@scottalanmiller said in Firewalls & Restricting Outbound Traffic:

@anthonyh said in Firewalls & Restricting Outbound Traffic:

@JaredBusch said in Firewalls & Restricting Outbound Traffic:

@scottalanmiller said in Firewalls & Restricting Outbound Traffic:

Maybe do some role play... what is the use case where you end up with misconfigured DNS and then want to the person or system with that issue to really go offline completely? Like not just losing some things, but losing patching and monitoring too.

I have been down this road before, and yes. If someone was over at Art's Motel and had to set specific DNS setting in order to work right, and then comes back on my network and gets DHCP, but not a DHCP assigned DNS, then I want then to get no where.. Broken.

Yes!

insert appropriate meme here

So you are letting the users manage their own DNS settings? Lots of times you need to, so that's a valid case, I just want to be clear that that is what we are talking about.

Well, not the users directly. But there may be a case where DNS settings are altered undesirably (by IT, by malicious software, or simply an issue with the OS not flushing stale DNS settings from going off network).

Link to the MS Update Catalog for this issue(KB4012598).

@scottalanmiller said in dual factor auth for screen connector or other remote access?:

https://docs.connectwise.com/ConnectWise_Control_Documentation/Get_started/Administration_page/Security_page/Enable_two-factor_authentication_for_host_accounts

Thanks. Don't know why I didn't look there first.

@scottalanmiller Especially the streaming thing 😄

Believe me, it wasn't a piece of cake, due to the extreme old age tooling in dom0 (curl from 2006 in XS 6.5! Doesn't support SNI etc.)

edit: we even had to write our own HTTP server…

@msff-amman-Itofficer said in Beginner SaltStack Question: Can minions be placed in folders or groups ? (Coming from AD perspective):

@scottalanmiller

ohh shit, how did that get passed me...

Great, thanks again.

🙂

Get-Content -Path c:\scripts\Computers.txt | ForEach-Object {Get-WmiObject -Class Win32_Product -ComputerName $_} | select-object PSComputerName,Name,Vendor,Version | Where-Object {$_.Name -like "*Microsoft Office*"} | Format-Table PSComputerName,Name,Vendor,Version -Wrap -Auto | out-file c:\scripts\installed.txt

Updated. Management Framework 3 or higher required

Never used this but take a look...

http://www.smikar.com/

Had an issue when a colleague and his whole dept had made a signature which includes an image. However, a forward or reply, makes the email visible. Had traced down that that image caused the blank mail so I re-created the image (by print screen) then inserting it back.

We were using Zimbra, BTW.

Yes you can. And if you are unsure of yourself, mount it as RO to ensure that it is safe.

My Linux is better than your Linux.

Factory Reset, Setup, Disable Hardware Checksum Offloading, Works Prefect.

@BRRABill said in best hosted Windows server:

@wirestyle22 said in best hosted Windows server:

@scottalanmiller said in best hosted Windows server:

@Tim_G said in best hosted Windows server:

@dbeato said in best hosted Windows server:

See Vultr is a great thing from NJ 🙂

I never heard of NJ until I heard of Vultr.

It's the warehouse of NYC.

It's also the sewer of NYC

Easy now, Jersey Boy.

😄

@dbeato said in JRNL_WRAP_ERROR (SYSVOL):

@wirestyle22 You can still do the following as well:
http://kpytko.pl/active-directory-domain-services/authoritative-sysvol-restore-frs/
https://blogs.msmvps.com/acefekay/2013/08/28/how-to-recover-a-journal-wrap-error-jrnl_wrap_error-and-a-corrupted-sysvol-from-a-good-dc-what-option-do-i-use-d4-or-d2-whats-the-difference-between-d4-and-d2/

Maybe also move to DFRS instead of FRS, you would only use FRS if it is Server 2003 as part of one of your DCs

Possibly in the future but I have so many other things to focus on

@scottalanmiller said in Strange Vultr VM Note:

That's certainly a weird choice to have made 🙂

Very weird. The first time I saw that message, I first thought I was still running 12.04 and needed to upgrade.

I'm seeing the same message on any Ubuntu based system right now.

@curious_mindz said in While on the topic of ransomware...:

I didnt see anyone talk about preventing Crypto virus from encrypting files. We used AppLocker and it resolved the issue for us, if you are not using an enterprise OS then you can use Software Restriction Plicies.

This discussion is not on preventing cypto. this part of the discussion was on dealing with the backups in a way that they cannot become tainted.

@dbeato But again this is the official article
http://www.dell.com/support/article/us/en/4/SLN266045/windows-server---the-poweredge-raid-controller-s100-and-s300-are-unsupported-on-a-hyper-v-host?lang=EN

The Win10 VM I'm running on KVM in Fedora shows up in WSUS like this:

0_1494983048761_Untitled.jpg

That one update needed is the 1703 upgrade. I didn't push that yet.

All seems well so far!