Posts made by notverypunny

Also had to run the snowblower for the 1st time this fall / winter so there's that

Enduring a stubborn 5yo who insists that her tooth feels like it's ready to fall out but that it won't come out no matter how much she twists and turns and messes around with it.... At this rate my jokes about having to blend her food are looking more like a reasonable option...

@stuartjordan said in Hestia Development Full Webhosting Panel:

Still very active and now on version 1.4.17. I'm still using this for my hosting and had no problems. Now have Auto updates on and 2FA.

Looks nice, 1.5.0 just released today from what I can see on their github.

@nadnerb said in What Are You Doing Right Now:

Can I get confirmation of accuracy?

https://i.imgur.com/8hfAxsX.jpeg

Happy Thanksgiving you lot

Coming from a close neighbor, seems legit

Disruptive updates at our US sites since nobody's supposed to be there for the great turkey day

Happy Thanksgiving to all the 'Mericans

@gjacobse said in SAS 10k 600GB Drive RAID Adapter:

@notverypunny said in SAS 10k 600GB Drive RAID Adapter:

Literally anything from kijiji

Had to look this up as I've never heard of it before... While could be good to use - in my case it sorta doesn't make sense too... don't know what shipping from Canada to US would cost.. but as it's not a real need -

Ahh, I wasn't aware that it was a canada-only thing since it's part of the ebay family. New wrinkle in my brain this morning.

@gjacobse said in SAS 10k 600GB Drive RAID Adapter:

I haven't done any research as of yet, but a friend has more than 30 SAS 10k 600GB drives that he'd like to see about testing for use. Only thing is that he's having some trouble finding an appropriate controller.

Hitachi and HGST are the main ones, with some Seagates in the mix.

Is there a suggested card that would drive, that doesn't require server class hardware?

Easiest thing to do might be a used / refurb server with a SAS setup.... if it's just to pop the drives in to see if they're OK you shouldn't need anything recent or high performance. Literally anything from kijiji / craigslist / ebay with a SAS card and drive bays could do the trick.

@dave247 said in I've been asked to set up MFA on internal computers and servers:

@notverypunny said in I've been asked to set up MFA on internal computers and servers:

@dbeato said in I've been asked to set up MFA on internal computers and servers:

@dave247 said in I've been asked to set up MFA on internal computers and servers:

@notverypunny said in I've been asked to set up MFA on internal computers and servers:

As far as the internet connectivity issues are concerned, AuthLite has 0 dependencies apart from AD. It can also integrate with NPS / RADIUS + AD to provide MFA to just about anything that can use RADIUS.

It's also per-user perpetual licensing

oh nice, I will check that out immediately. I was looking at Duo too (of course) so I wonder how that compares. I like the idea that it has no other dependencies than AD - that's perfect for our current environment.

Yeah, DUO has dependencies with their service and if the computer doesn't have internet it has the option to let you login without a prompt so that happens. Not sure if AuthLite does the same.

Authlite has support for offline logins (meaning if the machine can't talk to a DC), it just requires the installation of their client on the workstation / server / endpoint in question. You can also require / enforce 2FA on your endpoints.

Here's a thread where one of the authlite guys gives a quick comparison of AuthLite vs Duo.
https://www.reddit.com/r/sysadmin/comments/ct9m31/duo_vs_authlite_for_ad_mfa/

Duo seems to be the easiest and I've been playing with it with the tiral. Its super easy to configure it so without Internet or Duo service connectivity, MFA is bypassed. So in the event we have an Internet outage (happens 2-3 times a year here), users will still be able to get into their computers.

OK.... but then the only thing that you have to do to bypass the security is pull the network cable, right? Unless there's some other requirement it seems like a massive security hole.

@dbeato said in I've been asked to set up MFA on internal computers and servers:

@dave247 said in I've been asked to set up MFA on internal computers and servers:

@notverypunny said in I've been asked to set up MFA on internal computers and servers:

As far as the internet connectivity issues are concerned, AuthLite has 0 dependencies apart from AD. It can also integrate with NPS / RADIUS + AD to provide MFA to just about anything that can use RADIUS.

It's also per-user perpetual licensing

oh nice, I will check that out immediately. I was looking at Duo too (of course) so I wonder how that compares. I like the idea that it has no other dependencies than AD - that's perfect for our current environment.

Yeah, DUO has dependencies with their service and if the computer doesn't have internet it has the option to let you login without a prompt so that happens. Not sure if AuthLite does the same.

Authlite has support for offline logins (meaning if the machine can't talk to a DC), it just requires the installation of their client on the workstation / server / endpoint in question. You can also require / enforce 2FA on your endpoints.

Here's a thread where one of the authlite guys gives a quick comparison of AuthLite vs Duo.
https://www.reddit.com/r/sysadmin/comments/ct9m31/duo_vs_authlite_for_ad_mfa/

As far as the internet connectivity issues are concerned, AuthLite has 0 dependencies apart from AD. It can also integrate with NPS / RADIUS + AD to provide MFA to just about anything that can use RADIUS.

It's also per-user perpetual licensing

I've been looking at some of the options out there. We've been using AuthLite for the IT team's access for years and it works great. The company wants to roll out MFA for all users and through the course of my research I've got the distinct impression that M$ wants people to go fully passwordless with something like a YubiKey.

So I've got a simple 2 node Wazuh setup that suddenly stopped working over the weekend.

I had followed the setup instructions here with the initial setup on 4.1 https://documentation.wazuh.com/current/installation-guide/open-distro/distributed-deployment/step-by-step-installation/index.html and things were more or less running fine. Haven't done a whole lot with it but it's given some nice visibility.

Elasticsearch and Wazuh are each single node clusters with Kibana installed on the same system as Elasticsearch.

Everything seems to have stopped randomly over the weekend, I don't see anything in the logs but I've got the feeling that I'm probably overlooking something stupid.

Agents are still showing updates on the keepalive but I'm not getting any new events into the interface.

Ideas or guides on where to start?

@dbeato said in KVM or VMWare:

@jaredbusch It is supported you can either pay for support or run OpenSource.
https://xcp-ng.com/

It has been super stable compared to Xenserver/Citrix XenServer.

Not looking to take over or diverge too much, but what stability issues did you have on Citrix? We're a 95% Citrix shop and rarely have issues with the hypervisor knock wood Just wondering if we're lucky or if there's something else at play.

K3B was my go-to app back in the day and it looks like it's still somewhat actively maintained

@stuartjordan I seem to recall this being one of the reasons I got away from KDE a while back. Some quick google work shows that it might be solved by using kio-fuse but YMMV.

@eddiejennings said in What Are You Doing Right Now:

Reading through STIG documents.

??

@voip_n00b Is it absolutely necessary to take the image from outside of the installed environment? Veeam's free windows agent / application runs within the installed OS so all you really need is remote access to the machine with admin rights and you're good to go. To answer your initial question, if they can't boot and follow clonezilla, I doubt that anything else is going to work out.

So I've been testing TacticalRMM in our environment and after reviewing with some colleagues, we need to tighten control to the admin interface. I've followed the instructions here https://wh1te909.github.io/tacticalrmm/securing_nginx/ and it works to block the public IP addresses, but as soon as there's ..... *** googling and a few more grey hairs*****

So the syntax in the documentation might work with escaped chars and other foolishness, but I found that using

SecRule REMOTE_ADDR "!@ipMatch xxx.xxx.xxx.xxx"

instead of

SecRule REMOTE_ADDR "!@eq IP1"

allows for use of simple formatting as well as CIDR Ranges

Now we all know!

@gjacobse said in I can't even:

I. just. - ugh

This isn't a home, this is an office. ... ... ...

Is that with just your test gear connected? You could have other devices / users hogging the download bandwidth. Good luck

@hobbit666 said in zabbix5.4 https redirect:

Need some help (simple help for you experts)
Installed Zabbix5.4 on Ubuntu 20.04.

Got it working fine on http://zabbix and separately on https://zabbix with Letsencrypt.

But i can't get the http to redirect to https?

If you're using apache one of the options in the following link should work:

https://linuxize.com/post/redirect-http-to-https-in-apache/