@eddiejennings said in Strange PBX CDR Entries:

I've disallowed SIP guests. We'll see if I get future CDR entries like these.

You won't.

@stacksofplates said in Remote management of VMs hosted in colocation:

@dashrender said in Remote management of VMs hosted in colocation:

@stacksofplates said in Remote management of VMs hosted in colocation:

@scottalanmiller said in Remote management of VMs hosted in colocation:

@stacksofplates said in Remote management of VMs hosted in colocation:

@scottalanmiller said in Remote management of VMs hosted in colocation:

@eddiejennings said in Remote management of VMs hosted in colocation:

Allowing an SSH connection to the managementVM from the Internet

I have not tried this approach yet, and it appears more risky than the Screen Connect approach, since SSH to that VM would be open to the Internet. Unless I'm missing some benefit to this approach, I'll not be using it.

Use a strong key, lock to your IP. Very safe. Add Fail2Ban, of course.

Or add Salt and open/close based on need so it doesn't stay open.

Fail2ban doesn't work with keys.

But it would work normally with people attacking using non-keys, would it not? Or am I missing something about what it would do?

Why would you not require keys? Not making them mandatory defeats the purpose of using them.

I think he means - if a hacker is trying to use a password on a system setup to only allow keys - the fail2ban will block those users, or won't it?

No. It's dropped before fail2ban even sees it.

Oh, makes sense. There is no "attempt" like with a password, it is "already blocked."

@hobbit666 said in Monitoring low level server hardware health:

Might depend on the Server and what they have built in.

Dell have the iDRAC that you can log onto and look at hardware logs. (Not sure if you can setup E-mail alerts been a while since i've used one)

The new ones you can since version 7 I believe.

Because I'm annoying and like things that are text based I like graphviz. However if you want some really nice looking stuff I've used cloudcraft.co. It's AWS specific but has blank shapes as well.

@eddiejennings said in Domain name opinion:

@brandon220 said in Domain name opinion:

Nobody went and bought all of the domains he listed and then sold them back to him a a higher price? Slackers 🙂

I owned them before making the post. 😛

Curses! Foiled again!

@stacksofplates I can imagine. Good luck!

@travisdh1 said in Backup Systems without on-site external storage:

@scottalanmiller said in Backup Systems without on-site external storage:

@black3dynamite said in Backup Systems without on-site external storage:

@scottalanmiller said in Backup Systems without on-site external storage:

@black3dynamite said in Backup Systems without on-site external storage:

@obsolesce said in Backup Systems without on-site external storage:

I've recently come across Restic and looks great:

Site:
https://github.com/restic/restic

Documentation:
https://restic.readthedocs.io/en/latest/

I haven't tried it yet, but it's on my list to try on my KVM server using Google's cloud as a test.

I’ve only tested it with backing up nextcloud user data and it’s been working great so far.

What are you backing up to?

I only tried an external hard drive and sftp to a Linux Server. I would like to try Backblaze.

I would like to check out Wasabi.

At first glance, https://wasabi.com/pricing/ looks like it could be a little cheaper than B2. Would definitely be cheaper if you need to download significant amounts often.

That was its selling point - a bit cheaper than even B2, but with full S3 compatibility.

@storageninja : Agreed. I have 3 clients that required at least 2M in E&O before they'd sign us.. I had to increase ours as we typically carry $1M.

@eddiejennings said in Logging Domain user authentication failures:

@travisdh1 said in Logging Domain user authentication failures:

@eddiejennings No OSSEC, Wazuh, or some other security monitoring available? All of them monitor logins by default that I've looked at. Should be easy to customize a report for whatever you need.

I haven't had to set this up in a Windows environment yet, so I'm also curious as to what you end up doing.

We do have ExtraHop; however, it's not capturing all the traffic it should (and another team is in charge of its configuration), so using auditing on the domain controllers is a bit of a stop-gap measure.

Ah. What an ..... effective use of resources.

Good luck, ExtraHop is very nice, but like every other tool, it's useless untill deployed properly.

@obsolesce said in SCCM Queries:

https://docs.microsoft.com/en-us/sccm/develop/reference/core/clients/manage/sms_r_system-server-wmi-class

And I see many of the attributes I can include in a query there. So when a query is run, this class is generated, which populates itself with the relevant data from the database, then the query selects the necessary data from this on-the-fly generated class. Does that seem right?

@scottalanmiller said in Public STUN servers:

I tend to use:

stun.stunprotocol.org

This one.

Must've been that one server. Seems like it's running fine on another one.

Made no configuration changes to the firewall tonight. Shutdown FreePBX VM, made a new one, and stuff seems to be working as it should. I'll do a few more tests tomorrow to make sure all is well.

Edit: I lied. I made a new DHCP reservation for my new FreePBX server.

Someone else mentioned this in a thread yesterday.

@black3dynamite said in Server Time Zone configuration:

@dashrender said in Server Time Zone configuration:

@black3dynamite said in Server Time Zone configuration:

What does BIOS time use local time or UTC?

Whatever you set it to?

BIOS: local time or UTC
OS: UTC

Or is only an issue if you are dual booting?

In general I don't care about the BIOS/UEFI time because I sync my devices from a time server. that just means I need to set my devices to the correct timezone, then the time will come over as desired.

@eddiejennings said in System center configuration manager and SQL server:

For those who use SCCM, do you host the database on the same server as the SCCM application, or do you have SQL server as its own VM?

I am replacing SCCM in our test environment, and will be doing the same eventually in our production environment. The current one has SQL server host locally. But since were looking to start over, I figured it would be worth weighing the pros and cons of keeping SQL Server local or having you be on the remote server.

In my last job, we ran SCCM for a while and we had everything on one VM. (Small set up with ~200 PCs). It ran OK.

I'd suggest keeping it to one host for your test environment, and separating them out for your production setup.

@scottalanmiller said in NAT and Port Forwarding:

@jaredbusch said in NAT and Port Forwarding:

@scottalanmiller said in NAT and Port Forwarding:

@jaredbusch said in NAT and Port Forwarding:

The downside to port forwarding is that it only goes to your primary IP

Yeah, that can be very limiting. Seems like that would be easy to expand on their side.

Does VyOS have this feature?

I always use VyOS directly from the config files, so not sure.

set port-forward

hit tab.

@dafyre said in Organization of sample code:

I just shutdown my GOGS server and have all my important bits over on GitLab now.

https://gitlab.com/dafyre

@travisdh1 said in Storage Setup for KVM:

@emad-r said in Storage Setup for KVM:

@eddiejennings

keep your images and ISOs in the default location of /var/lib/libvirt/images/?

Yes I do, but I create 2 new folders there, iso and vm.

Fedora will be presented a 4 TB block device ?
Why dont you separe that a little, and have more fun. Block device I assume DAS, if no why dont you make the storage reliable and robust, and make it its own server, like another fedora or centos install, with RAID 10 and the simplest option to share is NFS, and this way you can have many KVMs and the migration feature will actually work, and you can do RAID on just /var, and you scan scale easily with KVM nodes + KVM nodes can be state file, think salt stack, and you can treat them as pure compute nodes.

Because @EddieJennings is talking about his home lab, which will consist of a single 1U server. That hadn't been mentioned in this thread.

Bah! Folks should be able to read my mind ;). There were some good ideas in this thread though.

What I decided on was giving enough space to / live comfortably, and gave everything else to /var.

@eddiejennings said in Determining resources for hypervisor:

@black3dynamite said in Determining resources for hypervisor:

Instead of using Fedora as a firewall VM, how about using VyOS?
https://wiki.vyos.net/wiki/User_Guide

I was thinking of that as well, since the OS for the ERLs.

EdgeOS and VyOS are cousins, both descended from Vyatta.