We have a requirement to setup a secure file sharing option to send and receive files between our employees and our external vendor. I am looking for a solution which enables file server, but along with that, some additional features which analyses the files for any threats. As i understand, the way products like box, one drive, Dropbox etc. works to protect against ransomware for example is to restore from previous version. This doesn't protect an end point from getting infected. We do have endpoint protection but still wanted to ensure the files we get from outside is also scanned.

I've seen https://www.getfilecloud.com/

The part that I am interested in is:

• Ransomware Protection:
  Heuristic file content scanning engine to detect and block Ransomware

• Anti-Virus scanning:
  Automatic anti-virus scanning of files when uploading files

Only thing on the AV scanning is that the AV used is clamav https://www.getfilecloud.com/FileCloud_Security_FAQ.pdf

I am trying to find the same functionality on NextCloud, but didnt see anything specific on heuristic analysis

During SC support sessions they gave me some information:

• There is an issue with the certificates in the Mono server if you are using Gmail, suspecting the same for O365. Suggested fix for this is to upgrade to 6.5 but on the site that is not a stable release.

• SC normally recommend using Windows for the server if you will have 10-15+ active sessions for performance reasons

Should i reconsider moving to Linux server, when the product owner recommends to stay with Windows? We do have 10-15+ sessions usually.

@ambarishrh said in screenconnect migrating from Windows to CentOS7:

@jaredbusch said in screenconnect migrating from Windows to CentOS7:

@ambarishrh said in screenconnect migrating from Windows to CentOS7:

I was able to setup SC on linux and migrate all settings, clients etc to the new server. Facing issues with the mail settings. Using O365, the same works on windows server, but on Linux, when i try to send test mail, i get the error "Message could not be sent."

Telnet to smtp.office365.com on port 587 gets connected. Not sure what could be causing this issue. Anyone know how to check the logs to get more info?

Did you make an IP based connector in O365 for this?

Not really, just used an account with credentials. As mentioned, the same works fine on the windows installation without any problems

When I click send test mail I could see the firewall logs the traffic but no emails on my inbox and the message not sent shows up on sc.

@jaredbusch said in screenconnect migrating from Windows to CentOS7:

@ambarishrh said in screenconnect migrating from Windows to CentOS7:

I was able to setup SC on linux and migrate all settings, clients etc to the new server. Facing issues with the mail settings. Using O365, the same works on windows server, but on Linux, when i try to send test mail, i get the error "Message could not be sent."

Telnet to smtp.office365.com on port 587 gets connected. Not sure what could be causing this issue. Anyone know how to check the logs to get more info?

Did you make an IP based connector in O365 for this?

Not really, just used an account with credentials. As mentioned, the same works fine on the windows installation without any problems

I was able to setup SC on linux and migrate all settings, clients etc to the new server. Facing issues with the mail settings. Using O365, the same works on windows server, but on Linux, when i try to send test mail, i get the error "Message could not be sent."

Telnet to smtp.office365.com on port 587 gets connected. Not sure what could be causing this issue. Anyone know how to check the logs to get more info?

@brrabill said in Microsoft Planner/Teams Testing:

@ambarishrh said in Microsoft Planner/Teams Testing:

Generate a team report on the progress. I can see a graphical dashboard saying the progress, but if i need to get an overall view to get a picture of our tasks, its not that easy or not available

You mean across all tasks across all plans?

The dashboard shows tasks of one plan

@brrabill said in Microsoft Planner/Teams Testing:

@ambarishrh

Are you concerned with backup and things like that?

Didn't get the question about backup

@stacksofplates said in Project management for internal IT projects and tasks:

I’ve used Asana and Nozbe. Both seemed fine, but they are SaaS. I don’t think they have self hosted options.

OpenProject looks interesting https://www.openproject.org/

Another option that’s kind of out of the box is to use GitLab. The issue tracking is pretty nice and with a subscription you can do burn down charts and some other cool stuff with your project milestones.

Open project looks good as well. Need to test these out!

@black3dynamite said in Project management for internal IT projects and tasks:

OrangeScrum

Looks interesting, have you tried this?

@scottalanmiller said in Project management for internal IT projects and tasks:

We use Asana. I don't love it. I'm not sure that I even like it. But it is SO much better than Jira, that's for sure.

I've tried Asana and didn't really like that either

I am looking for a tool that can be used for internal projects with the following features:

1. Create project, set milestones and target dates
2. create individual tasks and subtasks, assign to 1 or more techs
3. Analyse the overall tasks completion/performance of teams
4. Generate high-level reports for management
5. Add notes, comments etc.
6. Self-hosted and free if possible.

Part of our O365, we have MS planner, been using it for few weeks and not really happy with that (mentioned this on another thread in ML)

Unless there are no serious performance issues, i think i will go ahead with centos for now

I just started using planner and trying to test out teams as well.

Planner is mostly like trello, but i am already finding it difficult for the following:

1. Generate a team report on the progress. I can see a graphical dashboard saying the progress, but if i need to get an overall view to get a picture of our tasks, its not that easy or not available

2. export tasks is not available

3. When you complete the tasks, and if as a team, need to review whats completed and plan tasks accordingly, its not that easy, you just see a list of tasks checked out but couldn't find an easy way to check when the task was completed.

I am still looking for a good IT project management tool to get all our internal projects tracked and split tasks between our internal team

Teams on the other hand, is much better that SFB for voice & video calls. Has some good features and we are slowly liking it but the adoption rate within my team is not that great yet. Most of them are overwhelmed with the options in teams.

I am about to setup a CentOS 7 to install sc and migrate our existing windows setup to this. Setup will be based on the instructions from @scottalanmiller https://mangolassi.it/topic/3997/installing-screenconnect-on-centos-7/20

Hope there are no issues with CentOS7 on SC as of now

https://docs.connectwise.com/ConnectWise_Control_Documentation/On-premises/Advanced_setup/Move_an_on-premises_installation_to_a_new_server

Along with that, planning to enable 2FA for all instances and the cloud login as well

https://docs.connectwise.com/ConnectWise_Control_Documentation/Get_started/Administration_page/Security_page/Enable_two-factor_authentication_for_host_accounts

If it's for 5 techs you can also sign up for free manage engine service desk plus

I am currently testing one using http://alliance.themerex.net/splash/

Really easy to edit with a visual editor and has multiple dashboard themes. Along with that I will be testing azure AD authentication and may be try gamification plugins.

https://wordpress.org/plugins/gamipress/

https://wordpress.org/plugins/wpo365-login/

@danp said in Major Intel CPU vulnerability:

Easily examine and understand any Windows system's hardware and software capability to
prevent Meltdown and Spectre attacks.

https://www.grc.com/inspectre.htm

Anyone tried this?

@iroal said in Preventive measures against ransomware:

I've installed ransomfree https://ransomfree.cybereason.com/

Good tool, and free, to avoid ransomware.

Check if that detects when you run ransim https://www.knowbe4.com/ransomware-simulator

@jimmy9008 said in Preventive measures against ransomware:

@ambarishrh said in Preventive measures against ransomware:

Backup: All endpoints are being backed up to a remote location. Veeam backup repo now uses Linux NFS instead of windows NTFS for storage.

What is the retention period? I've seen a few places that only hold 1 x backup for workstations and overwrite that nightly. If a machine is infected, you could overwrite the good backup before finding out...

30 days

We are hardening our environment to reduce the risk of ransomware attack and would like to get some advise from ML

Few of the changes we are enforcing includes:

Backup: All endpoints are being backed up to a remote location. Veeam backup repo now uses Linux NFS instead of windows NTFS for storage.

Servers: Least privilege method and logging/audit enabled on AD and File server. Harden all servers, reference points from https://adsecurity.org

FSRM to be updated for File server screening using https://github.com/nexxai/CryptoBlocker
https://fsrm.experiant.ca/

End point protection: Av+ Malwarebytes

Usb/removable drives: I would like to have the usbs scanned on a few dedictaed machines that is disconnected from the network, scan with multiple av engines and would even want to go further by opening all files, may be allow all possible options like auto run and see if there are threats. If clean then allow the user to use that USB for that session only. We disabled usb read and write centrally but can't block that permanently as we get usb from third parties. The scanning station can have something like deep freeze which will bring the machine back to its original state after a reboot.

User education: use something like knowbe4 security awareness programs to train employees to identify common threats like spam phishing mails, suspicious links etc.

Firewall with the usual security settings DPI, IDS, IPS etc.

Patch management: Looking at ivanti or shavlik to enhance our sccm and cover third party patches as well. Currently it's package and update