|
Install wsl and then dd his laptop over ssh for local analysis
|
#
?
May 17, 2019 20:53
|
|
|
|
| # ? Apr 28, 2024 00:30 |
|
|
Schadenboner posted:I mean no single-spinners on endpoints, obvs. Big spinners on RAIDed and backed-up storage is fine unless you’re We just bought a bunch of all-flash v7k and yes, my dick IS feeling rather large these days. Thanks for asking.
|
|
#
?
May 17, 2019 21:45
|
|
af and can spring for all-flash arrays in which case “you do you” (as the kids say these days).
|
In this current time one can order 240 GB SSD for 30€ and 500 GB SSD for 50€ . The 5400 RPM 500 GB drive is 25€ refurbished or more like 40€ new, let alone 7200 rpm costs. Simply no reason to leave a system with conventional hard drive anymore. Especially in laptop, where there are still price premiums for hard drive over the desktop sizes, but all SSDs already fit the size so the value is even worse for hard drive. You basic need to waste money to use conventional hard drive now.
|
|
#
?
May 17, 2019 22:06
|
|
|
Zero VGS posted:Ticket came in from the company lawyer: does anyone know of a file recovery program with a Server / Client setup so that I can silently push to a remote laptop, and run the file recovery client from here? Edit the Hosts file to block access to Facebook. Wait til they scream at your support desk that they have lost internet access. Ship them a loaner, run forensics on the original machine.
|
|
#
?
May 17, 2019 22:21
|
|
|
pr0digal posted:If your company uses Salesforce you're probably about to have a very interesting day and outages.  It only affects people who use the Pardot tools on their org. Which is pretty much anyone with marketing tools, so yeah, it's a big, impressive fuckup. 
|
|
#
?
May 17, 2019 23:26
|
|
|
Shut up Meg posted:Edit the Hosts file to block access to Facebook. This, but move it to a custom vlan with random image replacement or whatever. If you modify the machine they get to claim it was you downloading stuff.
|
|
#
?
May 17, 2019 23:31
|
|
|
Shut up Meg posted:Edit the Hosts file to block access to Facebook. Disable the keyboard and mouse on the laptop remotely from device manager is better IMO. Instant callback.
|
|
#
?
May 17, 2019 23:57
|
|
|
[IMG:Drake turning his head and putting up a hand unhappily] [IMG:Drake looking and pointing approvingly]
|
|
#
?
May 17, 2019 23:59
|
|
|
Can you tell us more why you don't want to tip this person off? Can't you and the lawyer just walk up and snatch it, toss a loaner at him and leave without saying a single word? Better still if you wear matching suits and sunglasses to look like some sort of covert government agency.
|
|
#
?
May 18, 2019 00:00
|
|
|
Schedule a meeting with him, then gank his lappy when he’s away?
|
|
#
?
May 18, 2019 00:03
|
|
|
Heners_UK posted:Can you tell us more why you don't want to tip this person off? Can't you and the lawyer just walk up and snatch it, toss a loaner at him and leave without saying a single word? Better still if you wear matching suits and sunglasses to look like some sort of covert government agency.
|
|
#
?
May 18, 2019 01:10
|
|
|
TITTIEKISSER69 posted:If there's a way to stealthily get an all-sectors image of his drive you could then browse it away from his computer. How much money are you willing to spend? F-Response Encase Enterprise FTK All have the ability to do remote full disk forensic images, but get your wallet out.
|
|
#
?
May 18, 2019 01:38
|
|
|
Mustache Ride posted:How much money are you willing to spend? You might be able to swing it if you make a case for having the proper tools on hand for potential future cases.
|
|
#
?
May 18, 2019 01:42
|
|
|
Dirt Road Junglist posted:it's a big, impressive fuckup. Guess who built a system for our customers that uses Salesforce's OAuth2 because password management is annoying and this seemed easier since they already have portal creds? Our SF admins are in the process of rebuilding all of the permissions for our customer portal profiles. I'll be shocked if Monday rolls around and everything still works the way it did yesterday.
|
|
#
?
May 18, 2019 04:39
|
|
|
nullfunction posted:Guess who built a system for our customers that uses Salesforce's OAuth2 because password management is annoying and this seemed easier since they already have portal creds? Godspeed, mon frere. I want to tell you it's gonna be okay, but my team has nothing to do with that side of poo poo. However, the girlfriend of one of my teammates is in customer support, and she's hella competent, so you might be in good hands. Not being glib, tho, I hope it gets resolved without a lot of stress for you. That fuckin sucks.
|
|
#
?
May 18, 2019 05:12
|
|
|
I'm not too worried about it all things considered. Our folks are competent and I'm sure they'll get it restored, I'm just not looking forward to hearing about it until they do.
|
|
#
?
May 18, 2019 05:18
|
|
|
AlexDeGruven posted:Ahh, no fun there. I'll drink plenty in your stead. They're having so much trouble getting qualified applicants that they promoted me from windows sysadmin (noc) to devops engineer. Time to do this long enough to learn everything and then  .
|
|
#
?
May 18, 2019 13:54
|
|
|
xsf421 posted:They're having so much trouble getting qualified applicants that they promoted me from windows sysadmin (noc) to devops engineer. Time to do this long enough to learn everything and then if you're familiar with the deep down evil bits of NT being evil, and how to beat it into submission, you'll do well at devops.
|
|
#
?
May 18, 2019 15:00
|
|
|
Zero VGS posted:Ticket came in from the company lawyer: does anyone know of a file recovery program with a Server / Client setup so that I can silently push to a remote laptop, and run the file recovery client from here? I assume this is important business related stuff they’re pirating, and the lawyer isn’t wasting your time hounding someone for downloading Game of Thrones
|
|
#
?
May 20, 2019 08:33
|
|
|
bitterandtwisted posted:I assume this is important business related stuff they’re pirating, and the lawyer isn’t wasting your time hounding someone for downloading Game of Thrones They aren't using the company internet to download it and they aren't installing it on their laptop, so I am guessing it is indeed GoT and they have a puritannical streak about using company resources for doing illegal things.
|
|
#
?
May 20, 2019 10:12
|
|
|
I never pirate anything on my work computer. I download it at home, then copy it to my work computer.
|
|
#
?
May 20, 2019 15:21
|
|
|
Shut up Meg posted:puritannical streak about using company resources for doing illegal things. You realise of course that copyright "enforcers" see companies as filled with virgin blood?
|
|
#
?
May 20, 2019 15:25
|
|
|
Shut up Meg posted:They aren't using the company internet to download it and they aren't installing it on their laptop, so I am guessing it is indeed GoT and they have a puritannical streak about using company resources for doing illegal things. I don't think "Trying to limit the company's liability for costly and incredibly easily avoidable litigation" is necessarily a "puritanical streak" sort of thing.
|
|
#
?
May 20, 2019 15:30
|
|
|
A ticket came in...a very nice user posted:Hello, Not sure if someone is just pulling his leg or if someone else is also this stupid. Also, he doesn't even need a UPS because he has a laptop.
|
|
#
?
May 20, 2019 17:11
|
|
|
bitterandtwisted posted:I assume this is important business related stuff they’re pirating, and the lawyer isn’t wasting your time hounding someone for downloading Game of Thrones We pay how ever many hundreds of thousands of pounds/dollars for all sorts of professional software that is only a mere IT ticket request away from granting access, of course this doesn't stop our security processes occasionally getting hits for poo poo like "Autodesk Maya 2017 Keygen.exe" on some yahoo's desktop. People smart
|
|
#
?
May 20, 2019 17:14
|
|
|
I back up my laptop with a Fedex
|
|
#
?
May 20, 2019 17:27
|
|
|
Inspector_666 posted:I don't think "Trying to limit the company's liability for costly and incredibly easily avoidable litigation" is necessarily a "puritanical streak" sort of thing. Not to mention the enormous potential security risks. Like, I'm definitely not the copyright police, and mostly stopped pirating because there is more media than I will ever be able to consume on Netflix and Amazon Prime, but keep that poo poo off of my network. poo poo like that is what gets you crypto'd.
|
|
#
?
May 20, 2019 17:28
|
|
|
GnarlyCharlie4u posted:A ticket came in... awwww 
|
|
#
?
May 20, 2019 18:24
|
|
|
Thanatosian posted:Not to mention the enormous potential security risks. Like, I'm definitely not the copyright police, and mostly stopped pirating because there is more media than I will ever be able to consume on Netflix and Amazon Prime, but keep that poo poo off of my network. At least bittorrent issn't quite as bad as kazaa. Nothing like giving your computer aids because someone decided Brittany_spears_leaked_nudes.jpg.exe was a great idea to download.
|
|
#
?
May 20, 2019 18:47
|
|
|
I know... He's a nice fellow, so I don't mind explaining to him that this isn't correct. My concern is whomever is running around telling people that their data is backed up in batteries.
|
|
#
?
May 20, 2019 18:51
|
|
|
Methylethylaldehyde posted:At least bittorrent issn't quite as bad as kazaa. Nothing like giving your computer aids because someone decided Brittany_spears_leaked_nudes.jpg.exe was a great idea to download.
|
|
#
?
May 20, 2019 20:02
|
|
|
GnarlyCharlie4u posted:I know... He's a nice fellow, so I don't mind explaining to him that this isn't correct. My concern is whomever is running around telling people that their data is backed up in batteries. They likely just heard it was backed up by UPS out of context, no real user stupidity here. You should be happy they WANT remote backups.
|
|
#
?
May 21, 2019 03:11
|
|
|
The Macaroni posted:Is Kazaa still around? The client? No. But there are derivatives and successors that still connect to the Fasttrack network used by Kazaa, so you can still get Leaked_Nudes_not_a-Virus.jpg.exe just like you did in....2002? gently caress I'm old.
|
|
#
?
May 21, 2019 03:24
|
|
|
Methylethylaldehyde posted:The client? No. But there are derivatives and successors that still connect to the Fasttrack network used by Kazaa, so you can still get Leaked_Nudes_not_a-Virus.jpg.exe just like you did in....2002? gently caress I'm old.  
|
|
#
?
May 21, 2019 07:53
|
|
|
A user created an account with a website when prompted to by a spam email. I asked if he used his company credentials when setting it up.quote:The password I used is one I use for other things like my Hotmail account and linkedIn, and bank, but it’s not the same password as the one that gets me into [company] portal, etc OK cool
|
|
#
?
May 21, 2019 13:59
|
|
|
Still worth telling him to reset them all in case the difference is just an exclamation mark or something.
|
|
#
?
May 21, 2019 14:18
|
|
|
Arquinsiel posted:in case the difference is just an exclamation mark or something. RON HOWARD VOICE: It was.
|
|
#
?
May 21, 2019 14:36
|
|
|
GnarlyCharlie4u posted:A ticket came in... I'd be finding out who said that and if it doesn't sound like genuine stupidity have a look at their setup
|
|
#
?
May 22, 2019 12:37
|
|
|
A ticket came in: Outlook meetings with no attachment. When the meeting is updated with an attachment, that update email goes directly to deleted items on the attendee's mailbox. Can be replicated sometimes, but other times is not automatically moved to deleted items until it is read by the recipient. I have so many other things I would rather be doing but nope this ticket escalation is apparently life or death for somebody.
|
|
#
?
May 23, 2019 20:54
|
|
|
|
| # ? Apr 28, 2024 00:30 |
|
|
Arquinsiel posted:This, but move it to a custom vlan with random image replacement or whatever. If you modify the machine they get to claim it was you downloading stuff. Have tier 1 gen up a new laptop and just take his and say it was infected with something. I've done this many times for similar reasons, ya'll are making poo poo hard.
|
|
#
?
May 24, 2019 01:19
|
|