Re: Anyhow, a good reason to use Ubuntu Server.
I use plain ole vanilla Debian for my servers. Less bloat.
Posts by Darkk
30 publicly visible posts • joined 30 Aug 2018
Linux 6.12 is the new long term supported kernel
Oracle's Java price hikes push CIOs to brew new licensing strategies
Microsoft mistake blows up admins' inboxes with fake malware alerts
ICANN reserves .internal for private use at the DNS level
Raspberry Pi Pico 2 lands with (drum roll) RISC-V cores
Saturday 10th August 2024 21:29 GMT
Re: Old habits die hard
I have a feeling since these are first batch at launch they're waiting to see if any hardware bugs crop up before committing to large quantity in manufacturing for the masses. It's one of the reasons why I didn't order the RaspberryPi 5 at launch. I just placed a new order for the Pi 5 8 gig along with five Pico 2s to try out. A side note I did pre-ordered the Pi 4 at launch and a few months later they did a revision for a faster clocked CPU as they tweaked the power supply design. I was a bit miffed at that because how expensive these Pi's are these days.
Considering how cheap these Picos are if bugs do creep up it's not too big of a deal to buy the updated ones if I need to.
How a cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash
Mars helicopter sends final message, but will keep collecting data
Thursday 18th April 2024 06:36 GMT
Cool to see NASA is able to repurpose this aircraft to be a weather station. Makes me wonder how long will it last before the solar panels are completely covered in dust? It was relying on flights to dust them off.
One of the reasons why recent probes now use nuclear battery for power.
Either way hats off to the little guy!
Broadcom throws VMware customers on perpetual licenses a lifeline
Snow day in corporate world thanks to another frustrating Microsoft Teams outage
Saturday 27th January 2024 17:59 GMT
Re: I was wondering why things were so quiet today
Good luck getting any big money (credit) back from your cloud providers. When they do it's not much compared to your loss of productivity and downtime which can cost the company big bucks. I know there's always a risk of losing access to these services but it's supposed to be extremely rare given all the redundancy that's out there. Ah well. I guess the system admins these days just don't have what it takes to really build a solid infrastructure. Microsoft is no exception.
Veeam researching support for VMware alternative Proxmox as backup buyers fret about Broadcom
Monday 22nd January 2024 20:31 GMT
Re: Broadcom execs of the usual quality
Broadcom was hoping their customers will just suck it up and pay the increase even at a certain percentage should switch to another product. At this point we have no idea what that percentage is. Even at 20% that is large chunk of their customers leaving. Broadcom might find that acceptable loss.
Monday 22nd January 2024 20:28 GMT
Re: Proxmox has "native" backup
Backups via ZFS are usually pretty quick BUT the restores are painfully slow. But it's manageable if something should happen to the VM / Containers that I needed to restore. Most of the restores can take 30 to 45 mins which is acceptable for our use. I know for some it's not but least I don't have to completely rebuild the VM in an emergency. The restores simply just works.
Fortinet squashes hijack-my-VPN bug in FortiOS gear
Wednesday 14th June 2023 05:13 GMT
The biggest issue I have with Fortinet is that they're releasing FortiOS with new features before it's ready. Now we have like 4 trains of FortiOS and all of them have bugs one way or another. Lucky for us I turned off SSL-VPN back in December when Fortinet tech support refused to issue a patch on an older FortiOS V6.0 as I wasn't ready to upgrade from V6 to V7. Ironically enough they did released a patched version of FortiOS v6.0 the other day for this vulnerability which I was able to apply.
If Fortinet keeps this up and with their ever high prices of their security subscriptions I will be forced to look for alternatives.
I've deployed several Netgate's pfsense appliances for remote offices and been happy with them. I use pfSense at home as well on repurposed Dell desktop PC.
Another Debian dust-up with Firefox dependencies – but there is an annoying and awkward workaround
Monday 13th December 2021 07:08 GMT
I am using Linux Mint on my laptop as well and my version of FF is showing v.95. However, being Mint for what it is they probably grabbed the latest version from Mozilla and compile it to make it work with with Mint.
I will have to check my Debian 11 with KDE workstation later to see what version of FF is installed.
Log4j RCE: Emergency patch issued to plug critical auth-free code execution hole in widely used logging utility
Monday 13th December 2021 06:41 GMT
vmware is a mess
If you manage a large vmware infrastructure you're in for LONG hours in patching all those vmware appliances such as vCenter and vReplication Appliance. Currently vmware don't have a patch available so have to use command line workarounds.
So far the only saving grace is that the vsphere exsi host servers aren't affected by this.
VMware recalls full vSphere update over driver dramas
Monday 22nd November 2021 22:16 GMT
Lucky we're still on 7.0 Update 2d despite the warning of security issues and wanting us to upgrade to U3. I held off on the upgrade as was dealing with odd vCenter SSL cert issues and the stupid failed update from the previous version. Lucky it was an easy fix but made me weary of upgrading to anything new right now.
Riverbed Technologies files for Chapter 11 bankruptcy protection following pandemic 'headwinds'
VMware's divorce from Dell is complete: Virtualization giant now a separate biz with $64bn valuation
Facebook, WhatsApp, Instagram deplatform themselves: Services down globally
The PrintNightmare continues: Microsoft confirms presence of vulnerable code in all versions of Windows
Saturday 3rd July 2021 19:10 GMT
There are free open source solutions to this if companies don't want to pay $$$ to Microsoft. Hell, you can run a dedicated print server running Linux with CUPS. Windows, Mac and Linux workstations won't know the difference.
One company I've worked for did have print services on DC then later separated that out onto it's own server leaving DC strictly for domain controller functions along with DNS and DHCP.
Microsoft emits 83 security fixes – and miscreants are already exploiting one of the vulns in Windows Defender
COVID-19 security tips: Ensure you sack your staff without leaving their IT access enabled, says Secureworks
Friday 16th October 2020 19:28 GMT
Re: Seems reasonable
If you use Remote Desktop Gateway server you can actually disable clipboard, printer and shares. I've tried using Fortigate's web-based RDP which does not support multi-monitors so had to build a Remote Desktop Gateway server and create policies. Then it connects to a real remote desktop server. The idea behind that is VPN client is not needed. They just use the gateway settings in Microsoft's native RDP client and boom you're in.
I've set up restrictions to only allow access to certain resources and the remote desktop servers. So if the hackers tried using an account that does not have the permissions to access the RDP servers they won't be able to log in.
I get it why you use your firewall's own SSL-VPN with RDP feature to limit your exposure to Microsoft servers to the internet. Sometimes it limits the users too much from what they need to do.
QUOTE:
"The downside is that there is no possible integration with the local PC so local devices like printers can't be mapped across if you needed to do this."
51 years after humans first set foot on the Moon, a deepfaked Nixon mourns how Armstrong and Aldrin never made it home
Log us out: Private equity snaffles Lastpass owner LogMeIn
Disk drives suck less than they did a couple of years ago. Which is nice
Error pop-up? Don't worry, let's just get this migration done... BTW it's my day off tomorrow
Won’t patch systems? Never run malware scans? Welcome to the US State Department!
Friday 31st August 2018 11:01 GMT
Patch Issues
There is actually no practical excuse for not patching personal computers and servers. Most of our machines are windows based and for the most part patches have gone without issues. Although I would have to say July 2018 patches are without problems which gave us grief for awhile. I had to suspend patching the machines for July and August to give Microsoft enough time to fix their screwups.
Don't get started on the WSUS server. I've rebuilt that POS thing so many times that I care to count. Will have to fork out some $$$ for a real patching server. Lucky for us, however, we already have endpoint security installed on all the machines that we can monitor and take immediate preventive measures if necessary.
There are some critical applications that can break after an update which is any IT's nightmare if patched on a large scale. However, it goes back to my original statement there is no reason NOT to patch at all.
Biting the hand that feeds IT
