Best posts made by NashBrydges

• Ubiquiti ES48-500W
• Netgear GS724Tv3
• 2 x PowerEdge R210II running HA Sophos UTM 9
• 1 x PowerEdge R210II used for family remote backup
• 1 x PowerEdge R210II for the teenage kid to run Minecraft and some other war game for he and his friends
• PowerEdge R710 & MD1000 Veeam backup target (52TB RAID6)
• Spare MD1000
• PowerEdge R510 Hyper-V host running Plex media server (60TB RAID6)
• PowerEdge R420 Hyper-V host running a bunch of VMs including various desktop OS for testing as well as FreePBX, Sophos iView, Fastvue
• PowerEdge R610 spare server. Will probably get sold off as I haven't used it in some time.
• 2 x Dell 1000VA UPS
• Not pictured is a Synology DS2415+ as offsite backup target (80TB RAID6)

@kelly said in What is your perspective on the overall tone of interactions here on ML?:

Am I being too sensitive, or can this be a somewhat hostile place at times? (Telling me that I'm wrong here is not being hostile, btw.)

Nope, not oversensitive. It's very true that this can be quite a hostile place.

Two things I try to keep in mind.

1. I'm an adult. I can choose to participate in the animosity or choose to ignore the assholes. I pick and choose what is useful here and to be honest, the useful stuff far outweighs all the other bullshit I see.

2. I'm a professional. I know more than some, and some know much more than I. So I don't care too much if someone is going to be an asshole. Because if I post a question and I get useful information, I'm ahead, despite any animosity or hostility. If I post a response to a question, hopefully it's useful to someone. Of course, if I post a response and it is technically incorrect, I appreciate the responses that allow me to learn. Everything else gets ignored (most days).

ClamAV is available for Nextcloud.

https://docs.nextcloud.com/server/12/admin_manual/configuration_server/antivirus_configuration.html

Is it just me or are we hearing about these things almost every other day?

https://www.theregister.co.uk/2017/05/05/intel_amt_remote_exploit/

I've been complaining about my current Ubiquiti ES48 switch only having 2 SFP+ ports for 10G and I've had a few Intel X520-DA2 cards installed on my home lab servers for a while just waiting for a reason to make the full move to 10G. Looks like I found it.

https://store.ubnt.com/beta/unifi-switch-16-xg.html

Beta, true, and I may have a few headaches but it's for the home lab so I figured, at $299 for a 16 port 10G switch, I had to do it. Cross my fingers it doesn't turn out to be a dud.

@DustinB3403 said in CP - Dell vs HP server quotes:

I've received two quotes for new server hardware - one from our local reseller and one directly from Dell. As far as I can tell, the two quotes are identical spec-wise but the local reseller is almost $12k more expensive. Here are the two quotes:

Quote from Dell:
2x Dell PowerEdge R430 servers $6,665.60

• 2x Xeon E5-2630 v3 CPUs
• 2x 32 GB RDIMM
• Diskless configuration
  1x Dell SCv2020 iSCSI SAN $10,303.26
• 14x Dell 1.2 TB SAS 12GB, 10k, 2.5" HD
  1x Dell N2048 gigabit switch $1,693.49

TOTAL: $18,662.35

HP Quote from local reseller:
2x HP ProLiant DL360 servers $7,266.00

• 2x Xeon E5-2630 v3 CPUs
• 64 GB RAM (unknown configuration)
• Diskless configuration
  1x HP MSA 2040 SAN $20,932.00
• 14x HP MSA 1.2 TB 10K SAS 2.5in drives
• includes $5,850 in labor so actual price
  is only $15,082
  1x Cisco Catalyst 2960-X gigabit switch $2,320.00

TOTAL: $30,518.00

Difference: $11,855.65

Is there any reason why I should choose the HP solution over the Dell solution? I will be running vSphere 6 on these servers. I'm not familiar with managing either server line so either way I'll be learning new management tools. When it comes to support I think I trust my local reseller more than Dell but $12k extra is hard to stomach just for that.

[Edit: CP Code M.]

Unless that OP is restricted to 1U hosts, I would go with the quote from Xbyte for Dell 730xd with same specs as in quotes is

Multiply by 2, add Starwind's vSAN and a couple 10Gb NICs and he's done. Especially if only 2 hosts. Same(ish) price, way more reliability, better performance all around. I'd post that reco on SW but would likely get banned lol.

The one thing not mentioned is if there are other hosts connecting to the SAN.

This is from the same government that wants to insert backdoors into all encrypted communications? Gotta love the duplicity of that kind of bull$hit! Let me poke holes in your security but if you get breached, I'll punish you. Lol

@Helen No one in their right mind is going to click on a shortened URL. No reason for a shortened URL here. I get you may be wanting to get your click reporting out of this but I think you've chosen the wrong community for a bitly link.

https://www.zdnet.com/article/nasty-php7-remote-code-execution-bug-exploited-in-the-wild/

The Nextcloud advisory:
https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

1. What are the right questions a first-time colocation seeker should be asking?
2. How should colocation facilities be compared against one another? Pricing is obviously important but when services differ between offerings, what can be used to provide a valuable, effective comparison.
3. What are the most common "gotchas" that need to be considered in colocation?
4. Are there things that come up with tenants that surprise you on a regular basis? Perhaps things they should have known?
5. What's the dumbest thing you've seen from a tenant?

These are the steps I follow when setting up a Hyper-V server with a Windows 10 machine to manage in a Workgroup environment. Works perfectly every time.

From Hyper-V Server:

Enable Remote Management

• Select 4 on the menu
• Then select 1 for Enable Remote Management
• Go back to previous menu

Enable Remote Desktop

• Select 7 on the menu
• Then select "e" for enable
• Select 2 on the next screen for Allow clients running ANY version of remote desktop

Run Powershell Commands

• Type powershell in command window and press Enter
• Type "Enable-PSRemoting" and press ENTER
• Type "Enable-WSManCredSSP -Role Server" and press ENTER
• Select "y" when prompted to confirm and press ENTER
• Exit Powershell by typing "exit" and press ENTER
• In command prompt, type "net start winrm" and press ENTER <-- Use this is can't connect later to server

From Windows 10 Machine

• Control Panel -> Programs & Features -> Turn Windows Features On Or Off
• Enable Hyper-V role and press OK
• Launch Powershell as Admin
• Type "Set-Item WSMan:\localhost\Client\TrustedHosts -Value "IP_OF_HYPER-V_SERVER" and press ENTER
• Type "y" when prompted and press ENTER
• Type "Enable-WSManCredSSP -Role client -DelegateComputer "IP_OF_HYPER-V_SERVER" and press ENTER
• Type "y" when prompted and press ENTER

Edit Group Policy

• Click Windows icon and type "gpedit" and open Group Policy program
• Local Computer-> Computer Configuration -> Administrative Templates -> System -> Credential Delegation
• Edit the "Allow delegating fresh credentials with NTLM-Only server authentication"
• Click "Show" button to add items
• Add value "WSMAN/*" to servers list and click OK

Manage Via Hyper-V Manager

• Start Hyper-V Manager and click Connect To Server and add IP address of server
• Select "Connect as another user" and click "Set User"
• Enter user login details with username in format of "WSMAN\Username"
• Create Virtual Switch as needed

@tim_g said in Random Thread - Anything Goes:

Lol the comments

If ever we needed evidence that the gene pool was in serious need of chlorine - there you have it!

I got the chance to update to version 10. Currently running as a VM in Hyper-V on Ubuntu 16.04. A couple things to note...

• Don't forget to save a copy of any theme folder you may have created and paste it pack into the /nextcloud/themes folder

• You'll have to go back into your config file and enter the theme folder name back in as this got removed during the upgrade process

• I proceeded with the upgrade via the web page. Once the new v10 folder was created and config file and theme folder copied back, I simply launched the upgrade from the web page. It's a very small install so only took a few minutes to complete.

• I had installed the "disclaimer" experimental app on the previous v9.0.53 install and not really surprised that the new install got rid of that. If there was one request I would make it would be to include some version of the "disclaimer" app as a supported app in a future release. This is a very easy way to make sure the terms & conditions are available right from the application.

Will report back if there are any issues but so far so good! Nice job!

@scottalanmiller said in CP - Dell vs HP server quotes:

@Kelly said in CP - Dell vs HP server quotes:

What is the point of duplicating the discussion here? I understand that there were some objections to the moderation approach, but since the OP is not part of the discussion, is this anything more than an academic exercise?

The OP said that he wanted and appreciated the broader information so the inability to have an open professional discussion where this originated requires either that the OP be left without the information that he feels is valid (this case) or is needed for completeness (many cases.) So in the interest of a professional level discussion (meaning as professionals we have obligations to honesty, transparency, growth, education, etc.) rather than a Q&A post (the storage and virtualization arenas on SW are not Q&A only like ServerFault) the discussion has to move elsewhere. The decision to remove the open discussion for storage and Virtualization topics on SW was confirmed with SW officially, so those topic groups have nowhere to have those discussions there, and people posting on SW think that they are posting for discussion and professional guidance, which is not allowed there. So even just in the interest of letting the OPs know that we still care and are still trying to help regardless of the mod's decisions to not allow that assistance in that community. Otherwise, it looks like those of us who want to help have abandoned that community, and it's important that posters on SW know that we are still around, still trying to help them.

And in many ways, this is better. Now SW can maintain the "here is the answer to what you asked, no need to dig deeper if you don't want your boss to see" or whatever. But if the OP wants a deep discussion into what they need, rather than what they asked, they can come here. It does make it easy for them to opt in, or opt out of the deeper discussion. Sadly, it leaves casual passers-by on SW not aware that there are potential issues, but casual readers on SW are caveat emptor as far as understanding that what they are seeing is intentionally filtered "advice."

Just wow! I knew I had seen the SW community begin to be less and less helpful but when I see moderators asking to sticking to the original question at hand, that's the most blatant example of total uselessness!

OP: "So folks, should I shoot myself in the left foot or the right foot. Which foot do you think would be best"
RESPONSE: "Sorry, I'd ask why you need to shoot yourself in the foot at all but since that wasn't really your question, I'll have to wait for someone else to recommend a foot."
MIND = Blown

This year was the first year I started using mail marketing. I setup Mautic, and beginning in Feb and Mar, I sent a total of ~ 2,000 emails to local small businesses. These were the results...

• Total emails sent = 2,031

• Emails opened = 809 (39.8% Open Rate)

• Clicks = 60 (3% CTR)

• Calls = 7

Since Mautic tracks who opened the email and who clicked, I was able to see who clicked and DIDN'T call so I sent a follow-up email to those 53 who clicked but did not call which resulted in another 8 calls, so 15 calls in total.

As a result of the email, I picked up 3 new clients. To date, I've billed >$ 23,000 from those 3 new clients. Considering it took me only a few hours to setup Mautic and to setup and send the emails, and that these clients continue to be clients, I figure the effort was really worth it.

In my case, the email content was directly related to how small businesses had to adapt their operating models because of the pandemic and in all cases, they reached out specifically because they needed to understand their options for enabling employees to remote work. While this was the initial engagement, all 3 new clients have continued to seek support from my team and I.

Ask me if I plan on using email again? Absolutely!

@Richard_Cylance The issue is that you're fighting a problem of credibility. I read the Ars article a couple days ago and read through this thread and your responses to this tread's participants and while it feels like the folks here are asking some pretty direct questions, they are getting marketing speak in return. Sometimes, especially when credibility has taken such a hit, whether the stories are true or not, you have an uphill battle to climb and skirting questions with round-about answers won't get you where you need to be.

Having said this, I agree that a standardized approach to testing would be valuable. Problem is, malware is hardly "standard" with different variants behaving differently from one day to the next as these evolve. So as much as I'm with you on "let's get an open, public, standard way of measuring effectiveness", I don't think that's very realistic and I certainly don't believe this will address Cylance's credibility. The same would be true of any vendor in the same position.

My recommendation...stop...put away your marketing hat, and deal with questions head on. Failure to do so only casts further shadow and doubt.

@DustinB3403 said in Where to start?:

@NashBrydges said in Where to start?:

@coliver said in Where to start?:

@scottalanmiller has a really good list of projects to work on. I saved it for offline use but here it is quoted.

• There are some books in addition to the one I am writing here.
• Start with CentOS (I think he advocated Fedora now for most tasks)
• If you are serious about making a huge transition, phase out Windows in your life (temporarily at least) and go to a full Linux desktop / laptop to force yourself to change your mindsets about everything (Linux on the desktop teaches you nothing about Linux, but it might teach you something about perspective.) Use Fedora because it is closer to CentOS 7 and will prepare you for CentOS 8 when it comes.
• Build a Linux testing environment (you have XenServer today, replace it with KVM so that you have exposure to both Linux-ecosystem hypervisors.)
• Replace every Windows system you have with Linux, one at a time.
• Make loads of new Linux systems you don't have with Windows...
• • Home web server / intranet
• • Home info portal, WordPress
• • Home shared data site, MediaWiki
• • Home ticketing system, osTicket
• • Home NextCloud or similar storage
• • Home NFS shares
• • Home PBX
• • Home media server
• • Home chat server (OpenFire, Rocket.Chat, MatterMost)
• • Home minecraft server
• • Home Jump server
• • Home Ansible or Salt (or both) server
• • Home backup server
• • Home monitoring server (zabbix, zenoss, nagios)
• • Home logging server
• • Home firewall
• • Home repo for faster updates with less bandwidth

It's funny, this was my starting list and I've got most of them setup and running as VMs now.

I would setup this kind of thing for my home, but wouldn't have a use for any of it really. Do your family members use these or no?

If I could get some justification for setting up these kinds of solutions, then I would absolutely do it.

Yeah, my family definitely uses these applications, even if they aren't aware of where they are and how they are running. Shared anonymous network folder is huge help to transfer files between users at home. I have a gamer teenage son so I have Minecraft and a TeamSpeak server running for he and his friends (up to 20 players at a time). My home phone and office phones are using the FreePBX VM. I have Odoo running that I'll try as a CRM and Kanban board for myself. I have a time tracking server that a friend's team uses for billable hours. I have Plex running for the entire household and family. Wiki to keep track of home lab and my son also uses the wiki to provide documentation for projects he's working on. Hard to believe I've found lots of use for almost all of these and installed them only within the last year or so.

Got this email from MS today. Oh goody! MS is publicly announcing it is getting into the PUP/malware business

Getting flashbacks of Netscape v. Microsoft.

Starting with Version 2020 of Office 365 ProPlus, an extension for Microsoft Search in Bing will be installed that makes Bing the default search engine for the Google Chrome web browser. This extension will be installed with new installations of Office 365 ProPlus or when existing installations of Office 365 ProPlus are updated. If Bing is already the default search engine, the extension doesn't get installed.

https://docs.microsoft.com/en-gb/DeployOffice/microsoft-search-bing

@emad-r said in How to setup Nginx TLS certificate based Authentication (VPN alternative):

@emad-r

Unfortunately , while I did learn alot new stuff and ways. The original reason for learning this failed me.

What I did I install Fedora LXDE spin

Then installed ontop of that VNC on port 5901 made it run on local host

Then using No VNC and Websockify (is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. Implementations in Python, C, Node.js and Ruby.) Which creates a neat HTML 5 interface for VNC service, I configured this to listen to 127.0.0.1:5901 and output to port 7777
so http://192.168.1.x:7777
allows me to connect to my machine.

stay with me.

Using this method I tried to proxy http://192.168.1.x:7777 and use nginx extra security

It worked and installed on Fedora, and I can reach the noVNC connection dialog only after inserting the p12 key, however this lame login page:

https://kanaka.github.io/noVNC/img/noVNC-5.png

with the host and port option, does not allow me to finish the connection, I tried many options but I am so confused with all the proxying that I rather drop it, I feel like If I do more effort I might open proxy to another dimension.

I prefer using Guacamole for all my remote access needs but I think I'll definitely implement something like this to restrict access to my own staff.

@s-hackleman said in Fire fighting to project balance:

@dashrender said in Fire fighting to project balance:

This is like the HR problem often talked about around here. i.e. it's not IT's job to keep user's from surfing non work related websites, it's management/HRs job.

Same goes here, it's your boss's job to get with those other managers so the company can be efficient. Those managers should sit down and discuss the issues. And the management over the top of them all should welcome it because it makes the company as a whole more effective and efficient.

I guess that is where the disfunction exists. The other departments don't care they met their goals. Why do they care if it was hard for our team, we still got it done, we are just not happy about it.

That's part of the problem. When you bend over backwards to help out in such a rush, you are enabling the behavior rather than helping to change it.

You have turn time requirements, stick to those. When they begin to fail to meet their objectives, they'll learn very quickly.