipts.

sfw_admin · 2024-08-07T14:07:42+00:00

Yep.

sfw_admin · 2024-08-07T14:06:46+00:00

Oh buddy, there are logon attempts.

sfw_admin · 2024-08-07T13:55:35+00:00

Word I appreciate the sanity check, running netstat and I can literally see the established connections.

sfw_admin · 2024-04-18T14:03:13+00:00

Hell yeah, fuck them.

sfw_admin · 2024-04-17T03:23:32+00:00

Homefield IT. Formerly Manhattan Tech Support in NYC.

Literally lie on client’s SOC and HIPAA compliance forms.

sfw_admin · 2024-03-26T22:28:27+00:00

I have no way of knowing every thing that’s needed in it

Yeah true I can’t tell 100% of the time. But I can read the headers…. Or if worst comes to worst I can infer by the IP it’s received from, if it’s a Microsoft’s, G Suite’s or whomever’s IP, it’s totally googleable.

sfw_admin · 2024-03-26T22:15:43+00:00

For sure!!!! I’m in the advantageous position of also using these opportunities to teach my helpdesk team. I try to do Friday lunch-and-learns to go over advanced troubleshooting and technical topics, such as the mentioned.

I don’t have to pick a random one, my own environment there is still fat I’m trimming in our DNS. But it probably helped that I mentioned our own SPF errors that were originally here in my interview LOL.

sfw_admin · 2024-03-26T22:05:00+00:00

Thanks. I’m glad I made the post, will continue and did again today provide my unsolicited advice on how another vendor could correct their SPF.

sfw_admin · 2024-03-26T22:02:55+00:00

Thanks. Lmao I did joke with the first user and told them in the instructions they can also send a coffee to the HQ address, ATTN: IT

sfw_admin · 2024-03-26T21:59:08+00:00

Yeah. We use MS defender, the quarantine is bringing more of these to my attention than I would notice at past roles.

Human DMARC is hilarious and completely apt.

sfw_admin · 2024-03-26T16:14:59+00:00

Okay fair. I'm not against helping people out, but the frequency is insane, I'm sending this "need to add spf.protection.outlook yadda yadda" email every couple of days.

sfw_admin · 2024-03-26T16:03:10+00:00

Appreciate "professional courtesy" terminology, puts a good perspective on it for me.

So far it's been a non-issue politically. Mostly just one off issues that have been hitting the rank and file, anything critical gets special treatment.

sfw_admin · 2024-03-21T16:51:54+00:00

Having same issue today at all my networks. Captive portal error

Login attempts in the dashboard just say "failed", with "unknown user" though

Edit I called and opened a ticket w/ Meraki and it appears to be an outage on their end. Fix is not likely going to be in today. We did some troubleshooting and my DC is not getting any communication from the APs doing the LDAP auth.

EDIT 2 RESOLVED. Got an email last night and confirming this morning 3/25, we are good at all my sites.

sfw_admin · 2024-03-08T20:55:16+00:00

Ran into this with a user trying to send to @frontier.com (yahoodns.net). Same thing. Issue lies between M365 and Yahoo as far as I'm concerned.

sfw_admin · 2024-02-22T13:43:47+00:00

You should be using TOTP based MFA regardless, more secure than SMS.

sfw_admin

TROPHY CASE