Best posts made by NashBrydges

Wondering if anyone has successfully used the Nextcloud/Owncloud provisioning API? I've read the documentation but it's really not proving all that helpful for someone who's looking to learn to use it. I'd love to learn to use this so if you've got some experience, I'd love to hear about it.

@jaredbusch That's totally relevant. Lmao. Agreed they suspect the breach took place between May and July when it was discovered, once it is discovered, the responsible thing to do is let the affected individuals know immediately. Not wait 6 more weeks. That's just stupid and irresponsible.

• During ticket creation, I have the opportunity to create new Organization, Contact and Ticket Type but there is no way to manage/edit those new entries once they're created.

• Would love to see full blown multi-tenant/multi-client capabilities built-in.

• The "organization contact" should be able to see ALL tickets created by that organization's users who are registered users.

• Ticket owner/creator should receive updates via email when ticket is updated by assigned "responsible" individual

• Have the ability to choose which type of update to ticket generates a notification email to ticket owner/creator (ie: send email to owner/creator when external note is added but NOT when internal note is added or when time is added)

• Have the ability to create a ticket on behalf of another user (ie: admin creates ticket for client who can therefore receive updates on ticket via email) and add this capability to group permissions so only some individuals can be allowed to create tickets on behalf of others.

• Have the ability to delete tickets once created

• Have the ability to multi-select tickets for deletion.

@Sodium

Edited for tagging and additional features

@scottalanmiller said in Virtualization build:

@MattSpeller said in Virtualization build:

@DustinB3403 said in Virtualization build:

@MattSpeller said in Virtualization build:

@DustinB3403 said in Virtualization build:

@MattSpeller said in Virtualization build:

@DustinB3403 said in Virtualization build:

@MattSpeller said in Virtualization build:

I fucking wish we could get pricing like that in Canada.

Have a buddy buy it for you and hand ship it up.

border agent: That's a nice server you got there.... be a shame if you had to... pay taxes on it! muahahahaha

Nothing to claim, a buddy gave me this equipment from his personal lab.

"In general, the goods you include in your personal exemption must be for your personal or household use. These goods include souvenirs, gifts that you received from friends or relatives living outside Canada or prizes that you won."

Canada customs gives no fucks about gifts, only charging taxes on everything

https://travel.gc.ca/returning/customs/what-you-can-bring-home-to-canada#conditions

And worst case, why not just have a receipt for $100 for computer equipment.

What's the tax on that?

You seem to be under the impression that customs agents are dumb. You would be incorrect in my experience.

Tax rate here is 13.5% so potentially saving $500 in tax is not worth the risk. They can seriously mess with you.

2630x1.25x1.135= $3731CDN.... sigh.

Edit: checked xe.com, it's $1.30:1 sobs quietly for the death of his online shopping fun times

YOu are assuming that the low price would be used. Those could easily be taxed based on a higher $5K or so US price.

For Ontario, Customs will charge me the HST (13%) of the Canadian value of the converted stated cost. So if the server is $2,500 USD, they will convert to CDN and then tag on 13% tax.

One thing I learned recently is that there are no duties to be paid on purchases that are coming in from the US like a used server. Buying new means that the country of original build will decide if there are duty fees to be paid in addition to taxes. Purchasing servers in the US means I only pay the taxes of the CDN declared value. That being said, shippers like FedEx will charge their own CLearance Entry fees and Advancement Fees so unless you have an account with the shippers, these tacked-on fees make it too expensive to buy from the US, even if you do find a crazy good deal.

@dustinb3403 said in Equifax Has 143 Million Americans Data Compromised:

In 2014.. .

There were about 125.9 million adults in the US

So literally everybody is f***ed at this point. Time to go to creditors and tell them to refuse to provide credit based on the methods they've been using.

Yep. Freeze your credit profile.
https://krebsonsecurity.com/2015/06/how-i-learned-to-stop-worrying-and-embrace-the-security-freeze/

@scottalanmiller said in Sodium Helpdesk Feature Request: Many Features Requested:

Moved to the Sodium group.

Damn, I even looked and didn't see a Sodium group. My bad.

@scottalanmiller I not quite at that max but pretty close at 56TB in a single volume local storage. Running Win 2012 R2 VM on Hyper-V 2012 R2 hypervisor. So far so good (2 yrs now). No issues other than that initial backup was a real b1tch but now that it's incremental, it's all good. No other caveats that I'm aware of.

@scottalanmiller said in In Other News - iPhone 8 has earpiece issues:

@bnrstnr said in In Other News - iPhone 8 has earpiece issues:

I also use mine daily and have never had an issue. @scottalanmiller have you taken your phone or headphones in under warranty?

Warranty services is so awful with Apple. That itself is a bit of a product failure. Sometimes it is good, sometimes it is hell. I fear any Apple warranty interaction.

I wonder if you just got a bad phone. I've had an iPhone since their first introduction 10 yrs ago and I've always been happy with the product reliability and performance. I've also needed to bring both an iPhone and iPad in for warranty and in both cases have been nothing but happy with the outcome.

Apologies if this has already been asked but I did a search and didn't find any relevant posts.

Am ready to migrate to using SodiumSuite for simple ticketing but one big feature I can't find is email integration. By this I mean having the ability to create tickets from emails, notifying admins and users on ticket status changes/comments. Would be great if ticket could be self-assigned or pre-processed based on rules (ie: if from email domain = example.com then assign to Admin2 and set Organization = Example Org). I use Office 365 but being able to use any email address to receive or send would be great.

Is this already on your roadmap?

@Tim_G According to my UPSs, I'm running my lab on about 1.2kw and yeah, I definitely notice the increase in power bill. It's costing me about $125 per month based on loca rates, delivery charges and taxes in.

@MattSpeller I'll be sure to post.

@scottalanmiller said in ISPs inject malware into chat download streams:

@dashrender said in ISPs inject malware into chat download streams:

@scottalanmiller said in ISPs inject malware into chat download streams:

@dashrender said in ISPs inject malware into chat download streams:

How do they MiT you on an encrypted connection? i.e. if you're using HTTPS, they have no ability to inject anything.

Oh there are ways. How do you think that tools like Palo Alto do deep channel inspection?

And of course there are ways - but I will never install an ISP cert as long as another internet connection option is available.

But once that option is gone, well, so is the free and open internet.

Lots of people don't have alternative options to check and see if they are getting an ISP cert or not.

That would imply accepting the cert and installing the cert.

@dafyre said in Looking for how-to on setting up a proxy:

I like this article: https://blog.roushtech.net/2014/02/19/pci-compliant-screenconnect-setup-nginx/

note: It's from 2014, so the config options and recommendations may not be the same today. It also assumes that your NGINX Proxy and the ScreenConnect bits are on the same server.

I like the article because it goes into a little detail on the why of some of the settings.

The thing is he suggests you need 2 public IPs which is rediculous. The services are on different ports so that wouldn't be necessary. And you're right, it is very very old.

@Dashrender said in Been Wanting 10Gb Lab For A While:

How much are the sfp+ you need for it?

I've been using DAC cables with my EdgeMax switch and they've been working perfectly. I ordered these and haven't had any issues with them.

http://www.natex.us/product-p/sfpcables24.htm

@scottalanmiller said in ISPs inject malware into chat download streams:

@dashrender said in ISPs inject malware into chat download streams:

@scottalanmiller said in ISPs inject malware into chat download streams:

@dashrender said in ISPs inject malware into chat download streams:

@scottalanmiller said in ISPs inject malware into chat download streams:

@dashrender said in ISPs inject malware into chat download streams:

How do they MiT you on an encrypted connection? i.e. if you're using HTTPS, they have no ability to inject anything.

Oh there are ways. How do you think that tools like Palo Alto do deep channel inspection?

And of course there are ways - but I will never install an ISP cert as long as another internet connection option is available.

But once that option is gone, well, so is the free and open internet.

Lots of people don't have alternative options to check and see if they are getting an ISP cert or not.

Oh.. I think I see where you are going here... but now my question is - will that work?

Let's assuming I'm trying to download telegram, so I go to https://telegram.org. The ISP can't fake the cert for Telegram.org - I mean they can, but your browser won't trust their fake cert, unless they got the ISP's own root cert into the user's computer's root store.

But when EVERY site says you have a fake cert, I know no one that doesn't accept them. One time, sure. I stopped Dominica just the other night because some site had a cert problem and I knew something had happened. But when it is every site and you can't do anything without accepting them, you start accepting them. What else can you do?

You're held hostage by your ISP. Given no other choice you might be tempted to accept their terms but you'd be idiotic in accepting those terms of having to accept their cert. I'll give you that for majority of people, yeah, they wouldn't think twice. Which is sad.

As the title suggests, I recently bought a "retired" school that I'll be converting to rental units over the coming months where, when all is said and done, I should have 25 rental units. I've scheduled fiber install at the building and will be getting a 1 Gbps connection within a couple weeks. My first order of business before construction starts is that I need to install a security system, maglock doors and video surveillance.

Hoping to get some recommendations on what you use for video. I've been a big fan of Ubiquiti APs and switches but I've never used their video products. I am a fan of the pricing on their cameras. Has anyone used them and if so, any feedback/suggestions/things to keep in mind? I know their bullet cameras are on PAssive PoE while their dome cameras support both Passive and 802.3af.

If you use something else, I'd love to hear what product and why. What are your favourite features and which features do you wish your system had.

I'd also like to understand how much space the video stream recording will take-up. I get that this is based on fps, compression, motion detection, length of retention, number of cameras...etc, but if you can share what your current setup is like and how much space you are using, this would be extremely helpful in proper-sizing the NVR VM.

I'm looking for minimum 720P, preferaby 1080P @ 30fps capability, IP cameras only, PoE, built-in IR with decent range, preferably something with software based NVR that I can run in a VM.

My initial setup would likely consist of ~15 - 20 cameras, and expanding to ~40 - 50 once construction nears a state where I can start renting. I'll be wanting to cover all of the common areas and entrances.

A nice to have would be to have the ability to stream a live view of the primary entrance to either small monitors mounted in each unit, or to residents' laptops or mobile devices. I know the UBNT NVR software has the ability to create "live views" but not sure about sharing these with as many as 20-25 screens at once.

Any kind of recommendations based on experience would be much appreciated.

@Dashrender One of the servers in my lab is a file server with 56TB drive assigned to the VM. Backup and replication for this were the biggest drivers for looking to move to 10G. Not to mention who wants to wait for a large file to transfer over 1G

Some of my customers are also moving to 10G in their networks which meant I needed to become more familiar with how best to setup and manage these. It's simple networking, true, but it made sense that I could demonstrate the benefits to clients when necessary.

*On January 17, 2018, WatchGuard Technologies, Inc., a global leader in security for small to medium organizations and distributed enterprises, proudly announced the acquisition of Percipient Networks, including their flagship offering, Strongarm. Integration of the Strongarm technology into WatchGuard’s comprehensive, network security platform enables Percipient Networks to broaden our offering to better address security threats and provide customers with the best possible protection from the widest variety of attacks.

The acquisition provides the right time to make a change to our home offering. The Strongarm free home tier was something we offered in order to introduce people to Strongarm and set the stage for future business opportunities in the home market. As Strongarm evolved, the home tier drifted away from our professional product specifically around features for phishing education and in-depth reporting. Whereas, home users were interested in an alternative to anti-virus and a free additional layer of security, Strongarm's personal touch and evolving set of IT focused information just doesn't align to the home market, so now is a good time to sunset it.

If you want to continue to use Strongarm you can upgrade to a professional account between now and April 1, 2018. Contact [email protected] to upgrade.

There are a number of free services similar to Strongarm's free version such as Quad9 and Norton ConnectSafe. Their setup guides will help you get set-up. Be sure that you replace (and not add) their DNS servers with the Strongarm servers when doing the configuration.

The Strongarm service will continue to operate until April 1, 2018 for existing users.

sincerely,

Todd O’Boyle

Co-Founder and CTO

Percipient Networks*

I'm shocked! <said absolutely no one>

@Tim_G I recently used this to install a Let's Encrypt cert on a IIS server and worked flawlessly. The one thing that isn't mentioned in that SW post is that you MUST have your domain name entered in the port 80 binding setup which isn't always the case.

These are the steps I followed...
1- Forward port 80 from external WAN IP to IP address of IIS server on the router/firewall
2- Forward port 443 from external WAN IP to IP address of the IIS server on the router/firewall
3- Ensure that DNS record points to the correct WAN IP and that it is reachable
4- Log into the server as Administrator
5- Go to IIS Manager, select the site, and from the Actions pane, select “Bindings” under Edit Site
6- Click on the http site binding and then click “Edit”
7- Under the “Host name”, please ensure that the full domain is entered (domainname.com) then click OK and Close
8- Download the Let’s Encrypt executable from https://github.com/Lone-Coder/letsencrypt-win-simple/releases/download/v1.9.3/letsencrypt-win-simple.V1.9.3.zip
9- Unzip the file and save contents to a folder on the server (I simply saved it in c:\new)
10- Open a command prompt as administrator and change command prompt directory to match where you saved the Let’s Encrypt client (in my case that was c:\new)
11- Type in “letsencrypt” and press ENTER
12- If this is the first time the client runs, you will be prompted to enter an email address and press ENTER
13- You will be asked to agree to the ToS of Let’s Encrypt, Enter “y” and press ENTER.
14- The command prompt will then show a list of available IIS sites as well as a number of other options. If this is the only site configured, it should appear under #1. It will ask you which option you would like to run. Simply select #1 and press ENTER
15- It will then automatically register the domain name and create and bind the SSL certificate.
16- You will be asked if you want to create a scheduled task to automatically renew the certificate in Windows Task Manager. If asked if you want to specify the user, select No and press ENTER
17- Once complete, go back to Edit Site Bindings and you will see that a new entry has been made for “https”. If you select it and press “Edit”, you’ll see the new SSL certificate named in the SSL box.
18- Test that you can now reach your server via HTTPS. Once you’ve confirmed, disable port forwarding for port 80 on your router/firewall and only keep port 443 active. This will ensure you don’t need to worry about redirection from http to https

@Dashrender The file server VM is currently at about 40TB used of 56TB available. Plus a number of other VMs that are all together using about 3-6TB (depending how many VMs I'm testing with at any one time). In total, I have a need for close to 46TB of backup space when you add it all up.