It turns out that the outlet that I had the switched plugged into via a powerstrip had one always on outlet and the other was switched. So whenever they would leave they would turn off the lamp connected to the switched outlet...and their network switch. Good times. I moved some things around and the switch is now on a UPS and off that switched outlet.

MileIQ for mileage works great, set it and forget it.

I'm wondering if war caster is worth it for me to maintain darkness or not. I'm leaning on no for the above reasons, but I def could be wrong. Depends on how many things can get around darkness that I encounter, which I can't know in terms of my campaign.

Thanks. I appreciate the schooling.

@wls-itguy said in New Gmail UI:

Am I the only one to still not see the Early release option?

It's finally there!

alt text

@kelly said in GDPR Resources:

@obsolesce said in GDPR Resources:

@scottalanmiller said in GDPR Resources:

@kelly said in GDPR Resources:

However, I am done trying to explain things to you @scottalanmiller. Nothing personal. I like you as a person, and I respect your perspectives on many things, but how you're handling this conversation is wearing.

Sorry, honestly trying to learn here. I guess there is a lot of information about GDPR that everyone knows that I just don't understand. But where is everyone learning so much about it?

But if a company is US based (no physical or registered presence in the EU), can they even do anything about it?

This was addressed in the thread: https://mangolassi.it/topic/16992/gdpr-resources/75.

Didn't see that.

But, wow... I'm in complete agreement with SAM's reply to that. Wtf.

There is a gofundme page for Robert here:

https://www.gofundme.com/memorial-and-grief-fund-for-chrissy

@momurda said in Public DNS Provider Comparison:

Unlike FB, CloudFare actually makes products and sells them to customers.

An example: MangoLassi is a commercial CloudFlare customer. Without CF, we'd never be able to push the 200 million hits a month we sometimes take here!

@kelly said in Fireball Island Restoration:

I don't know if any of you played Fireball Island back in the day, but Restoration Games is doing a Kickstarter to bring the game back and improve it.

https://www.kickstarter.com/projects/restorationgames/fireball-island-80s-board-game-reignited-and-resto

They're already almost fully funded for all of their stretch goals, so this isn't a Kickstarter that is simply going to vanish.

It was more than fully funded in an hour according to the kick starter.

@dafyre said in Alternatives to Facebook:

@kelly said in Alternatives to Facebook:

@dafyre said in Alternatives to Facebook:

MeWe seems to be a decent option.

I'm piddling around on a Diaspora pod (https://diasp.org/)... Diaspora (https://diasporafoundation.org) aims to be a decentralized Facebook.. I'm not quite sure what to make of it yet.

My concern about Diaspora is that there doesn't appear to be much in the way of controls for guaranteeing the privacy of users. It appears that user privacy is dependent on the honesty of the ones running the pods. I haven't dug in to it very far, so I might be missing something.

This appears to be a valid concern. Each pod can have its own TOS and such as well.

Yeah, that's a really bad idea, overall. I get why they go that route, and it's fine for a kind of "group of forums" but doesn't address the kind of usage Facebook is for.

@scottalanmiller said in Gamifying Productivity:

https://habitica.com/

Thanks @scottalanmiller. I forgot the link.

@stacksofplates said in If all hypervisors were priced the same...:

@storageninja said in If all hypervisors were priced the same...:

@stacksofplates said in If all hypervisors were priced the same...:

Also, decisions are often more nuanced than simple TCO decisions. If you have compliance requirements this often shifts to commercial solutions that have validated FIPS 140-2 modules/solutions. If you need a DISA STIG at a given level paying some money and being able to deploy a single VIB to harden compliance vs. go through checklists and argue with auditors can be a big deal. How do you quantify the cost of applying with NIST for validation with a do it yourself setup vs. a turnkey solution?

RHEL/RHV have a good solution here. Auditors go through OpenSCAP scans with nice HTML reports and we justify any “failures.” It’s a pretty nice system.

That just audits if it was set. What I'm talking about is a single package you deploy that goes ahead and sets the configuration settings up for you.

On ESXi you can use Update Manager to track compliance with the DISA VIB, and use that for tracking it. Just attach as a baseline to your clusters and let Update Manager keep it up to date. Ed Groggin I think has a tool that will do an auto-generation of a report on the hardening guidelines.

Looking online, I'm not seeing Server 2016 in STIG viewer yet. Has Microsoft not gotten a STIG out yet?

Also Redhat Virtulization licensing cost as much (or more) than vSphere Standard. At that point if you don't need/want Redhat support VMware looks a lot more attractive. Oddly the only STIG for Suse I'm seeing is for Z series.

Well yes and no. They have built in remediations with OpenSCAP, so you can have it auto remediate your machine. We ran an auto remediate to get the correct settings and then pushed it all out with Ansible since we can apply specific rules or not based on the type of machine since they are all RHEL based (workstations, servers, hypervisors, etc). We don’t use RHV, but they have a subset of rules for RHV which is why I mentioned it. We use bare KVM for systems and it works out pretty well. Ya I’m not sure about 2016 but I wouldn’t be surprised seeing how slow they are.

The remediations are in Bash, Ansible, and I think Puppet? Anyway I have written a few of the Ansible remediations for them and have had them pulled into the project.

Also many of the new ones seem to only be used by scammers/spammers. Probably due to the fact there are so many of them now(tlds and spammers).
.top
.xyz
.win
All of these are newer tlds that legit people can use, but in reality i have only ever gotten spam or a bunch of login attempts from them.

I still dont get why some of these new tld are managed by companies like Amazon or Gallo vineyards or this company called Donuts, which seems to have been setup specifically to gank management of as many of these tld as possible.

Just received this spam today, so these people are definitely out there...

" My company provides IT PMO and Project Management Consulting services. We have a proven approach to delivering PMO Startup/Improvement, Project Delivery, Project Management Training, and Project Management Software services nationwide.

Our dedicated SQUAD of experts can lead your high-priority IT Projects allowing you to focus on the core of your business. We have a successful track record of delivering IT Applications, Infrastructure, eCommerce, and Digital projects using Agile, Waterfall, and hybrid methodologies.

I would like to speak to you about your current / future IT Projects and PMO needs to see if we can help. Are you the person I should speak with? If not, can you please point me into right direction?"

@rojoloco said in PMP (is too short a title, so I'm adding this text):

The PiMP certification I have is worthwhile, but that's a different animal than PMP...

You ANIMAL!

@kelly said in Setting up Linux to use Active Directory Certificate Services:

@momurda said in Setting up Linux to use Active Directory Certificate Services:

Have you gone to
http://yourCA.domain.com/certsrv/mscep_admin
If so is it showing a page like in the walkthrough?
Have you tried without enrollment challenge password requirement?

Yes to the first. I used the information there to run the mkrequest.

I haven't tried without a password.

Same error when no password is used in the mkrequest command.

@tim_g said in Replacing a failed CA:

@kelly said in Replacing a failed CA:

@dashrender said in Replacing a failed CA:

@kelly said in Replacing a failed CA:

@tim_g said in Replacing a failed CA:

@kelly In what way is your DC using certificates?

Domain Controller Authorization and Domain Controller.

I ended up just deleting the certs within CertMgr on the DCs themselves, and then requesting new ones. It appears to have fixed the problem.

I was wondering if it would simply be that simple.

I was leery of doing it at first since I didn't know what all was tied to those certs. In the end I just decided to go for it.

You could always export the cert first before deleting it. That way you can always put it back.

Too late for that... cough
0_1510771545875_quote-damn-the-torpedoes-full-speed-ahead-david-g-farragut-342437.jpg