@scottalanmiller said in Fail2ban on load balancer:

@wrx7m So the real question for geo-blocking is...

Pro: Blocks attacks from script kiddies and other annoying but essentially non-threatening entities.
Con: Blocks a small number of potential customers, likely causing them to not do business with you (because they don't know that they can.)

So put a dollar value on each, or ask your CFO/CEO to do so. How much is the value of the annoyance versus how much is the value of the lost revenue?

Both numbers are small. For me, I can't even imagine the second number, it's got to be tiny, but I can't estimate it. The first number I can estimate, approaching zero. Script kiddie attacks, those that can't change their IPs and aren't targeted, don't pose a real threat. They use a trivial amount of bandwidth, fill up some logs, but that's it. They don't impact me. So while I can't put a number of the "con", I know that there is one even if it is $5. But I can put a value on the "pro", and it is essentially zero. So for me, that's a crystal clear "don't take this risk without another factor" answer.

I agree with @scottalanmiller that it is hard to take someone as a serious threat when they don't even bother to change their IP address. On the flip side, it is something that IT management generally expects for whatever reason. I think a big part of comes down to the due diligence factor. It is easy for a CEO to say yeah we block China and Russia as part of our security. It sounds good on a high level which is where IT management lives.

I can see the requirement from their point of view, though. If you are breached and by chance it happens to be from a Russian IP, what is the first thing any security firm is going to ask. Why weren't you blocking IPs from high risk locations? In this case, I think for IT management it is has value. Losing .001% of sales will likely never be noticed and definitely not something where the IT team will receive credit.

The vultures have picked this one clean a long time ago.

@wirestyle22 said in UPS Radiation:

Is the consensus that this is an insane question to ask and I shouldn't worry about it? I'm not exactly worried but I realized how little I know about it

https://m.youtube.com/watch?v=SYhTQ5-AiHI

Thank for the help. I'll likely take a look at this on Monday

@DustinB3403 said in Using Ansible to Manage install and update Apple OSX DHCP clients:

Since I have to use DHCP for these, at least to find my clients I assume I can just edit /etc/ansible/hosts as @IRJ said by adding a

# Stupid DHCP Clients
192.168.1.[1.254]
192.168.2.[1.254]

Correct?

192.168.1[1:254]

When posting to ML, one must always be ready to square up ....

@black3dynamite said in Laptop for stock trading:

Here are the recommended system requirements.
https://mt4.quantumtrading.com/support/recommended-system-requirements/

That's not really stock trading that is analytics. Good analytics should be run on a server anyway. That kind of information should be accessible 24/7, if you're really going to rely on it. Which makes a laptop a bad choice. Analytics aren't really meant to be run occasionally.

I would guess there are better alternatives out there that can be run on Linux servers

@DustinB3403 said in Using Ansible to Manage install and update Apple OSX DHCP clients:

@IRJ said in Using Ansible to Manage install and update Apple OSX DHCP clients:

@DustinB3403 how are you liking ansible so far?

I'm still just getting into it. I'm not sure how playbooks work or how to confirm that the formatting is correct.

My Udemy reccomendations

Terraform - Absolutely loved this one!! It is all lab

https://www.udemy.com/share/101lhUA0UZdF9QTHg=/

AWS Security - Loved this course. It is all labs and extremely thorough

https://www.udemy.com/share/101lhWA0UZdF9QTHg=/

Ansible - Good course. I havent finished yet

https://www.udemy.com/share/101dMKA0UZdF9QTHg=/

CCSK practice tests - Decent practice tests. Helped prepare me for CCSK.

https://www.udemy.com/share/101lhYA0UZdF9QTHg=/

Then pick you Az103 course. As I mentioned earlier I did Az101 and Az102

@brandon220 said in AzureAD and shares:

@coliver They tried OneDrive and had a ton of trouble. They were constantly calling MS support to recover folders and files that were deleted in the middle of the night, when nobody was at their office. Folders were moved into random places.

It is VERY possible that it was user error on each occasion but the logs did not reflect that. They lost a ton of files too that had to be recovered from a backup. I will say that I have read about other occasions with similar results.

If they are using a single OD account, the logs aren't very helpful.

You could use a github repository and manage ansible locally using shell scripts.

@scottalanmiller , it would look like this.

#***********************************************************
# Install ansible
#***********************************************************

sudo apt install -y ansible


#***********************************************************
# Create or append ansible requirements file
#***********************************************************

sudo sh -c "echo '- src: https://github.com/florianutz/Ubuntu1804-CIS.git' >> /etc/ansible/requirements.yml"


#***********************************************************
# Install the role for CIS Ubuntu script from Github
#***********************************************************

cd /etc/ansible/
sudo ansible-galaxy install -p roles -r /etc/ansible/requirements.yml

#***********************************************************
# Create Ansible Playbook for CIS Ubuntu script
#***********************************************************

sudo sh -c "cat > /etc/ansible/harden.yml <<EOF
- name: Harden Server
  hosts: localhost
  connection: local
  become: yes
  roles:
    - Ubuntu1804-CIS
    
EOF
"


#***********************************************************
# Run ansible playbook file
#***********************************************************

sudo ansible-playbook /etc/ansible/harden.yml

https://www.howtogeek.com/402761/facebook-fudges-your-password-for-your-convenience/

This might be old news to some, but I hadn't heard about this till now.

For CIS compliance they recommend you set under /etc/profile.d/ to set auto logout. Is there anything set there?

https://askubuntu.com/questions/404424/how-do-i-restore-bashrc-to-its-default#404428

I am trying to create an EC2 instance by referencing a subnet already present in the environment. I would like to use the data from the .tfstate file in S3.

I found this in the terraform manual, but since I have multiple subnets, I am unsure how to specify a specific one

https://www.terraform.io/docs/providers/terraform/d/remote_state.html

resource "aws_instance" "test instance" {
  ami             = "${data.aws_ami.ubuntu.id}"
  instance_type               = var.test.ec2_instance_type
  key_name                    = var.key_pair_name
  subnet_id                   = data.terraform_remote_state.vpc.outputs.subnet_id

  tags {
    Name = "test-instance"
  }
}

Yeah it is really simple if you have root access. Use any of the results on the first page of "How to reset mysql password"

https://duckduckgo.com/?q=reset+mysql+admin+password&t=canonical&ia=web

In fact you dont even have to reset, you can just assume root access as root user without a password in most cases.

You can increase your volume size on the fly by modifying the volume and adding disk space.

You can then run lsblk to view your partitions. In this example the partition is xvda1 which seems to be the default for AWS. You can expand the partition below without a reboot.

sudo growpart /dev/xvda 1

Note: if you are 100% out of disk space you will get a message saying you cant write a temp file and perform the operation. You will need to delete an un necessary file or uninstall something to temporarily free up the disk space.

@marcinozga said in One of the configured repositories failed (Unknown):

Install yum-cron, set it up to email you when updates are installed and stop worrying about updates.

That doesn't fix a broken repo, you will still get errors