Best posts made by PhlipElder

PhlipElder

IT Team gets together and creates the hold from hell.

https://www.theregister.co.uk/2016/04/29/it_helpdesk_creates_oh_hold_hell/

PhlipElder

https://www.reddit.com/r/VOIP/comments/dypp36/20191119_critical_freepbx_security_vulnerability/

"There has been a criticial security vulnerability discovered in FreePBX which allows remote code execution without authentication."

v14/v15 should automatically update themselves. Earlier versions will not.

PhlipElder

@wirestyle22 said in Random Thread - Anything Goes:

thanks

This is what's keeping me busy lately. Building a Chicken Coop, though we're calling it the Palace, for our girls.
2020-05-19 Chicken Coop and Run.PNG

We have Leghorns (apparently pronounced LegUrns, Rhode Island Red, and Plymouth Rock (black) to start.

Construction is 2x4 insulated 8' x 8' with the run being 20' x 8'. All those years in construction back in the day always seem to pay off in some way.

Apparently, I've been elected to be the one to get them from the coop to the table when the time comes.

PhlipElder

@JaredBusch said in Manage domains and DNS for customers?:

@Pete-S said in Manage domains and DNS for customers?:

Is there a good way to manage domain renewals and DNS settings on behalf of a customer?

Basically handle everything and then invoice the customer. But the customer should still legally own the domain(s).

Anyone granted access to log in to the registrar can become the sole owner by transferring the registration to someplace that no one else has access to.

Without any legal contracts stating clearly how it all works, the legal owner is whoever is paying for it. That would be you, not them, in the scenario listed.

IANAL, but barring things like previously trademarked names, a company would likely not win (assuming cost of litigation is not an issue) in court if you said they did not own the right to their domain registration.

We actually put it in writing that we are managing their Internet properties and services and that ownership of said properties are theirs. If they decide to move on, it's in the contract that they would pay the fee(s) for the transfer out with the unlock codes presented once that process was initiated.

PhlipElder

@dashrender said in Random Thread - Anything Goes:

@nadnerb said in Random Thread - Anything Goes:

So sad but true!

Why do so many companies have to hear it from an outsider before they believe it?

Prophet is never known as such in their own home land.

PhlipElder

@scottalanmiller said in Typical services and software in SMBs?:

@pmoncho said in Typical services and software in SMBs?:

On a side note (very anecdotal), being nice has its benefits. I have seen on numerous occasions and even 3 times in the last month, an ITSP/MSP are nice till they get the account then turn into being total dicks! I don't understand it but it is so close to turning into axiom.

As an MSP, while I believe we are always nice, I can tell you that the customers practically demand this scenario. Time and time again, if you are nice to the client, they dump you for the next abuse dick that comes along, makes obviously false promises, pressures you into tripling your budget and signing long contracts with no protection for you. The average client only wants a vendor that treats them bad. I can't explain it, but the better job you do, the less likely a customer is to keep you. Obviously the great customers aren't like this, but good customers are few and far between. Most want to micromanage and IT is just scapegoat for their own mistakes.

Our longest standing client ~~was~~ is a company I started supporting at the end of 1998. All of our clients would sign a cheque today for anything that would be needed for the IT to function as it has been since we took it over.

We divorced our last abusive client over 10 years ago. IT was a bleed for them so we did a lot of break/fix to the tune of $xKs per month but they would take 90+ days to pay and we'd have to chase them for the cheques.

After getting fed up with them not updating/upgrading their garbage and the payment situation a simple e-mail went out with the following:

As of January 1, 2012 our rates and expectations will be:
** 24 Hour Response Time (Defined as our reaching back out to you)
** 24 Hour Response Time Rate: $225/Hour
** 8 Hour Response Time Rate: $275/Hour
** 4 Hour Response Time Rate: $295/Hour
** Immediate Response Time Rate: $350/Hour

Heh, within seconds of hitting SEND they called back. :0)

Boundaries are boundaries. If we get an impression with red flags, my wife and business partner is really good at picking up on them versus myself, then we'll discuss whether it's advisable to pick up the business.

That being said, when we were starting out we took the business that we could and learned through the School of Hard Knocks, sometimes to the tune of substantial loss, all the while figuring out the best way to assess incoming for those flags.

PhlipElder

@dustinb3403 It's been a while, but there's a set of files the Mac writes to all folders it touches. .DS_Store or something like that.

We've seen busy graphics houses have their file servers brought to their knees by this "feature".

These guys: https://dea.nbird.com.au/2014/11/19/windows-server-prevent-mac-files-on-shares-ds_store-_-trashes/

PhlipElder

@Danp Whoever made the T-Shirt was probably too intimidated to mention the grammatical error or maybe let it go because the guy was a d*ck.

PhlipElder

@WrCombs said in DHCP Question...:

This is for a friend of mine who asked me ; And Wanted to be able to send him a link to read up on DHCP Best practices and ideas on his situation.

He came to me and said "if you set up a dhcp why do you set up .2-.254 with a gate way of .1
don't you want to keep some open for Static IPs... for example: printers?"

what can I say to him other than ~~.1 is reserved for gateway?~~ .1 is the gateway so it can't be used in the scenario.

He is explaining to me that this company Cybera is setting up a firewall for him at his location and is curious why they would leave it that wide and open without any reserved Static IPS.

I'm sending him the link to this thread to have him read through the answers I get.

Our rule of thumb, and it's a "we've been doing it this way since ... so we keep doing it this way" situation, is to set up the full subnet in DHCP and then set exclusions for what we want to set aside for servers, printers, and the like. We generally set printers via reservation.

Here's a simple scope setup in PowerShell:

Add-DHCPServerInDC
Add-DHCPServerv4Scope -Name "OUR Local Scope" -StartRange 10.100.10.1 -EndRange 10.100.10.254 -SubnetMask 255.255.255.0
Add-DhcpServerv4ExclusionRange -ScopeID 10.100.10.0 -StartRange 10.100.10.1 -EndRange 10.100.10.49
Add-DhcpServerv4ExclusionRange -ScopeID 10.100.10.0 -StartRange 10.100.10.200 -EndRange 10.100.10.254
Set-DhcpServerv4OptionValue -ComputerName DC.Domain.com -DnsServer 10.100.10.254 -DnsDomain Domain.com -Router 10.100.10.1

PhlipElder

The announcement page: Starwood Guest Reservation Database Security Incident Marriott International

My thoughts on the matter though rather curtailed from what I really want to say due to polite company: Some Thoughts on the Starwood/Marriott Reservations Database Breach

PhlipElder

@DustinB3403 said in Random Thread - Anything Goes:

@scottalanmiller said in Random Thread - Anything Goes:

A is positively the correct answer.

Kids in our family know what Eye-Dee-Ten-Tee (ID10T) and PEBKAC (Peb-Cack) mean.

PhlipElder

Easier is "Set up for an Organization" and choose a username. Ours would be Laptop Admin with the space and no password to avoid the questions.

Once logged on, CTRL+ALT+DEL and Change Password to set the new one. Note that the existing would be a blank.

PhlipElder

@mlnews said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

Fraud is on the rise despite a move to chip cards.

A security analysis firm called Gemini Advisory recently posted a report saying that credit card fraud is actually on the rise in the US. That's surprising, because the US is three years out from a big chip-based card rollout. Chip-based cards were supposed to limit card fraud in the US, which was out of control compared to similar fraud in countries that already used EMV (the name of the chip card standard)....

I remember reading comments from the American payment industry folks that basically said Americans were too stupid to do Chip & PIN. We've had it here for a very long time with TAP being a relatively recent addition. TAP is limited to $50 or $100 depending on merchant and product. It makes transactions fast versus any other method.

Swipe needs to be banned. Period.

Next up: RFID protection wallets. A must-have for frequent travelers.

PhlipElder

@travisdh1 said in Random Thread - Anything Goes:

@PhlipElder said in Random Thread - Anything Goes:

@DustinB3403 said in Random Thread - Anything Goes:

https://xcp-ng.org/forum/assets/uploads/files/1559624678253-broadcom-packets.png

Oh man, this is so freaking true it's not funny.

VMQ enabled in-driver for Broadcom Gigabit controllers in Hyper-V would kill network performance for the guests. Disable it then a driver update would set it back on again.

Ah, straight up fail then. I knew I prefer Intel NICs for a reason.

What blows my mind is the fact that the specifications for VMQ make it clear that 10GbE ports and silicon for tying in to the CPU cores are required.

Despite years of requests to remove that setting enabler/re-enabler Broadcom just ignored it.

PhlipElder

2019-07-19 Twitter - SonicWALL Advisory.PNG

Their site was offline most of this morning. It seems to be back now.

Rule #1: Never, ever, have a device connected to the Internet in an unrestricted manner for any kind of management. Never.
Rule #2: Update it. Always. Pay the fee if need-be, but make sure it's up to date.

The number of iDRAC/iLO/RMM horror stories heard around here as a result of being plugged directly into the Internet are sadly more numerous than they should be.

PhlipElder

@wirestyle22 said in Random Thread - Anything Goes:

@phlipelder said in Random Thread - Anything Goes:

@wirestyle22 said in Random Thread - Anything Goes:

https://www.ign.com/articles/epic-v-apple-judge-rules-apple-must-allow-developers-outside-payment-options?utm_source=twitter

Epic v. Apple: Judge Rules Apple Must Allow Developers to Direct App Users to Outside Payment Options

Plus they've been spanked for their Orwellian iOS v15 "we're just scanning your pics for known kiddie p*rn" efforts.

I suspect the code would still be there just turned off though.

We're so far behind on personal digital identity protection here in North America.

nothing more universally hated than child abuse so if they cant use that to get it through then we're doing okay

History tells us that "We're doing it for the children" or "We're doing it to keep you safe" or "I'm here from the Government and I'm here to help" (Reagan) are all bad things. Period.

The Slippery Slope of intrusion has been ongoing for decades now.

Pegasus. Wow. Just. Wow.

Scorpion.

EternalBlue. Same. Wow.

We're working on two products right now. One is an elastic case that covers the phone's entire surface but the touch screen to obfuscate the obvious and hidden cameras/sensors as well as muffle the mic. The second is a Faraday kit that will include a wireless charger integrated so that the device can stay in the box while on the move.

I don't know about you, but I'm done with being watched, listened to, and tracked everywhere I go.

PhlipElder

@Dashrender said in AWS Catastrophic Data Loss:

@PhlipElder said in AWS Catastrophic Data Loss:

@wrx7m said in AWS Catastrophic Data Loss:

This was one AZ, right? If so, you need to design your environment to span multiple AZs, if not regions. This is beginner AWS design theory.

A few things come to mind:
1: Just how many folks know how to architect a highly available solution in any cloud?
2: At what cost over and above the indicated method does the HA setup incur?
3: It does not matter where the data is, it should be backed up.

Microsoft's central US DC failure, I think it was last year or early this year, cause a substantial amount of data loss as well. Not sure if any HA setup could have saved them from what I recall.

How many people backup their O365 systems? I am willing to bet VERY few!! yet, if MS were to have the same issue, customers would find themselves in a similar situation.

One (invalid) claim I see from time to time when migrating to the cloud - it saves money because backups are part of the solution... which we can see here is definitely not the case.

Veeam was one of the first ones on the block to back up O365. That's messaging that Microsoft has not made clear but I've seen in the grapevine as far as the customer being responsible to do so.

No. My sh#t on their sh#t means no sh#t if something takes a sh#t.

PhlipElder

@RojoLoco said in Random Thread - Anything Goes:

@PhlipElder closest call I had in FL was nearly stepping on a HUGE rattlesnake on a golf course... luckily, he was in the process of eating a toad that was the size of a cantaloupe.

I went to one of the last Ignite events in Orlando where there was a hurricane in the Gulf. I don't remember what it was called. Flights were screwy all over. When we eventually landed in Dallas (we were redirected initially to another airport to land and wait due to fuel concerns) there were no more flights to Orlando but one had room to Fort Meyers.

Distance from Fort Meyers to Orlando = Edmonton to Calgary here. I've done that drive a lot so rented a Grand Caravan as I was pretty tired by then and didn't need 400bhp under the saddle.

The GPS unit was too small. I missed the Interstate. I missed the next highway. I ended up taking the last one that would get me there but it went through every Tom, Dick, and Harry little town imagineable.

I got to see Troopers wrestling a big brawl in the street in one town.

In another, a big Ford 3500 dually Super Duty was driving with no lights so I flashed him a few times but he kept going. County Mounty took off from a gas station in front of me, crossed across my path while turning the cherries on, and headed off to stop the SD.

In one town the GPS took me through an area that brought back memories. Heh ... No more comment there.

But, the creme de la creme ...

I'd just left a town with the street lights behind me. It's about 0200Hrs or thereabouts by now. I'm tired but am on the last leg to Orlando. So, clear pavement with a number of lanes in both directions. There's a moon so I can see pretty good plus the Grand Caravan's lights are pretty good.

I see what I think is a Y pipe. Huh?
Someone dropped their Y pipe?
Nothing I could do as I didn't want to swerve to miss as that'd probably be worse than just hitting it.
BANG! BUMP, bump, bump, bump. The van literally jumped around while it went under.
I pulled over to make sure there was no oil pissing down. Nothing. Nada. Zippo. Zilch.
I got back in the van and sat there for a bit playing it over and over. SOaB. The thing MOVED after I hit it heading off to my right and ... it was a freaking huge gator.
The Y was its tail and its legs as I approached. It was sitting perfectly in line on the road.

I LOVE telling that one to my fellow Canucks as it's HILARIOUS. I hit a freaking GATOR! LoL

EDIT: BTW, talking to Floridians at the event they thought I was nuts that I thought it was hilarious but they told me it was fairly common and that gators were very resilient. They also told me to never get out of the vehicle again as the gator could have been right p*ssed waiting to swallow me. :0)

PhlipElder

@Dashrender said in Printers - IP or WSD:

@Kelly said in DHCP Question...:

Another is using a utility or print server so that the end point never needs to know the current IP address of a printer.

Have you found this to work? Even on print servers, I print to IP, and the server print queue is static to that IP.
I haven't used WSD ports on a server yet - have you?

WSD breaks things. We turn it off on all printers we deploy on a given network.

Windows 10 doesn't listen to our manually setting the default printer post feature update. It then drops the WSD setup in which causes the print driver to break for whatever reason.

PhlipElder

@dafyre said in Random Thread - Anything Goes:

@PhlipElder said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@PhlipElder said in Random Thread - Anything Goes:

@scottalanmiller said in Random Thread - Anything Goes:

@Dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@PhlipElder said in Random Thread - Anything Goes:

@scottalanmiller said in Random Thread - Anything Goes:

Anyone been to Rackspace's website recently? I forgot that they even existed. I went to their website and realized why...

https://www.rackspace.com

This looks like an AI generated page of gibberish if you said "make a generic MSP page that says nothing."

I'm seeing rumblings that business continuity for anyone on their Hosted Exchange is a total loss. So, if they are not Outlook enabled and thus able to export their mailbox to a .PST file, or other such client that can do so, they are totally and completely hooped.

Sacrosanct Edict #1: One shall never lose the data. One shall save the data. One shall always back up the data. One shall always test restore the data. One shall lose job if lose the data.
^^^
In this case, one has to wonder how long RS is going to be around as the rest of their businesses get hit with the lack of trust.

Now, the G00g lost a freaking huge amount of mailboxes something like a decade ago. We had a customer impacted by that. No redress. None. Back then there wasn't a disaster recovery structure in place where they could back up their data short of making regular .PST files. So, gone. It was all in the G.

For personal backups, I'm using MailStore Home (https://www.mailstore.com/en/products/mailstore-home/). They have some business offerings that might be worth looking at regardless of your provider.

Thanks for this.

I have a client that doesn’t want to do M365 backups because they think a cloud provider won’t lose data.

Remind them that Microsoft lost MY data!!

Backstory?

Prepare for incoming book. lol.

Heh ... we had a client lose their business continuity about a decade ago when the G00g had a major outage. No phone numbers to get anywhere with them. It was a ticket. Eventually, the silence from the G00g was a GFY.

They had enough documentation outside of their mail system to marginally pull things together but it was a huge hit against them.

Yeah, Cloud. It's da'bomb. ;0)

Unfortunately we're getting pressure from the state level down that is wanting us to go to the cloud. We just disabled our 2 AD Controllers that wer ein Azure because of problems they were causing.

The psychology behind the marketing push and mental formation is nothing short of amazing.

I've had peeps stare at me like I was from Mars because we focus on on-premises workloads including Exchange.

"Why?"

Then all the sputum like "Modern", "Agile", and other such Gummy Bears get dropped as convincers meanwhile not one, "this is why cloud is better than on-premises and its payback" ever gets mentioned.

He who has the data owns the data. He who owns the data can do with the data what he pleases. He who has the data can also lose it and tell peeps to GFY when they are panicking because their entire business just went down the toilet. #SMH

EDIT: Case and Point: Musk going on about playing vid games in a TESLA. Really? I don't give a flying f*ck about that. I want a car that will get me from A to B with the occasional 5 second or better run to 110KM/H or even a 13 second or better quarter mile.

The rest is all FLUFF. FEATURES ARE FLUFF. They mean SFA to a business's bottom line (I have ~~new~~ no (and I'm still dyslexic) clue in my dyslexic brain where that apostrophe goes). That just goes over most peep's head.