hello guys, it is me again with a new topic

what is better in term of performance and redundancy : software NAS (like freeNAS) or a hardware NAS ??

Hi everybody

I want to set up a voip system (just learning purposes) and i want to use a free IP PBX like Elastix or freePBX or any other asterisk based IP PBX, i have one POTS line, i learned that i can connect my IP PBX to the PSTN and make outside calls via a PSTN gateway (linksys SPA3102), according to what i wanna do, what is the best asterisk based IP PBX that play well with POTS lines ?

best regard

Hi everybody

i have a file server windows 2008 R2, i setup a daily scheduled backup on it (but the backup is made locally : backup D:\ to E:)
my concern is : i risk to lose everything if the HD get damaged because the data and backup reside on the same physical HD.
you may ask me why not changing the backup destination to network shared folder ?? i will tell you that if i select network shared folder: i will have only one backup at a time (each day the new backup overwrite the previous one) not like if i select local volume (i can restore at any given time)

my question here is : if i buy a DAS (direct attached Storage) and connect it with my file server, does the Windows Server Backup consider it as local volume so that i can select it as backup destination and allow me to have daily version of backups or it will consider it as network shared folder ??

Hi everybody

what is the latest version of CCNA Exploration, i studied CCNA exploration V4 but till now i didn't pass the exam for certification, is there any difference between old and new version of CCNA, if yes what are the main differences ?? and the link for downloading the course ??

thank you very much

it is a better practice to create OU for computers and OU for users, this separation will help you in dealing with computer and user configuration, then create and link group policy to your OUs, you will get a nice AD structure

i want to take your advise regarding the following setup :
i want to setup hyper-V in a desktop machine with the following characteristic : core 2 Deo 2 GB Ram and 250 GB in HD knowing that i want to host in it only 2 light VM (freePBX and pfsense) and this server will serve only 4 users

is it possible to do so ??

Hi everybody

i have vmware installed on my windows machine (hypervisor type 2) and i have one vm installed on it (configured freePBX) and i want to import/export to hyper-V hypervisor, can you give me some enlightenment regarding how to achieve this ??

Hi all
i have a xenserver hypervisor with 2 nic, i installed 2 guest : pfsense and freePBX,
for pfsense everything is OK, he recognized both nic (LAN and WAN)
the problem with freePBX, i want it to have one nic and it must be connected with the LAN of my pfsense, in other word i want the freePBX to be behind pfsense,
how to achieve this in XenServer ???
thank you for your help

hello everybody

i put myself in trouble when i decided to have an additional DC in my Domain, before this catastrophy i had 2 windows server 2008 R2, one of them is DC and the second one is an application server with multiple SQL server instances and databases,
i decided to promote the application server so that i have a backup DC, after promoting it some of the application installed on it stop working cuz the connection btw the app and database is failed,
i never thought that such transition from stand alone server to DC will cause this trouble, because the SAM account were deleted and i think the databases were configured with these local admin account,
now i demote the server application but the SAM accounts were all deleted, only i have 2 account : administrator and guest, the other account were all deleted.
now i don't know what to do to recover this,
is there any way to restore SAM accounts ???

wow, i run it on my Win 7, it shows me the key

@stacksofplates said in logrotats vs simple cron job:

How are you getting the logs? Did you set up a syslog server or something?

yeah, ASA firewall send me logs to rsyslog on my box centos, rsyslog write these logs into a txt file, then logstash read from this text file and parse the data to elasticsearch for storage as a form of indexes,
this mean that after each day i will not need this big text file so i have to delete it, so i'm asking how to do this safely
by the way you like jesse pinkman yo yo

@DustinB3403 said in logrotats vs simple cron job:

Can your log aggregator not manage this for you?

No, it is a manual setup,

If not, logrotate is the modern approach, but crontab would work.

i had trouble with logrotate therefor i decided to just create a simple cron job
thanks

Hi folks
i work on a project of centralizing logs of all servers, and let's say i want to delete a very big log file daily at 00:00 night, what is the best way to do it : configure logrotate or create a simple cron job ??

@marcinozga said in how to prevent non domain users from getting ip configuration:

Why do you allow them to wipe the PCs? Disable booting from USB, optical drives and floppy, and everything that's not the drive main OS is installed on, and password protect BIOS.

Next time you catch a user wiping their drive, take it to upper management and recommend termination of said employee. Once the word gets out, nobody will try any more shenanigans.

the user wipe his computer cuz the department in charge of helpdesk is not doint its job, it is a public sector, so as i security guy i want just to minimize the risk, it is complicated when we are talking about public sector, you don't have that control over the employee since you cant fire him lol

@DustinB3403 said in how to prevent non domain users from getting ip configuration:

How would this even work? You need to have an IP address to be able to communicate and bind to the domain.

Are you saying you're okay if the user statically assigns an address to their PC? And then maybe, somehow block that device at your switch or firewall because it's not bound?

you strike a good point, i forget about the fact that in order to determine a joint computer from non is done after the machine get ip configuration

Hi folks

any advice regarding arcSight SIEM, we want to have a SOC in order to have a full vision of what is going on in our environement, and the management intend to buy arcSight and waiting for our approval,

anyone already used it and familliare with the usecases ?? is it worth the investement ?
we are using ELK stack (free version) just to be the first stage in order to define our need and classify our network but we can't continue to use since it doesn't correlate events and send alarms in case of any attack

Hi ML community

i have a question regarding a policy i want to apply in my network, we have a very big envirenment and some users format their PCs in order to gain full access over their machine (they don't want to be part of the domain), i want to solve this problem by preventing any non domain machine from getting ip configuration so that they are forced to join their machin into our domain in order to get ip configuration,

how i can acheive that, i heard that their is some setting in the switch that can prevent non domain users from getting into the network but i have no clue how to proceed, any enlightenment please ??

@coliver Hi Sir

the management recommend me to use ELK as SIEM for our logs
the problem is : i get stuck at "Successfully started Logstash API endpoint {:port=>9600}" while trying to ingest txt log file into elasticsearch

here is my config file :

input {
file {
path => "C:\Users\mustapha\Desktop\test.txt"
start_position => "beginning"
}
}
filter {
grok {
match => {"message" => "%{WORD:username} %{WORD:email} %{WORD:hash}" }
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "test"
}
}

my log file is :

username email hash
username email hash
username email hash
username email hash
username email hash

i cant even get this simple example work, am i missing something ???

Hello guys

anyone tried ELK : (elasticsearch+logstash+kibana) stack before ? i have a couple of question ?