@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

Glad to be of service... not.

Look at it this way, you at least won't have to talk about this in front of the company meeting next week.

My apologies for resurrecting a long dead thread, but I just collected the links today because I've had multiple places I wanted to reference them this week.

https://www.cnet.com/how-to/lenovo-superfish-adware-uninstall-fix/
https://www.pcmag.com/article2/0,2817,2477277,00.asp
http://www.zdnet.com/article/lenovo-reportedly-blocking-linux-on-windows-10-signature-edition-pcs/
https://arstechnica.com/information-technology/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
https://mangolassi.it/topic/11320/pentagon-warns-against-using-lenovo-equipment
https://mangolassi.it/topic/7748/lenovo-screws-the-pooch-yet-again-on-the-security-front
https://mangolassi.it/topic/5751/lenovo-accused-of-using-rootkit-like-methods-to-sneak-software-onto-clean-windows-installs
https://threatpost.com/millions-of-pcs-affected-by-mysterious-computrace-backdoor-2/107700/
https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/

https://mangolassi.it/topic/14538/lenovo-if-it-s-on-your-network-you-are-breached/50

@jaredbusch said in Miscellaneous Tech News:

Is LastPass being spun off or is it still owned by log me in?

I wonder if they'll remove the tracking junk now? Probably not.

At a client site to move equipment around and update user accounts. Also powering off the old server today, they've moved everything they need into Office 365.

Just got done setting up 4 new guest VLANs and WiFi networks for them along with all the Ubiquiti updates that haven't been done. Said client had not had a contact before this year (billed per support call) and is now under contract, so we're actually managing their stuff now.

@gjacobse said in What Are You Doing Right Now:

Looking at all the crickets here.... My word.

Also calls backs after mid day reboot of the App Server.
Annnnd deal with Log4Shell

I haven't had time to think about anything but work yet today.

@dashrender said in Reverse Proxy for Single Public Facing Server:

@eddiejennings said in Reverse Proxy for Single Public Facing Server:

@dashrender said in Reverse Proxy for Single Public Facing Server:

I don't think the VM example relates to the proxy question.

The fact that you are self hosting probably plays more into this than anything else.
As a self hoster, do you have have more than one IP? If not, and you're going to have more than one site, proxy becomes a must (no one wants to deal with ports).
I suppose having multiple IPs doesn't preclude you from using a proxy, just makes it less of a demand.

I think of it as a good practice to put something public-facing behind a proxy if possible, whether it's a single server or multiple. That was my connection to virtualization: not a technical connection, but a possible best practice of putting something behind a proxy by default instead of putting something behind a proxy as an exception.

That's pretty easy to do when you're self hosted, but if you're doing something like Vultr instances, I'm guessing it's a bit harder - unless Vultr allows for the creation of VMs that only exist on a private network.

Just about all "cloud" providers let you easily create a private network within their own infrastructure now. I know Vultr, Digital Ocean and Linode all do at least.

I'm in "The little switzerland" today (Sugarcreek, OH). Also home of the largest cuckoo clock.

Like all tourist traps, it sounds more exciting than it is.

@nadnerb

This is not nearly enough information for anyone to help you.

What OS are you using?
Which set of installation instructions are you following?
What command is causing the error?

@rjt said in Adding remote storage to Proxmox:

@jaredbusch nfs on top of ZFS.
ZFS should be the underlying block/fs for everything whether a single hard drive, block storage like iSCSi, file storage such as NFS or CIFS. I like TrueNAS for this purpose. As you can see, I love ZFS. My problem is I also love CentOS. Need to figure out easy ways to get ZFS on CentOS. We should all write a letter to Larry asking him to open up the license.

Most of us here do not subscribe to The Cult of ZFS. Yes, it has a place, but not nearly like it's made out to be.

@irj said in ADUC Set Password Expiry:

@gjacobse said in ADUC Set Password Expiry:

It's likely we have all had to address this at some point in the last eighteen months or so; A person sent to work from home for whatever reason has just had their password expire. They don't expect to be back into the office for (x) number of days.

Why are they treated any different compared to any other user? You either need AD access or you don't. Working from home doesn't change that aspect.

If they work from home, authenticate to AD every day, then why can't they reset their password?

If they work from home and don't use AD for 90+ days, then why do they even have AD account at all?

Resetting a password remotely does not work automatically like it does on-site. The users have to manually do it themselves before the password expires. I'll give you one guess how many users even know how to change it manually

About to head out to the company's 25th anniversary celebration. Hopefully a bit better than just a longer than normal day.

@oksana StarWind, you missed putting a link to your products in that article. If you're going to pay for it, make it easy for people to find your stuff.

@stuartjordan said in Free Oracle Cloud VM:

Oracle Cloud are offering 2 VM's for free, with just a card activation. The Instances are free. give it a try: https://www.oracle.com/uk/cloud/free/

That's a lot of useful things for free.

@jasgot said in Forcing the Feature Update in Windows 10 in the Background:

FUWindows.ps1

Best command name ever. Yes, I know what it actually means, doesn't make the alternative any less funny

@dashrender said in Why Do People Still Text:

@dafyre said in Why Do People Still Text:

@dashrender said in Why Do People Still Text:

Agreed - the software I often want is not included - like a graphics editor.

Gimp doesn't count?

is it pre-installed?

Depends on the distro, but most desktop installations include it by default.

@jaredbusch said in What Are You Doing Right Now:

@dashrender said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

@dashrender said in What Are You Doing Right Now:

@dafyre said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

We are doing a big Thanksgiving down the road here in Nicaragua. An American expat and his GF are hosting a huge party. At least fifteen of us going. Going to be huge. Even getting a turkey.

Which is odd that everyone thinks that getting a turkey is going to be hard. When they are literally raised right in the village.

+ + =

Gun? that's to much work!

It's only a lot of work if you're a bad shot. My family bagged a wild turkey a few years back. Best bird we ever ate.

Edit: I didn't shoot it. I am not a good shot.

Well wild turkey is different - I was thinking raised turkeys, catch it, break it's neck.. etc..

Never done turkeys, but chickens are hella messy once the head is chopped off. Been years since I was around that.

I have an uncle that has worked most of his life cleaning at a chicken processing plant in the area..... not my idea of fun!

@dashrender said in Air Gap Backups:

@travisdh1 said in Air Gap Backups:

@dashrender said in Air Gap Backups:

@scottalanmiller said in Air Gap Backups:

@siringo said in Air Gap Backups:

you used to be able to get those 'cassette' drives which were just disks in a casing that were used in a similar way to tapes. maybe there's something similar to that with a capacity of 1TB+ ?

Sure but... why? Tape is cheaper, faster, and more reliable.

The only part I might disagree with is cheaper. tapes are super expensive, though in the long run I suppose they could be cheaper.

LTO drives start at $2K and most single drive bays are more like $5K+... but I know those "drives as tapes" solution from the 2010's weren't cheap either...

Yes, the drives are a large one-time up-front expense. The media is generally cheaper than HDD of the same size, which is just one reason why tape is often the preferred medium for air gapped and/or offsite backups.

Boy they must have come down...I recall when LTO 2 (yea a long time ago) where stupid expensive!

LTO 2? Bah, young people will never know the joys of DLT.

@dashrender said in Air Gap Backups:

@scottalanmiller said in Air Gap Backups:

@siringo said in Air Gap Backups:

you used to be able to get those 'cassette' drives which were just disks in a casing that were used in a similar way to tapes. maybe there's something similar to that with a capacity of 1TB+ ?

Sure but... why? Tape is cheaper, faster, and more reliable.

The only part I might disagree with is cheaper. tapes are super expensive, though in the long run I suppose they could be cheaper.

LTO drives start at $2K and most single drive bays are more like $5K+... but I know those "drives as tapes" solution from the 2010's weren't cheap either...

Yes, the drives are a large one-time up-front expense. The media is generally cheaper than HDD of the same size, which is just one reason why tape is often the preferred medium for air gapped and/or offsite backups.