@dafyre said in Experience with NDR Solutions:

The problem with doing that is what if there's a vulnerability in the application/website itself? Something that allows unauthenticated attackers to do 'Bad Things'.

That's the whole point of zero trust. You assume every component is a bad actor and only provide minimum permissions for each microservice of the application.

@gjacobse said in Powershell: Manager Report with Direct Reports:

In need of some assistance to expand this report that I found that is "close" to what I need to have. Would like some assistance in understanding what I have here and how to get to the end product.

Would like to pull all the Direct Reports for a manager - and all those to report to any of those members (Manager tree) and list out AD attributes.

function Get-AllReports {  
    param(  
        [string]$Manager  
    )   
    $DirectReports = Get-ADUser -Filter {manager -eq $Manager}  
    if($DirectReports){  
        Write-Output $DirectReports  
        $DirectReports | ForEach-Object {  
            Get-AllReports -Manager $_.DistinguishedName  
        }      
    }  
}  
  

$Manager = Read-host -Prompt 'Enter Managers Name'
    Write-Host ""
$ManagerName = $Manager  
Get-AllReports -Manager $ManagerName | export-csv $home\_Results\$Manager.csv

Additional items that are needed:
Manager Name
Manager Job Title
Member of VPN group

As the script is above - I get the following CSV file:

"DistinguishedName; Enabled; GivenName; Name; ObjectClass; ObjectGUID; SamAccountName; SID; Surname; UserPrincipalName"

Not really need DistinguishedName; ObjectGUID or SID, would like to drop those if possible - if not, it's not a bit deal as it can be hidden in the report. But need to add the fields above for auditing.

This isn't my code - just added export and manager query so it can be used without re-editing the thing everytime.

(Chatgpt used) :

To refine your PowerShell script according to your requirements, you'll need to modify it to include additional attributes (Manager Name, Manager Job Title, and VPN group membership) and exclude certain attributes (DistinguishedName, ObjectGUID, SID) from the final CSV report. Here's a guide on how to achieve this:

Expanding the Script Functionality

1. Modify the Function to Include Additional Attributes: Update the function to retrieve and display the Manager's Name, Job Title, and whether the user is a member of a specific VPN group.

2. Filter Out Unwanted Attributes: When exporting to CSV, select only the attributes you need.

3. Checking Group Membership: To check if a user is a member of the VPN group, you can use the Get-ADPrincipalGroupMembership cmdlet and filter for the VPN group.

Here's an updated version of your script with these considerations:

function Get-AllReports {
    param(
        [string]$Manager
    )
    $DirectReports = Get-ADUser -Filter {manager -eq $Manager} -Properties Title, Manager, MemberOf

    if($DirectReports) {
        $DirectReports | ForEach-Object {
            $ManagerInfo = Get-ADUser -Identity $_.Manager -Properties Title
            $IsMemberOfVpnGroup = $_.MemberOf -contains "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com"

            [PSCustomObject]@{
                Name = $_.Name
                JobTitle = $_.Title
                ManagerName = $ManagerInfo.Name
                ManagerJobTitle = $ManagerInfo.Title
                MemberOfVpnGroup = $IsMemberOfVpnGroup
            } | Write-Output

            Get-AllReports -Manager $_.DistinguishedName
        }
    }
}

$Manager = Read-Host -Prompt 'Enter Managers Name'
Write-Host ""
$ManagerName = $Manager

Get-AllReports -Manager $ManagerName | Export-Csv "$home\_Results\$Manager.csv" -NoTypeInformation

Key Changes:

• Added Attributes: The script now fetches Title, Manager, and MemberOf properties for each user.

• Manager Information: Retrieves the manager's name and job title using Get-ADUser on the Manager attribute.

• VPN Group Membership: The $IsMemberOfVpnGroup variable checks if the MemberOf attribute contains the distinguished name of your VPN group. Adjust the group's distinguished name (CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com) to match your actual VPN group's DN.

• Output Object: A custom PSObject is created for each user, containing only the desired information.

• CSV Export: The final command pipes the collected data into Export-Csv, excluding type information with -NoTypeInformation.

Ensure you replace "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com" with the actual distinguished name of your VPN group. Also, adjust attribute names and paths according to your Active Directory schema if necessary.

@flaxking said in Why IT certifications are worth more than you think...:

you have to work 100 hour weeks - and that doesn't let you open source your configuration as code, you have to pick your battles.

That's just a bad choice to stay in a strong economy. If you want put in 120% effort for your employer and get virtually zero out of it, that's on you and you alone.

It sounds like you're getting no training, planning time, or much of anything if you're working even 60 hours a week regularly.

There's no long term value here, you are just doing it as a favor for your employer who is either under staffing, under purchasing, and/or under paying for inexpensive talent across most of IT.

If you go into an interview and tell potential employer you worked up to 100 hour weeks it only sounds like a negative. Some people think it sounds like "this guy is willing to do anything for the company". In reality, it's "we can work this guy 60 hours and he will be happy with it".

@wirestyle22 said in Bathroom etiquette:

I have always operated under this unspoken rule--when we're in a public restroom we do not acknowledge each others existence. If there is an option you always leave one urinal between both of you. It's been 37 years of me operating under this ruleset. Today I got into the bathroom and I'm washing my hands before I use the restroom...because that makes sense (i will die on this hill) and my coworker I barely know walks in. He says "Hey Ian!" and walks up to me and touches my shoulder. I am basically thrown into chaos because this guy apparently operates on a complete opposing ruleset than me. I walk over to the urinal and he follows. There are five urinals that area empty and he stands directly next to me.

Am I mistaken in my understanding of social norms or is this really fucking weird

Make direct eye contact, and start talking about how Linux is kernel not an OS.

Then, if there's a next time... Teach him how to exit vim...

@scottalanmiller the truth is that this is something that AI is not really capable of doing right now. Sure solutions can automatically block things, but many times they block legitimate traffic, too. The amount of machine learning that must be in place far exceeds the benefit this automation can provide.

Build your solutions with zero trust and this really isn't much of an issue anymore. The main reason people do this shit is for compliance purposes to check boxes. If they really cared about security, they'd design the infrastructure in a way where this type of shit isn't even necessary.

@Dashrender said in Why IT certifications are worth more than you think...:

@flaxking said in Why IT certifications are worth more than you think...:

Many of the sysadmin jobs I've been applying for want repo links. So when you have a family, and a job where sometimes you have to work 100 hour weeks - and that doesn't let you open source your configuration as code, you have to pick your battles.

And then there's the homework assignments, one job had me submit an architecture design even before I had an interview with the recruiter.

huh - did you send them an bill? That does seem unreasonable - you produced work, you should be compensated... who's to say they aren't just using you for free architecture design?

Yes. Being able to explain it in an interview totally acceptable, but providing finished document before interview unacceptable

@gjacobse said in Powershell: Manager Report with Direct Reports:

In need of some assistance to expand this report that I found that is "close" to what I need to have. Would like some assistance in understanding what I have here and how to get to the end product.

Would like to pull all the Direct Reports for a manager - and all those to report to any of those members (Manager tree) and list out AD attributes.

function Get-AllReports {  
    param(  
        [string]$Manager  
    )   
    $DirectReports = Get-ADUser -Filter {manager -eq $Manager}  
    if($DirectReports){  
        Write-Output $DirectReports  
        $DirectReports | ForEach-Object {  
            Get-AllReports -Manager $_.DistinguishedName  
        }      
    }  
}  
  

$Manager = Read-host -Prompt 'Enter Managers Name'
    Write-Host ""
$ManagerName = $Manager  
Get-AllReports -Manager $ManagerName | export-csv $home\_Results\$Manager.csv

Additional items that are needed:
Manager Name
Manager Job Title
Member of VPN group

As the script is above - I get the following CSV file:

"DistinguishedName; Enabled; GivenName; Name; ObjectClass; ObjectGUID; SamAccountName; SID; Surname; UserPrincipalName"

Not really need DistinguishedName; ObjectGUID or SID, would like to drop those if possible - if not, it's not a bit deal as it can be hidden in the report. But need to add the fields above for auditing.

This isn't my code - just added export and manager query so it can be used without re-editing the thing everytime.

(Chatgpt used) :

To refine your PowerShell script according to your requirements, you'll need to modify it to include additional attributes (Manager Name, Manager Job Title, and VPN group membership) and exclude certain attributes (DistinguishedName, ObjectGUID, SID) from the final CSV report. Here's a guide on how to achieve this:

Expanding the Script Functionality

1. Modify the Function to Include Additional Attributes: Update the function to retrieve and display the Manager's Name, Job Title, and whether the user is a member of a specific VPN group.

2. Filter Out Unwanted Attributes: When exporting to CSV, select only the attributes you need.

3. Checking Group Membership: To check if a user is a member of the VPN group, you can use the Get-ADPrincipalGroupMembership cmdlet and filter for the VPN group.

Here's an updated version of your script with these considerations:

function Get-AllReports {
    param(
        [string]$Manager
    )
    $DirectReports = Get-ADUser -Filter {manager -eq $Manager} -Properties Title, Manager, MemberOf

    if($DirectReports) {
        $DirectReports | ForEach-Object {
            $ManagerInfo = Get-ADUser -Identity $_.Manager -Properties Title
            $IsMemberOfVpnGroup = $_.MemberOf -contains "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com"

            [PSCustomObject]@{
                Name = $_.Name
                JobTitle = $_.Title
                ManagerName = $ManagerInfo.Name
                ManagerJobTitle = $ManagerInfo.Title
                MemberOfVpnGroup = $IsMemberOfVpnGroup
            } | Write-Output

            Get-AllReports -Manager $_.DistinguishedName
        }
    }
}

$Manager = Read-Host -Prompt 'Enter Managers Name'
Write-Host ""
$ManagerName = $Manager

Get-AllReports -Manager $ManagerName | Export-Csv "$home\_Results\$Manager.csv" -NoTypeInformation

Key Changes:

• Added Attributes: The script now fetches Title, Manager, and MemberOf properties for each user.

• Manager Information: Retrieves the manager's name and job title using Get-ADUser on the Manager attribute.

• VPN Group Membership: The $IsMemberOfVpnGroup variable checks if the MemberOf attribute contains the distinguished name of your VPN group. Adjust the group's distinguished name (CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com) to match your actual VPN group's DN.

• Output Object: A custom PSObject is created for each user, containing only the desired information.

• CSV Export: The final command pipes the collected data into Export-Csv, excluding type information with -NoTypeInformation.

Ensure you replace "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com" with the actual distinguished name of your VPN group. Also, adjust attribute names and paths according to your Active Directory schema if necessary.

@Obsolesce said in Need new webhost:

@DustinB3403 said in Need new webhost:

@Obsolesce a 5 day window to try and migrate a bunch of sites isn't unrealistic, but it is a tight timeline to avoid getting billed.

Have you called and spoke with them about the bill and see if they'll do anything to reduce it? Surely they would want to keep a customer vs lose one..

Not concerned about the migration timing and all that. Just concerned about not renewing because I've hopefully found a better option.

Azure?

@Obsolesce

The story of morals vs morals and Risk vs Reward

Guy A - It must be run Sever OS

Well, Guy A then just offer that service. Quote the Microsoft licensing as you know it, and let the customer decide. No need to be a crusader and convince everyone to have the same moral standard of black and white. It's admirable that you have a strict moral standard and won't perform the work. In reality, though alot of the world functions in gray.

Guy B - Save the customer money

Microsoft is a bully and my customer is small and working on thin margins. You know the risk is super low for an audit and probably even lower if they buy windows OS elsewhere. You probably end up doing what's best for customer, but also potentially risk your own neck. Nothing will happen to a customer with 6 employees. They will get a warning at best

I reached out to my both of senators because my passport is taking too long to get and I am coming upon travel. The processing time has exceeded standard processing even though I have paid for expedited.

Long story short, I am almost out of time. Both senators have emailed me back stating that I need to fill out a privacy form before they are able to talk to travel gov people (or whatever) on my behalf.

They sent me a PDF asking for all the standard information, but also my full SSN. I am hesitant to send my entire personal information in a PDF to a senator lol. I am worried that if I dont, I will have delay and have to end up doing it anyway.

The PDF form sent has No government markings of any kind. Just the senator's logo. It is a nice looking pdf, and made to look like a professional form, but it isnt your standard dry gov form I am used to seeing.

(@scottalanmiller feel free to move, I did not know which category this fit.)

@scottalanmiller said in Experience with NDR Solutions:

For the customer in question, an ERP dedicated for the produce logistics industry.

Or for many of my customers (who don't need NDR) a Veterinary Clinic Management System (PIMS).

Why not just purchase a SaaS solution?

@scottalanmiller said in Experience with NDR Solutions:

@Florida_man said in Experience with NDR Solutions:

@scottalanmiller the truth is that this is something that AI is not really capable of doing right now. Sure solutions can automatically block things, but many times they block legitimate traffic, too. The amount of machine learning that must be in place far exceeds the benefit this automation can provide.

Build your solutions with zero trust and this really isn't much of an issue anymore. The main reason people do this shit is for compliance purposes to check boxes. If they really cared about security, they'd design the infrastructure in a way where this type of shit isn't even necessary.

Zero Trust is hard to do when you don't make bespoke software. Most firms run uncontrolled third party stuff.

That isn't the an issue anymore. Alot of COTS and open-source software runs in containers. Each container has its own microservice.

https://blog.aquasec.com/zero-trust-kubernetes

It's time to embrace containers @scottalanmiller

@dafyre said in Experience with NDR Solutions:

The problem with doing that is what if there's a vulnerability in the application/website itself? Something that allows unauthenticated attackers to do 'Bad Things'.

That's the whole point of zero trust. You assume every component is a bad actor and only provide minimum permissions for each microservice of the application.

@scottalanmiller the truth is that this is something that AI is not really capable of doing right now. Sure solutions can automatically block things, but many times they block legitimate traffic, too. The amount of machine learning that must be in place far exceeds the benefit this automation can provide.

Build your solutions with zero trust and this really isn't much of an issue anymore. The main reason people do this shit is for compliance purposes to check boxes. If they really cared about security, they'd design the infrastructure in a way where this type of shit isn't even necessary.

@wirestyle22 said in Bathroom etiquette:

I have always operated under this unspoken rule--when we're in a public restroom we do not acknowledge each others existence. If there is an option you always leave one urinal between both of you. It's been 37 years of me operating under this ruleset. Today I got into the bathroom and I'm washing my hands before I use the restroom...because that makes sense (i will die on this hill) and my coworker I barely know walks in. He says "Hey Ian!" and walks up to me and touches my shoulder. I am basically thrown into chaos because this guy apparently operates on a complete opposing ruleset than me. I walk over to the urinal and he follows. There are five urinals that area empty and he stands directly next to me.

Am I mistaken in my understanding of social norms or is this really fucking weird

Make direct eye contact, and start talking about how Linux is kernel not an OS.

Then, if there's a next time... Teach him how to exit vim...