Well, my first interview is Tuesday, even before my final pay check is due
Best posts made by travisdh1
-
RE: Well, that really, really sucks.
-
RE: What Are You Doing Right Now
@DustinB3403 said in What Are You Doing Right Now:
@RojoLoco said in What Are You Doing Right Now:
@DustinB3403 said in What Are You Doing Right Now:
@RojoLoco That is a totally different life style to what I was imaging...
So where do they grow their plants if they don't have land to work? Where do they sleep if they don't own or rent? And don't they ever just get an urge to have a big fat juicy steak with a side of shrimp?
The answer to all those queries is "who cares, they're filthy hippies".
hey now, hippies have a use, like human shields.... or fertilizer for feed for beef farms..
-
Cisco Security Vulnerability Thread.
Yes, they made my news feeds again today.
https://www.bleepingcomputer.com/news/security/hardcoded-password-found-in-cisco-software/
Since Cisco keeps being so popular with the security breaches and vulnerabilities, I figured it's time they get their very own thread.
-
RE: MangoCon 2017
Well, looks like I will be able to make it, thanks to @DustinB3403!
-
RE: Random Thread - Anything Goes
Dilbert and one of the big topics around here:
-
DIY Environment Monitoring
Thought I'd drop one of my current projects here. It started as just wanting a way to see what the temperature in a room is without having to have someone go check. (It's another building in a locked room few people have a key for.)
We already have lots of project cases, and also already had a Raspberry Pi. The new $5 Pi would need a network connection of some sort, so figure $10 for the networked PC ($20 if you need a power supply and memory card as well). I splurged at $13 for a combination temperature and humidity sensor. I went ahead and added a door sensor as well, it was $2. I also got a Cobbler Plus GPIO Breakout for $8 and a Perma-Proto board for $6. Total cost for me was $29. If you need a Pi as well figure ~$50 for everything. Compare that to any of the commercial offerings!
I'll post the code I use for everything here, along with references where possible. After all, that's where the real cost of these little things end up being.
It might be good to add a battery backup to it as well, which is quite easy, but I have no real need for that (if the power is out, the temperature isn't going to be getting out of control.) Adafruit makes it really easy.
-
RE: What Are You Doing Right Now
@eddiejennings said in What Are You Doing Right Now:
Thing learned today: Domain controller must have SMB v1 enabled for a Server 2003 member to join the domain.
I learned that I only have to get inside your LAN in order to steal all the network data.
-
More reasons to never do business with Intuit
This is mostly to make things a matter of public record, in addition to a bit of a rant.
Got a call yesterday morning. They can't process credit cards. That office happens to use Intuit/Quickbooks for everything from inventory tracking, to payment processing and accounting. I've been down the road of getting away from Intuit often. Don't know if this will push them past the edge or not.
Ok, spent 2 hours manually doing updates because the automatic ones broke along the way somewhere. Updates complete. Good, we should be up and running. They try to login, and get asked for a code. Ok, check the email address... nothing.
Now I'm calling Intuit support (bad idea, but we're basically not in business at this point.) That's a 3 hour call where I'm told something is wrong with our email server.
Fine, hang up with one unhelpful peon. Go eat lunch (3:30pm at this point, my blood sugar is about to tank.)
Get back into the office around 4:30. Enough time to find something very interesting in the server logs...
2016-10-05 14:01:56 H=lvmailappout12.intuit.com [199.16.139.22]:30939 sender verify fail for <[email protected]>: response to "RCPT TO:<[email protected]>" from mailin.intuit.com [206.108.40.19] was: 550 #5.1.0 Address rejected. 2016-10-06 11:17:10 H=mailout203.intuit.com [206.108.40.17]:49121 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<[email protected]> rejected RCPT <[email protected]>: Sender verify failed
Now, I spent way to much time figuring out how to deal with spam, and have gotten it figured out for the most part. So, they are sending a confirmation code out using an address that their own email server does not acknowledge as being valid. Yet it's somehow my fault that the email is not being delivered.
Spent another 2 hours on the phone this morning going over the same stuff. We're working through alternatives, none of which are something the business would normally find acceptable.
This on top of them having me enable SSL2 in the browser. Uhm, these computers have to remain PCI compliant, and they just purposely made them non-compliant.
Malicious company, let it be known.
-
RE: How do you get your boss to notice your work?
Getting noticed is easy!
Getting the right kind of notice is very hard! -
900,000 Routers Knocked Offline in Germany amid Rumors of Cyber-Attack
On Facebook, Deutsche Telekom engineers recommended that users unplug their devices, wait for 30 seconds and restart their router. If the equipment fails to connect to the company's network, engineers told users to disconnect their device from the company's network permanently.
To compensate the downtime, Deutsche Telekom is offering free mobile Internet until the technical problem is resolved.
DSL routers all over Germany, and presumably worldwide if anyone else happens to be using the same DSL Modem that got hit by this.
@thwr, hope you're still running!
-
RE: Happy Birthday Thread
@scottalanmiller said in Happy Birthday Thread:
Happy 0th Anniversary to @travisdh1
-
RE: Need advise, restoring domain controller and email server.
@Dashrender said in Need advise, restoring domain controller and email server.:
Great to hear you got an MS tech who was willing to help.
This has been my experience as well. They seemed to bend over backwards to assist in resolving my issues.
Sadly - it seems Scott has not had this experience.
It's like playing whack-a-mole, they do have some good people. The problem is, it's only some, and trying to find a good one is always difficult.
shibboleet
-
RE: Active Directory Migration Questions
@wirestyle22 You're AD environment reminds me of this:
http://farm3.static.flickr.com/2277/2180039413_f54b142ff4_o.jpg -
DNS-over-HTTPS with Fedora based PiHole and Cloudflare
How to setup DNS-over-HTTPS on Fedora based PiHole.
Ref: https://bendews.com/posts/implement-dns-over-https/Now verified. Should be good, so let me know where I messed up.
I've also written a script, because I'll want to do this a few more times, and what IT person doesn't like automation?
https://github.com/travisdh1/FedPiHSecDNSDownload Cloudflared
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.rpm
Install the downloaded rpm file
sudo dnf -y localinstall ./cloudflared-stable-linux-amd64.rpm
Add a user for cloudflared to run as
sudo useradd -s /usr/sbin/nologin -r -M cloudflared
Change the executable ownership
sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
Create /etc/default/cloudflared
sudo nano /etc/default/cloudflared # Commandline args for cloudflared CLOUDFLARED_OPTS=--proxy-dns=true --proxy-dns-upstream https://1.1.1.1/dns-query --proxy-dns-upstream https://1.0.0.1/dns-query --proxy-dns-port 5053
Change ownership on /etc/default/cloudflared to cloudflared
sudo chown cloudflared:cloudflared /etc/default/cloudflared
Create /lib/systemd/system/cloudflared.service
sudo nano /lib/systemd/system/cloudflared.service [Unit] Description=cloudflared DNS over HTTPS proxy After=syslog.target network-online.target [Service] Type=simple User=cloudflared EnvironmentFile=/etc/default/cloudflared ExecStart=/usr/local/bin/cloudflared $CLOUDFLARED_OPTS Restart=on-failure RestartSec=10 KillMode=process [Install] WantedBy=multi-user.target
Enable, start, and check that cloudflared is running
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared
Check that the cloudflared service is working
dig @127.0.0.1 -p 5053 google.com
Should look something like:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @127.0.0.1 -p 5053 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65181 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1536 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 299 IN A 243.65.127.221 ;; Query time: 3 msec ;; SERVER: 127.0.0.1#5053(127.0.0.1) ;; MSG SIZE rcvd: 65
Edit /etc/dnsmasq.d/01-pihole.conf
Comment out with a # on the beginning of the line any existing 'server=' lines.sed -i 's/server/#server/' /etc/dnsmasq.d/01-pihole.conf
Add a line containing 'server=127.0.0.1:5053'
sudo nano /etc/dnsmasq.d/01-pihole.conf
Addserver=127.0.0.1:5053
on the last lineRestart the pihole-FTL service
sudo systemctl restart pihole-FTL.service
Your PiHole install is now using CloudFlare's DNS over HTTPS.
-
RE: Win a ticket to MangoCon courtesy of Colocation America!
Suddenly glad I haven't purchased the ticket yet, fingers crossed.
-
RE: US DHS Compromised, FBI Might Be Next
#HelpDeskFail "“So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said ‘that's fine — just use our one.’”"
-
RE: What Are You Doing Right Now
@scottalanmiller said:
Under 100 PMs now!!!
I take it the SPAMSAM project didn't go anywhere? What an oddity, an online community that can recognize a joke comment for what it is.
-
RE: Favorite Linux Commands
In addition to the 3 you listed.
glances - the shell system monitor to use, everything including temp sensors if configured. Replaced htop, iftop, and iotop for me.
screen - because it's just handy to be able to leave programs running and logout at the same time. -
RE: Apple Completely Redesigning the Mac Pro Again
@aidan_walsh said in Apple Completely Redesigning the Mac Pro Again:
@scottalanmiller According to John Grubers piece on it they designed themselves into a corner
But they were forthcoming about the fact that the current Mac Pro isn’t meeting the needs of all the users who need a Mac Pro. Federighi:
"I think we designed ourselves into a bit of a thermal corner, if you will. We designed a system with the kind of GPUs that at the time we thought we needed, and that we thought we could well serve with a two GPU architecture. That that was the thermal limit we needed, or the thermal capacity we needed. But workloads didn’t materialize to fit that as broadly as we hoped.
Being able to put larger single GPUs required a different system architecture and more thermal capacity than that system was designed to accommodate. So it became fairly difficult to adjust. At the same time, so many of our customers were moving to iMac that we saw a path to address many, many more of those that were finding themselves limited by a Mac Pro through next generation iMac. And really put a lot of our energy behind that."In other words: We thought everyone would redesign their apps to work well on our 2 mid range GPU system, and ignored the entire industry that has always said a single fast GPU is better than 2 mid range GPUs.
-
RE: What Are You Doing Right Now
@MattSpeller Here I was going to offer some sort of encouragement to you, but honestly, this conversation just motivated me to finally ask that librarian I know out. Hope you have a good time, however things work out!