Posts made by triple9

@scottalanmiller Pete-S wants control once user is logged in or I misunderstood request? IPtables kicks in when user jumps to destination server.

@Pete-S never tried it myself but I think it should be doable using uid-owner in iptables

iptables -A OUTPUT -s 127.0.0.1 -d x.x.x.x -m owner --uid-owner <USERNAME> -j ACCEPT/REJECT

@JaredBusch https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked

@JaredBusch I had same problem recently. Solution was to use name instead of IP address.
I had to map folder as \\FILESERVER\Data

Mikrotik devices are usually very stable, rock solid. However, from time to time, there are serious problems with some models and it can take looooong time until they fix it. Last two fckups that I remember where problem with RB4011 disabling wifi interface for no reason and CCR2004 router rebooting on random. It took over a year in both cases to solve the problems.

@jaredbusch has anyone experienced problems with corrupted backups like this
https://forums.veeam.com/veeam-backup-replication-f2/synology-nas-as-repo-t77177.html
I have never seen it myself, but it doesn't mean it is not happening.

@jaredbusch is it EAP225 AC1350? EAP225 supports both 802.3af PoE and Passive PoE power supply.

@brandon220 said in What Are You Doing Right Now:

Does anyone have a trick to make FreePBX re-register the voip.ms SIP trunks after an internet outage restores? A cut fiber caused an outage for a few hours yesterday eve. When it was restored, I had to manually get them to register by re-booting the system. I probably could have just disabled and then enabled the trunks for the same result. Seems like it should do this "automagically"....

for chan_sip set registerattempts=0. It will force Asterisk to attempt to re-register until it can (the default is 10 tries)
for chan_pjsip you should set max_retries=0 (default is 10 as well).

@scottalanmiller said in The Myth of RDP Insecurity:

Something like that. It's a silly argument. Basically it's the "Windows people seem to distrust Windows" problem. People who use Windows the most start to develop this bizarre distrust of it. And the more that they become entrenched and feel that MS products are the only ones that you can use, the less that they trust them. It's a bizarre combination of things.

I’m on Linux side as much as possible. I deploy Windows servers only when there is no alternative solution. I might even say that I don’t trust Windows to that level to feel comfortable keeping RDP open.
So it’s quite opposite for me.

Personally, I prefer to close RDP if possible and put it into VPN. Keep it open only if client insists, and even then try to limit to certain IPs only. Even though there is no documented case that RDP itself was to blame (other than recently discovered exploit, but for 2003 and XP, which are dead anyway), I just don’t like the idea of having it exposed. As @scottalanmiller said "the product is just believed to be insecure" and I feel that way.
Good read at https://blog.rapid7.com/2017/08/09/remote-desktop-protocol-exposure/

@samsmart84 Maybe this Sophos KB article will help?

Cisco has it's own technique on ASA for this - they call it DNS Doctoring.
You would put something like this on your ASA:

object network WEB_SRV_OUTSIDE
 nat (dmz,outside) static X.X.X.X dns

where X.X.X.X is public (external) address and dns keyword is DNS doctoring part. More details is available at:

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/72273-dns-doctoring-3zones.html

http://resources.intenseschool.com/dns-doctoring-on-the-cisco-asa/

@kuyaz said in Best practice partition & LVM for KVM:

/root (ALL remaining space)

/root != /

/root is home directory for root user
/ is root directory

As @StorageNinja said, you should upgrade to something newer. The problem was described at https://kb.vmware.com/s/article/1020214?language=en_US

RedHat Linux 4 Colgate 1996, even had original CD box :). At about same time tried Slackware, but I decided to stay with RH. At that time I volunteered at the university computer center where we had VAX/VMS host and couple of HP-UX workstations. We used RH as PPP server, Web and email server and students used it for shell access. Great days.

You're welcome.

Do you have #!/bin/bash in the scripts? Other thing that could cause problem is missing PATH variable. Put something like

#!/bin/bash
export PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin

In script itself.

I don't use MMS anymore, but I remember (speaking for my operator) that if recepient did not have MMS enabled service or phone, he would get SMS with URL where MMS could be seen via browser.

@stess yes, there is a way to know. GSM networks support SMS/MMS delivery reports. However, it has to be supported by operator (which usually is) and it has to be enabled on phone itself (by default it isn't).
Look at http://ccm.net/faq/34184-android-enable-sms-and-mms-delivery-report how to enable it on Android device.

@scottalanmiller I like Elastix more that FreePBX, and I was really disappointed when 3cx fckd up everything. Elastix had no ads, it had nicer interface (at least for me) , fax worked out of the box. Hopefully, Issabel will be successful.