What alerts are you looking to get that isn't natively available?
Obsolesce
@Obsolesce
MCSE
3240
Reputation
7322
Posts
3087
Profile views
3
Followers
0
Following
Posts made by Obsolesce
-
RE: Cloud CyberSecurity monitoring and alertingposted in IT Discussion
-
RE: What Are You Doing Right Nowposted in Water Closet
@David_CSG said in What Are You Doing Right Now:
Doing a little victory dance after successfully: Upgrading a Server2008R2 VM to 2012R2
Didn't mainstream support end for 2012 r2 like a year ago?
-
RE: AzureAD and sharesposted in IT Discussion
@scottalanmiller said in AzureAD and shares:
@Obsolesce said in AzureAD and shares:
I would say it's an issue of old outdated SMB versions with bad access and authentication practices.
That is a factor, too, of course. Anything outdated ups the risk. But for systems properly maintained, those things don't exist.
Bad things happen with good solutions when they are not implemented and maintained correctly.
-
RE: AzureAD and sharesposted in IT Discussion
@scottalanmiller said in AzureAD and shares:
@Obsolesce said in AzureAD and shares:
@scottalanmiller said in AzureAD and shares:
AD + SMB.... it's like designing for ransomware.
What does AD have to do with ransomware?
A ton. AD and SMB shares authenticated through it are the primary attack vector for ransomware. While AD itself is not a huge vulnerability, it ties many systems together so that a single compromise easily turns into a big one. It's like the authentication equivalent to a LAN. It magnifies exposure and discovery.
So if you take away AD, nobody gets ransomware?
I would say it's an issue of old outdated SMB versions with bad access and authentication practices.
-
RE: AzureAD and sharesposted in IT Discussion
@scottalanmiller said in AzureAD and shares:
@brandon220 said in AzureAD and shares:
Less than desirable internet service is a large factor in having things in-house versus hosted. It is a big factor that cannot be overlooked.
AD does not have to be implemented. That is why I'm here discussing it.Nothing wrong with in house. File serving over the Internet is basically always bad, regardless of the tech used. WANs just aren't fast, and files are very speed sensitive.
Yes there will be places that just can't do it until internet speeds are faster and cheaper than local/onprem.
-
RE: AzureAD and sharesposted in IT Discussion
@scottalanmiller said in AzureAD and shares:
AD + SMB.... it's like designing for ransomware.
What does AD have to do with ransomware?
-
RE: AzureAD and sharesposted in IT Discussion
@Dashrender said in AzureAD and shares:
What is your proposed or already decided solution for normal file storage? (word, etc, type files)
I know Google Drive is heavily pushed.
-
RE: AzureAD and sharesposted in IT Discussion
@brandon220 said in AzureAD and shares:
I know @Obsolesce uses samba too. How well does this work if the MS users connecting to samba sign in to their PCs with MS accounts instead of local user accounts? Basically, does it work properly with email addresses for usernames? I don't use MS accounts personally and have never tried to connect to a samba share that way.
Where I work now, we're moving to LANless at full speed, and SDP in the meantime and where LANless is more challenging.
-
RE: AzureAD and sharesposted in IT Discussion
@scottalanmiller said in AzureAD and shares:
@brandon220 said in AzureAD and shares:
@Obsolesce Yes. Unbelievable.
Worse, is that someone pays and/or believes them. How could it come to that?
Someone better call up Linus Torvalds and tell him his kernel isn't secure enough for financial institutions and so to do a better job.