@dafyre said in Experience with NDR Solutions:
The problem with doing that is what if there's a vulnerability in the application/website itself? Something that allows unauthenticated attackers to do 'Bad Things'.
That's the whole point of zero trust. You assume every component is a bad actor and only provide minimum permissions for each microservice of the application.
@gjacobse said in Powershell: Manager Report with Direct Reports:
In need of some assistance to expand this report that I found that is "close" to what I need to have. Would like some assistance in understanding what I have here and how to get to the end product.
Would like to pull all the Direct Reports for a manager - and all those to report to any of those members (Manager tree) and list out AD attributes.
function Get-AllReports { param( [string]$Manager ) $DirectReports = Get-ADUser -Filter {manager -eq $Manager} if($DirectReports){ Write-Output $DirectReports $DirectReports | ForEach-Object { Get-AllReports -Manager $_.DistinguishedName } } } $Manager = Read-host -Prompt 'Enter Managers Name' Write-Host "" $ManagerName = $Manager Get-AllReports -Manager $ManagerName | export-csv $home\_Results\$Manager.csvAdditional items that are needed:
Manager Name
Manager Job Title
Member of VPN groupAs the script is above - I get the following CSV file:
"DistinguishedName; Enabled; GivenName; Name; ObjectClass; ObjectGUID; SamAccountName; SID; Surname; UserPrincipalName"
Not really need DistinguishedName; ObjectGUID or SID, would like to drop those if possible - if not, it's not a bit deal as it can be hidden in the report. But need to add the fields above for auditing.
This isn't my code - just added export and manager query so it can be used without re-editing the thing everytime.
(Chatgpt used) :
To refine your PowerShell script according to your requirements, you'll need to modify it to include additional attributes (Manager Name, Manager Job Title, and VPN group membership) and exclude certain attributes (DistinguishedName, ObjectGUID, SID) from the final CSV report. Here's a guide on how to achieve this:
Modify the Function to Include Additional Attributes: Update the function to retrieve and display the Manager's Name, Job Title, and whether the user is a member of a specific VPN group.
Filter Out Unwanted Attributes: When exporting to CSV, select only the attributes you need.
Checking Group Membership: To check if a user is a member of the VPN group, you can use the Get-ADPrincipalGroupMembership cmdlet and filter for the VPN group.
Here's an updated version of your script with these considerations:
function Get-AllReports {
param(
[string]$Manager
)
$DirectReports = Get-ADUser -Filter {manager -eq $Manager} -Properties Title, Manager, MemberOf
if($DirectReports) {
$DirectReports | ForEach-Object {
$ManagerInfo = Get-ADUser -Identity $_.Manager -Properties Title
$IsMemberOfVpnGroup = $_.MemberOf -contains "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com"
[PSCustomObject]@{
Name = $_.Name
JobTitle = $_.Title
ManagerName = $ManagerInfo.Name
ManagerJobTitle = $ManagerInfo.Title
MemberOfVpnGroup = $IsMemberOfVpnGroup
} | Write-Output
Get-AllReports -Manager $_.DistinguishedName
}
}
}
$Manager = Read-Host -Prompt 'Enter Managers Name'
Write-Host ""
$ManagerName = $Manager
Get-AllReports -Manager $ManagerName | Export-Csv "$home\_Results\$Manager.csv" -NoTypeInformation
Added Attributes: The script now fetches Title, Manager, and MemberOf properties for each user.
Manager Information: Retrieves the manager's name and job title using Get-ADUser on the Manager attribute.
VPN Group Membership: The $IsMemberOfVpnGroup variable checks if the MemberOf attribute contains the distinguished name of your VPN group. Adjust the group's distinguished name (CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com) to match your actual VPN group's DN.
Output Object: A custom PSObject is created for each user, containing only the desired information.
CSV Export: The final command pipes the collected data into Export-Csv, excluding type information with -NoTypeInformation.
Ensure you replace "CN=VPNGroup,OU=Groups,DC=YourDomain,DC=com" with the actual distinguished name of your VPN group. Also, adjust attribute names and paths according to your Active Directory schema if necessary.
@flaxking said in Why IT certifications are worth more than you think...:
you have to work 100 hour weeks - and that doesn't let you open source your configuration as code, you have to pick your battles.
That's just a bad choice to stay in a strong economy. If you want put in 120% effort for your employer and get virtually zero out of it, that's on you and you alone.
It sounds like you're getting no training, planning time, or much of anything if you're working even 60 hours a week regularly.
There's no long term value here, you are just doing it as a favor for your employer who is either under staffing, under purchasing, and/or under paying for inexpensive talent across most of IT.
If you go into an interview and tell potential employer you worked up to 100 hour weeks it only sounds like a negative. Some people think it sounds like "this guy is willing to do anything for the company". In reality, it's "we can work this guy 60 hours and he will be happy with it".
@wirestyle22 said in Bathroom etiquette:
I have always operated under this unspoken rule--when we're in a public restroom we do not acknowledge each others existence. If there is an option you always leave one urinal between both of you. It's been 37 years of me operating under this ruleset. Today I got into the bathroom and I'm washing my hands before I use the restroom...because that makes sense (i will die on this hill) and my coworker I barely know walks in. He says "Hey Ian!" and walks up to me and touches my shoulder. I am basically thrown into chaos because this guy apparently operates on a complete opposing ruleset than me. I walk over to the urinal and he follows. There are five urinals that area empty and he stands directly next to me.
Am I mistaken in my understanding of social norms or is this really fucking weird
Make direct eye contact, and start talking about how Linux is kernel not an OS.
Then, if there's a next time... Teach him how to exit vim...
@scottalanmiller the truth is that this is something that AI is not really capable of doing right now. Sure solutions can automatically block things, but many times they block legitimate traffic, too. The amount of machine learning that must be in place far exceeds the benefit this automation can provide.
Build your solutions with zero trust and this really isn't much of an issue anymore. The main reason people do this shit is for compliance purposes to check boxes. If they really cared about security, they'd design the infrastructure in a way where this type of shit isn't even necessary.
@Dashrender said in Why IT certifications are worth more than you think...:
@flaxking said in Why IT certifications are worth more than you think...:
Many of the sysadmin jobs I've been applying for want repo links. So when you have a family, and a job where sometimes you have to work 100 hour weeks - and that doesn't let you open source your configuration as code, you have to pick your battles.
And then there's the homework assignments, one job had me submit an architecture design even before I had an interview with the recruiter.
huh - did you send them an bill? That does seem unreasonable - you produced work, you should be compensated... who's to say they aren't just using you for free architecture design?
Yes. Being able to explain it in an interview totally acceptable, but providing finished document before interview unacceptable