Server #Take action: Disable Secure Time Seeding (STS) in Windows Server 2016 and later

Microsoft recommends disabling the Secure Time Seeding (STS) in Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025 due to reported timekeeping issues. Additionally, organizations should review and ensure proper time synchronization and monitoring on critical servers.   

 
When will this happen:
Microsoft recommends applying this disablement as soon as possible. This recommendation applies to all existing deployments of Windows Server 2016 and later (including domain controllers and member servers).


more details could be found here:

Posted by
Labels: , , ,

Tips #The Module DLL C:\WINDOWS\system32\inetsrv\rewrite.dll failed to load

 Upgrading Windows server 2012 to 2016 you might face this error.



Uninstalling "IIS Url Rewrite Module 2.0" from Programs and Features and reinstall from Microsoft website iis.net/downloads/microsoft/url-rewrite + IISReset fixed the issue


[original article https://superuser.com/questions/948411/the-module-dll-c-windows-system32-inetsrv-rewrite-dll-failed-to-load


https://stackoverflow.com/questions/18714709/windows-8-1-windows-10-breaks-my-asp-net-iis-service-unavailable]



Posted by
Labels: , ,

Sophos #How to uninstall & install software client/server

Here they are some useful articles that indicate on how to safely uninstall Sophos Antivirus,

Sophos Central Endpoint and Server: Uninstall Sophos using the command line or a batch file

https://support.sophos.com/support/s/article/KBA-000003469?language=en_US

Remove Sophos Central without tamper protection password

https://community.sophos.com/community-chat/f/discussions/134537/remove-sophos-central-without-tamper-protection-password

SophosZap: Frequently asked questions (to be used only as last chance)

https://support.sophos.com/support/s/article/KBA-000006929?language=en_US

Sophos Central Endpoint: Automate the software deployment to Windows devices

https://support.sophos.com/support/s/article/KBA-000003140?language=en_US

Sophos Central Endpoint: Installer command line options for Mac and Windows

https://support.sophos.com/support/s/article/KBA-000004840?language=en_US

Posted by
Labels:

Sophos #XDR feature, adaptive attack protection

About sophos Intercept X Advanced with XDR and other Sophos features I take note, on blog, about some related articles:

Sophos Intercept X Advanced with XDR: Help with Forensic Snapshots

https://support.sophos.com/support/s/article/KBA-000006333?language=en_US+

Sophos XDR-enabled devices continually capture data related to processes, files, networks, and other system activities. When threat detection occurs, a snapshot file of current activity is created on the device's disk. This snapshot helps generate the Threat Case in Sophos Central, which attempts to piece together the threat chain of an attack and identify related activities.

Data Lake uploads

https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/ThreatAnalysisCenter/LiveDiscover/DataLakeUploads/index.html

Sophos XDR: Getting Started with XDR and Data Lake Hydration

https://techvids.sophos.com/watch/JWndawT866eCh9gVXTNE2K

Sophos Intercept X: Adaptive attack protection

https://support.sophos.com/support/s/article/KBA-000008632?language=en_US

This protection feature is part of the malicious behavior protection capability in the Sophos endpoint. It consists of a series of technique-focused behavioral rules intended to disrupt the actions of a threat actor.

Admin Isolated Devices

https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/GlobalSettings/IsolatedComputers/index.html


[UPDATE 2025.06.05]

Sophos Endpoint: Adaptive Attack Protection Gets Even Better

https://news.sophos.com/en-us/2024/04/29/sophos-endpoint-adaptive-attack-protection-gets-even-better/

Posted by
Labels: ,

Network #Some switch commands

On Cisco switches you can review single port configuration

show running-config interface Gi4/0/13

In case you would like to reset single port configuration:

Config t

default interface GigabitEthernet 4/0/13



Posted by
Labels: ,

Network #PKI-4-TRUSTPOOL_EXPIRATION_WARNING

We faced, on several Cisco switches, this warning:

Mar  8 11:11:52.680: %PKI-4-TRUSTPOOL_EXPIRATION_WARNING: The Trustpool will expire in 20 days

Mar  8 11:11:52.680: %PKI-4-TRUSTPOOL_AUTO_UPDATE_DISABLED: Auto-trustpool update is disabled.

In Cisco IOS XE version 17.12.04, the auto-update feature for the PKI trustpool is enabled by default. This means the device will automatically download and update the trustpool bundle from Cisco's servers when necessary.

How Auto-Update Works

When the PKI trustpool is due for an update—due to reasons like certificate expiration, reissuance, or the addition of new trusted certificates—the system will:Cisco

  1. Attempt to download the updated trustpool bundle from the configured URL.
  2. If the download is successful, the trustpool is updated.
  3. If the download fails, the system will retry at increasing intervals: 20 days, 15 days, 10 days, 5 days, 4 days, 3 days, 2 days, 1 day, and then hourly until successful.Cisco

This process ensures that the device maintains an up-to-date set of trusted root certificates, which is crucial for secure operations like HTTPS, VPNs, and Smart Licensing.

unfortunately, in our case, this configuration command was missing

crypto pki trustpool policy

 cabundle url http://www.cisco.com/security/pki/trs/ios.p7b

 revocation-check none

to manual import certificate you must launch, through config t, this command:

crypto pki trustpool import url http://www.cisco.com/security/pki/trs/ios.p7b

to avoid problems we launched this 

to view certificate status this is command

show crypto pki trustpool policy

[other articles]

https://community.cisco.com/t5/switching/trustpool-expiration-on-3750-x/m-p/2423362#M286822


PKI Trustpool Management

Posted by
Labels: ,

Iphone #How to trasfer HEIC and HEVC photo to PC (in JPEG format)

With the release of iOS 11 and macOS High Sierra in 2017, Apple made the shift to HEIC and HEVC photo and video formats. These file formats can compress photos by up to 50% without losing any image quality.

The major problem is that HEIC and HEVC format is not widely supported (mainly on PC or other devices).

To transfer photo to other devices in .jpeg format here it is procedure that you should apply to your iphone

  1. Go to Settings > Photos.
  2. Scroll down to the Transfer to Mac or PC section.
  3. Tap Automatic.


more details are here indicated

Posted by
Labels: , ,

VMWare #how to disable cluster e/o ESX monitor

In case you have to, temporarily disable ESX farm cluster/monitoring you can follow this article instructions:

https://knowledge.broadcom.com/external/article/343224/disabling-and-enabling-vmware-high-avail.html

Posted by
Labels:

Security - PAN-OS Firewall DoS Vulnerability - Let attacker Reboot Firewall Repeateldly

 (CVE-2025-0128) is affecting multiple versions of their PAN-OS firewall software. 

affected systems:

PAN-OS 11.2 (< 11.2.3)

PAN-OS 11.1 (< 11.1.5)

PAN-OS 11.0 (< 11.0.6)

PAN-OS 10.2 (< 10.2.11)

PAN-OS 10.1 (< 10.1.14-h11)

Mitigation strategies

For PAN-OS 11.2: Upgrade to 11.2.3 or later

For PAN-OS 11.1: Upgrade to 11.1.5 or later

For PAN-OS 11.0: Upgrade to 11.0.6 or later

For PAN-OS 10.2: Upgrade to 10.2.11 or later

For PAN-OS 10.1: Upgrade to 10.1.14-h11 or later

For organizations unable to update immediately, a temporary CLI-based workaround exists. Administrators can run the following command:

> debug sslmgr set disable-scep-auth-cookie yes

All details are here indicated:

https://cybersecuritynews.com/pan-os-firewall-dos-vulnerability/

Posted by
Labels: ,

Citrix #how to push Citrix Workspace app for windows through GPO

Citrix Workspace app has possibility to be pushed through GPO, using proper scripts and ADMX/ADML templates for Group Policy Editor

All details can be found at below link:

https://www.citrix.com/downloads/workspace-app/legacy-workspace-app-for-windows-ltsr/workspace-app-for-windows-2402-LTSR-cu2.html

Consider that PDQ product is not able to push software after reboot/shutdown so, this solution, permit to override this software limit

https://documentation.pdq.com/pdqdeploy/13.0.3.0/index.html?logoff-step.htm

https://www.alessandromazzanti.com/search?q=pdq

Be aware that latter VDI Teams version have to utilize this Citrix WorkSpace setting enabled

So in cmd you need to add this value MTOPBootStrapperInstaller (to properly deploy teams plugin)

set CommandLineOptions=/Silent ALLOWADDSTORE=N /includeSSON /AutoUpdateCheck=Disabled EnableCEIP=false ADDLOCAL=ReceiverInside,ICA_Client,SSON,AM,SELFSERVICE,USB,DesktopViewer,Flash,Vd3d,Webhelper,BrowserEngine,WorkspaceHub,MTOPBootStrapperInstaller

start /wait %DeployDirectory%\CitrixWorkspaceFullInstaller.exe DONOTSTARTCC=1 %CommandLineOptions%
Posted by
Labels: , ,

Security #Global protect Portal hacker on going scanning activity

Researchers have detected a scanning activity targeting Palo Alto Networks’ GlobalProtect VPN portals

During last 30 about 24,000 unique IP addresses have attempted to access these critical security gateways

Here you can find complete article:

https://cybersecuritynews.com/hackers-scanning-palo-alto-networks-portals/




Posted by
Labels: , ,

Scripting - Get-ADUser - How to retrieve User last logon date

There is an easy and quick way to get .TXT file with all AD Usernames and relatives last logon dates.

  1. You must execute Powershell module with Administrative rights.
  2. Import-Module activedirectory
  3. Get-Help Get-ADComputer
  4. Get-ADUser -filter * -Properties * | Select-Object SamAccountName, Company, @{Name="Manager";Expression={(Get-ADUser $_.Manager).sAMAccountName}}, enabled, LastLogonDate , AccountExpirationDate, displayname, GivenName, surname, custJDEEmployeeID | Export-csv C:\temp\ADUsers.csv

here it is an alternative article related to AD computers

Posted by
Labels: , ,

SCRIPTING - HOW TO CHECK SERVER UPTIME WITH SINGLE COMMAND #part 2

In previous article I mentioned a way to check remote client/server uptime.

https://www.alessandromazzanti.com/2022/03/scripting-how-to-check-server-uptime.html

An alternative way is to execute these powershell commands:

$serverName = "NomeDelServer"

$uptime = (Get-WmiObject -Class Win32_OperatingSystem -ComputerName $serverName).ConvertToDateTime((Get-WmiObject -Class Win32_OperatingSystem -ComputerName $serverName).LastBootUpTime)

$uptime

Posted by
Labels:

Monitor #PRTG how to migrate server

I already published several blog articles related to PRTG product.

https://www.alessandromazzanti.com/search?q=prtg

During these days we managed PRTG server migration.

This is step by step article that we followed succesfully.

https://kb.paessler.com/en/topic/88205-how-can-i-move-or-migrate-a-prtg-installation-to-a-different-system-or-server




Posted by
Labels:

Security #30-day notice: Manage PAC Validation related to CVE-2024-26248 & CVE-2024-29056

The Windows security updates released on or after April 9, 2024 address elevation of privilege vulnerabilities with the Kerberos PAC Validation Protocol.


https://support.microsoft.com/en-us/topic/how-to-manage-pac-validation-changes-related-to-cve-2024-26248-and-cve-2024-29056-6e661d4f-799a-4217-b948-be0a1943fef1

Take Action

IMPORTANT Step 1 to install the update released on or after April 9, 2024 will NOT fully address the security issues in CVE-2024-26248 and CVE-2024-29056 by default. To fully mitigate the security issue for all devices, you must move to Enforced mode (described in Step 3) once your environment is fully updated.

To help protect your environment and prevent outages, we recommend the following steps:

  1. UPDATE: Windows domain controllers and Windows clients must be updated with a Windows security update released on or after April 9, 2024.

  2. MONITOR: Audit events will be visible in Compatibility mode to identify devices not updated.

  3. ENABLE: After Enforcement mode is fully enabled in your environment, the vulnerabilities described in CVE-2024-26248 and CVE-2024-29056 will be mitigated.
    (Install the April 2025 Windows update on all Windows domain controllers and Windows clients, once it becomes available later this year. Enforcement mode will be fully enabled in your environment. This will properly mitigate the vulnerabilities described in CVE-2024-26248 and CVE-2024-29056.)

Here it is another important article:

[update 2025.04.10]

Today I would like to highlight that if you installed January 2025 patch Enforced mode will be enabled by default.
The default Enforced mode settings can be overrided by an Administrator to revert to Compatibility mode changing propter registry key on all Domain Controllers (till, April 2025)



Posted by
Labels: , ,

Teams #VDI version 24295.x.x.x or older deadline May 6th, 2025

Summary

Keep Microsoft Teams desktop clients (version 24295.x.x.x or older) updated to avoid warning banners starting March 2025 and blocking pages from May 6th, 2025. Ensure automatic updates or frequent updates to the golden image to stay current. Check the Teams Admin Center for client usage reports.

Here it is original article

https://admin.microsoft.com/AdminPortal/home?ref=MessageCenter/:/messages/MC1038442

Posted by
Labels:

Mobile - F-Gas Tool

English Version:

Today I would like to share an interesting and precious app related F-Gas tool 

F-Gas Tool is an innovative tool for calculating tons of CO2 equivalent with over 150 types of refrigerant gases available.

In addition, you also have the Gas Manager section that transforms your smartphone into a refrigerant gas management tool.

Access data entered from multiple devices, Android and iOS.

Data management through the Cloud ensures that new entries are updated on all connected devices, in an instant.

The app also supports data entry in offline mode, and will automatically update data with the Cloud as soon as there is an available connection, and after starting the app.

Android 

Iphone/Ipad (Open the Mac App Store to buy and download apps.)

<=================>

Italian Version:

Oggi vorrei mettere in evidenza, nel blog, quest'utilissima app di chi e' mestiere

F-Gas Tool e uno strumento di calcolo innovativo delle tonnellate di CO2 equivalente con oltre 150 tipi di gas refrigeranti a disposizione.

In piรน hai a disposizione anche la sezione Gas Manager che trasforma il tuo smart phone in uno strumento di gestione dei gas refrigeranti.

Accedi ai dati inseriti da dispositivi multipli, Android e iOS.

La gestione dati attraverso il Cloud fa si che i nuovi inserimenti siano aggiornati su tutti i dispositivi collegati, in un attimo.

L’app supporta anche l’inserimento dei dati in modalitร  offline, e aggiornerร  in automatico i dati con il Cloud non appena ci sarร  una connessione disponibile, e dopo aver avviato l’app.

Android 

Iphone/Ipad (Open the Mac App Store to buy and download apps.)

<=============>

Here direct link Linkedin app developer

https://www.linkedin.com/feed/update/urn:li:activity:6903951186672594944/

VIDEO DEMO F-Gas tool

F-Gas Calculator

English

https://lnkd.in/dwhMf-S

French 

https://lnkd.in/d754RSM

Polski

https://lnkd.in/ddkMP8C

Deutsch

https://lnkd.in/dubM35D

Italiano

https://lnkd.in/dqPavYK

Español

https://lnkd.in/dzrus5k

Português

https://lnkd.in/d9YGGH6

Gas Manager

Italiano

https://lnkd.in/dYFbPxR


#hvac hashtag#refrigeration hashtag#airconditioning hashtag#cooling hashtag#rac hashtag#hvacr hashtag#fgas hashtag#gwp hashtag#ios hashtag#android hashtag#fluorinatedgreenhousegases hashtag#service hashtag#gas hashtag#storage hashtag#energy


Posted by
Labels: , ,

Citrix #how to script PVS (provisioning services) using powershell

 If you have to automate some PVS Citrix actions you could have a look to this article.

It contain several useful information:

https://workspace-guru.com/2017/10/21/scripting-citrix-provisioning-services-pvs-powershell-commandline/

From my side I found useful this command line instructions to automatically publish test to prod Xenapp environment

Invoke-PvsPromoteDiskVersion -DiskLocatorName ““YourDiskName” -StoreName “YourStoreName” -SiteName “YourSiteName” -Test

Posted by
Labels: ,

Veeam #upgrade procedure.

Veeam backup & replication requires to be updated each time that a new version or patch is released.

I am taking note, on blog, a minimal checklist/workflow:

  1. Disable job backups
  2. Download latest Veeam B&R version https://my.veeam.com/my-products
  3. Verify, using 7zip (right click on file --> 7zip --> md5 )
  4. At least 40 GB. are required on Veeam VM.
  5. Turn off VM
  6. Snapshot
  7. Turn on VM
  8. Disable Antivirus
  9. Mount iso and start installation
  10. Prerequisite check will start (select any checkbox proposed)
  11. Most probably a server reboot would be necessary.
  12. Restart VM
  13. Mount iso and start upgrade process once again.
  14. Re-enable Antivirus
  15. Execute Veeam
  16. Rescan vCenter server and rescan backups repository
  17. Re-enable Veeam backups.
  18. Execute Veeam configuration backup
  19. Delete snapshot

Here they are other Veeam blog articles

Posted by
Labels: ,

Extra IT #Health and Wellness: #Lalis & Premium Skincare Products

English Version:

Today, I would like to introduce you to this incredible company that sells high-quality skincare and wellness products, used by industry professionals and end users alike. Their products are known for their superior quality and commitment to sustainability, with the added bonus of being:

They also have the characteristic of being:

  • Cruelty-Free (no animal testing)
  • Eco-sustainable
  • Recyclable
  • Biodegradable

Here are the links to their website and blog:

They also have an online store where you can explore their products:

Important: When you subscribe to their newsletter, you can enjoy a 10% discount on your first order.

For contact details, you can visit:

I highly recommend checking out their Instagram channel, which is regularly updated with excellent product presentation videos, often created by the owner herself, Loredana. Loredana is a dynamic, polite, and incredibly positive individual, which shines through in her content.

Here’s the link to their Facebook page: 

Below, you’ll find a video recorded during a radio interview (if I remember correctly), as well as some additional videos taken from their Instagram and Facebook channels.

<====================>

Italian Version:

Oggi vorrei parlarvi di quest'azienda incredibile che vende prodotti di skincare e benessere della pelle di alta qualitร , utilizzati sia da professionisti del settore che da utenti finali. Questi prodotti si distinguono per la loro qualitร  superiore e per l'impegno verso la sostenibilitร , con l'aggiunta di essere:

  • Cruelty-Free (nessun test su animali)
  • Ecosostenibili
  • Riciclabili
  • Biodegradabili

Di seguito i link al loro sito web e blog:
Hanno anche un negozio online dove potete scoprire i loro prodotti:
Importante: Se vi iscrivete alla newsletter, potrete ottenere uno sconto del 10% sul primo ordine.

Per i contatti, visitate:

Vi consiglio vivamente di dare un'occhiata al loro canale Instagram, sempre aggiornato con ottimi video di presentazione dei prodotti, spesso realizzati dalla proprietaria stessa, Loredana. Loredana รจ una ragazza dinamica, educata e incredibilmente positiva, e questo traspare chiaramente nei suoi contenuti.

Ecco il link alla loro pagina Facebook:

Di seguito troverete un video girato durante un'intervista radiofonica (se non ricordo male), insieme ad altri video estrapolati dai loro canali Instagram e Facebook.


Posted by
Labels:

VMWare #CVE-2024-38812, CVE-2024-38813

I am taking note on blog this critical BroadCom/VMWare advisory 

Advisory ID: VMSA-2024-0019.3
Severity:Critical
CVSSv3 Range:7.5-9.8
Synopsis:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813)
Issue date:2024-09-17
Updated on:2024-10-21
CVE(s)CVE-2024-38812, CVE-2024-38813

VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813)

Here you can review VMWare build numbers and versions

https://knowledge.broadcom.com/external/article/316595/build-numbers-and-versions-of-vmware-esx.html

Posted by
Labels: ,

Tips #Registro delle opposizioni

Chi di noi puo' dire di non ricevere, con una certa cadenza, delle chiamate strane di pubblicitร , oppure in cui l'interlocutore riattacca subito oppure per fare proposte piu' disparate.

 E' vero che purtroppo siamo nel paese delle "banane" ma per questo esiste da anni il registro delle opposizioni che permette, dopo essersi registrati, di dare diniego di ogni comunicazione non autorizzata.

 Di seguito copio ed incollo le info dal loro sito ed il sito web stesso:

https://registrodelleopposizioni.it/

Vi sono tre modi per iscriversi:
1) Iscrizione via web:
2) iscrizione via telefono 800 957 766 (in caso di utenze fisse) oppure 06 42986411 in caso di cellulare
3) Email: 
- compila l’apposito modulo RPO di “Iscrizione” con i dati richiesti, inserendo fino a cinque numeri di telefono.
- Salva il modulo senza modificarne il formato.
- Invia il modulo RPO compilato a iscrizione(at)registrodelleopposizioni.it

L'iscrizione puo' essere gestita tramite questo link
Per segnalare un illecito questo e' il link da utilizzare

Le sanzioni รจ disciplinata dal Codice in materia di protezione dei dati personali e dal Regolamento generale sulla protezione dei dati (RGPD), che prevede l’applicazione di sanzioni amministrative pecuniarie fino a 20 milioni di euro o per le imprese, fino al 4 % del fatturato mondiale totale annuo dell’esercizio precedente, se superiore.

<=====================>

Il Registro pubblico delle opposizioni esteso a tutti i numeri telefonici nazionali, fissi e cellulari, consente al CITTADINO di opporsi alle chiamate di telemarketing indesiderate. L’iscrizione annulla anche i consensi precedentemente rilasciati, tranne quelli che saranno autorizzati dopo l’iscrizione e quelli con i soggetti con cui si ha un contratto (per esempio i gestori delle utenze). Con il nuovo servizio l'OPERATORE deve consultare mensilmente il RPO e comunque prima di svolgere le campagne pubblicitarie tramite telefono. L'opposizione puรฒ riferirsi anche alla pubblicitร  cartacea, nel caso l'indirizzo sia presente negli elenchi telefonici pubblici.


Posted by
Labels: ,

Extra IT #Assertivita'

 L'assertivitร  si definisce cosi':

  1. Sapersi esprimere senza ansia, difendere i propri diritti, rispettando i diritti altrui.
  2. Saper evitare i condizionamenti.
  3. Saper scegliere nelle varie situazioni la reazione o l’iniziativa piรน efficace.
  4. Consapevolezza delle conseguenze del proprio comportamento.
  5. Utilizzare aggressivitร  o passivitร , quando conviene .
L’assertivitร  si ottiene con un lavoro impegnativo e personale su se stessi per superare ansie, collere e insicurezze. Le due capacitร  da sviluppare sono: 


1) SAPER ASCOLTARE      e  2) SAPERSI ESPRIMERE

1) ASCOLTO ATTIVO, INTELLIGENTE:

Capire lo stato d’animo dell’altro, senza farsi coinvolgere emotivamente
Manifestare interesse con comunicazioni verbali e non, contatto visivo, no interruzioni etc..
Fare domande chiedere da medico di famiglia (per approfondire), non da giornalista
Riassumere & Parafrasare i punti chiave dell’altro, i concetti pregnanti della sua esposizione
Esprimere intesa “rimandare” conferme (..se ho ben capito lei ha detto che...provo a riassumere..)

2)  ESPRESSIONE APERTA, DIRETTA, ARGOMENTI, non sfoghi incontrollati:

Fare richieste (diritto di chiedere e rispetto dell'eventuale rifiuto)
Prendere tempo, se necessario per evitare condizionamenti
Saper dire di no: non dire sรฌ senza convinzione, non strumentalizzare, non farsi condizionare
Usare una concisa formula di rifiuto e ripeterla piรน volte se necessario (disco rotto)
Reagire all'aggressivitร : ascoltare l'altro senza ostilitร  nรฉ sottomissione, limitare il conflitto 
Manifestare apprezzamenti positivi e incoraggiamenti,  il piรน possibile
Affrontare le critiche (vedi schema critiche vedi sotto )
Rimproverare con arte (vedi critiche costruttive vedi sotto )


CRITICA DISTRUTTIVA

ร–     Si focalizza sulla persona

ร–     Tende ad etichettare

ร–     Generalizza  (.. sempre.. mai..)

ร–     Discute sul passato

ร–     Atteggiamento punitivo

ร–     Provoca difese

CRITICA COSTRUTTIVA

ร–     Si focalizza sul problema

ร–     Non critica la persona, ma un avvenimento

ร–     รˆ specifica

ร–     Atteggiamento formativo

 รผ  Offre sostegno

 รผ  Offre proposte per il futuro

Critica costruttiva
(sequenza esemplare per criticare in modo costruttivo)

1) Io sono “cosรฌ”, provo “questo

(si apre in in prima persona)

2) perchรฉ tu hai fatto questo”, con queste conseguenze

(analisi problema)

3) cosa proponi di fare ?

(proposta per il futuro)


4) saluto empatico

(tocco leggero sulla spalla o sul braccio)


Posted by
Subscribe to: Posts (Atom)