this post was submitted on 19 Oct 2024
390 points (97.1% liked)
Technology
59092 readers
6622 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I would call legal and IT. It's outside the scope of my role to accept contacts on behalf of the company.
IT here, Plesse don't involve us... We don't want to to deal with this bs either
IT here, Yes, by all means involve me. I will buy a second monitor and plug it into a known box that is no business going anywhere. I will then block, at the network firewall level, any outbound traffic to anything that thing talks to. If it uses its own MAC address at the head end I will then collect and publish every connection that thing tries to make outside to a blacklist and provide it to the public.
Thank you network admin! You’re a hero!
Sounds way more interesting than most IT work as well. I'd definitely rather do some investigative work like this than a typical parade of password resets, email assistance, and software installations.
Hands you a random laptop.
"The thing doesn't work."
Refuses to elaborate and leaves.
It and I appear to have the same thing wrong with us. I'm not working on it.
I had to ask a helpdesk for a 2fa reset once. Intrestingly, they didn't make me identify myself except for first and last name. Not sure what point the 2FA has if it's that easy to remove.
Depending on the help desk they probably knew it was you. Did you call from a phone HR knows about? If it was a walk up, did they make the ticket before or after resetting your MFA?
They do have the phone number on record, so I guess that's what they did. More likely though they didn't even check. They made no ticket either, just reset it in the course of an around 3 minute call.
Are you sure there is no ticket? Some systems let you make tickets that the end user is not notified for. Also, depending on the size/ levels of automation your call may have populated all your info on the agents end.
Hells yes.
You could also just stick it in a VLAN with no route to other networks.
Easily. I could also simply deny it access to the internet. But sometimes you need to look out for more than just your own.
Full page ads on the monitor for you with love from IT.