* Posts by Darkk

28 publicly visible posts • joined 30 Aug 2018

Microsoft mistake blows up admins' inboxes with fake malware alerts

Darkk

What a fiasco today!!

It's been a fun day dealing with this. Thankfully this was posted on Reddit way before Microsoft finally admitted this fiasco via the office 365 admin portal.

ICANN reserves .internal for private use at the DNS level

Darkk

Re: Would have prefered "*.int"

I prefer the *.lan as well to go with the usual three letter naming convention like .com and .net. I've been using that for years for internal use without issues.

Raspberry Pi Pico 2 lands with (drum roll) RISC-V cores

Darkk

Re: Old habits die hard

I have a feeling since these are first batch at launch they're waiting to see if any hardware bugs crop up before committing to large quantity in manufacturing for the masses. It's one of the reasons why I didn't order the RaspberryPi 5 at launch. I just placed a new order for the Pi 5 8 gig along with five Pico 2s to try out. A side note I did pre-ordered the Pi 4 at launch and a few months later they did a revision for a faster clocked CPU as they tweaked the power supply design. I was a bit miffed at that because how expensive these Pi's are these days.

Considering how cheap these Picos are if bugs do creep up it's not too big of a deal to buy the updated ones if I need to.

How a cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash

Darkk

It's not really an issue as you can re-roll the bit locker keys in InTune.

Mars helicopter sends final message, but will keep collecting data

Darkk

Cool to see NASA is able to repurpose this aircraft to be a weather station. Makes me wonder how long will it last before the solar panels are completely covered in dust? It was relying on flights to dust them off.

One of the reasons why recent probes now use nuclear battery for power.

Either way hats off to the little guy!

Broadcom throws VMware customers on perpetual licenses a lifeline

Darkk

Site to site cluster replication is on the road map for ProxMox. For now there is a way to do it using ZFS replication. There is a how to write up on ProxMox doc site.

Snow day in corporate world thanks to another frustrating Microsoft Teams outage

Darkk

Re: I was wondering why things were so quiet today

Good luck getting any big money (credit) back from your cloud providers. When they do it's not much compared to your loss of productivity and downtime which can cost the company big bucks. I know there's always a risk of losing access to these services but it's supposed to be extremely rare given all the redundancy that's out there. Ah well. I guess the system admins these days just don't have what it takes to really build a solid infrastructure. Microsoft is no exception.

Veeam researching support for VMware alternative Proxmox as backup buyers fret about Broadcom

Darkk

Pretty narrow minded with that line of thinking. ProxMox IS a very stable and usable alternative to vmware and others. I know because we use it in production at work. Rock solid for us!

Darkk

Re: Broadcom execs of the usual quality

Broadcom was hoping their customers will just suck it up and pay the increase even at a certain percentage should switch to another product. At this point we have no idea what that percentage is. Even at 20% that is large chunk of their customers leaving. Broadcom might find that acceptable loss.

Darkk

Re: Proxmox has "native" backup

Backups via ZFS are usually pretty quick BUT the restores are painfully slow. But it's manageable if something should happen to the VM / Containers that I needed to restore. Most of the restores can take 30 to 45 mins which is acceptable for our use. I know for some it's not but least I don't have to completely rebuild the VM in an emergency. The restores simply just works.

Fortinet squashes hijack-my-VPN bug in FortiOS gear

Darkk

The biggest issue I have with Fortinet is that they're releasing FortiOS with new features before it's ready. Now we have like 4 trains of FortiOS and all of them have bugs one way or another. Lucky for us I turned off SSL-VPN back in December when Fortinet tech support refused to issue a patch on an older FortiOS V6.0 as I wasn't ready to upgrade from V6 to V7. Ironically enough they did released a patched version of FortiOS v6.0 the other day for this vulnerability which I was able to apply.

If Fortinet keeps this up and with their ever high prices of their security subscriptions I will be forced to look for alternatives.

I've deployed several Netgate's pfsense appliances for remote offices and been happy with them. I use pfSense at home as well on repurposed Dell desktop PC.

Another Debian dust-up with Firefox dependencies – but there is an annoying and awkward workaround

Darkk

I am using Linux Mint on my laptop as well and my version of FF is showing v.95. However, being Mint for what it is they probably grabbed the latest version from Mozilla and compile it to make it work with with Mint.

I will have to check my Debian 11 with KDE workstation later to see what version of FF is installed.

Log4j RCE: Emergency patch issued to plug critical auth-free code execution hole in widely used logging utility

Darkk

vmware is a mess

If you manage a large vmware infrastructure you're in for LONG hours in patching all those vmware appliances such as vCenter and vReplication Appliance. Currently vmware don't have a patch available so have to use command line workarounds.

So far the only saving grace is that the vsphere exsi host servers aren't affected by this.

VMware recalls full vSphere update over driver dramas

Darkk

Lucky we're still on 7.0 Update 2d despite the warning of security issues and wanting us to upgrade to U3. I held off on the upgrade as was dealing with odd vCenter SSL cert issues and the stupid failed update from the previous version. Lucky it was an easy fix but made me weary of upgrading to anything new right now.

Riverbed Technologies files for Chapter 11 bankruptcy protection following pandemic 'headwinds'

Darkk

Riverbed is great back in the day when most companies can only get 1.5MB T1 connections for site to site VPNs. This is where Riverbed shines. Now we're into gigabit speeds on the cheap it doesn't make too much sense anymore to use their products.

VMware's divorce from Dell is complete: Virtualization giant now a separate biz with $64bn valuation

Darkk

Or take a look at ProxMox.

Facebook, WhatsApp, Instagram deplatform themselves: Services down globally

Darkk

I felt a great disturbance in the Force. As if millions of voices cried out in terror, and were suddenly silenced. I fear something terrible has happened.

The PrintNightmare continues: Microsoft confirms presence of vulnerable code in all versions of Windows

Darkk

Re: The solution to rule them all ... in that situation

This will ONLY work if you don't have Microsoft Exchange in your domain.

Darkk

Re: As much as I like to dump on microsoft a pile...

I have the print spooler disabled on all the DCs in our domain. I suppose I could turn it on once a day to do it's maintenance and then disable it until Microsoft push out a patch. Lucky all our DCs are running Server 2019.

Darkk

There are free open source solutions to this if companies don't want to pay $$$ to Microsoft. Hell, you can run a dedicated print server running Linux with CUPS. Windows, Mac and Linux workstations won't know the difference.

One company I've worked for did have print services on DC then later separated that out onto it's own server leaving DC strictly for domain controller functions along with DNS and DHCP.

Microsoft emits 83 security fixes – and miscreants are already exploiting one of the vulns in Windows Defender

Darkk

Re: Fug Bixes

Yep and we've been stung too many times with updates forcing us to rebuild the entire computer when the system restore couldn't fix it. I have little faith in Microsoft these days when it come to updates.

COVID-19 security tips: Ensure you sack your staff without leaving their IT access enabled, says Secureworks

Darkk

Re: Seems reasonable

If you use Remote Desktop Gateway server you can actually disable clipboard, printer and shares. I've tried using Fortigate's web-based RDP which does not support multi-monitors so had to build a Remote Desktop Gateway server and create policies. Then it connects to a real remote desktop server. The idea behind that is VPN client is not needed. They just use the gateway settings in Microsoft's native RDP client and boom you're in.

I've set up restrictions to only allow access to certain resources and the remote desktop servers. So if the hackers tried using an account that does not have the permissions to access the RDP servers they won't be able to log in.

I get it why you use your firewall's own SSL-VPN with RDP feature to limit your exposure to Microsoft servers to the internet. Sometimes it limits the users too much from what they need to do.

QUOTE:

"The downside is that there is no possible integration with the local PC so local devices like printers can't be mapped across if you needed to do this."

51 years after humans first set foot on the Moon, a deepfaked Nixon mourns how Armstrong and Aldrin never made it home

Darkk

Re: Alternative fakery

That's no moon...that's a space station!

Log us out: Private equity snaffles Lastpass owner LogMeIn

Darkk

Re: Ouch

Use keyfiles in addition to your password to make it harder to brute force the password alone. I have this on my Android devices, Linux Mint PC and Windows 10 PC.

Darkk

Re: Ouch

I use KeePass for my android devices, Linux Mint PC and Windows 10 PC. I keep the database sync'd with NextCloud running at home. Works very well.

Disk drives suck less than they did a couple of years ago. Which is nice

Darkk

Plus the fact Enterprise Class hard drives are designed for 24/7/365 operation so as a home user with constant power off and power on will put extra strain on the drive. They're great for NAS / Fileserver running all the time but not so much in a regular PC.

Error pop-up? Don't worry, let's just get this migration done... BTW it's my day off tomorrow

Darkk

Re: been there - done that

"Macros"

Won’t patch systems? Never run malware scans? Welcome to the US State Department!

Darkk

Patch Issues

There is actually no practical excuse for not patching personal computers and servers. Most of our machines are windows based and for the most part patches have gone without issues. Although I would have to say July 2018 patches are without problems which gave us grief for awhile. I had to suspend patching the machines for July and August to give Microsoft enough time to fix their screwups.

Don't get started on the WSUS server. I've rebuilt that POS thing so many times that I care to count. Will have to fork out some $$$ for a real patching server. Lucky for us, however, we already have endpoint security installed on all the machines that we can monitor and take immediate preventive measures if necessary.

There are some critical applications that can break after an update which is any IT's nightmare if patched on a large scale. However, it goes back to my original statement there is no reason NOT to patch at all.