Posts made by IRJ
RE: Security Information Event Management (SIEM)
I'm surprised nobody has mentioned elastic yet.
There's an open source version and a free version (more features).
I did not mention it intentionally.
Because it is too complex to use as a SEIM unless you already know a lot about it.
Elastic basic (free) is pretty simple. Open Source version requires a bit more knowledge and integration
RE: Is Open Source Really So Much More Secure By Nature
The point of bring in someone like myself, @JaredBusch
RE: Anybody interested in doing ML Secret Santa?
Thanks to everyone that participated.
It was fun, however one person did not receive a gift. Can we please make sure that gift gets out. Please add tracking to elfster once sent.
Thanks guys and I hope to do it again next year.
RE: I bypassed my jobs security restrictions...
I used my knowledge to bypass these things and learn about the way the network structure works (they blocked the network map) which is very interesting to me considering it is a private A-class IP so took interest in what I can see within my companies network like the forestroot.local (Host). Today I accessed the control panel and found som, and found there's 5 primary DHCPs/sites it changes between) i found interesting ways to get around some of the administrator restrictions functions they missed to block(i decided to optimize thin-cliant for performance, seems to made a difference), which I assume they cant simply block because its local settings but it give viewing rights even in security logs, (so many different users on these logs). I'm curious if a administrator finds my logs of the different accesses I've been through. Am I risking termination or is a curious mind good for their security, recently we upgraded our systems to Windows 10 and I was the one to be the bug tester and work with IT on everything.
Did you really bypass anything? Other than seeing DHCP servers, which is easily done by checking your ipconfig. What have you actually done?
I'll be honest, if I'm IT and somebody comes rambling to me like this, I'm just going to ignore it.
I do think it's awesome how you are trying to learn how things work, and it does seem like you have some knowledge. However, I think you have more studying and learning to do before you think about breaching networks and reporting security issues.
Everyone has to start somewhere and you seem to be learning fairly quickly for Helpdesk. Just keep your head down and keep learning, you'll be there soon.
RE: Miscellaneous Tech News
What’s the cruelest prank you can make on employees who are struggling during a global pandemic when millions of people have lost their jobs or lives? GoDaddy — a web domain registrar once best known for its sexist advertisements — tried to find out when it sent employees a fake email informing them they’d receive a $650 holiday bonus.
There is nothing cruel about doing a phishing test. Using monetary rewards is also quite common.
RE: Azure or 0365?
I'd be pretty okay hiring someone with only a cert in O365, it's not touching infrastructure. But hiring someone with only a cert in Azure would be pretty scary.
And that's exactly what I said earlier, it's much easier to get a junior level position that utilizes O365
RE: Azure or 0365?
How many times have we had this discussion of you asking what to learn? We go back and forth about it and you never end up choosing either path or leaning anything.
You also aren't new to IT anymore. You should know these concepts by now.
Asking questions and making conversations is great, but shut up and learn also works well. Nobody is going to spoon feed you information. You can go to Udemy like everyone else and buy a course on a subject you want to learn for $15. Go through that course 2 or 3 times then come here and start asking questions.
You'll get better answers when you ask specific questions and have some knowledge on topics.
Not tryjng to be mean at all. It's just time to get out of the high chair and take off the bib.