@bbigford said in VPN and Exchange:

I just tried a web browser to see what appliance I would hit, and it goes straight to OWA.

Just port forwarding, most likely.

@bbigford said in VPN and Exchange:

@reid-cooper said in VPN and Exchange:

@bbigford said in VPN and Exchange:

@reid-cooper said in VPN and Exchange:

@bbigford said in VPN and Exchange:

@jt1001001 said in VPN and Exchange:

Is Exchange/OWA being published by a Forefont TMG box or some other proxy?

Knowing this provider, it's likely a ZyWall.

I mean is it IPSec, OpenSSL, that kind of thing.

I had set it to auto because I wasn't sure on the other end, but I would say IPSec if I had to guess.

What tool are you using to connect?

Windows built-in. I asked about a VPN client and they said they don't have one. I just tried a web browser to see what appliance I would hit, and it goes straight to OWA.

I don't believe that Windows has SSL VPN.

@bbigford said in VPN and Exchange:

@reid-cooper said in VPN and Exchange:

What kind of VPN is this? It's possible that the public address that they use is just called Exchange for some silly reason.

What does DNS tell you?

I looked up their DNS and exchange.domain.com is resolved by an IP provided by their ISP, domain.com resolves to a GoDaddy IP.

Likely just their VPN IP. That it is called "Exchange" is probably just coincidental.

@bbigford said in VPN and Exchange:

@reid-cooper said in VPN and Exchange:

@bbigford said in VPN and Exchange:

@jt1001001 said in VPN and Exchange:

Is Exchange/OWA being published by a Forefont TMG box or some other proxy?

Knowing this provider, it's likely a ZyWall.

I mean is it IPSec, OpenSSL, that kind of thing.

I had set it to auto because I wasn't sure on the other end, but I would say IPSec if I had to guess.

What tool are you using to connect?

@bbigford said in VPN and Exchange:

@jt1001001 said in VPN and Exchange:

Is Exchange/OWA being published by a Forefont TMG box or some other proxy?

Knowing this provider, it's likely a ZyWall.

I mean is it IPSec, OpenSSL, that kind of thing.

Grasping, but I found this:

There are 2 retrieve_conf files
/var/lib/asterisk/bin/retrieve_conf
/var/www/html/admin/modules/framework/bin/retrieve_conf
BOTH must have the execute bit set in it’s permissions (i.e., 644 vs 755)

Doesn't look bad. What kind of RAM utilization does it have?

What kind of VPN is this? It's possible that the public address that they use is just called Exchange for some silly reason.

What does DNS tell you?

"Howdy partner."

"Get the fuck out of my bathroom!"

@dafyre said in Non-IT News Thread:

@dustinb3403 said in Non-IT News Thread:

@reid-cooper they'll have no real way to prove that someone is mining.

Short of breaking into your house to see what you are doing, how could they know.

I'd imagine that Power Companies are recording your usage stats. If somebody's usage suddenly shoots up...

Then they'd guess that you are growing pot. That's traditionally what that means.

@mlnews said in Non-IT News Thread:

NY Approves Increased Electric Costs for Bitcoin Mining

Not a horrible idea, but how are they going to police something like this?

@emad-r said in AMD chip flaw:

@irj

Torvalds wades into CTS Labs' AMD chip security report

https://www.fudzilla.com/news/45819-torvalds-wades-into-cts-labs-amd-chip-security-report

"looks more like stock manipulation than a security advisory".

"If you replace the BIOS or the CPU microcode with an evil version, you might have a security problem?' Yeah."

"I just found a flaw in all of the hardware space. No device is secure: if you have physical access to a device, you can just pick it up and walk away. Am I a security expert yet?"

"News flash: If an attacker has the root password, your system is already completely hosed. Everything else is just details."

"It's the security industry that has taught everybody to not be critical of their findings."

He also thinks, "there are real security researchers". For many of the rest, it's all about giving even the most minor security bug. In Torvalds' words: "A catchy name and a website is almost required for a splashy security disclosure these days."

"security people need to understand that they look like clowns because of it. The whole security industry needs to just admit that they have a lot of sh*t going on, and they should use -- and encourage -- some critical thinking."

This seems to sum it up. This is all way too "weird" to be authentic.

@crustachio said in Looking for vacation calendar options:

Zoho Calendar is free and quite robust. Maybe overkill though.

Only really "overkill" if it isn't free.

Have not heard of zsync, that seems pretty useful.

@dbeato said in What Are You Doing Right Now:

@reid-cooper said in What Are You Doing Right Now:

@coliver said in What Are You Doing Right Now:

@minion-queen said in What Are You Doing Right Now:

I HATE SAP!

It's not great. Should have gone hosted.

Or not with SAP.

It is SNAP now

Oh SNAP.

@coliver said in What Are You Doing Right Now:

@minion-queen said in What Are You Doing Right Now:

I HATE SAP!

It's not great. Should have gone hosted.

Or not with SAP.

@dbeato said in What Are You Doing Right Now:

Good morning everyone

Good morning

I'm sure that they have to get it approved state by state.

I agree, adding a desktop environment later never seems to work right. Just treat it as a slightly different OS and install it from the spin. LXQt has replaced LXDE, LXDE is the legacy one that is being phased out and only remains for historical reasons today.

@gjacobse said in Flushing GPOs:

Is there a way - once the GPOs are deleted to force purge them from the work stations? I seriously need to start at net zero to fix a prolifera of issues.

The GPOs action a setting, they don't remember what the setting used to be. So no amount of "removing" a GPO will make something "go back to the way it was before." GP doesn't work that way.

If you have a light switch, and you make a GPO that says "Turn the Light to On", then every time it runs, it makes sure that the switch is in the "on" position.

But it never records if it was "on" or "off" before the first time GP was used. So if you remove that GPO, it just stops enforcing it to "on", but it has no way to know how to revert it to the original state. GP doesn't include the capability of reversion.