Jump to content

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • MSPGeek
    • Announcements
    • The Geek Cast
  • ConnectWise Automate / Labtech
    • ConnectWise Automate / LabTech
    • ConnectWise Automate / LabTech - Development

Categories

  • ConnectWise Automate
    • Scripts
    • Plugins
    • SQL Snippets
    • Role Definitions
    • Automate PowerShell Code
    • Reports
    • Internal Monitors
    • Remote Monitors
  • ConnectWise Manage
    • API Interacting Code

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Agent Count


INTERESTS


OCCUPATION


ICQ


WEBSITE


WLM


YAHOO


AOL


FACEBOOK


GOOGLEPLUS


SKYPE


TWITTER


YOUTUBE

Found 4 results

  1. I just joined an MSP as the Automate administrator and they want a monitor that will open a ticket and close it when someone logs onto a specific server as an administrator. I know that Automate detects the last user ID to log on. Any ideas?
  2. Investigating an issue that we are seeing on a number of workstations at two clients. After scanning and cleaning with MBAM 1.80, Malwarebytes is re-flagging the registry string where REG_DWORD is UpdatesDisableNotify and value flips back from 0 to 1 after the full scan and clean. I ran REVO uninstaller and did not find remnants of old AV programs. It's difficult to believe that multiple machines at two clients have rootkits or other stealthy infections. What could be flipping the value back to 1?
  3. Hi All, Spent a lot of time working this one out but believe I have it, in case anyone else wants it. The below Internal Monitor has to be RAWSQL and it will return a list of all computers that have had over 500 'Failed Logins' (defined by the event ID's of the pre-built Internal Monitor) in a 1 day period Create Temporary Table IF NOT EXISTS Tcomp (INDEX (Computerid)) SELECT computerid FROM computers WHERE ComputerID NOT IN (Select ComputerID from AgentIgnore Where AgentID=4114); Select DISTINCT computers.computerid as TestValue,eventlogs.Message as IdentityField,computers.computerid,Computers.Name as computername,locations.locationid,locations.name as locationname,clients.Clientid,clients.name as clientname,agentcomputerdata.NoAlerts,AgentComputerData.UpTimeStart,AgentComputerData.UpTimeEnd FROM ((Computers LEFT JOIN Locations ON Locations.LocationID=Computers.Locationid) LEFT JOIN Clients ON Clients.ClientID=Computers.clientid) JOIN AgentComputerData on Computers.ComputerID=AgentComputerData.ComputerID INNER JOIN eventlogs ON Computers.ComputerID = eventlogs.ComputerID WHERE eventlogs.EventID IN (529, 644, 681, 4625) and eventlogs.timegen > DATE_SUB(CURRENT_DATE(), INTERVAL 1 DAY) GROUP BY Computers.ComputerID, Computers.Name, eventlogs.EventID HAVING COUNT(EventID) > 500 AND Computers.ComputerID IN (Select ComputerID From Tcomp) I hope this saves someone many hours! Cheers, James
  4. We're pleased to release Third Wall v2.2.0.1, improvements we know you'll appreciate! So what did we do? • In USB blocking (including USB Wall), we now block smart phones - so that nobody can download confidential files to their phone. • In USB Wall, we've added the ability to use Kingston encrypted USB sticks. Other brands may (or may not) work, but you've now got an option to register encrypted USB sticks. • We added a full Secure Free Space Delete to the tail end of Encrypted Annihilate, so that there aren't any "ghost" files sitting out there. • On the Computer Screen, we’ve added a ‘refresh’ button for Isolate. In the event a remote computer loses synchronization with Third Wall, you can easily reestablish the appropriate status with a button click. • For Alert on Excessive Logon Failures, we've added an option to include Type 3 (network) logon failures. These are normally excluded, but you may want to have that logon type trigger the policy actions. • For Encrypted Annihilate, Third Wall now generates a ticket upon initialization, and updates that ticket with a time estimate to completion. The ticket is closed upon completion. • Corrected the time stamp in the USB Wall Dataview showing all files transferred to registered USB sticks. • Added a capability on the Integration page to easily change the assigned Alert Template for all Third Wall alerts / tickets. • Add Utility buttons to the Integrations page, giving you direct control over certain administrative utilities. We strongly recommend that you install the update as soon as you are able. Just click on the Update Available (you have to be a Third Wall Admin to get this to launch), download directly from Third Wall, or reach out to us for assistance. We've got much more planned, so stay tuned. We know you are finding Third Wall extremely valuable, and will be protecting all of your clients soon. They deserve it, and so do you!
×
×
  • Create New...