@lakshmana said in Bitcoin:

What is the Bitcoin ?How it's used?

Bitcoin is a form of currency or money. The major difference between Bitcoin/crypto currency is that the "value" is based on proof of work instead of a physical object like gold or silver.

It's used with a piece of software on a computer called a "wallet". This wallet is just a container that holds your personal bit coin address. https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
This is also associated with an arbitrary amount of bitcoin that the entire network has agreed is your own.

So if I were to send you .001 bitcoin, I would not send it to you, but your bitcoin address. So long as you keep any personally identifying information from being associated with the bitcoin address, this is completely anonymous.

The downside is that if you loose the wallet, you've lost all the bitcoin in said wallet.

Why its being blocked in many countries?

Bitcoin specifically got so large that no central government can buy enough CPU/GPU/ASIC processors to control it. So rather than attempt to control it, they attempt to ban it. Good luck with that.

What are the pros and cons?

Complete anonymous online financial transactions are now possible, like exchanging hard currency. All the same pros and cons.

@dafyre said in Random Thread - Anything Goes:

@scottalanmiller said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@hobbit666 said in Random Thread - Anything Goes:

Oops - Docs.com users: You may have leaked passwords, personal info
https://www.theregister.co.uk/2017/03/27/microsoft_docs_com_office_365_leak/?mt=1490721024146

Also, you may want to check your Etsy accounts. I've had $200 worth of stuff rung up on my account yesterday...

And no, my password is not 12345... at least not now.

Thankfully, have never been on Etsy.

It's not terrible. But you can get some decent quality stuff there for ok prices sometimes. I snagged an anniversary present for my wife there last year.

Etsy seems like the cPanel of creativity to me. Everyone should know how to do all of that already, but is my time worth paying someone else to do it?

fail2ban can handle it, tho some issues with rule matching happens according to the Google search I just did. https://www.jimwilbur.com/2016/08/fail2ban_guacamole/

@wirestyle22 said in What Are You Doing Right Now:

@JaredBusch said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

@JaredBusch said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

@NerdyDad said in What Are You Doing Right Now:

~On the road again...~

He's constantly on the road, I can't imagine he actually spends time at client sights, I think he just drives in circles on the highway to make it look like he's being productive. . . . .

I'm not a NASCAR driver I don't get paid to drive in circles.

Then why does your picture look like you're about to make another right turn? Ha ha.

Somebody take away your southerner card. NASCAR only turns left dumbass.

Yeah but @RojoLoco drinks inhumanly strong coffee. It's crazy.

Most coffee people consider strong is the dark stuff, which has less caffeine than a light roast, and considerably less than that cold brew @RojoLoco makes. Take it from me, you don't want to drink much more than an expresso cup worth of that stuff at once, I was awake most of a weekend when I made my first batch.

Hrm, might be just the thing for MangoCon!

Excuse me a minute while I have a @JaredBusch and @scottalanmiller combination moment here.

FFS people, I'd testify to this in court!

1. Superfish was not only in the factory image, it's also contained in the hardware drivers. No amount of anything will protect you from the drivers! Trying to use a generic driver disables the hardware. Known issue with wifi chips from Lenovo.

2. BIOS access. Yes, every server has a way to do remote management of said server. Nobody, other than Lenovo, has BIOS level access via a hard coded url and single password for every single box. Yes, they fixed it by changing the password.

On top of those ongoing issues are the lies and half-truths they're always pushing. Like the "No business class machines have Superphish" when they had just reclassified all the lines of business machines that had it to consumer 5 days before.

Using Lenovo is itself a data breach. They haven't properly fixed any of this yet!

I also wanted a single place to go in order to get this information collated and more publicized. Let me know everything I've forgotten or messed up!

@RojoLoco said in What Are You Doing Right Now:

Boss: "Here's that SSD for <servername>. Get in installed when you can"

Me: "Ok, but I looked on the compatibility sheet for that SSD and I don't see Dell R430 listed in the compatible models... are you sure it will work?"

Boss: "Well, the guy at Dell assured me it would work..."

Me: "..... .... you mean the guy that sold it to you assured you it will work???"

I guess I get to try it anyway....

You missed my first question "Did you get that in writing?"

@fuznutz04 said in Vultr, Block Storage CentOS:

@stacksofplates said in Vultr, Block Storage CentOS:

@travisdh1 said in Vultr, Block Storage CentOS:

Because you're using LVM, options 2 and 3 are both doable. To me 2 is quicker and easier, but I've used LVM long enough that I know how to do most of that off the top of my head. The only thing I normally have to lookup is how to expand the file system, because the process tends to be a little different depending on the file system. Real quick here.

pvcreate /dev/device
vgextend volume_group_name /dev/device
lvextend logical_volume_name -l +95%FREE
xfs_growfs /dev/volume_group_name/logical_volume_name

done. Shouldn't take but 5 minutes, if that.

Edit: I normally go with either 90% or 95% of the available space in the volume group to keep space available for a local snapshot.

If you pass -r to lvextend it will auto resize the filesystem. That way you don't need to remember the differences between them.

So you are saying instead of this:

 lvextend logical_volume_name -l +95%FREE

Use this:?

lvextend logical_volume_name -r

More like

lvextend logical_volume_name -l +95%FREE -r

@scottalanmiller said in Random Thread - Anything Goes:

@wirestyle22 said in Random Thread - Anything Goes:

Fire alarms just went off. Was outside for about 40 minutes but still don't know why.

Because the fire alarms went off.

I wish we had no experience with this at MangoCon.

I could just be that the lens needs cleaned. Hard for me to tell from that picture. Also might be a lacking infrared sensor or lighting.

I'll grant you these numbers are from before Verizon got with the program and started paying a little attention to T-Mobile. These were the top two stories at dslreports this morning.

Verizon Sees Record Wireless Subscriber Loss Thanks to T-Mobile
Verizon Sees a Net Loss of 13,000 FiOS TV Customers

Amazing what happens when just a little competition is around.

@Minion-Queen Will those new plans from Verizon start cutting your bill down?

@ambarishrh said in Decision on Remote Support Tool- ScreenConnect:

How do you convince the C levels to have agent installed, that any help desk technician can view their screen?

What gave them the idea that help desk technicians can't already see everything they're doing anyway? Seems to me the real issue is the hiring process and not being able to trust the people that make it through in a case like this.

Just had a good laugh, here, let me show you the first paragraph

I understand that you are the decision maker for your company's IT Department and it is my pleasure to introduce you to our IronOrbit Hosted Desktop & Server Solutions. I have attached our Iron Orbit hosted desktop solution overview for your review. We have been extremely successful assisting Engineering, Medical/Hospitals and Technology firms with our dedicated hosted desktop and server solution. We offer a dedicated hosted High Speed Desktop Network including a server architecture where we would take on the cost of building you a brand new desktop and server solution. So we take the desktop infrastructure and the server infrastructure and build it on the same local area network, creating the same design and functionality as what you would have locally except faster, more secure, and much more reliable High Speed Desktop Network.

Good enough to make it past the automatic spam filters, just not the weak fleshy one.

@kuyaz said in Dell R720 Display problem with Fedora 26 server:

@scottalanmiller i mean i want to experiment between perc and sw raid to learn the diff... so i guess i dont have that option to play around...

If you want to learn how to manage md, just make a virtual machine with a lot of small virtual drives. Much easier and safer if you're just wanting to learn (if you completely wipe something, it's only a vm.)

@dbeato said in What Are You Doing Right Now:

Happy SysAdmin day to all!

Just happens to coincide with the last day of MangoCon. I don't believe in coincidences!

Assumes Fedora 27 with dnf-automatic and wget already installed.

Install rkhunter

dnf install -y rkhunter

Update known file properties

rkhunter --propupd 

Update to the latest version

rkhunter --update  

In /etc/rkhunter.conf set
MAIL-ON-WARNING="root@localhost" (or your preferred email address)

Part of what rkhunter does is maintain a list of file properties for system files. If the system files change, you'll get a bunch of errors the next time rkhunter runs. Thankfully dnf-automatic makes it easy to run another command any time that it runs.

Edit /etc/dnf/automatic.conf [command] section:
Add: "rkhunter --propupd" on a new line.

Scan the system, no user interaction and all output goes to log file

rkhunter --cronjob

Add a crontab entry to update and scan the system, I chose 3am every day

crontab -e
* 3 * * * /usr/bin/rkhunter --update && /usr/bin/rkhunter --crontab  

Monitor for errors by searching the log file for warnings:

cat /var/log/rkhunter/rkhunter.log  | grep "warning"

You shouldn't see any warnings right now. If it does find something, it may be time to nuke it from orbit, with the caveat that you'll get lots of warnings if the system is updated without updating the file definitions with --propupd.

rkhunter is available in all the major distributions software libraries. So installation is easy, just setting rkhunter to re-scan file properties after a system update will be a little different.

@scottalanmiller said in Non-IT News Thread:

Not funny, but oh so funny.

@dave247 said in Best way to secure DHCP so that not just anyone can plug their PC in and get an IP? (Windows DC with DHCP):

Please, let's keep this on topic as much as possible as I am really just trying to nail down the best solution.

When I came into my job as IT admin, all our servers and workstations and thin clients were statically mapped, like manually, the hard way (no DHCP reservation). It's taken me a while but I rolled out DHCP for all our thin clients and desktops and everything is a lot easier to manage.

One of the security concerns that was brought up to me now was that anyone can plug their laptop into an open network jack and get an IP address and my boss is trying to get me to assign everything static again.

BEFORE YOU SAY IT: Yes, I know that either way is not actually secure and I've tried explaining that someone with Wireshark could still sniff our traffic or use other tools to get onto our network, etc.

I have mentioned that I specifically don't patch in network jacks unless they are needed by someone and that there are no open jacks just hanging out on random walls where customers have easy access.

So now, I am trying to find out the best way to set up DHCP and have it so that only the people I want on our network can get on.

First and foremost, we run a 2008 R2 domain controller and that is also our DHCP server. I noticed in the DHCP settings that there is a "Network Access Protection" tab, which would work with Network Policy Server. I would assume this is the go-to method for this in a Windows domain, but I have never heard about it until now.

Any input is welcome, but please don't get side-tracked with this as I don't want to go down a rabbit-hole of explaining the why of everything.

Sounds like you just need to pay for an hour of @scottalanmiller's time to explain how computer networks work in small words to your company management.

@eddiejennings said in What Are You Doing Right Now:

@jaredbusch

The bigger question is why is fail2ban getting 12GB of logs in a day.. This is a text log. That is a f*** ton of information.

Yep. I'll be figuring that out tomorrow when I can be back in the office.

All I can say is, good thing you had fail2ban running!

@emad-r said in Does any one of you has (single-board computer) if so what is the purpose ?:

@dbeato said in Does any one of you has (single-board computer) if so what is the purpose ?:

@emad-r said in Does any one of you has (single-board computer) if so what is the purpose ?:

ou have something like Pi 3 and if so why ? and what OS on it ?
If you want to buy one which one interests you.
Thanks.

Raspberry Pi3 for thermostat and Arduino for door automation.

Why I am getting the vibe here that it is easier to code and automate with Arduino , is there an easy guide/wizard for it that does not involve alot of coding ?

I have a guide for an rpi door and temp sensor here already: https://mangolassi.it/topic/9738/diy-environment-monitoring/7

The coding is not that difficult.

@wirestyle22 I'll also welcome @SAM-is-Pedantic, but must warn that I will probably refer to you as @StatorOfTheObvious