Occasionally a user forwards me an email that looks 'fishy'. This email usually consists of a word doc that asks the user to click 'enable editing' or some bs like that. Obviously I just blacklist the domain right?

Well in some of these cases the orgs that are sending these spurious emails are potential customers for us, like state wide, country wide, international service providers, they just have something wrong in their dns records or email sever setup. So I just don't want to BL them.
Today I went to one of these websites and clicked on Contact Us, sent an email explaining what was wrong with their setup.
In this case their spf record is missing a space between the last server address and -all, effectively making their spf record do nothing, even though mxtoolbox doesn't show invalid syntax errors or anything.
Ive done this a few times over the years.

Do any of you do similar things?

@Dashrender said in Time for me to move on from Webroot:

@scottalanmiller said in Time for me to move on from Webroot:

@Dashrender said in Time for me to move on from Webroot:

@scottalanmiller said in Time for me to move on from Webroot:

@Dashrender said in Time for me to move on from Webroot:

@scottalanmiller said in Time for me to move on from Webroot:

That's a lot of "ruling out" over a personal agenda not tied to corporate value.

What if it is a corporate value though - healthier employees.

But it's a necessary medicine for a lot of people. One of the reasons to ALLOW it is for healthier employees! Not that any drug automatically makes people healthier or unhealthier, but you are basically saying that you'd happily make innocent people unhealthy and guilty ones more healthy and/or that you want to filter out people who need medication which is just evil.

Imagine if you fired anyone who needed heart burn medication or medication for heart attacks to "eliminate the unhealthy"!!!

Well, if we limit the discussion purely to weed, I'll agree with you. But if we include cigarettes, yeah - no.

Sure, I'd STILL not be willing to limit in that way but it is SO much better to not hire cigarette smokers than weed smokers. If you were to choose one of the two, cigarettes make you a health liability, tend to take tons of breaks at work, smell bad, bother other workers, etc. But I'd still never drug test for tobacco INSTEAD of determining someone's value at work. Firing someone for dipping or whatever would be considered insane... and yet it is so much better than hiring based on someone not smoking weed.

Yep I agree with all those things.

I'm on your side Scott - I don' t think we should drug test expect for things you previously stated (doctors, heavy equipment operators). Now that said, if a company is going to "have you drive something while on the clock" it should be fine to require they truthfully answer - do you smoke weed/do drugs, if so, you can't be behind a wheel while on the clock for me, period. But sitting behind a desk - fine.

This thread is full of persoonal bias from a lifetime of brainwashing and propaganda.
Why would someone who is hungover from a night of binge drinking be allowed to operate machinery and not someone who smoked a joint the night before? Why? Because you have been trained your entire life to think drugs are bad... that is the only reason you would say this.

As for people who smoke not being hireable, well I don't know where yall live, but in Washington, many highly successful people smoke. Many successful people drink. Why should there be some sort of discrimination between types of inebriation off the clock?

@Dashrender said in Adobe Reader DC printing black bars after Anniversary update:

@gjacobse said in Adobe Reader DC printing black bars after Anniversary update:

Check for the Print Driver.

I had a printer do this years ago (Windows 2000) I aptly named it my Government driver as everything was blacked out. All the text on the Windows Printer Test pages appeared to have been Redacted.

We've tried three different printers and printing to the Windows 10 PDF Print Driver - all have the same results.

It's not all PDFs either, maybe a third of them.

Is it 1/3 if you print the same document 3 times, or does a document that gets 'redaction lines' always get them?

HP hasnt made a good printer in over a decade. Their hp 4200 series desktop printers were the last thing they made worth buying. We had a dozen of those at my last job and they just printed, all day, every day, hundreds of thousands of pages without requiring maintenance except for toner.
Current job there /was/ a hp6830 color scanner/printer. Bought less than a year ago by someone else. Hasnt worked since i started here in January. Doesnt accept off-brand toner, always says hp toner is damaged. 100 pages of prints costs 100 dollars in toner. Takes 15 minutes to start up. Just a pile of diarrhea.
I say /was/ because I shattered it in the parking lot as soon as the new Brother 9340 cdw showed up last week.

Yes, my main issue tho is Windows 10 computers not respecting install time window, and installing updates in the middle of the days instead of Friday night. Oh and the neverending checking for updates on Windows 7

Is this maybe something that has happened over time to these servers as a result of updates? Nowadays the network interfaces are using a different naming scheme, starting in systemd v197. The naming of the interfaces are usually enox ensx, others unless disabled by various methods, ethx names are last in line to be used.

https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

I used to use the windows debugging tools. Set it up once on your workstation, use the MS symbols , then !analyze -v (if I remember correctly) on the .dmp file should spit out the offender.

@DustinB3403 said in Shodan:

@Dashrender said in Shodan:

@DustinB3403 said in Shodan:

@Dashrender said in Shodan:

The issue comes down to the fact that people are naturally trusting. The lack of natural suspicioun precludes peoples motives to look for what might be wrong with the system.

I trust everyone about as far as I can throw them (before I get to know them or if they buy me beer I trust them instantly)

IT personal are generally not in the same boat as the normal population.

Yeah we drink moonshine straight, and our boat actually flies above the water, and we have magical wands we just wave over problems to make them go away.

I use a sonic screwdriver not a wand.

What does that website have to do with an evil computer out to destroy humanity? Damn companies taking good names and making them bad/meaningless.

That might be true, but there is no practical way to do what the op wants and have happy and productive employees.
He wants his users to take home a brick every night, write some things in Word locally then bring it to work and connect it to their network. Like its 1995.
Setting up a policy and scanning for violations is much easier to implement and enforce than what SW OP wants. It is that simple. Or, don't treat your employees like slaves or indentured servants.

The OP question is wrong. Their policy on laptops is wrong. Why would users be able to bypass their group policies at home on a domain joined laptop if they aren't admins? There would be no "insert whatever behavior here" that should affect users at home anymore than when at work. For example, their a/v solution would still work at work or at home. Their Windows firewall policies should work inside or outside the office.
The best solution is to make a policy of don't do "insert behavior here" on your company laptops. Then to check compliance when the device is on the corporate network and can be scanned. Then fire the people who break the policy.

edit TLDR Make a policy that bans bad behavior and enforce it.

Dang was really hoping Cat Linux existed.

Here is the top ten message generators in my XS 6.5 production environment(2 hosts) over 1 week of time
Seems like quite a bit of syslog action going on all the time in XS.

Just curious if others are seeing similar numbers

@dafyre
Let me fix that statement for you
Just goes to show you... most people who work for the FBI should be fired and imprisoned.

They can come to your door with lawyers if they actually think youre 'stealing' imaginary property. But they need permission from a court to do so. And you dont have to do anything for them, at all, ever, without this order. At least in the US that is.

well, if you dont care about this vm (it can be replaced easily since it is XO) --this could break stuff on the vm
try this:
cd /mnt/Linux
dpkg -i --force-overwrite xe-guest-utilities_7.0.0-24_all.deb
OR
dpkg -i --force-all xe-guest-utilties_7.0.0-24_all.deb
then do
apt-get install -f

Is this XenOrchestra install? If so xenserver tools should be installed already.
You can check in xencenter to see if it they are already installed. If you have no xc and just the cli for your vm,
dpkg -l | grep xe

should return some things,
one of them being xe-guest-utilities and a version number

Just started PIllars of Eternity though ive had it since Day 1. Divinity:OS 2 get Early Access tomorrow ill be getting that for sure.

Office 365 has some fairly good builtin filters. I still had to add some domains manually, and filter out using keywords.
Once we ditch o365 and went back to full in-house exchange, you can really fine tune this stuff to keep out most of it. Turn your reject on SCL to 5 or maybe lower then whitelist servers you get legit email from. Add many text pattern filters to remove the worthless contract staffing and industry list emails. Also add an attachment filter to stop lots of types of attachments from coming through. Add a SenderID reject and spf hard fails so people cant send emails purporting to be from your domain to your users.
Went from people getting dozens of spam each day(most users) to maybe 2 messages a day for a handful of people. Once you start this campaign of aggression, it helps to have a quarantine mailbox where mails can be sent if youre not sure they are spam or not. You can then release them if they are not spam, or delte them if they are.

From ubuntu 1604 through Putty