Best posts made by NashBrydges

Another project to try out. Did you start with a minimal Fedora install? Any other requirements needed for this install to work?

For those of you with a Unifi controller on a cloud server, what have you done to set it up securely? I found instructions on how to get the Let's Encrypt certs setup (I haven't tested yet) but wanted to know if there was anything else, other than Fail2ban, that you had done.

Also, if you're running a captive portal, I read a few threads on the UBNT forums that talked about the captive portal delays in authenticating. There isn't going to be any real authentication, just click to agree with ToS, but if it's going to take up to 1 - 2 mins to allow the device to proceed to the requested site, not sure I want the controller outside the network.

@black3dynamite It helps protect your site from DNS spoofing. Here's an example site with DNSSEC.

https://en.internet.nl/site/www.internetsociety.org/303794/#sitednssec

If DNSSEC is improperly setup, the site will not resolve.

Don't think it's very widely used though.

Veeam Agent running in free mode absolutely does do incremental backups.

@phlipelder said in Client Wants To Transition From Windows To Linux:

Curiosity question: Are the users already familiar with FOSS to some degree thus the request?

I'd really like to hear about how the transition goes and how long it takes the users to regain their efficiencies.

The client's staff are all relatively young and all have expressed interest in this move which was the primary reason why they're entertaining this move. Being a small company with few employees, getting the existing staff onboard was important and moving forward, they will be creating onboarding documentation to help new employees less familiar with non Windows OS.

You may not have LoS to the building from your current location but I had a similar issue with a client and we were able to negotiate with the property management of a nearby apartment building that did have LoS. My client rents access to the building roof where we installed fiber internet access and a Poit-to-Point network. There's about 2km between the PtP devices and we managed to get about 175Mbps speeds using Ubiquiti gear. Would that be an option you could investigate? Easy to setup VPN between locations at that time.

@emad-r My APs only get rebooted after every update.

@jimmy9008 I haven't read the ToS in some time but can't remember restrictions about personal vs business on the free plan. Just limited to 50 alert types.

Here's a new one on me and google-fu is failing me.

I have a client with a Windows Server 2012 R2 running 1 VM in Hyper-V. Everything works perfectly on the server and the VM except that integration services shows the vm was created on Dec 31 1600. Checked dates on both server and vm and everything is accurate. I checked the version of integration services and it is already on the most current version. And all updates have been applied to both host and vm. This isn't affecting anything as far as functionality but really weird. Anyone else seen this before?

@krisleslie said in Linux As File Server- Break Out From Other Thread:

I'd like to make a mention that if they are that small, do they really even need a local file server? I see more and more compelling reasons for SOHO's and SMB's to just "stick with" Google Suite or Zoho. They get easier IT management and Google ties into almost any service. Most LAN based services should depending on the sensitivity of it, consider being moved to the cloud and let go of the LAN methodology. I do appreciate how @scottalanmiller have encouraged us to take a look at what we are doing and considering moving to a LANLess design.

One thing I'm interested in is trying to show and prove that most small businesses are buying into certain services on name or reputation alone (I'm looking at you Intuit) and often while those services work, they aren't ideal anymore. I am very into decoupling services that traditionally sat in a LAN.

While I appreciate that many on this forum like the idea of lanless design, it isn't a viable option for some and part of good design is understanding when a local file server is necessary. That was why I mentioned that this is really for those clients only, for whom a local file server is the only practical solution. I do have clients who have no need for a local server and those easily served with ODfB or Google or Nextcloud.

@scottalanmiller said in O365 and backups:

@obsolesce said in O365 and backups:

@scottalanmiller said in O365 and backups:

@obsolesce said in O365 and backups:

Who knows... but important production data is data, hosted by MS or not... it should be backed up is how I'm leaning.

Technically, backups aren't quite that important. The old adage that everything needs to be backed up doesn't actually hold up under scrutiny. Certainly 99.99% of things should be, but there is still that lingering .01%. Outside of tech, we don't back up too many things in life, we consider the cost and effort to outweigh the benefits. In IT, this still happens sometimes.

And then there is "what is a backup?" O365 is backed up. Maybe not to the degree or in the way that we'd want, but it is backed up to some degree. So at least part of the fear of not having a backup is already handled. And super reliable systems don't always need backups.

Example... a cheap, fragile system with a backup might lose data once ever 200 operational years. What if we built a system that was so reliable that without a backup it would only lose data once every 220 operational years? If the backups were accepted for the first system, they are unnecessary for the second.

We often see backups as a checkbox, but technically they are just a factor in resultant protection against data loss. If you get acceptable protection without them, they aren't needed.

I haven't tested the O365 backup software yet, but I do know that every single email and OneDrive account does not need to be backed up. Can you pick and choose?

In theory, depending on the service. But I doubt it would be worth it too often. Going that route, likely some better way for the rare high profile data.

May be true for most cases but can't discount human stupidity or maliciousness lol. Had 3 instances where critical emails were deleted and needed to be recovered. One of those was a departing employee who deleted everything in their inbox and cleared their deleted folder. It wasn't until a month afterward that this was discovered. He thought he was doing the company a favour by clearing out the space. It wasn't malicious but definitely clueless.

Looking at the app, it hasn't been updated in some time. Will see if the Passwords app is any better.

I have a FreePBX setup on Vultr and enabled Lets Encrypt but there doesn't appear to be any way to disable admin portal access via HTTP or to redirect. Hoping someone here knows something I may have missed. Running FreePBX 14.

Has anyone looked at this yet?

https://nextcloud.com/blog/rocket.chat-and-nextcloud-announce-partnership-and-integration/

Things that bugged me about Mattermost...

• Limit on the number of characters in a channel name. Last I had it running, it was too short to be useful...like 20 characters only.
• Deleted channels did not also delete files so any files you had uploaded would permanently remain on the server. I think that's still the case. Have not tested whether that also exists with RocketChat.

Have you tried this? Disable the SIP module could fix your problem.

https://community.sophos.com/kb/en-us/123523

Setting up a new server and new VM for a client and need to buy a new Windows Server license. I would usually go to the most recent but wondering if anyone here has had any experience that would suggest sticking with a previous version instead? The VM will host an application that only runs on Windows so any mention of Linux isn't an option.

@scotth Not looking to influence your decision but the 50 IP limit is gone with Sophos XG. There are only hardware limitations such as max # cores and no more than 6GB RAM for Sophos XG.

@scotth said in pfSense vs OPNSense - Fanboy fued or real differences?:

@NashBrydges I'll keep that in mind. What I'll eventually be doing is to connect several locations for my family VPN. I'd like to feel at least somewhat secure.

Yeah, hard to beat Ubiquiti for what you're looking for, unless you specifically want the added UTM features.

If you happen to have a Synology onsite, they also offer Active Backup For Office 365. I'm using this at a small client's site with ~40 mailboxes. Works pretty well.

@syko24 said in Backing up Office 365:

@NashBrydges said in Backing up Office 365:

If you happen to have a Synology onsite, they also offer Active Backup For Office 365. I'm using this at a small client's site with ~40 mailboxes. Works pretty well.

Keep in mind Active Backup is only available on certain models of Synology. I believe mostly on the plus models. It is an awesome software though.

This is the list of eligible models from their site. That's pretty comprehensive.