@dbeato said in Rocket.Chat: No notifications on new message:

@dafyre said in Rocket.Chat: No notifications on new message:

t installed or are you just using the browser

I had the same problem before even with this settings but I recall @scottalanmiller saying it was fixed.

Mine was fixed by the way.

@black3dynamite said in Pros and cons running local repository (for packages like deb, rpm etc)?:

@Pete-S said in Pros and cons running local repository (for packages like deb, rpm etc)?:

Cons would be storage space - amd64 repository for debian stable is around 60 GB.

According to the information in this link, which is updated daily, amd64 is 330 GB.
https://www.debian.org/mirror/size

It's because that includes everything like testing, unstable, experimental and what not. Also source code. So it's a couple of different versions of the OS.

The amd64 stable main contrib non-free are 60.1 GB today - as of right now...

@Dashrender think of this as XOCE to XenServer/XCP-ng but with a desktop instead of a web interface.

Literally nothing different and is completely normal.

@gap579137 said in Add porn blocking to your Pi-hole:

We have a very good list at [site redacted] if you would like to at it to you lists.

Interesting concept..
491adb7c-e991-4b5a-bb1c-0ff38aee2d06-image.png

@vpr00 said in MeshCentral Performance Testing:

Sometimes after i press connect, half of the image loads and it wont load any further. I have to press disconnect and connect again until it works. Have you experienced the same? It only happens with WebRTC though.

Yes, we do see that from time to time.

@wrx7m said in Why DR Plans are Important and Need to be Tested:

This is a good reason to have more than one credit card from more than one bank.

This isn't just a credit issue though. It's people literally unable to access their own money, not money on credit. More so if people have the money in their checking/savings account to pay their bills why should they have to pay their bills on credit?!

The bank had better pay off any interest if their customers had to use a credit card to pay for anything during this time to get things back to Zero.

MSP Maturity Model. Strictly speaking, the MSPMM does not tell MSPs to make all of their customers identical. But in practice, it encourages it and many MSPs talk about the MSPMM in these terms - finding ways to make customers all run the same tools, software, practices, network design, etc. This makes management so much easier for the MSP, but has two major problems.

First, it forces the customer to conform to the vendor, which makes very little sense. IT needs to adapt to the business, not the business to IT. But that's another topic.

Secondary, it means that an attack vector that works on the MSP will likely work on every single one of their customers making the prospect of breaching the MSP that much better. Sure, if a targeted attack by experienced state-sponsored hackers goes after an MSP, the MSP has little chance of winning that battle. But that isn't the real risk. In the real world, the risk is automated attacks looking for common vulnerabilities and spreading organically through shared tooling - things that are only possible or reasonably likely when the environments are homogeneous: both amongst the MSP clients, and between clients and the MSP themselves.

The traditional approach of MSPs, especially VAR - MSP combo companies, is to have not only the same tools and software, but even the same hardware and products so that any hole anywhere because a hole everywhere and breaching any one piece of the infrastructure means you are likely to breach it all.

@Dashrender said in What SQRL Apps Are You Using:

@scottalanmiller said in What SQRL Apps Are You Using:

@Dashrender said in What SQRL Apps Are You Using:

@scottalanmiller said in What SQRL Apps Are You Using:

@Dashrender said in What SQRL Apps Are You Using:

@coliver said in What SQRL Apps Are You Using:

What's seems odd to me (even though it probably isn't) is that there are no major players also working on this in tandem. If this is supposed to be the next iteration of anonymous login there are a ton of security adjacent vendors that would love this.

No, they wouldn't because they can't make money off of it.

Actually they could, if it had any value. They could make a lot off of it. It's because it doesn't do anything useful that it has no value. OAuth already does all the good parts of SQRL and fixes the "not easy" problems.

No it doesn’t because oauth gives the control to that third party, it’s not trust no one.

SQRL does that too.

What no it doesn’t. You are the only one with your private key and everything is done on the fly based on that. No third party is ever involved.

That's the impression that they like to give, but it doesn't work that way. To share identities or have any "easy" between sites, it is still sharing just like OAuth (Actually, they state that they are just extending OAuth.)

So with SQRL you always have to trust at least one source, and if you want the features that most people want, then you have to trust a third party as well. The SQRL key carries no info, so is nothing more than a cookie, so requires the same third party sharing that we have now,. It's just a cookie that doesn't automatically get conveyed between unrelated sites.

Short of getting advisories from vendors, just putting something on the calendar is probably best.

It's not checked. However, some properties within are. But not all of it. It's telling you it's conditional. Still pointless though IMO.

But like anything - this could grow through the use of other compromises for privilege elevation, and bam - pown'ed.

So, circling back. How is the backup project going?

@Pete-S said in Geekbench observations:

@dafyre said in Geekbench observations:

@Pete-S said in Geekbench observations:

The relationship between the single-core and multi-core score should be about 80% of theoretical max on the multi-core score.

So if single core score is 3000 and you have 4 vCPUs then multi-core score should be 80% of 3000 x 4 cores = 9600. If the host is under heavy load the multi-core score will go lower and lower.

I think you are on the right track. This is largely in part due to how the underlying Hypervisor handles multi-core VMs. The way I understand it, is that in a multi-core VM, the Hypervisor has to wait for that number of cores to be ready to process before it signals to the VM that it can keep running.

IE: In your example, a 4 core VM, the underlying hypervisor will have to wait to have 4 cores waiting for work before it will tell the VM that it's cores are available.

I've read that before but I think it is some old feature of very old hypervisors called strict co-scheduling. It's not used anymore.

Nowadays basically every hypervisor has their scheduler that puts vCPU on real pCPUs according to the time share principle. So every vCPU get's a piece of the pie. But it has to account for hyperthreading, more than one CPU socket (NUMA), power saving, VM priority and other things. The underlying principle is though that all VMs and their vCPUs should get their fair share of CPU time.

Some hypervisors have different scheduler algorithms so you can pick other ways of scheduling that might be more optimized for your workload.

Depends, SMP doesn't really allow for that, all cores have to be in lock step. Only is AMP is supported can the hypervisor do that. It requires the hypervisor and system above it together to do non-SMP processing.

The only scenarios I've seen are:

PPPoE / DSL Jumbo Frames VPNs

@Pete-S click the menu (three stacked dots) by the post that had the answer so others know which solution worked best for you.

@EddieJennings said in Typical virtualization host server config?:

@Pete-S said in Typical virtualization host server config?:

We've calculated guesstimated 8GB RAM and 50 GB SSD storage per VM on average.

How did you come up with your guesstimate? Do you have some workloads in production right now that you'd be virtualizing with whatever host your configure and buy?

Yes, actually we have the hardware now but it hasn't been configured completely yet. We are still figuring things out.

The workloads are running on physical servers (Windows) and it's latency that is our primary concern, not capacity. We are moving the applications to linux and making them multi-tenant and horizontally scalable at the same time. So that's why we are guesstimating based on the config of the physical servers.

@DustinB3403 said in Openvpn HELPPP!!:

@abdel-hakim-abousrea to start, if you have access to the internet, you have a public IP, it could be a statically assigned IP or one that could change randomly.

Having a static public IP to use for this would be ideal.

Set up a FQDN for your system, even if it is a static IP. Either via some type of dynamic DNS or a manual records in your public DNS.

@dafyre said in Running Xrdp on Ubuntu:

Not sure what to do about the EFI issue....

What I do when I want to use mine like that is set up x11vnc-server and then run it through XRDP (and choose the console option). It's faster than stock VNC... Don't ask me why, lol. I haven't gotten instructions for that yet, I don't think.

If I remember right, after a reboot, you have to connect, close the connection, and then reconnect back using the XRDP+VNC option. I don't have any installation instructions for that setup on hand though. I can work it out and post them if you like.

This is likely where I went 'rouge' in that I didn't use x11vnc-server.. I had notes on that,.. at least I believe and have misplaced them. so I had forget that.

As I was starting to have other 'OS' Kernel issues (the mouse and keyboard wasn't working correctly) I nuked that partition from Windows, and will rebuild. Maybe it'll survive as I am of course getting grub 'errors' since that partition is gone.