[ale] How would you ....

Jim Kinney jim.kinney at gmail.com
Fri Apr 30 08:02:51 EDT 2021


Not the tool I used but very similar. Basically use python on Linux to scrape windows using powershell.

On April 30, 2021 7:34:43 AM EDT, Jim Kinney <jim.kinney at gmail.com> wrote:
>I was going to suggest a linux-based pxe boot that auto runs dd
>if=/dev/random of=/dev/sd[[:alpha:]] to ensure the drives are
>encrypted. Windows admins don't let me get near their systems any more.
>Fuzzy memory. There's a tool I used many years ago for pulling data
>like this from windows systems in a large corp environment using a
>shared AD password. Network tool on Linux that connected to a port....
>auth happens.... request variable values... something. I used it to
>pull names and versions of all install software but it could pull
>anything known by the windows box. Dang. Can't remember the tool name.
>I'll look.
>On April 30, 2021 7:11:37 AM EDT, Raj Wurttemberg via Ale <ale at ale.org>
>>I would probably use Ansible to report on hundreds of systems, it is
>>platform and agentless.
>>For Windows, you just need to run the command (Administrator level
>>"manage-bde -status".  It comes back with a nice report like this:
>>Volume C: [OS]
>>[OS Volume]
>>    Size:                 243.58 GB
>>    BitLocker Version:    None
>>    Conversion Status:    Fully Decrypted
>>    Percentage Encrypted: 0.0%
>>    Encryption Method:    None
>>    Protection Status:    Protection Off
>>    Lock Status:          Unlocked
>>    Identification Field: None
>>    Key Protectors:       None Found
>>Or with PowerShell...  (output can be JSON if needed with "
>>Get-BitLockerVolume | convertto-json")
>>PS C:\WINDOWS\system32> Get-BitLockerVolume
>>   ComputerName: XXXXXXX
>>VolumeType      Mount CapacityGB VolumeStatus           Encryption
>>KeyProtector              AutoUnlock Protection
>>                Point                                   Percentage
>>Enabled    Status
>>----------      ----- ---------- ------------           ----------
>>------------              ---------- ----------
>>Data            E:      2,048.00 FullyDecrypted         0          {}
>>Data            F:      2,560.00 FullyDecrypted         0          {}
>>Data            G:        979.37 FullyDecrypted         0          {}
>>OperatingSystem C:        243.58 FullyDecrypted         0          {}
>>Data            D:        232.80 FullyDecrypted         0          {}
>>> -----Original Message-----
>>> From: Ale <ale-bounces at ale.org> On Behalf Of DJ-Pfulio via Ale
>>> Sent: Thursday, April 29, 2021 11:10 PM
>>> To: Atlanta Linux Enthusiasts <ale at ale.org>
>>> Cc: DJ-Pfulio <DJPfulio at jdpfu.com>
>>> Subject: [ale] How would you ....
>>> run a report against thousands of workstations to ensure they all
>>> encrypted storage. Call it a HIPPA requirement and reporting is just
>>> important as actually having the encryption deployed.
>>> Assume Windows and Linux workstations - but linux-only is fine too.
>>> F/LOSS preferred for the solution.
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> https://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>Ale mailing list
>>Ale at ale.org
>>See JOBS, ANNOUNCE and SCHOOLS lists at
>Computers amplify human error
>Super computers are really cool

Computers amplify human error
Super computers are really cool
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20210430/cc8fd213/attachment.htm>

More information about the Ale mailing list