Posts made by stacksofplates

@Danp said in redSling?:

It seems relatively new based on a quick Google search. What made you consider it as a viable "no code" solution? What other options are you considering?

Pocketbase is a decent solution for self hosted.

Dgraph is another solution for self hosted if you want a graph database and GraphQL.

Pocketbase has an admin interface and Dgraph uses Ratel for an interface, but neither have a customer facing interface. That would need to be written, so not 100% no code but the db and APIs are auto generated with both of these.

From what I remember with team viewer if you were logged in on both ends you didn’t need the OTP.

This is another piece of software I’ve used also and worked well.

https://www.remoteutilities.com/

@Dashrender said in Windows 11 versus 10:

@scottalanmiller said in Windows 11 versus 10:

@siringo said in Windows 11 versus 10:

I just hate these bloody upgrades or whatever you want to call them.

When I was younger it was exciting/interesting, now it's just a PITA.

I hate them because I know they will move or make you have to do something unimportant, that you have always done, be done differently. Where's notepad? Oh it's called Scribbler now. Where's Windows Explorer? Oh it's called File Finder.

Why do we have to learn new names for the same old crap.

Imagine doing that with cars. Press the accelerator, oh it's called the Make it faster button now!

I don't care about the new tech tricks and improvements, I just want to use my PC and get my work done so my day is as stress free as possible.

Old grumpy bastard complaining, yeah, probably. Don't worry, it'll happen to you.

Really only a Windows thing. They rename to distract from the lack of innovation.

my question is - do they need innovation? Other than performance improvements - is windows 10/11 any better than windows 7? performance is an under the hood thing...
This is a business tool - not some stupid home gadget - Windows doesn't need flashing lights.

Is this what people said when windows 95 came out and replaced 3.11? I don’t get the hate from people for changing the looks. As time goes on, people find better ways to interact with systems esp with touch screens being prevalent and the ever changing landscape of screen sizes.

@Dashrender said in Miscellaneous Tech News:

@scottalanmiller said in Miscellaneous Tech News:

@Dashrender said in Miscellaneous Tech News:

@stacksofplates said in Miscellaneous Tech News:

For almost two years, Microsoft officials botched a key Windows defense, an unexplained lapse that left customers open to a malware infection technique that has been especially effective in recent months.

Microsoft officials have steadfastly asserted that Windows Update will automatically add new software drivers to a blocklist designed to thwart a well-known trick in the malware infection playbook. The malware technique—known as BYOVD, short for "bring your own vulnerable driver"—makes it easy for an attacker with administrative control to bypass Windows kernel protections. Rather than writing an exploit from scratch, the attacker simply installs any one of dozens of third-party drivers with known vulnerabilities. Then the attacker exploits those vulnerabilities to gain instant access to some of the most fortified regions of Windows.

It turns out, however, that Windows was not properly downloading and applying updates to the driver blocklist, leaving users vulnerable to new BYOVD attacks.

https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/

OK that's definitely bad that they don't block it - but since you're an admin - why do you even care? the article says that the attacker is starting as a local admin.

Installers are typically local admins.

let me ask this another way.
Yes - it's bad that MS isn't blocking something they said they would.

But does that make the situation any worse than it would really be if they did?

the attacker already has local admin - why would they need to install a driver that has vulnerabilities when they already have full local admin control - what advantage do they get they didn't already have?

Because they’re mostly things like automated installs. It’s not like someone is sitting at the keyboard as a bad actor. It’s an email with an attachment for a doc that when Sally opens it installs a valid signed driver that is vulnerable.

For almost two years, Microsoft officials botched a key Windows defense, an unexplained lapse that left customers open to a malware infection technique that has been especially effective in recent months.

Microsoft officials have steadfastly asserted that Windows Update will automatically add new software drivers to a blocklist designed to thwart a well-known trick in the malware infection playbook. The malware technique—known as BYOVD, short for "bring your own vulnerable driver"—makes it easy for an attacker with administrative control to bypass Windows kernel protections. Rather than writing an exploit from scratch, the attacker simply installs any one of dozens of third-party drivers with known vulnerabilities. Then the attacker exploits those vulnerabilities to gain instant access to some of the most fortified regions of Windows.

It turns out, however, that Windows was not properly downloading and applying updates to the driver blocklist, leaving users vulnerable to new BYOVD attacks.

https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/

tmux is really the closest thing I know of, but it won't save to disk or survive a reboot.

@Dashrender said in wifi for unmanaged devices:

We have a corporate WiFi and a guest WiFi network.

The owners keep asking to put their personal phones on the corporate WiFi - The only thing this could gain them is access to the printers to print from their phones, but it's not something they have ever done.

Am I just dieing on a hill for no reason wanting them to put their personal devices on the guest WiFi?

Flip the ssid names and tell them you did it

I bought some refurbished Dell micro form factors (like an Optiplex 7090 micro) and they worked pretty well.

@gjacobse said in PS ISE: Unsaved Projects:

@scottalanmiller said in PS ISE: Unsaved Projects:

@stacksofplates said in PS ISE: Unsaved Projects:

This is what Git is for. Why not just use something like VSCode and have a repo for your powershell stuff?

This is what I was thinking. Who needs to save code today, your GIT servers will handle that automatically.

I'll admit - I've not looked at Git - yet I think I have an account.

As for setting up a Git Server? Yea,.. I don't know anything about those - or if one would be permitted in our environment. I happy just having the ability to run PS as I am... and in some cases like the totally vain PS I'm starting now couldn't ever be published to 'public'

If you can’t use hosted solutions for whatever reasons you can just use a box with git installed and push to that. You don’t need a full setup like GitLab or GitHub.

There are other options also: Gitea, Gogs, etc.

@pmoncho said in PS ISE: Unsaved Projects:

@stacksofplates said in PS ISE: Unsaved Projects:

This is what Git is for. Why not just use something like VSCode and have a repo for your powershell stuff?

Github or Gitlab? Does it matter for simple powershell scripts?

For what he's doing it doesn't matter.

GitLab has a lot more features for groups, I like their CI/CD better, and some other niceties. However, in this case it doesn't matter.

This is what Git is for. Why not just use something like VSCode and have a repo for your powershell stuff?

@travisdh1 said in Eero Inquiry:

@scottalanmiller said in Eero Inquiry:

@stacksofplates said in Eero Inquiry:

@Dashrender said in Eero Inquiry:

@dbeato said in Eero Inquiry:

@WrCombs You cannot hide your SSIDs on Eero. You also have a limit of your Main SSID and Guest Network. It is geared for Home and really small environments.

https://support.eero.com/hc/en-us/articles/214588166-Why-can-t-I-hide-my-network-SSID-with-eero-

Why Eero over Ubiquiti? Business versus consumer. Does the pro version have APs with wired connections?

Prob because management is much easier. I ditched my APs and edgerouter for a single Amplifi which I can update and control from my phone. My mom has a Deco setup and it works very similarly and is great as well.

Easier if you do it yourself. But if you have a support company, I think the Unifi is easier. The Eeros always made for a lot of extra work when we had to deal with them.

At a former job, we had an Amplifi system that caused ~8 hours of un-needed billable time. If it would have been a UniFi system, we could have fixed it without the site visits.

Yeah idk. Mine’s been running for probably a year and a half now and it’s been fine. I have the remote management enabled and can do everything from anywhere.

@Dashrender said in Eero Inquiry:

@dbeato said in Eero Inquiry:

@WrCombs You cannot hide your SSIDs on Eero. You also have a limit of your Main SSID and Guest Network. It is geared for Home and really small environments.

https://support.eero.com/hc/en-us/articles/214588166-Why-can-t-I-hide-my-network-SSID-with-eero-

Why Eero over Ubiquiti? Business versus consumer. Does the pro version have APs with wired connections?

Prob because management is much easier. I ditched my APs and edgerouter for a single Amplifi which I can update and control from my phone. My mom has a Deco setup and it works very similarly and is great as well.

@Dashrender said in Eero Inquiry:

@dbeato said in Eero Inquiry:

@WrCombs You cannot hide your SSIDs on Eero. You also have a limit of your Main SSID and Guest Network. It is geared for Home and really small environments.

https://support.eero.com/hc/en-us/articles/214588166-Why-can-t-I-hide-my-network-SSID-with-eero-

It's consumer shit - why would you ever want to hide your WIFI network - that's a business need.

it's not even a business need. It does nothing at all for anything since it's trivial to find hidden SSIDs.

@scottalanmiller said in Frist time Headset ?:

@stacksofplates said in Frist time Headset ?:

I use a pair of over the ear headphones and they’re plugged into my Mic on a boom. The audio driver in the mic pipes the mic audio back into my headphones so I can hear myself talk as well as the comp audio.

I have a Mic that does that, but it's too much stuff on my desk for me.

I just hang the headphones on the mic and push the arm out of the way. It’s attached at the back of my desk.

I use a pair of over the ear headphones and they’re plugged into my Mic on a boom. The audio driver in the mic pipes the mic audio back into my headphones so I can hear myself talk as well as the comp audio.

If I’m on the go I just use my air pods.

@JaredBusch said in AP's geared toward home use?:

For home use, not being setup like a business, you use the mesh router setups on the market today.

From Ubiquiti, it is the AMPLIFI line

From TP-LINK it is called Deco

Home users should never have business gear setup unless they are a hobbyist or something.

I’ve got an amplifi and my mom has a deco. Both work really well and can easily be managed from the app. This is pretty much what I recommend to people now.

@scottalanmiller said in Miscellaneous Tech News:

I bet someone at Google is a sign that says "5 Days Since Our Last Big Project Was Killed Off" like one of those "X Days Since an Accident" signs.

It's easy to make fun of but it might not be a bad strategy. Just trying new things to see what sticks. Just sucks a lot of it seems to be useful and then is gone.

@scottalanmiller said in Experience with NDR Solutions:

@stacksofplates said in Experience with NDR Solutions:

@scottalanmiller said in Experience with NDR Solutions:

@stacksofplates said in Experience with NDR Solutions:

SPIFFE/SPIRE

more appropriate for multi-service environments

You can treat systems as services. Comparing the machine someone is accessing the service from along with the time and location are all valid checks that should be done if you are even thinking of something like NDR software. It’s best demonstrated in multi service environments but is still very valid with even single service environments.

Oh, like service "consumption" discovery?

Yeah kind of. That's one of the big parts of zero trust is verifying everything. Why is Sally accessing this service from a non work computer at 3 am her time with a chinese IP address? Sure this request has the password but that doesn't sound valid. So things like SPIRE will assign SVIDS to services and machines and those can be compared in rule engines like OPA.

So sure, you don't own the ERP or whatever software, but you can set up the infra to allow traffic to it based on a zero trust model. For example: OPA could be your rule engine, any traffic passing to the ERP is validated through a call to OPA based on a JWT assigned at the proxy/api gateway and then OPA would verify the JWT claims (SVID, issuer, etc) before allowing the traffic to hit the ERP.