@bnrstnr said in Centos 7 Minimal Install:

Is there ever a reason to go with one of the other security policies for centOS?

Depends where you work, usually this is set for government standards for example:
https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards

So theoretically if you work for the Government agency they will require you to choose certain protocols, and those profiles will make your life easier.

0_1502525541907_Screenshot from 2017-08-12 03-11-11.png

@jaredbusch said in Nginx Certificate Authentication issue:

@emad-r said in Nginx Certificate Authentication issue:

@jaredbusch said in Nginx Certificate Authentication issue:

ls -laZ /etc/pki/nginx/ca.crt

-rw-r--r-- root root ?

i specified -laZ intentionally to show the SELinux context also.

I don't have your directory setup, but this is what my /etc/pki/tls/certs looks like

drwxr-xr-x. root root system_u:object_r:cert_t:s0 . drwxr-xr-x. root root system_u:object_r:cert_t:s0 .. lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt -rw-r--r--. root root unconfined_u:object_r:cert_t:s0 dhparam.pem -rwxr-xr-x. root root system_u:object_r:bin_t:s0 make-dummy-cert -rw-r--r--. root root system_u:object_r:cert_t:s0 Makefile -rwxr-xr-x. root root system_u:object_r:cert_t:s0 renew-dummy-cert

Thanks this pointed me in the right direction, a useful guide coming soon

@eddiejennings said in [SIP Pricing: How much are 11.338 milliseconds worth?]

Twilio: New Jersey at 12.853 ms average ping
Voip.ms: Atlanta (Atlanta2) at 1.515 ms average ping

Still trying to figure out where you are getting Twilio New Jersey? It seems like you are talking about the VULTR data centers to your office, and not the VULTR data centers to the pops.

Twilio is 35% cheaper on inbound and at least 15% cheaper on outbound. Your DID numbers and toll free costs are irrelevant. You need to dump the DID's you arent using, maybe keep 5 extra. If you can dump half thats $600 per year.

On actual costs see below. You are clearly saving money now and any increase in call volume will only add to those savings. You could save on toll free with a couple other people, but for ease of administration I would keep it all at one place.

And remember, those PRI DID's cost the CLEC anything. I had a guy trying to port 800 DID's to me once and we ended up issuing 150 of our DID's, forwarding theres for 6 months and dumping them. My DIDs cost me nothing, porting those 800 would have cost me $200 per month and he would have been paying $800 per month to us.

Twilio
Inbound: 5,649 at $0.0045 / minute ($25.42)
Outbound: 6,421 at $0.007 / minute ($44.95)

$70.73

VOIP.MS
Inbound: 4,363.9 at $0.009 / minute ($39.28)
Outbound: 5,376.3 at $0.01 / minute ($53.76)

$93.08

And imagine these numbers in multiples. $700 versus $930.

Everything I hear about Voip.ms is good, but Twilio's infrastructure is many times larger. They are already cheaper. I cant really speak to Voip.ms but have been meaning to give them a try.

@nerdydad Right

Sorry, he posted that for me and no I did not see that. I think that is a good answer on what to do and will go forward from there. Thanks.

@coliver said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

@dashrender said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

@coliver said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

@dashrender said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

@coliver said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

@dashrender said in Meraki MS2** series vs Ubiquiti EdgeSwitch:

PLwzzxp.png

Does this mean the switch has some form of UTM or that the controller at Meraki does, and this switch can just tie in.

They can do some UTM... but when I was using them it was completely port and destination based. As in, we see all of this traffic going to facebook.com over port 443.

not that it matters, but my question would be - is it killed the the closest part to the user, or is it killed at the firewall on outbound traffic?

What do you mean? I used the wrong term. The switches do packet inspection based on destination and port. You can do dropping at the switch level or at the firewall level. But you can do that on most enterprise switches, even the Netgear I was using at the last job could do that.

Aww, i've never had the need, so didn't know.

It's not really something I've ever used. Just part of an ACL you can drop into place. Our network team here uses that functionality fairly extensively.

Perhaps my new Unifi switches can do it, my old HP's were rather limited, I don't think they could do something like this.

Same thing on the switches, prioritize that tag end to end.

This is standard We had (ugh) Windstream fiber in our Greensboro, NC office delivered by AT&T. Was a 24 port switch with a fiber conected on port 24 and we used port 1 for our handoff. They wall mounted it so it wasn't a big deal

@gjacobse said in Yealink TPx: Dial number for GUI:

I wanted to use the Dial Number in the Directory tab of my Yealink.
0_1502392902977_2017-08-10 15_19_48-Yealink T20P Phone.png

But it does not work:

0_1502392891806_2017-08-10 15_21_03-Yealink T20P Phone.png

Since I think this is separate from the PBX itself, I think it's with the phone? just not sure... Any thoughts?

It should dial a number there just like dialing on the dial pad.

That said. You have freepbx. Just use the UCP to dial.

@bigbear said in VOIP Phone Suppliers:

@jaredbusch so they stock Yealink there too?

Did not check shipping on the last order.

@dashrender Yeah... which means you are stuck with what you have unless there is some design change or migration to another domain.

@gjacobse It is the password you are using, you need to put passwords with special characters in command prompt with ' ' such as:\

net user testNTGtest 's0m3p@s$' /add /passwordreq:yes /fullname:"userTest"

@grey This might help get you started. There are 2 types of change tracking for MS SQL. Pick the one most appropriate for your scenario.

https://docs.microsoft.com/en-us/sql/relational-databases/track-changes/track-data-changes-sql-server

@scottalanmiller I think she's so used to me putting her into hypothetical situations she has adapted to saying what she needs to say without arguing lol

@travisdh1 Ok, thanks for the explanation.

@stacksofplates said in Prevent Specific Key Combo Pass-through in QEMU/KVM virt-manager:

While annoying, if you just hover over the toggle it will work. I hardly ever do full screen so I've not encountered this.

0_1495836507120_Desktop 2_007.png

For some reason I never seen this response. This does the trick! Thanks!

@stess said in Need help with powershell:

@dafyre said in Need help with powershell:

@stess said in Need help with powershell:

@dafyre said in Need help with powershell:

GitHub link: https://github.com/dafyre/PoweshellScripts/blob/master/folderInheritance.ps1

<# .SYNOPSIS File / Folder Auditing script to determine which users have permissions that are *NOT* inherited. .DESCRIPTION Date UpdatedBy Details 08/10/2017 BW Initial coding. #> $path="C:\TEMP" $outFile="myFolderInheritance.csv" $nonInherited=new-object System.Collections.ArrayList $folders=dir $path -Directory -recurse|get-acl| select @{Label='Path';Expression={$_.PSPath.replace("Microsoft.PowerShell.Core\FileSystem::","")}}, @{Label='User';Expression={$_.Access.identityReference}}, @{Label='IsInherited';Expression={$_.Access.IsInherited}}| where {$_.IsInherited -eq $false} foreach ($item in $folders) { $pass=0 write-host "Checking folder $($item.path)" foreach ($user in $item.user) { #$x=$nonInherited "$($item.Path), $($user),$($item.IsInherited[$pass])" $x=$noninherited.add("$($item.Path), $($user),$($item.IsInherited[$pass])") $pass=$pass++ } } $nonInherited|out-file -FilePath $outFile write-host "Done."

These works to certain extend of what I am looking for, but it needs some tweaking to work the way I am expecting the result.
Thanks!

How are you wanting the result to look?

The script doesn't appear to be showing false on non-inheritance. There either True or False for every member of the folder regardless of their inheritance.

I am looking into this post right now as it was brought up in Spiceworks.
It shows the result I am hoping for where non-inheritance = false and inherited = true.

Ah, okay. I thought you wanted to only see the ones where Inherited=False...

So you want to see everything, and whether or not it is inherited?

Edit: Also for the CSV File generated, the layout is

Folder, User, Is Inherited

Is Inhertied is True or False.

@tim_g said in Using 1MB Block Size Virtual Disks for Linux VMs on Hyper-V:

I haven't stopped creating Linux virtual disks that way on Hyper-V yet until I know for sure, so I'll continue doing so. I suppose it can't hurt anything if they are smaller than the default, even if it doesn't apply.

Right, unless you want to really go out and test this FS by FS, I'd keep doing it. 🙂