Kerio Connect is their email product. Do you mean Kerio Control?
Also, found this on GFI's forum from 2014.
https://forums.gfi.com/index.php?t=msg&goto=115292&&srch=license+exhausted#msg_115292
Based on the couple posts I have seen, each registered user can have five devices. So, if they have 30 devices, they need 6 user licenses. Did they add any extra devices lately?
@scottalanmiller said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@pmoncho said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
Received my Cyberheist email from KnowBe4 about an hour ago and one article confirms that it was ConnectWise / Kaseya vulnerability from 2017 that was the vector.
We had a thread about that last week here on ML. We know that ConnectWise had vulnerable DLLs on their Windows installs. But we don't know if that was the case here. But we do know that they advertise publicly that they use some ConnectWise stuff, so the chances are relatively high.
Yeah, I saw that.
What I found interesting was that a source stated that the update was either not installed or not installed "correctly." What is "not installing correctly" with regards to Connectwise?
Yep, Just like when a local communications company bought out my local managed backup company. Needless to say, that relationship didn't last that long.
Received my Cyberheist email from KnowBe4 about an hour ago and one article confirms that it was ConnectWise / Kaseya vulnerability from 2017 that was the vector.
Well, I just re-upped for one more year so I have a year to decide.
Normally, I am not a fan of buyouts. Very rarely does it actually work to the users benefit.
@JaredBusch said in Upgrading Nextcloud via CLI:
@black3dynamite said in Upgrading Nextcloud via CLI:
@JaredBusch said in Upgrading Nextcloud via CLI:
Make a snapshot of your VM
I always make the snapshot at this point because once it is in maintenance mode, no new changes will be accepted.
So if things go to hell and you need to revert, there will be no conflict files.Do you create a snapshot while the VM is powered on or off before upgrading Nextcloud?
Generally powered on. If it is a super critical need, I will shut it down.
Do you snapshot the memory too?
@Dashrender said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
@dbeato said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah:
I think that if it was VPN, still bad practice to have VPN from MSP or any other systems that unprotected. MSPs should not need to have VPN to customers at all.
And vendors wonder why I won’t let them VPN into my network.... ha
Amen to that.
@scottalanmiller said in Does VDI Conquer the Dashrender Challenge?:
@pmoncho said in Does VDI Conquer the Dashrender Challenge?:
@Dashrender said in Does VDI Conquer the Dashrender Challenge?:
@scottalanmiller said in Does VDI Conquer the Dashrender Challenge?:
@Dashrender said in Does VDI Conquer the Dashrender Challenge?:
We constantly see people saying 'never publish RDP to the internet' - but how much of that is just fud, and the real issue is poor passwords and no lockout policy?
That's FUD. RDP is a fully secured protocol. It is wrapped in SSL, so already inside a VPN tunnel. It is as secure as anything else.
RDP has a tendency to be a high profile target, which is still not a big deal.
The biggest issues with RDP are that...
- Microsoft's implementation of an RDP server lacks common sense security to lock out brute force attacks. Like how fail2ban protects SSH.
- End users of RDP tend to be "Windows users" and that user group is notoriously incapable of doing things properly so tend to use weak passwords that never change on publicly exposed services.
If you treat RDP like you normally treat SSH (smart users, good security) they are equally secure.
I've held this belief for many years.
I have had so many sudo-Jared FFS's by at least 5 other security individuals about this subject over the last 15 years. I try to state the logic behind RDP with good passwords and lockout (RDP Guard) but get the "No Direct RDP connections" that is so ingrained in the security mantra.
The same "security people" that think constantly changing passwords that are short and easy for computers to brute force is how passwords should be managed, no doubt.
ABSOLUTELY!
@Dashrender said in Does VDI Conquer the Dashrender Challenge?:
@scottalanmiller said in Does VDI Conquer the Dashrender Challenge?:
@Dashrender said in Does VDI Conquer the Dashrender Challenge?:
We constantly see people saying 'never publish RDP to the internet' - but how much of that is just fud, and the real issue is poor passwords and no lockout policy?
That's FUD. RDP is a fully secured protocol. It is wrapped in SSL, so already inside a VPN tunnel. It is as secure as anything else.
RDP has a tendency to be a high profile target, which is still not a big deal.
The biggest issues with RDP are that...
- Microsoft's implementation of an RDP server lacks common sense security to lock out brute force attacks. Like how fail2ban protects SSH.
- End users of RDP tend to be "Windows users" and that user group is notoriously incapable of doing things properly so tend to use weak passwords that never change on publicly exposed services.
If you treat RDP like you normally treat SSH (smart users, good security) they are equally secure.
I've held this belief for many years.
I have had so many sudo-Jared FFS's by at least 5 other security individuals about this subject over the last 15 years. I try to state the logic behind RDP with good passwords and lockout (RDP Guard) but get the "No Direct RDP connections" that is so ingrained in the security mantra.
It has just become a dead talking point for me.
I just tell the doc's, "I have no problem spending more of your money that other "experts" want to rip from your pocket."
@StuartJordan said in Comparing MeshCentral 2 to ScreenConnect:
@scottalanmiller I believe it's the Google Authenticator.
Yep, Google Authenticator. I think it actually took about 90 seconds to setup. I did it on a test account first to make sure it would work.