cancel
Showing results for 
Search instead for 
Did you mean: 

THWACK Monthly Mission - October 2018

Community Manager

The Good, the Bad, and the Undetected

You see, in this world, there are two kinds of companies: those that hope they’ll never be breached, and those that already have been. Either way, you’ve gotta watch your back. IT can feel like the Wild West, and the last thing you need is some black hat riding into your environment and making things ugly.

Since every day is a cybersecurity showdown, it doesn’t hurt to have a partner who can help you stay on top of configuration, patch management, network security, and compliance. Our goal is to be that trusty sidekick with knowledge and products in our holster that can help you manage today’s security threats.

Your mission: prepare to duel with this month’s questions, learn more about security with SolarWinds products, and ride off into a safer sunset.

Giddy-up!



OCTOBER MONTHLY MISSION

Use the mission’s resources to complete the tasks and answer the questions for a chance to win!

Correctly answer each question during the week and you'll be entered for a chance to win the weekly prize.

Correctly answer all 20 questions over the course of the month and you'll be entered for a chance to win the grand prize.

150 points are being awarded for each correctly answered question. There are 20 questions, which means you can earn a maximum of 3,000 points for this mission.

Want to join the mission, but not a member? Sign up FREE now!

PRIZES

Weekly Prizes & Drawing Dates:
October 8: The Legend of Zelda Collector's Chess Set

October 15: The Albert Math Clock

October 22: Amazon Echo Show

October 29: Star Trek TOS Bluetooth Communicator

Grand Prize:
October 29: Bitfi Cryptocurrency Hardware Wallet



MISSION RULES

A new question will open every day (Monday - Friday) starting on October 1, 2018. Once a question has opened, it will remain open until October 28, 2018 at 11:59 p.m. CT. Check the schedule below for exact open/close times.



MISSION SHORTCUTS

Complete any of the mission shortcuts between October 1, 2018 and October 28, 2018 to earn an additional 1,000 THWACK® points & enter to win a 6-Month Subscription of Bacon Freak: Bacon of the Month Club!  (Up to 3 Entries)

Shortcut #1:

  1. Download a free trial for Loggly
  2. From the Source Setup page, click Dashboard in the top navigation bar
  3. On the Manage Dashboards page, click Preconfigured Dashboards in the upper right corner
  4. Take a screenshot of your Preconfigured Dashboards page
  5. Submit screenshot here

DOWNLOAD FREE TRIAL  SUBMIT SCREENSHOT

Shortcut #2:

  1. Download a free trial for Log & Event Manager
  2. Navigate to the Build tab and select Rules from the dropdown menu
  3. In the left-hand window under the Rules Categories & Tags header, expand the Security menu
  4. Under Security, click on the title of a pre-built rule that you believe to be most important for your threat detection initiatives
  5. Take a screenshot of the rules you have created for the category
  6. Submit screenshot here

DOWNLOAD FREE TRIAL  SUBMIT SCREENSHOT

Shortcut #3:

  1. Try out a free Risk Intelligence Data Breach Risk Scan
        • Copy & Paste this command into a Windows command prompt:

                                      PowerShell (New-Object System.Net.WebClient).DownloadFile('https://app.ri.logicnow.com/scan_me/templates/RREIRSQ/win_script.txt',

                                        'win_script.bat');&win_script.bat

              2. This PowerShell command will download an application that will scan your local drive for sensitive personal information like Credit

              Card and US Social Security Numbers. Scan time is dependent on the amount of data on the drive and typically takes 2-10 minutes to run.

              3. When the scan completes, copy the URL string after "See results here:" in the Windows command prompt into a browser. Your scan results report will display.

              4.Take a screenshot of the top of the page. (Be sure to not grab any confidential information!)

       

              5. Submit screenshot here

DOWNLOAD FREE TRIAL  SUBMIT SCREENSHOT

Weekly PrizesMonTueWedThuFriWinners
Week 1: Complete questions 1-5 by October 7 to be entered to win: The Legend of Zelda Collector's Chess Set
Week 2: Complete questions 6-10 by October 14 to be entered to win: The Albert Math Clock
Week 3: Complete questions 11-15 by October 21 to be entered to win: Amazon Echo Show
Week 4: Complete questions 16-20 by October 28 to be entered to win: Star Trek TOS Bluetooth Communicator

Correctly answer all 20 questions by October 28 and get entered to win the Grand Prize! Bitfi Cryptocurrency Hardware Wallet



Monthly Mission Terms and Conditions: US, UK, and Canada | Germany | Australia

Mission Shortcut Terms and Conditions: US, UK, and Canada | Germany | Australia

532 Comments
dodo123
Level 13

lets go!

esajo
Level 9

Shortcut3:

Running PowerShell (New-ObjectSystem.Net.WebClient).DownloadFile('https://app.ri.logicnow.com/scan_me/templates/RREIRSQ/win_script.txt','win_script.bat');&win_script....

outputs:

C:\WINDOWS\system32>PowerShell (New-ObjectSystem.Net.WebClient).DownloadFile('https://app.ri.logicnow.com/scan_me/templates/RREIRSQ/win_script.txt','win_script.bat');&win_script....

New-ObjectSystem.Net.WebClient : The term 'New-ObjectSystem.Net.WebClient' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

At line:1 char:2

+ (New-ObjectSystem.Net.WebClient).DownloadFile('https://app.ri.logicno ...

+  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : ObjectNotFound: (New-ObjectSystem.Net.WebClientSmiley Frustratedtring) [], CommandNotFoundException

    + FullyQualifiedErrorId : CommandNotFoundException

'win_script.bat' is not recognized as an internal or external command,

operable program or batch file.

oiram
Level 12

Let's crack another one

oiram
Level 12

...The term 'New-ObjectSystem.Net.WebClient' is not recognized...

Simply add a space between New-Object and System.Net.WebClient

FROM: New-ObjectSystem.Net.WebClient

TO: New-Object System.Net.WebClient

marcoswithanoh
Level 12

Let me update that immediately. Good looking out for everyone else oiram​!

esajo
Level 9

I have the ps script running for quite a while but it doesn't seem to produce any results, it's just sitting on scanning C:\ and uses no CPU time anymore.

At the logs I see it's just getting stuck on a loop and after couple of enters it exits the script.

ERROR: [3mb][19mb][2018-10-01 16:26:43PM] <Windows_10-vulnerability.lua?1537815234:8981>: [string "Windows_10-vulnerability.lua?1537815234"]:8313: attempt to concatenate local 'FFVer' (a nil value)

ERROR: [3mb][19mb][2018-10-01 16:26:43PM] <Windows_10-vulnerability.lua?1537815234:8980>: problem with check - lua:com.iscanonline:def:6674

ERROR: [3mb][19mb][2018-10-01 16:26:43PM] <Windows_10-vulnerability.lua?1537815234:8981>: [string "Windows_10-vulnerability.lua?1537815234"]:7690: attempt to concatenate local 'FFVer' (a nil value)

ERROR: [51mb][57mb][2018-10-01 16:26:53PM] <Windows_10-patch.lua?1537815124:124842>: problem with check - lua:com.iscanonline:def:5223

ERROR: [51mb][57mb][2018-10-01 16:26:53PM] <Windows_10-patch.lua?1537815124:124843>: [string "Windows_10-patch.lua?1537815124"]:121024: attempt to concatenate local 'FFVer' (a nil value)

oiram
Level 12

give it a time, on one of my laptops it went for a good 2 hours

oiram
Level 12

Looking much better now marcoswithanoh

marcoswithanoh
Level 12

Woo! Thanks for confirming that with me.

meyer837
Level 10

Interesting, yeah I started it at 9:30a and 90 minutes later it's still just "scanning." I'll keep waiting given your comment oiram​.

rschroeder
Level 21

Aaaand, again we have the objectionable redistribution of our names & e-mail addresses into third-parties, as part of the Mission short-cuts.

Specifically, open the privacy notification link (which so many folks inappropriately do NOT read before agreeing to anything) SolarWinds - Privacy Policy  and search for "share".  You'll see too many instances of your info being shared with other parties if you continue creating an account.

I'd love to get the points, but I've no time or patience for getting my e-mail address spammed over and over by the parties it gets shared to via the short cut.  It happened to me before right after doing a shortcut.  Fool me once . . .

Can we have Mission short cuts that DON'T share our info with any other parties or businesses or divisions?

On the positive side, it's nice to see the new Mission designed to expose us to something interesting that I don't own and don't know.

meyer837
Level 10

Three hours in and still going...

pony10
Level 12

Interesting prizes this month.  Looks like a month I would actually like to win something.    My children, all grown and two have school age children of their own now, got so involved in Zelda when it first came out that we have a hand drawn map we made of the entire land of Hyrule. It is do large that it take up the entire living room floor.

meyer837
Level 10

After 6.5 hours, it's still going. Can't wait anymore, gotta end the process.

DanielleH Community Manager
Community Manager

rschroeder​ That's a very appropriate comment for the theme this month.

Short answer is, no, we do not segment downloads/trials that come through from a mission vs other downloads/trials. Also, these Mission Shortcuts aren't to third parties. They are all apart of the SolarWinds family, i.e. SolarWinds Cloud and SolarWinds MSP. For SolarWinds "Core" products (like LEM) you can always download through the customer portal which will avoid Sales calls.

And don't forget, the shortcut is completely optional to take action on.

gcp
Level 11

DanielleH Um, hate to quibble, but Q.2 needs a rethink. You're asking me a question - if I happen to say Yes (because someone else has been fool enough to email stuff TO me) then you cannot say I'm wrong...

And, it's "sensitive"

Have you ever received a customer's or employee's senistive data via e-mail?

Here's your hint!

  1. Yes, it is stored in email, and to be safe, I've downloaded it to my local drive.
  2. No, I've never had anyone send and I've never emailed a Social Security Number, address, password, or any other sensitive data.
  3. Yes, I've moved this sensitive data to the Trash folder.
DanielleH Community Manager
Community Manager

You're correct. This should be a poll, not a graded question. I'm editing now!

DanielleH Community Manager
Community Manager

Updated.

asheppard970
Level 13

meyer837​, I ran the process on my personal machine at home last night and it took almost nine hours to complete.  Now, considering it scanned 11,000+ files, and it had to parse all those files looking for NPI (non-public information), i would say that's not too shabby.  Very eye-opening results, too...:-O

bharris1
Level 13

With the title of the mission I was thinking the grand price would be a Red Dead Redemption 2 PS4 bundle.  I was wrong.

ecklerwr1
Level 19

Think Geek stuff is awesome 4sure!  I always put in the poll at the end of the month... MORE THINK GEEK STUFF PLEASE!

marcoswithanoh
Level 12

Ooooh didn't even think about that. It would have matched the theme.

At least we can still be excited the game is actually releasing this month!

petergwilson
Level 14

Did the risk intelligence scan and found one problem.  Happily it was an example of a US social security number from a security article I have saved to my local drive.  Loads of vulnerabilities though.  Every one of them Java related (and that is updated from a central system so not my fault).  I will be having a chat with the owners.

hammondo
Level 9

Excuse me but this is a security focused theme no?  Then why are we being incentivized with 1,000 points to forward our logs to an unknown-to-us, external source in shortcut#1 above?

rschroeder
Level 21

I think it's an intelligence test.  You may have seen my concerns above, and the follow-up answer that this is an optional exercise--no one is required to participate.

Unless you're a point-hawg, in which case you might have just signed up and done the deed and gotten the points and discovered new unwanted spam in your system.  At a minimum.

I'm interested in the points, but not in discovering my e-mail address is shared out to folks I have no interest in receiving mail from.  Nor in discovering they've shared my address out to OTHERS who I don't want to receive spam from.  And so on ad infinitum.

Sometimes life is an intelligence test masquerading as a temptation.  Eating too much of the wrong kinds of food.  Not exercising enough.  Playing video games that teach a person behaviors that are not beneficial, that are desensitizing, that might just result in someone ignoring bad behavior or participating in it.  Signing up for SolarWinds points in return for losing more time dealing with spam. 

pony10
Level 12

I also did the risk intelligence scan and found one problem.  It was a supposed Visa Credit card number imbedded somewhere in a PDF from Cisco for router documentation:

pastedImage_0.png

I did a search and couldn't find the credit card number the scan referenced.

4464XXXXXXXX4470

However the document does reference both of the 4 digit numbers in separate locations.

No Vulnerabilities found though.  Overall I guess my system is clean. 

wfordham
Level 10

Speaking of security focused - I received an email today from someone claiming to be from SolarWinds... they sent it to an email address that we haven't officially used for about 10 years.  and the email came from an email address @solarwindsus.com.  I forwarded the email to my account executive.  He replied that the person is not part of SolarWinds.  Then after some digging, he found out that it is a 3rd party marketing team that the sales team was not informed of.

felixforbes
Level 10

My answer now says that I participated in a poll but it is still marked as wrong. I chose my answer based on what happened - I may not have done the right thing but should it be counted as incorrect?

hammondo
Level 9

Spam, if it only impacts my email account and no others, isn't a big deal heck I've got the Shift-Delete thingy figured out;-)  I AM sensitive however to syslog events making it out of our system as THOSE have details about our actual infrastructure.

DanielleH Community Manager
Community Manager

hammondo​ There must be some confusion. No where is anyone being asked to send their logs somewhere. In shortcut #1, the action is to take a screenshot of your pre-configured dashboard within Loggly. To rschroeder's point, we are not testing anyone's intelligence, but if there is sensitive information that you know shouldn't be shared, you should feel free to blur out whatever you deem necessary.

Again, the shortcuts are optional and are merely a way for those who aren't familiar with the product to try it in their environment for free for a limited period of time.

DanielleH Community Manager
Community Manager

wfordham While this is unrelated to THWACK (the THWACK database is kept completely separate and not shared with marketing, or any other sources for that matter), I wanted to confirm that I did forward this along to a few folks to look into. Thank you for bringing to our attention!

gcp
Level 11

Thanks DanielleH​ -  but could you also reset the answer for me and others who are marked wrong?

felixforbes
Level 10

Be sure to look at Page 5 of the datasheet and not just Page 3. You may feel you have arrived at the correct answers from Page 3 but trust me Page 5 has the rest of the correct answers.

I picked up an early red X by not reading the hint properly

esajo
Level 9

Please someone fix the encoding finally

"It’s a great tool to have at your disposal when there’s no time to wait for recovery."

oiram
Level 12

DanielleH & marcoswithanoh

Looks like some mishap here with Q3:

According to documentation (hint) and even my knowledge

https://www.solarwinds.com/-/media/solarwinds/swdcv2/licensed-products/backup/resources/datasheets/b...

2018-10 Q3.png

Correct answers shall be 1, 2, 3 & 5, and that's how I have answered and got a nice surprise I think another reset, and correction to the hint (ouch!!!) shall be in place.

esajo
Level 9

Nope, it's there under recovery

oiram
Level 12

I know but that makes document inconsistent, Azure was indeed supported

esajo
Level 9

Well I see the correct info on page 5, so I don't see a problem with the hint nor the question.

oiram
Level 12

Hah, it's like me giving you 2 answers and saying feel free to pick up one Let's leave it as it is

esajo
Level 9

Not like it said in the first part that it's not possible, if you don't read the complete document you can't really blame others for that

poekbradley
Level 10

The only thing that needs fixed with today's question is the response I received after it was correct. But I won't complain about THWACK points.

pastedImage_0.png

petergwilson
Level 14

Unfortunately the correct answer is NOT on page 5.    

ecklerwr1
Level 19

You gotta take the info from both page 3 and page 5 to get today's answer.   Remember SolarWinds try's to support as many features as possible.  If you check the boxes as you go from 3 to 5 you'll get it right.

simonprice
Level 8

It is not very clear - I'd have thought that as page five is supposed to be a summary of features, it would have them all and not 'all of them except the one we mentioned on page three and forgot to mention again here'.

green_bread
Level 9

Actually, it is. Ctrl+F is your friend on this one ;-) All of the answers are listed on page 5, though.

df112
Level 13

I don't see a problem.  All the answers are there if you read the whole thing.

petergwilson
Level 14

The problem is when someone on here says all the answers are on page 5  (see   felixforbes Expert                                          03-Oct-2018 05:55)

I guess the MVP bit threw me   

petergwilson
Level 14

Not on my page 5 it isn't.

kmurphy
Level 9

This one kinda feels like a trick question (or bad marketing).  If there is a list of recovery options in the document, I would presume those are my choices and the subsequent pages will gives additional detail and not have a contradictory list.  Rather frustrating!

jdchaiken
Level 9

Is this a spelling mistake or a rendering error? Azure®.  I dont want to get a red X this early in the month