* Posts by Rockets

77 posts • joined 9 May 2017


Notepad++ website sent to China's naughty step after 'Stand with Hong Kong' software update


Not Just A Developers Tool

I'm a networking guy and I've used Notepad++ for years mainly because it's such a better text editor than anything included in Windows and with some plugins like compare & custom language files for things like Cisco IOS. It's a great tool and one of the first things I load on a fresh install of Windows.

Twitter Qracks down on QAnon and its Qooky Qonspiracies


Re: bizarre conspiracy theory?

Especially when there's numerous photo's of Trump with Epstein & Maxwell.

Netgear was told in January its routers can be hacked and hijacked. This week, first patches released – after exploits, details made public


Just Another Reason Not to buy Netgear

I've avoided Netgear products for a long time now. The only thing I'd buy from them is a 5 or 8 port unmanaged switch as they seem to be able to make them reasonably well for low cost but there's plenty of other players in that space now too. I had a nasty bug in Netgear ProSmart switches that would let broadcast traffic traverse VLAN boundaries such as DHCP requests, played havoc on a LAN until I found it. Netgears approach to security has always been very ordinary.

Logitech G915 TKL: Numpad-free mechanical keyboard clicks all the right boxes


I've got a HyperX Alloy FPS with Cherry Blue's and the damn thing is solid as a tank and as loud as one too. Can't remember how much I paid for it but it wasn't expensive. Also has a number pad. Why would any one want a TKL keyboard? I use those keys heaps, it's one of the worst things about using a laptop is not having those keys available.

It could be 'five to ten years' before the world finally drags itself away from IPv4


Re: Simple solution?

The technology is mature, tested and in use

From my experience just implementing IPv6 on my home LAN when my ISP started their beta test for it, when they finally got it up and running on their network, that's not quite the case. I'm connected to Australia's NBN network. My ISP hit their first bug on their Cisco ASR BNG's with the IPv6 DHCP having it's CoS hardcoded & not customisable like it was with IPv4 so the NBN network would just drop the DHCP v6 requests as they required the CoS to be set to a particular value. Cisco supplied a hot fix in a few months. The second bug they hit was the DHCPv6 service crashing due to memory exhaustion and only a reboot of the BNG every 15 odd days would resolve it. They received another hot fix from Cisco but when this hot fix was installed it broke PPPoE, so it had to be rolled back. A third hot fix was required before the beta was able to restart proper. During this testing my ISP was also testing the modem that they'd being supplying their customers who didn't BYO, which they fully support to their best effort. They then found the IPv6 implementation on the modem was buggy again and the vendor supplied them with 2 versions before the bugs were ironed out. Next problem, to install the new version of the software it will reset the modem back to factory defaults. That's quite a problem.

In the ISP's IPv6 end user support forum there's many bugs or incomplete IPv6 implementations on various modem & firewall's that end users have hit before they even deploy to their LAN. eg the ISP is using DHCP v6 PD, Palo Alto's don't support it for their WAN interfaces. My ISP supplies a /56 for me to use which I was grateful for because I run a number of VLAN's behind my firewall. My firewall doesn't seem to do prefix delegation 100% of the time if I use 0 for a prefix on a client interface, start at 1 and it works 100% of the time. I wasn't the only one to find this.

When I deployed IPv6 to my LAN, I was using a older L3 Cisco switch behind the firewall for a number of VLAN's & it doesn't support SLAAC RDNSS so I needed to run DHCPv6 on that but Android for a stupid philosophical reason doesn't support DHCPv6. In the end I run a network segment off a subinterface on my firewall to support Android devices specifically as the firewall supports SLAAC RDNSS. Another thing I found was that my firewall's DHCP v6 client isn't as robust as the IPv4 one. So if my ISP goes offline due to maintenance or an outage IPv6 doesn't always come back & I have to manually intervene. The DHCP server & DNS resolver on my firewall support adding DHCP IPv4 static leases to the DNS resolver so I can just type the name on a client and DNS works but it doesn't support that for IPv6 static address. The clients themselves on my LAN that support IPv6 apart from the Android ones seem to have no issues however. So despite IPv6 being mature the various software implementations are far from it if they are even feature complete.

HMD Global pokes head out of quarantine to show off 3 new Nokia mobiles


SD Card & Headphone Jack?

Huh the 8.3 & 5.3 ship with Android One, SD Card expansion slot and 3.5mm headphone jack. If I was in need of a new phone these would be top of my short list.

Open-source, cross-platform and people seem to like it: PowerShell 7 has landed


I haven't had to use Powershell for a while now but I found scripting with Powershell was mostly fine but when using it to interact with systems live for troubleshooting or configuring some advanced option it felt like I was typing an essay to get meaningful data out of it. Plus the tab to autocomplete only choosing the next thing alphabetically drove me nuts coming from BASH. When PowerShell first came out I was heavily using it with Exchange 2007 and then when Exchange 2007 SP1 was released numerous variables changed and with release of 2010 numerous commands completely changed and broke a lot of my scripts that I'd built up.

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months


Re: I can appreciate the security aspect, but...

Been there, done that and have the t-shirt too for the a Oracle application server. The Base OS version OEL openssl didn't support TLS1.2, the app server wasn't officially supported on the next OEL version that did support support TLS1.2. A newer version of the application server wasn't compatible with another application server that was part of our suite. Ah the delights that is Oracle E-Business suite with various bolt on products and customisations of the core ERP product.

'Tens of millions' of Cisco devices vulnerable to CDPwn flaws: Network segmentation blown apart by security bugs


Re: Rule #1 -- Beware of home made protocols

Interesting that IOS & IOS-XE aren't vulnerable according to the CVE which means it's not the actually the protocol but the software implementation of it on other platforms. NX-OS, IOS XR & FC-OS are all Linux based. Where IOS is BSD based and IOS-XE is Linux based running IOS as a process called "IOSd".

Things I learned from Y2K (pt 87): How to swap a mainframe for Microsoft Access


This is why where I work we don't deploy Access in our Office deployments. We've been bitten too many times by the rogue user who sets up a small Access DB to do a task which then becomes important. We had a guy working full time for 2 years on converting some these DB's to SQL with front ends for where we couldn't buy a off the shelf package that did the same task.

The BlackBerry in your junk drawer is now a collectors' item: TCL says no more new keyboard-clad phones


Re: So where does this leave folks like Typo that Blackberry went after in the past?

I'm sure if nobodies making BlackBerry phones any more BB would happily license their keyboard patents to companies that want to try a Typo style device.


Re: TCL=malware

My understanding of the licensing agreements between BlackBerry and the companies that licensed the branding & hardware patents from BlackBerry, there was 3 companies, was that BlackBerry would supply all the software - OS & apps. TCL was the largest of these companies. One was for India and the other for Indonesia, while TCL did the rest of the world. I was a long time BlackBerry user from the first colour screen models right up till the first Android handset they did with the Priv.

Looks like the party's over, folks: Global PC sales set to shrink as Windows 10 upgrade cycle tails off, says Gartner


No Compelling Reason for Most People to Upgrade

PC sales have been falling simply because for most peoples use, especially office workers, a 5 year old PC still can cut the mustard especially if it had a SSD and 4 or 8GB of RAM. We replaced the PC's at my Dad's office recently due to Win 7 retirement and the PC's were well out of warranty. We used i3 NUC's with M2 SSD's and 8 GB and they are plenty fast enough for their use case which is basically Office 2016, MYOB AccountRight and Web apps.

Windows 7 back in black as holdouts report wallpaper-stripping shenanigans


Re: yes, yes...

You don't need to boot from DVD but that is an option. I use the media creation tool Rufus. When you create a bootable USB for Windows 10 you get the option of using GPT or MBR. If the GPT one doesn't work use the MBR option. From my experience if you need to repair the install it's better to just get the data off and do a clean install unless it's just repairing bootmgr. I've always done the Win 7 upgrade to Win 10 to get the license key upgraded. I recover the new key using a tool and then reload the PC clean with Windows 10. Longer but in the long run is a better.

Intel teases NUC-leheads with new desktop-class graphics systems and a fast i9 CPU


Re: Too expensive

I've deployed 6 NUC's over the last few months for family (3) and my Dad's business (3). The i3 Gen8 model is pretty cheap once you put in 8GB of RAM and a 240GB M.2 SSD. For the family build's I get the taller model, only $4 more expensive, which can also take a 2.5" drive which I set up as a backup target. For the web browsing, email, office tasks they are more than enough. The family don't want laptops and their small size everybody likes compared to the ATX towers they had. Only problem is 4 USB ports isn't enough sometimes but a cheap USB 3 4 port hub gets around that easily enough. I've got an old one that I use with LibreELEC as a HT PC and the integrated IR makes it a great fit for that task.

Pentagon beams down $10bn JEDI contract to Microsoft: Windows giant beats off Bezos


Re: What advantage does AWS have

A full working end to end IPv6 stack. Last time I checked this was a preview feature in Azure that had to be turned on.

Four words from Cisco to strike fear into the most hardened techies: Guest account as root


Re: No updates for in-contract non-EOL cisco devices

The ASA 5505 is really odd device support wise. For example the ASA 5510 & 5505 run the exact same ASA OS image file for release but the 5510 was EOL 12 months ago. The 5505 does have 9.2.4 as the latest version available. Wonder if the 9.2.4 will run on a ASA 5510.

How long is a lifetime? If you’re Comcast, it’s until a rival quits a city: ISP 'broke' price promise


Re: Lifetime warranty

Procurve's lifetime warranty is as long as the original owner owns them. I've had HP replace an ancient Procurve switch with newer models. All the years I worked at a company where we supplied and supported Procurves I struggle to remember many failures at all. Work for a company where we use Cisco. They have some models that have Limited Lifetime Warranties that extends till the Last Day of Support date that Cisco sets, typically 5 years after End Of Sale. I've tried to use this in the past and I'm yet to succeed in getting Cisco to replace any failed switches under their LLW, TAC just claims that I need to contact the reseller as I don't have SmartNet and the reseller says contact TAC round and round we go.

Microsoft plays chicken with Extended Support for Exchange 2010 end date and swerves first


Re: Exchange migration

I'm in the same boat for my Dad's business. We've currently got a SBS 2011 server that does everything they need for 6 users. Going to have to push them to Office 365 but we own Office 2016 so only going to get Office 365 Business Essentials which is Exchange, Sharepoint, Teams and OneDrive. We did a TCO of full O365 Business Premium and looked at the EOL for Office 2016. It was cheaper to buy Office 2016 outright. The benefit of O365 for Exchange is I don't have to worry about backing it up any more.

Microsoft's only gone and published the exFAT spec, now supports popping it in the Linux kernel


Re: It's a trap!

And Hyper-V drivers

Lenovo ThinkPad X390: A trusty workhorse that means business but it's not without a few flaws


Re: £1500?

Congrats for listing a feature that this particular laptop does not possess as a positive for owning it!

Yes a feature that a X390 doesn't have but the T490 does and no MacBook has at all.

Ever since Lenovo took over, the build quality and upgradability of ThinkPads has gone steadily downhill to the point where they're no longer worth the premium.

It happening to all brands unfortunately. They are all following a lot of design decisions/trends from Apple and consumers are worse off for it. But the masses are eating it up and us techies who know better get pissed off. I'd love to have a new ThinkPad that had the same keyboard as my old X220 or T420 but I'd take a current ThinkPad over a Apple laptop any day of the week. ThinkPad still have the best keyboard of any laptop but it's true they aren't as good as they once were. If I had to buy a new laptop this week I'd buy a T490. Slim enough but has a RAM slot and a good spread of IO ports including RJ45 and can be docked.


Re: Keyboard

Personally I prefer the Fn to the left of the CTRL key. Horse for courses.


Re: Reducing functionality just like Apple?

I've got three X230's which are predecessors to this new model and they have a full sized SD card reader. They also have a RJ45 port & dual RAM slots. Lenovo have made the X2/3x0 series something it never was. Previously if you wanted supper thin and were prepared to sacrifice some ports and upgrade ability for that thinness you got a X1 Carbon. The X2/300 series used to have dual RAM slots, hot swap batteries and LAN ports which made it a great expandable road warrior laptop. All those features are gone now. I stopped buying the X series when Lenovo halved the maximum amount of RAM it could use to the previous generation. I think that may have be the X240. Been on the T4x0s series since but the new T490s has gone the same path as the X390. Next laptop will probably be a T series rather than a T slim now.


Re: £1500?

Cause ThinkPad's have a keyboard that actually works, can't be failed by a speck of dust and is easily replaceable. SSD & and batteries also easily replaceable. There's also USB type A ports so you don't have to live the dongle life. Some of the latest models also have RAM slots for easy upgrades or a RJ45. It saddens me to see that more and more ThinkPad models are going all soldered on RAM.

Time to Ryzen shine, Intel: AMD has started shipping 7nm desktop CPUs like it's no big deal


Re: Three cheers for AMD.

We'd all be using Intel Itanium. That was Intel's path for 64bit CPU's but AMD64 spoiled those plans in a big way.

There's Huawei too many vulns in Chinese giant's firmware: Bug hunters slam pisspoor code


The Australian Signals Directorate came to the same conclusion as GCHQ after doing red team testing of Huawei gear. I really wonder if the luddite politicians just seized on terms in those reports. eg the report may have said "Software has multiple known vulnerabilities that could be used as a backdoor" and the pollies just concluded "Huawei's software has got back doors in it, must be the PRC governments fault!"

Good heavens, is it time to patch Cisco kit again? Prime Infrastructure root privileges hole plugged


Re: Oh for the love of pizza

PI is the worst piece of Cisco software I use. I bloody hate it and that's before having to patch it to address security bugs, which takes hours. It's an unmanageable monster that consumes so much resources and is unstable. WCS which PI replaced was great, it just worked. PI I truly loathe.

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted


I mostly use PuTTY on remote PC's for serial access to network gear and it's great for that job - small single exe. Occasionally I need to use Zmodem transfer and PuTTY's no good for that, so use Extra-PuTTY. But once the device is on the network or it's local to me it's SecureCRT all the way.


Re: Give me a good alternative

Try PACManager. https://sourceforge.net/projects/pacmanager/

It's basically a clone of the commercial package SecureCRT for Linux but supports some extra features that SecureCRT doesn't eg WOL or RDP. Not sure if it supports Z/X/YModem though which you occasionally need working with Cisco devices. I use SecureCRT on Windows for work and I can't stand going back to basic PuTTY. There's SecureCRT for Linux & Mac but it's not free.

Just a reminder: We're still bad at securing industrial controllers


Re: Isolate

The thing is, we are talking about PLC or ICS hardware, so it should already be isolated from the rest of the "office" network, let alone the internet.

Having seen the state of lots of process control networks I couldn't agree more with this. The PLC tech's love their Moxa devices too. If I had a dollar for every Moxa device I've seen on a process control network that is in the default state I'd be a rich man. But these guys are mostly electricians so I can see why they are in this state. I saw a Moxa pair of devices that was being used from remote blasting of explosives with the default passwords etc.

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes


Re: snapd and systemd

I watched that video "The tragedy of systemD" just yesterday. He did make some interesting and good points. That talk was given by a FreeBSD dev though.

Only plebs use Office 2019 over Office 365, says Microsoft's weird new ad campaign


"Personally, I use Office 365 Home because it covers the whole family"

I'm the same. There's 5 of us and it covers all our devices - 3 Windows PC's, 3 Mac's and 8 iOS devices. Sure I could use something free but my wife is familiar with Office and uses Excel heavily and she's familiar with it and she doesn't deal well with change. I want my kids to use Office as most of the corporate world uses it so they will have better prepared for a job if they have Office skills.

My dad has a small business and they were still running Office 2007 last year and have a local Exchange server. I looked into Office 365 for them, looked at the declared support lifetimes and we did the maths. For him it worked out cheaper to buy Office 2016 for the 7 Office PC's & laptops as they'll keep using it for as long as they can. They aren't power users at all but use most of the features of Exchange. The only reason we upgraded Office 2007 was because it was no longer supported.

Later this year we'll replace the local Exchange server (SBS 2011) with Office 365 Business Essentials which is only Exchange, Teams, OneDrive and SharePoint. We are only going this way because MS doesn't sell Small Business Server any more so a full license of Exchange, CALS and a server to run it on is more expensive than O365. Also means we don't need to back it up any more. We'll get a small server to run Windows Essentials for their AD, file & print sharing and Direct access.


Re: Plus you get to use the O365 apps on tablets/ phones.

Is there anyone, anyone at all who does serious work in Excel or Access on a phone?

I use Excel from a iPad or iPhone quite often to update my time sheets and a few other things from OneDrive. Is it serious work - well it's the basis of how I get paid so I consider it serious enough. Is it something that I could do with Google Docs etc sure but I need to forward the time sheets to a accountant who requests them in Excel format based on a template they use. If by serious work you mean complex formulas and dozens of rows and columns then it's not.

Before dipping a toe in the new ThinkPad high-end, make sure your desk is compatible


Re: Bah

I'm not a fan of the chiklet keyboard either. I have a couple of old T420 & X220 in my collection of 9 ThinkPad models of varying age, these being the oldest. The X220 with SSD and 8GB of RAM is still great device for basic use. These two were the last series to have the regular keyboards instead of the chicklet keyboards that came on the 30 series and boy are they are delight to type on. Going to a newer X230, X1 Carbon or T460s and the keyboard just isn't the same. Still the Lenovo chicklet keyboards are truckload better than the last gen Apple Macbook Air keyboard that my daughter has, that thing is mushy as. The newer Macbook butterfly switches are just as bad. My old man has an Asus laptop with a chicklet keyboard and I was pretty impressed with it, pretty close to a ThinkPad, as it's a much cheaper laptop than a ThinkPad.

The biggest complaints I have about ThinkPad's is the screens, most models have god awful ones. That's one thing that the Gen 6 X1 Carbon finally fixed, it's got a excellent screen.


Re: Why does a large touchpad serve no purpose?

I'd love to see a ThinkPad without a touchpad and only the "Gspot" TrackPoint. It's far more efficient and accurate in use. My first laptop was a lovely Toshiba Portege which only had a TrackPoint and I've used the TrackPoint on various ThinkPad's since then. I always disable the touchpad in software, I can't stand them and hate when I have to use one on a laptop that's only got it as an option but I know we are in the minority with most users hating the TrackPoint.


Re: Two things are wrong

Lenovo sell 8 different docks and docking stations that are compatible with the previous X1 Gen 6. 5 are the brick style "dock" shown in the article, 3 are the more traditional style "docking station" where you sit the laptop on it and they've got varying degrees of ports on the back. These three docks don't use the bottom docking connector any more, they have a slide mechanism on the left that has two USB-C ports and a third propriety ethernet connector which you slide into the laptop. Looking at the new X1 Gen 7 the ports on the left side of the laptop are the same as on the Gen 6 so I'd think that the older docks would still be compatible. Thinkpad's typically support the same model docks & power bricks for a number of generations.

What now, Larry? AWS boss insists Amazon will have dumped Oracle database by end of 2019


Re: Oracle has very goog technology for large corporations

My old boss did a tour of the Oracle data centre when he was in the US a number of years back. I think it was a co-location facility or hosted services, before Oracle launched their Cloud offering. At that time Oracle were trying to sell us a Exadata for our E-Business Suite environment. When he asked where any Exadata's were in the facility so he could see one he was told - "We don't have any of our own, they're too expensive. We have a few customer owned ones but we can't show them to you." Says it all about Oracle.

Docker invites elderly Windows Server apps to spend remaining days in supervised care


Re: Nothing is new

This doesn't fix the NT (!!!!) or Windows 2000 boxes (one of each), but at least we can focus on those separately.

What we did with these applications is to firewall them off from the rest of the network and use a VDI client to run the application with the most modern desktop OS we could. These VM's were firewalled too. Users don't really like having to use VDI to get to these apps but they are typically not used much and mostly read only legacy data.

We had one production system though. We'd being pushing to get it migrated etc for years. Six months of having to use VDI and the money and will from that department to migrate to something modern suddenly appeared. Funny how that happens.

Strewth! Aussie ISP gets eye-watering IPv4 bill, shifts to IPv6 addresses


CG-NAT Will Be Opt Out

Aussie broadband will allow opt out of CG-NAT for people that need a public IPv4 address on their router. Aussie has been wanting to go dual stack for some time but they've been held up in their IPv6 deployment for NBN due to software issue on their Cisco ASR9K's. NBN requires QoS set to 0 for ICMP & DHCP. For the ASR9K's IPv4 would allow Aussie to set the QoS to 0 and respect it, for IPv6 it was ignoring the interface QoS value setting of 0 and setting it to 6 so NBN would drop the packet. Cisco has now addressed this problem for them so they can move forward with their planned deployment.

'Surprise!' West Oz gummint is hopeless at information security


Having been through a audit like this the auditors typically want an offline copy of the AD database etc and then use tools to extract the password hashes and run other tools like hashcat against them testing against the dictionary.

I once failed an audit because the server rack doors weren't locked. Even though the rack cabinets all had the same key out of the factory. The server room itself had much better security but the auditors don't care.

Facebook Messenger backdoor demand, bail in Bitcoin, and lots more


Re: Govt Shenanigans

Haha - oops. I did mean steganography not stenography. In my defence I do have brain damage to my language centre after I had a brain tumour removed which was the size of a lime.


Govt Shenanigans

We've got end to end encryption now on messaging systems because various Governments proved that they couldn't help themselves by breaching the privacy of everyone to snoop on a few miscreants. If the Govt gets what they want who's to say that the determined crims or terrorists won't just fall back to older forms of encryption such as one time pads, stenography etc. American prison gangs seem to be able to communicate at will between inside & outside the jails using old fashioned ciphers & other techniques. Rather than SIGINT perhaps the governments invest more in HUMINT.

'Oh sh..' – the moment an infosec bod realized he was tracking a cop car's movements by its leaky cellular gateway


Why an Internet APN?

I find it interesting that these cellular gateways were connected to a APN that was public Internet. I would have though that the police & fire departments would connect these devices to a APN that connected them to a private network that only those departments could access.

This is what we do with our WAN routers which have 4G failover for the primary MPLS connection. The 4G IP addresses are routable via the MPLS the telco provides us. The PPP AAA from the 4G interface is even routed to our own RADIUS servers so I can set the username, password, IP address the interface gets as well as defining static routes via RADIUS for these connections. We also have some sites that 4G is their only connectivity and they connect this way too. It took a little bit of effort to set this up with the telco in the beginning but it's one of their standard offerings for enterprise customers so it wasn't that hard either. Not exactly rocket science, but we change the default credentials too and apply security updates when required.

Greybeard greebos do runner from care home to attend world's largest heavy metal fest Wacken


Don't fear the Reaper

I gotta have more cowbell!

Porn parking, livid lockers and botched blenders: The nightmare IoT world come true


Re: You're Doing Corporate WiFi Wrong

Any sane company has at least two wifi systems: one for user's own phones / visitors / IoT crap / etc, and a 2nd (or more) that is more locked down and only for approved corporate devices that need to access internal systems.

Most corporates would use controller based WAPs solutions from companies like Cisco, Aruba etc that support multiple SSID and security deployments with AP groups and have a profiling tool that can send a RADIUS CoA to the controller when a rogue device is detected. Even SMB's have products that are affordable while being able to support different security requirements. Ubiquiti Unify, Foritnet or Draytek WAPs with their own firewall products give controller like experience as well as being able to firewall traffic.

Have a SSID for your corporate devices using EAP-TLS for security. Mobile devices should be provisioned by an MDM so they get the correct certificates to use. If you can't afford a MDM or don't have the staff to deploy an internal CA infrastructure then use a PEAP secured SSID and firewall it. Mobile devices could be firewalled off and on a separate SSID depending on your use case.

Another SSID for guest access that is on separate VLAN & firewalled off with P2P disabled. Use a PSK or Captive Portal for security. I prefer Captive Portal so you can see who's connected to the guest WiFi. Any IoT crap gets it's own SSID, VLAN and firewalled off & P2P disabled again. If you have to use a PSK with these devices, only IT & application support get to know the PSK and you'd restrict the devices access to the bare minimum for them to work on the firewall so you don't any free loaders on this SSID.

Security is hard and you need to spend some money but a competent network admin should be able to deploy a reasonably secure WiFi solution no problem at all.

Probably more a case of the line manager insisting on you doing WiFi security right (from the point of view of his convenience).

IT staff shouldn't report to a line manager for security related items. If the manager has a problem they can take it up with who's responsible for IT security or my boss. As IT staff I'll happily work with the line manager to be able to accommodate his requirements but only in a secure fashion and I'll be completely up front about it. If it's a rush I'll do my best to help them out as quick as I can but if I need extra hardware then he's going to have to wait. If my boss tells me to cut corners for a deployment, I'll do it but then my boss most likely wouldn't ask anyway because at the end of the day it'll be his name on a incident report if something happens and that's the last thing he wants.


You're Doing Corporate WiFi Wrong

"It only takes a line manager to buy and plug in a new piece of kit and then type in the office's wireless password for a security hole to be opened up."

If this is all it takes to get a device on your corporate WiFi network then you're doing WiFi security wrong.

Here we go again: Monopoly case another round in Arista vs Cisco


Re: Cisco cli is messy

if you manage 1000 switches, then having 100 with one CLI, 27 with a second one, and 4 with a third is most definitely a barrier to fleet maintenance, which is why many companies go with a single vendor for networking, big part of the motivation to go with the Gorilla.

Even between IOS 12 or 15 there's difference's. Not wildly different but different enough to be annoying. I'm constantly trying to pipe to section on IOS 12 and it drives me nuts when it fails because begin or include don't always get the information. Then there's configuration differences for RADIUS or EIGRP. Then if you move to NX-OS it's quite different again. I love in NX-OS that you can do a show run from config mode with out having to use do, but I'm always careful to make sure that I'm using copy run start least I stuff up. Throw in ASA's where you have to use write terminal. Having a completely Cisco network doesn't mean the command line is 100% the same across all of your devices.

Facebook deletes 17 accounts, dusts off hands, beams: We've saved the 2018 elections


Facebook will take advertising dollars from anyone and are completely shameless about it. If they were serious about cleaning up their platform they'd be stricter on advertisers. You can report an ad for being inappropriate with adult content or you can block the ad from your feed by marking it as a scam but not for other reasons. They are going to keep getting targeted until they clean up their advertising.

In Microsoft land, cloud comes to you! Office 365 stuff to be bled into on-prem Office 2019 Server


Re: Reality

I work in mining. Office 365 is useless if your on a satellite connection like some of our sites are. Other cloudy services for process control networks that are firewalled off from the rest of the network are pretty useless too.

Notes/Domino is alive! Second beta of version 10 is imminent


Domino on AIX?

No mention of Domino being supporting on AIX/POWER. Wonder if that's still supported.



Biting the hand that feeds IT © 1998–2020