@dashrender said in Looking for Security camera options:

@irj said in Looking for Security camera options:

@pete-s said in Looking for Security camera options:

I would guess though, that you could use a reverse proxy and still put most of these things directly online - especially if you put your own logon page in front of the proxy's redirect to the camera system.

Yes, the cameras or NVR would be accessible through the reverse proxy only.

When you authenticate with SAML, the users are authenticated against a third party "login" service (called Identity Provider). So you are basically outsourcing 2FA and the login process to someone who has the resources to secure it. It's how enterprises do it.

Kind of...

Any resource as important as camera system would certainly not be exposed directly. There is no reason for it. You're never gonna say "Customer please login and check the camera system." So why publicly expose at all.

Require VPN and make it internal only resource.

You're right about using SAML for authentication and using groups to maintain.

wow - I don't know what customers you're talking about - but the two I had that have cameras absolutely demanded an app on their phone to watch their cameras from anywhere.

Where they enterprises or hobby businesses?

@Pete-S stated specifically enterprises and that is what I am answering. Nobody in an enterprise needs to check a camera while out to dinner. In real businesses CEOs don't have access to cameras nor do they care.

@Dashrender you've misinterpreted nearly every reply on this thread and frankly everyone else is not understanding your replies like your sarcasm.

@pete-s said in Looking for Security camera options:

I would guess though, that you could use a reverse proxy and still put most of these things directly online - especially if you put your own logon page in front of the proxy's redirect to the camera system.

Yes, the cameras or NVR would be accessible through the reverse proxy only.

When you authenticate with SAML, the users are authenticated against a third party "login" service (called Identity Provider). So you are basically outsourcing 2FA and the login process to someone who has the resources to secure it. It's how enterprises do it.

Kind of...

Any resource as important as camera system would certainly not be exposed directly. There is no reason for it. You're never gonna say "Customer please login and check the camera system." So why publicly expose at all.

Require VPN and make it internal only resource.

You're right about using SAML for authentication and using groups to maintain.

VLANs, firewall, and internal access only through VPN/bastion.

It's not difficult, it's not expensive when you consider the amount of value you get in many aspects of IT infrastructure(not just cameras).

Come on guys, these are basic concepts.

@marcinozga said in Chia Mining and HD Shortages:

@dashrender said in Chia Mining and HD Shortages:

@marcinozga said in Chia Mining and HD Shortages:

@dashrender said in Chia Mining and HD Shortages:

@marcinozga said in Chia Mining and HD Shortages:

@irj said in Chia Mining and HD Shortages:

2. One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.

Consumer or enterprise drive? It could simply be bad unit. Although I do hope mining wears the drives that fast. Hardware manufacturer should put a clause in warranty, that mining voids it. What happened with GPU market is just insane, ordinary people get screwed over. Crypto needs heavy regulation or just outright ban.

man, someone doesn't like Crypto.

And what's to like? Mining wastes crazy amounts of energy for some useless calculations. In the end you have what exactly? Some string of characters. But cyber junkies need their fix too I guess.

We'll definitely have to disagree here. Am I happy about the shear amount of power being used to mine BTC? no, I'm not... but currency that's not controlled by the rich and powerful or the government, one that can't be devalued just by them turning the printing presses on? HELL YEAH I'm all for that.

Currency that can be devalued with a few tweets is better?

I love that there are idiots that listen to tweets whether it's buy or sell. When everyones buying I'm selling and vice versa. If you would have bought yesterday you'd be up big time today.

@marcinozga said in Chia Mining and HD Shortages:

@dashrender said in Chia Mining and HD Shortages:

@marcinozga said in Chia Mining and HD Shortages:

@irj said in Chia Mining and HD Shortages:

2. One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.

Consumer or enterprise drive? It could simply be bad unit. Although I do hope mining wears the drives that fast. Hardware manufacturer should put a clause in warranty, that mining voids it. What happened with GPU market is just insane, ordinary people get screwed over. Crypto needs heavy regulation or just outright ban.

man, someone doesn't like Crypto.

And what's to like? Mining wastes crazy amounts of energy for some useless calculations. In the end you have what exactly? Some string of characters. But cyber junkies need their fix too I guess.

That blanket statement you made could be said about computers/servers in general. They are not meaningless calculations if they have a purpose. Are you going to go around and decide which data is a waste of energy and what isn't?

Are Hobby business or home labs a waste of energy, now too? Is your business data a waste of energy?

@stuartjordan said in Chia Mining and HD Shortages:

There are many people now farming plots to create Chia coins, mostly buying enterprise ssd's for temporary storage then buying over 10tb spinning disks to transfer to. I think we are going to end up going down the route with what happend when people started GPU mining. I can see drives becoming very expensive. Thoughts?

I think this will be short lived. I know a couple people that bought a ton of drives do chia mining.

The thing is the pool isn't open yet till end of month. All these people think the $1-2k they put into drive will make them a $1k-2k return each month. However in my opinion there are multiple issues here.

1. Once the mining pool opens, the price will drop like a brick. 90% decrease in value of coin will happen very quickly

2. One of my buddies who just bought NVME drives for this purpose, has only been using them for a week and is at 72% life left.

3. Basically chia mining isn't sustainable IMO and the coin isn't established like ETH so this won't be like GPU shortages at all. It will be very short lived.

@siringo said in Changing subnet mask?:

@dashrender said in Changing subnet mask?:

Then comes the question - does he have the gear needed to do that?

the answer is no, the answer to whether I have the desire or need is also no.

That's a very sad answer IMO

@jaredbusch said in Changing subnet mask?:

@irj said in Changing subnet mask?:

How do you move to zero trust model without network segmentation?

Using a VLAN does not have anything to do with zero trust. Actually, using a VLAN implies you are still using a LAN trust model for the things within the VLAN.

Yeah, ideally each application would be separated. In enterprise, it's done on each tier within the application. Also you would just want to whitelist specific traffic needed and allow nothing else.

I didn't recommend zero trust in my first response due to amount of effort. I did recommend not having a flat network and using simple VLANs and firewall. At a minimum separate your servers and block access there.

@travisdh1 said in Changing subnet mask?:

@irj said in Changing subnet mask?:

@travisdh1 said in Changing subnet mask?:

@irj said in Changing subnet mask?:

@siringo said in Changing subnet mask?:

Sorry if this is a dumb question but ...

Inherited an old SBS network which has been upgraded, but is still using the 10.0.0.0 /8 setup.

I was thinking of changing the subnet to /24.

Currently all devices still have 10.0.0.x addresses.

Some of the their network gear is managed and I need to arrange with them to change settings within their Cisco gear to /24.

If I get the Cisco gear changed, prior to me changing the servers, PCs, printers etc to /24 will everything remain working??

For example, If I get the Cisco gear changed to /24 on weekend 1, will everything still communicate & work fine until I can change the other gear on weekend 2??

I know the subnets are different, but with all devices having 10.0.0.x addresses I'm thinking they still may be seen by the /24 devices????

Does that make sense?

Create /24 VLANs. Separate severs, printers, workstations with different VLANs. Then you can block workstations from even seeing server VLAN.

Seems like a lot of work with no business need from what we know.

Can you expand on this?

How is this alot of work and how is there no business need to segregate important data?

Because in my experience data security is pretty damn important from a business perspective.

You're conflating VLANs with security. VLANs themselves provide zero additional security, just network segmentation. It takes seconds for someone with network access to scan for any active VLAN and tag packets with different ones.

If you want additional security, you need to move to a zero trust model.

How do you move to zero trust model without network segmentation?

@travisdh1 said in Changing subnet mask?:

@irj said in Changing subnet mask?:

@siringo said in Changing subnet mask?:

Sorry if this is a dumb question but ...

Inherited an old SBS network which has been upgraded, but is still using the 10.0.0.0 /8 setup.

I was thinking of changing the subnet to /24.

Currently all devices still have 10.0.0.x addresses.

Some of the their network gear is managed and I need to arrange with them to change settings within their Cisco gear to /24.

If I get the Cisco gear changed, prior to me changing the servers, PCs, printers etc to /24 will everything remain working??

For example, If I get the Cisco gear changed to /24 on weekend 1, will everything still communicate & work fine until I can change the other gear on weekend 2??

I know the subnets are different, but with all devices having 10.0.0.x addresses I'm thinking they still may be seen by the /24 devices????

Does that make sense?

Create /24 VLANs. Separate severs, printers, workstations with different VLANs. Then you can block workstations from even seeing server VLAN.

Seems like a lot of work with no business need from what we know.

Can you expand on this?

How is this alot of work and how is there no business need to segregate important data?

Because in my experience data security is pretty damn important from a business perspective.

@siringo said in Changing subnet mask?:

Sorry if this is a dumb question but ...

Inherited an old SBS network which has been upgraded, but is still using the 10.0.0.0 /8 setup.

I was thinking of changing the subnet to /24.

Currently all devices still have 10.0.0.x addresses.

Some of the their network gear is managed and I need to arrange with them to change settings within their Cisco gear to /24.

If I get the Cisco gear changed, prior to me changing the servers, PCs, printers etc to /24 will everything remain working??

For example, If I get the Cisco gear changed to /24 on weekend 1, will everything still communicate & work fine until I can change the other gear on weekend 2??

I know the subnets are different, but with all devices having 10.0.0.x addresses I'm thinking they still may be seen by the /24 devices????

Does that make sense?

Create /24 VLANs. Separate severs, printers, workstations with different VLANs. Then you can block workstations from even seeing server VLAN.

@mr-jones said in Build or Buy?:

@hobbit666 said in Build or Buy?:

What would suggest today for a gaming PC?
Budget is £700 for just the box. Also any recommendations on specs, daughter wants to play Minecraft, Sub Nautica, Fortnite.
(But i want to be able to play Counter Strike, Modern Warefare (not fussed running at Ultra detail settings) )

I had pre-ordered a gaming pc on some boutique builder site, but the wait time is intense. Roughly two months-ish. While waiting on that build, I saw a rig on Newegg for $2,669 about a week ago with RTX 3080 and i7 10700KF, some budget case, and a decent Z490-P mobo with included EVGA keyboard and mouse, so I bought that right away and got it within 24 hours.

Needless to say I can run anything I've tried to play on Ultra. Overall this was the way to go considering the current market.

Dell quoted me 3 weeks and shipped in a week. They still seem to have really reasonable turn around times

@gjacobse said in Build or Buy?:

@irj said in Build or Buy?:

@travisdh1 said in Build or Buy?:

@hobbit666 said in Build or Buy?:

What would suggest today for a gaming PC?
Budget is £700 for just the box. Also any recommendations on specs, daughter wants to play Minecraft, Sub Nautica, Fortnite.
(But i want to be able to play Counter Strike, Modern Warefare (not fussed running at Ultra detail settings) )

The only way to easily get any sort of graphics card right now is to buy a pre-built. I haven't even looked at prices in months because the market is so crazy right now.

Yeah that's what I did and I'm mining with while not gaming. I received my PC on April 17th and I've already made over $400 back mining in less than a month.

Which is why there is no GPUs right now. You could nearly have it paid off by Christmas instead of start looking at Christmas. Of. Course the mining payout depends on alot of factors, but even if you get only $100 a month, you have half your investment back in a year.

The topic of crypto has come up with my wife and I. A co-worker of her’s and another person have been investing in crypto,.. some how one of them made $14k pretty quickly.

There's a couple things I've learned trading crypto over the past 4 years.

• Buy low and sell high. Most importantly buy low.

• In order for people to make money. They have to sell. Last ones in take the loss. If everyone and your barber is talking about crypto. It's time to sell, not buy.

@hobbit666 said in Build or Buy?:

@irj said in Build or Buy?:

Yeah that's what I did and I'm mining with while not gaming. I received my PC on April 17th and I've already made over $400 back mining in less than a month.

Which is why there is no GPUs right now. You could nearly have it paid off by Christmas instead of start looking at Christmas. Of. Course the mining payout depends on alot of factors, but even if you get only $100 a month, you have half your investment back in a year.

What you using for the mining. Been very very long time since I looked at it

RTX 3090 and Nicehash

I paid $3k for pre built with 3090.

If you are worried about just ROI, you can get one with 3080 for around $2200-2500. You'll get your money back faster that way.

@travisdh1 said in Build or Buy?:

@hobbit666 said in Build or Buy?:

What would suggest today for a gaming PC?
Budget is £700 for just the box. Also any recommendations on specs, daughter wants to play Minecraft, Sub Nautica, Fortnite.
(But i want to be able to play Counter Strike, Modern Warefare (not fussed running at Ultra detail settings) )

The only way to easily get any sort of graphics card right now is to buy a pre-built. I haven't even looked at prices in months because the market is so crazy right now.

Yeah that's what I did and I'm mining with while not gaming. I received my PC on April 17th and I've already made over $400 back mining in less than a month.

Which is why there is no GPUs right now. You could nearly have it paid off by Christmas instead of start looking at Christmas. Of. Course the mining payout depends on alot of factors, but even if you get only $100 a month, you have half your investment back in a year.

@jaredbusch said in Build or Buy?:

@travisdh1 said in Build or Buy?:

just a bad time to be in the market for computer parts.

Just graphics cards.

Certain AMD Ryzen processors are impossible to find at retail right now as well.

@siringo said in Windows Inventory Tool?:

Wondering if anyone can suggest a free inventory tool for Windows networks?

I need to get a list of PC & server hardware & software
Disk capacities
Installed apps
OS versions
Printer make and models
and so on.

Thanks for any help.

Powershell

https://4sysops.com/archives/how-to-build-a-powershell-inventory-script-for-windows-servers/

@jimmy9008

@gjacobse said in Outlook 2016/o365: Sent items issue:

Thus far, nothing has resolved this issue.

As the install was Office 365;
Deleted OST file
Deleted User Mail profile
Online repair
Un-installed Office 365
Cleared application / user folders - rebooted
Installed Office 2016

The only other thing i can think of is;

• Backup user data, wipe the drive (2 min max as it is a nvm drive)
• Image and restore user data.

This is an odd issue to say the least. I am hoping the o365 team can determine a solution rather than having to go that route.

I feel like you're shooting a shotgun in the woods during a new moon and praying to hit a target.

If you don't have permission to make any changes because of GPO and you have no visibility in office 365. Then just escalate the issue. Otherwise it's just a time waste for all involved.