@Dashrender said:

@scottalanmiller said:

@JaredBusch said:

Can AD not handle old copies? I was under the impression that it could.

The latest version can, but only the latest. It's a new feature that MS just added.

This is my understanding as well. As long as you only have 2012 (and maybe it's only 2012R2) DCs then you can restore backup of a DC without any issues (according to the documentation 🙂 )

Pretty sure it is 2012 R2.

@hubtechagain said:

ah just looks different i suppose. 08r2 here.

That was from an 08R2 server.

@Dashrender said:

Why is a VPN a security risk? because they give you (generally) full access to the network?

Correct. They create unnecessary exposure. Direct access to all hosts (typically) for all protocols and ports. The protections of firewalls and proxies are bypassed. They are generally the least secure form of access because they are the laziest - just expose everything and hope for the best.

@scottalanmiller Yeah... I know..

It was just never bothered with. .. 😞

I'm making a snapshot right now using NAUBackup of my VM's before running the upgrades. As ya never know if something will get broken.

That pretty much sums it up, DSA is an IBM application and that tells you all that you need to know. It's unrelated to system logs and other platform tools. The application that you use is DSA itself.

I used it a while back when I was hosting some sites on C@C. It didn't support Centos 7 at the time, and a quick glance would indicate that this is still true.

Colour of the Tabs in the ML and the Fonts are also changed somewhat

@Sparkum said:

Isnt there just a vendor on Mangolassi that wants to give me a free 3D printer? hmmm?

Give you one? Nooooooo. No. No no.

They want to give ME one 😄

Ok, no more comments.

Will produce a poll shortly.

Like this...

cat > observium.conf <<'_EOF' <VirtualHost *:80> DocumentRoot /opt/observium/html/ ServerName observium.domain.com CustomLog /opt/observium/logs/access_log combined ErrorLog /opt/observium/logs/error_log <Directory "/opt/observium/html/"> AllowOverride All Options FollowSymLinks MultiViews Require all granted </Directory> </VirtualHost> _EOF

@shybrsky said:

@scottalanmiller said:

EMSTP is the email protocol and has nothing to do with your email being rejected. The email was delivered and the recipient's system looked at it and decided that it looked like SPAM.

The following organization rejected your message: myesmtp., why not rejected by destination email domain ?? ex : The following organization rejected your message: mycustomer.com

That's the organization name. It's probably the name of their SPAM filter.

From a perspective of stateless, it is relatively trivial, and often actually trivial, to reproduce or recreate any aspect of an IT infrastructure as long as the storage is still intact. In many modern cloud architectures we can actually rebuild an entire network in a matter of minutes without needing to go to backups or to even take backups. Data storage is unique as the only component of many modern network designs that even has a reason to have backups taken of it!

@Dashrender said:

Isn't using a SSH key and a password considered two factor authentication?

It is not generally considered to be this. An SSH Key is just a really, really long password that you probably can't remember. Would you consider having two passwords, both entered from the same place, to be two factor? I would not. It's more like one factor plus. It's an incredibly secure single factor, but the key itself is still a single factor, just a really strong one.

@Dashrender said:

@scottalanmiller what file on Ubuntu do you look at to get the name of the machine?

Why get that complicated? Just ask the machine its name.

uname -n

or

hostname

UNIX people know to do the former rather than the more obvious later as the former command, uname, is an "always safe" command no matter what typo follows it. Hostname is safe when run without anything after it but if you bump a key after typing the command you might accidentally rename your running system which could cause issues if anything depends on the name.

This model does make sense. The only other option would be to put up pay walls on all websites out there, and you would have to pay them directly to gain access to their content.

A few places might manage to leave their stuff open, private blogs, etc, but for the most part news and other typical journalism would die a quick death as most people are unwilling to pay for it. Though, in thinking that through, what we'd probably end up with is a what we had 20 years ago, newspapers, a collection of writers, etc that all work under a single corporate umbrella. So you'd subscribe to one of these services and only see their tiny portion of probably slanted views.

I'm with Scott - why would you want to do this, even for testing? If you want to make sure mail services are working, you can simply telnet into your email host use some hello/ello commands, etc to test the ability to send/pickup email, but configuring a command line client, I'm baffled.

If you are regularly patching your systems and using an up to date enterprise OS, this should not be of serious concern. Even the biggest issues ever in OpenSSH were patched the same day that they were found and provided to the enterprise OS vendors the same day. If you had, for example, a standard weekly patch cycle on CentOS you would have been patched between zero and six days after the vulnerability was found, with an average of three days, without needing to even be aware of the issue.

To patch OpenSSL on CentOS, for example, is just this command:

yum -y update openssl

And, of course, requires no restart. So even if you needed to manually patch it, you could do that hourly through a script if you had a serious concern or anytime manually.

Super fail on my part here... I knew I had heard of this prior to today, but did ont realize that I had already looked into it once before..

@hutchingsp posted a thread over on SW that made me want to look a this and then I searched here and found this old post.. so sad on my part that I never set this up yet...

Just curious, how is Zabbix compared to Nagios/icinga?