this post was submitted on 19 Oct 2024
390 points (97.1% liked)
Technology
59374 readers
3846 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
IT here, Yes, by all means involve me. I will buy a second monitor and plug it into a known box that is no business going anywhere. I will then block, at the network firewall level, any outbound traffic to anything that thing talks to. If it uses its own MAC address at the head end I will then collect and publish every connection that thing tries to make outside to a blacklist and provide it to the public.
Sounds way more interesting than most IT work as well. I'd definitely rather do some investigative work like this than a typical parade of password resets, email assistance, and software installations.
I had to ask a helpdesk for a 2fa reset once. Intrestingly, they didn't make me identify myself except for first and last name. Not sure what point the 2FA has if it's that easy to remove.
Depending on the help desk they probably knew it was you. Did you call from a phone HR knows about? If it was a walk up, did they make the ticket before or after resetting your MFA?
They do have the phone number on record, so I guess that's what they did. More likely though they didn't even check. They made no ticket either, just reset it in the course of an around 3 minute call.
Are you sure there is no ticket? Some systems let you make tickets that the end user is not notified for. Also, depending on the size/ levels of automation your call may have populated all your info on the agents end.