How many people went out and watched Red Dwarf this week?

@momurda said in Windows 10 Pro for Workstation:

Does Win10 Pro and Server 2016 support NVDIMM yet?
This feature is supported in Workstation edition

Win 10 Pro does not, that's part of this release. 2016 has had it.

@emad-r said in Installing Debian 9.1 minimal:

@jaredbusch

I love Debian very customized 20 + installation steps... said no one ever.

I like options. It's not like you're going to go through all 20 steps for every installation once you have a base image setup, at least I'd hope not.

@jaredbusch said in It looks like a Mac problem, but...:

@dashrender said in It looks like a Mac problem, but...:

@kelly said in It looks like a Mac problem, but...:

@dashrender said in It looks like a Mac problem, but...:

@kelly said in It looks like a Mac problem, but...:

@dashrender said in It looks like a Mac problem, but...:

@kelly said in It looks like a Mac problem, but...:

@dashrender said in It looks like a Mac problem, but...:

@kelly said in It looks like a Mac problem, but...:

Well, the solution was no less peculiar. In my firewall config I had specified authenticated users for LAN to WAN in my work to

What firewall?

Juniper SRX.

I'm guessing some big money for that UTM.

About $2k for each node. We have an HA pair.

What was the reasoning behind the purchase?

I'm not sure what you're getting at.

A general consensus around ML is that UTMs are unnecessary, i.e. a waste of money. Additionally, Scott is pretty adamant that there is only one primary vendor (drawing a blank right now) that is good for UTMs.

So what I'm getting at is, what was the decision tree that lead to purchasing two $2000+ UTM firewalls? Why were they felt to be worth the value versus say a pair of Edge Routers? etc

You are conflating shit and coming up with something none of us have said.

I have repeatedly said that the typical SMB has no need for a UTM. I have never said that a UTM is unnecessary.

But once you need a UTM, then you need a real UTM and not some $300 piece of crap.

Palo Alto is the gold standard in the space IMO. It does not mean that other units are shit. Just not as good, IMO.

You also assumed that he bought these units for UTM. Which as you can see by the follow up response, he did not.

I made no assumption - I asked a question. Period. Then he was confused by the question, so I explained my reason for asking.

So the answer to my question was - because FIPS. Period, end of line. FFS

@dustinb3403 said in Confirming QoS for VOIP on Procurve 2848:

Ok cool.

Now looking at another switch 46 and 48 have a priority of 7, and 26 a priority of 4. (without an override).

Should I set everything to be like below?

46-7
48-6
26-4

Doesn't really matter. If you have no traffic on any other DSCP tags those priorities never apply.

Also does not matter much if you are not saturating the switch port in the first place.

@jaredbusch said in Project Send:

@dafyre said in Project Send:

@stuartjordan said in Project Send:

@jaredbusch Ok fair enough, I did do a search on ml before I posted as well, never mind...hopefully a gentle refresher post wont hurt....

ML's search feature doesn't work well at all, so if you find something you think is worth sharing -- then share away.

Actually it does now. The not working thing was a while back. You can now use quotes on phrases, and such also. It is no google index, but it is not bad now.

Good to know!

I found it!! This is how you do what I was asking for. I knew I had seen it somewhere.

0_1502718674574_2017-08-14 08_49_29-Common Problems and Their Solutions _ Start-Up _ openSUSE Leap 42.3.png

I'd look at the Mobo for bad caps, then do a memory test on it over night, and lastly replace the SATA cable.

@dafyre said in Install GLPI on Fedora 26 Minimal:

Does GLPI still do Helpdesk stuff too? We used it at my last job for a while, it wasn't terrible, but require d a little more clicking around, IIRC.

It appears to have a help desk built in.

It also completely ignores what DWPD is often a proxy for. Write latency consistency. A drive with .3DWPD MIGHT be good enough for your endurance requirements but might also completely implode on performance if all your writes are done within a short period of time and the application has end users accessing it.

0_1502659347438_Screenshot from 2017-08-13 16-18-35.png

@aaronstuder said in How to setup Nginx TLS certificate based Authentication (VPN alternative):

@emad-r 3650 🙂

One of the main reasons that normal certs cannot be bought with forever expiration is because then people would be less apt to update them as ciphers are broken.

Look at how many people still use(d) SSLv1 SHA1, etc., long after they were proven broken.

Majaro uses ext4 by default and handles software with the Pacman utility.

@lakshmana cwntos has a wiki page on the issue

That makes a bit more sense 🙂

@bnrstnr said in Centos 7 Minimal Install:

Is there ever a reason to go with one of the other security policies for centOS?

Depends where you work, usually this is set for government standards for example:
https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards

So theoretically if you work for the Government agency they will require you to choose certain protocols, and those profiles will make your life easier.

0_1502525541907_Screenshot from 2017-08-12 03-11-11.png

@jaredbusch said in Nginx Certificate Authentication issue:

@emad-r said in Nginx Certificate Authentication issue:

@jaredbusch said in Nginx Certificate Authentication issue:

ls -laZ /etc/pki/nginx/ca.crt

-rw-r--r-- root root ?

i specified -laZ intentionally to show the SELinux context also.

I don't have your directory setup, but this is what my /etc/pki/tls/certs looks like

drwxr-xr-x. root root system_u:object_r:cert_t:s0 . drwxr-xr-x. root root system_u:object_r:cert_t:s0 .. lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem lrwxrwxrwx. root root system_u:object_r:cert_t:s0 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt -rw-r--r--. root root unconfined_u:object_r:cert_t:s0 dhparam.pem -rwxr-xr-x. root root system_u:object_r:bin_t:s0 make-dummy-cert -rw-r--r--. root root system_u:object_r:cert_t:s0 Makefile -rwxr-xr-x. root root system_u:object_r:cert_t:s0 renew-dummy-cert

Thanks this pointed me in the right direction, a useful guide coming soon

@eddiejennings said in [SIP Pricing: How much are 11.338 milliseconds worth?]

Twilio: New Jersey at 12.853 ms average ping
Voip.ms: Atlanta (Atlanta2) at 1.515 ms average ping

Still trying to figure out where you are getting Twilio New Jersey? It seems like you are talking about the VULTR data centers to your office, and not the VULTR data centers to the pops.

Twilio is 35% cheaper on inbound and at least 15% cheaper on outbound. Your DID numbers and toll free costs are irrelevant. You need to dump the DID's you arent using, maybe keep 5 extra. If you can dump half thats $600 per year.

On actual costs see below. You are clearly saving money now and any increase in call volume will only add to those savings. You could save on toll free with a couple other people, but for ease of administration I would keep it all at one place.

And remember, those PRI DID's cost the CLEC anything. I had a guy trying to port 800 DID's to me once and we ended up issuing 150 of our DID's, forwarding theres for 6 months and dumping them. My DIDs cost me nothing, porting those 800 would have cost me $200 per month and he would have been paying $800 per month to us.

Twilio
Inbound: 5,649 at $0.0045 / minute ($25.42)
Outbound: 6,421 at $0.007 / minute ($44.95)

$70.73

VOIP.MS
Inbound: 4,363.9 at $0.009 / minute ($39.28)
Outbound: 5,376.3 at $0.01 / minute ($53.76)

$93.08

And imagine these numbers in multiples. $700 versus $930.

Everything I hear about Voip.ms is good, but Twilio's infrastructure is many times larger. They are already cheaper. I cant really speak to Voip.ms but have been meaning to give them a try.

@nerdydad Right