• RDP/RDS hardening (borrowed from another topic)

    13
    0 Votes
    13 Posts
    939 Views
    scottalanmillerS

    @JaredBusch said in RDP/RDS hardening (borrowed from another topic):

    @scottalanmiller said in RDP/RDS hardening (borrowed from another topic):

    I don't consider unpatched an issue - at least not an RDP issue.

    That one had an exploit live before it was patched.

    oh okay, that's a serious issue then, for sure.

  • Weird DNS resolution issue

    15
    0 Votes
    15 Posts
    2k Views
    DashrenderD

    @scottalanmiller said in Weird DNS resolution issue:

    @Dashrender said in Weird DNS resolution issue:

    I suppose it's possible that would have resolved this specific issue as the router would have been the only device making connections to the external DNS... but then again - it could have caused all machines to go without DNS when the upstream server stopped responding...

    Not very likely. Plausible, but not likely enough to avoid it.

    sure - but then again, I've never seen this situation before either - so I would have previously called it unlikely.

  • Tactical RMM

    44
    0 Votes
    44 Posts
    9k Views
    notverypunnyN

    All good points.... I've been sitting alone with my thoughts for too long, good thing it's Friday.... Just an hour left

  • 2 disks or 1 disk with 2 partitions for new VM?

    17
    0 Votes
    17 Posts
    1k Views
    JaredBuschJ

    @scottalanmiller said in 2 disks or 1 disk with 2 partitions for new VM?:

    @JaredBusch said in 2 disks or 1 disk with 2 partitions for new VM?:

    @Dashrender said in 2 disks or 1 disk with 2 partitions for new VM?:

    because smart phones have been out since the early 2000's

    iPhone was released in 2007

    I got my smart phone in 2006 and most people I worked with had had them for years at that point.

    People had blackberry and palmOS devices, I did also.

    But the smartphone was not mass market until after the original iPhone.

  • 0 Votes
    1 Posts
    588 Views
    No one has replied
  • Steam Deck - The Linux mobile hardware and OS we have always wanted

    8
    3 Votes
    8 Posts
    892 Views
    scottalanmillerS

    @IRJ said in Steam Deck - The Linux mobile hardware and OS we have always wanted:

    My first thought was why KDE as well. In reality though, no desktop environment is a perfect fit.

    Oh for sure. My first hunch would have been to stick with the default that everyone already knows and uses or to go with Deepin because it is so modern and slick.

    Don't get me wrong, I'm a fan of KDE and like what they do. It's good to see them keeping a presence in such an important and large scale device.

    @Romo will be proud as he's a KDE user.

  • Digital Business Card Service ...

    4
    0 Votes
    4 Posts
    553 Views
    scottalanmillerS

    Much of the point of the physical card is to make a mental pathway in the human, not the phone, which builds a memory and enforces the connection. That's why we use paper, the way it interacts with the person.

    Paper cards can always have all the info you want AND a QR code to allow for the digital transfer in a more universal way. That digital card isn't going to work with a laptop very likely. I have no idea how they work, as I've never had someone attempt to use one. If my phone is dead or not on me, it's useless. If my phone doesn't have your app, it's useless (I presume.) If I don't have the right kind of phone, I'm annoyed that you made me keep trying something you've not tested. Paper is universal and works.

    Also, not me, but I know a lot of people who use paper cards as little note cards to write additional info on. Can't do that with the digital.

  • nagios / pnp4nagios replacement

    3
    0 Votes
    3 Posts
    703 Views
    scottalanmillerS

    We use Zabbix and Grafana. Not Nagios. But similar goals.

  • Damaged/Lost Iphone in default setup - HIPAA secure?

    8
    0 Votes
    8 Posts
    1k Views
    scottalanmillerS

    @Dashrender said in Damaged/Lost Iphone in default setup - HIPAA secure?:

    @scottalanmiller said in Damaged/Lost Iphone in default setup - HIPAA secure?:

    If the question is "Can Israeli quasi-government hacking agencies get your data if necessary", then no. But it was never secure at all.

    LOL - Not sure where the Israeli quasi thing came from - but thanks for the laugh.

    The world's most advanced hacking toolsets are made by arm's length government contractors in Israel. That's where that tech is currently made pretty much regardless of which governments are using it.

  • Live migration Proxmox?

    9
    0 Votes
    9 Posts
    2k Views
    JaredBuschJ

    @Pete-S said in Live migration Proxmox?:

    @JaredBusch said in Live migration Proxmox?:

    @Pete-S That is what the docs say. I have never tried.

    But also, why not have everything in the cluster? What is the need to make them "individual" hosts?

    Pools (resource pools) as they are called in xenserver/xcp-ng will put at lot of restrictions on the hosts.

    Pools are managed as one entity (through the pool master) and works best when you have shared storage.

    They are however a huge hassle when you don't have shared storage. So hosts that use local storage and are individual are best kept as separate hosts. So in this case everything started out as pools but have been migrated to individual hosts.

    Maybe it works differently in Proxmox, I've only used it in the lab on a single host.

    I manage multiple servers through the single IP of the cluster, but you can still directly access the individual nodes if you desire.

    I do not know about resource pools and such as I have not used those with Proxmox yet. Just multiple servers in a cluster, but no shared resources more than a setup for replication at one place. But that one is only for replication, so not a good example.

  • Grandstream GWN7660/GWN7664

    22
    0 Votes
    22 Posts
    2k Views
    jt1001001J

    @Dashrender I got th review unit back; and yes you can backup and restore the config from the on board controller:
    512eafd3-c287-422a-94c5-00924071b745-image.png

  • TP-link business switches?

    17
    0 Votes
    17 Posts
    796 Views
    scottalanmillerS

    @travisdh1 said in TP-link business switches?:

    @scottalanmiller said in TP-link business switches?:

    @Dashrender said in TP-link business switches?:

    @JaredBusch said in TP-link business switches?:

    @scottalanmiller said in TP-link business switches?:

    Yes, that's what I'm talking about. It's free and they host it for you. We've been using it for a few years. It's really quite nice. It's different than Unifi, which I can't explain. But it does a good job.

    I've been using UNMS since it came out. They rebranded it to UISP a couple years ago. I had no idea, or forgot, that they had a free hosted version of it.

    Yeah free hosted version as long as you have 5+ devices attached to it.

    And they aren't very serious about the limits. If you are a vendor, you'll have enough to do it for free easily.

    I almost have enough devices with just my personal stuff!

    Exactly, it's not hard. Especially when the simplest devices count. Buy a couple for your lab and voila.

  • 2 Votes
    1 Posts
    809 Views
    No one has replied
  • AP's geared toward home use?

    36
    0 Votes
    36 Posts
    3k Views
    stacksofplatesS

    @JaredBusch said in AP's geared toward home use?:

    For home use, not being setup like a business, you use the mesh router setups on the market today.

    From Ubiquiti, it is the AMPLIFI line

    From TP-LINK it is called Deco

    Home users should never have business gear setup unless they are a hobbyist or something.

    I’ve got an amplifi and my mom has a deco. Both work really well and can easily be managed from the app. This is pretty much what I recommend to people now.

  • How Many Minutes On An Unlimited Phone Line

    6
    0 Votes
    6 Posts
    883 Views
  • UBNT: Disable SSID per AP

    7
    0 Votes
    7 Posts
    430 Views
    travisdh1T

    @gjacobse said in UBNT: Disable SSID per AP:

    @travisdh1
    Version 7.1.66

    They probably changed it.

    Guess it's time for me to upgrade.

  • Experience with NDR Solutions

    34
    0 Votes
    34 Posts
    5k Views
    ObsolesceO

    @stacksofplates said in Experience with NDR Solutions:

    Why is Sally accessing this service from a non work computer at 3 am her time with a chinese IP address? Sure this request has the password but that doesn't sound valid.

    Which means you can automatically perform additional validation with MFA, or straight up deny access.

    There's a lot of options really. You can only allow access to certain systems and/or services via company devices enrolled in MDM, with up to date OS, encryption, and endpoint protection. You can verify endpoints and users with passwordless auth via Beyond Identity and in certain cases use additional MFA via Duo or whatever you want to set up.

    Sally is trying to log in to her company email. She's authenticated via passwordless auth via Beyond Identity on her work computer. Her work computer passes the health check seamlessly through BYID and allows her to access her email. Maybe she's also prompted for MFA always, or maybe only if she's logging in outside her normal geographic area on her work computer. Maybe (e.g. email) access is denied totally if from a non-company device. Options...

  • SpiceWorld 2019 Events, Plans, Meetups

    57
    2 Votes
    57 Posts
    6k Views
    scottalanmillerS

    @JaredBusch said in SpiceWorld 2019 Events, Plans, Meetups:

    @scottalanmiller said in SpiceWorld 2019 Events, Plans, Meetups:

    they hold it in the one country where I have extremely limited time allowed (without paying massive penalties)

    That is your choice to avoid taxation. Nothing else.

    My choice to avoid an enormous price for visitation. It's not my choice to tax in that way, it's my choice to live within the constrains that cannot be avoided.

  • OneDrive to Google Drive / Wasabi Sync ?

    11
    0 Votes
    11 Posts
    875 Views
    ObsolesceO

    Just to make it clear, I'm using rclone sync to do the job on a headless Ubuntu container.

    Revisiting this now two years later, as it's been that long since I last synchronized my personal OneDrive photo and video archives to Wasabi.

    Most everything is great, except when doing a few --dry-run tests on some already-synchronized source/destination remotes, I noticed a few thousand files in total among several OneDrive archives result in a potential re-sync. Not a huge deal, except it's a slow process to sync.

    The files themself didn't change. I verified from both the source and backup that the CRC is the same on a bunch of to-be re-synced files, but perhaps the modification time changed at the source due to other syncs or who knows.

    I would like to force RClone to use checksum only when synchronizing. Is that possible with an rclone sync between OneDrive and Wasabi?

  • ManageEngine: Desktop Central - MFA

    Unsolved
    5
    0 Votes
    5 Posts
    2k Views
    travisdh1T

    @gjacobse said in ManageEngine: Desktop Central - MFA:

    @scottalanmiller

    It is a gas soaked bonfire waiting for a match.

    Fixed that for you.