Best posts made by zachary715

Looks like about a one month trail...

@dbeato said in What Are You Doing Right Now:

@zachary715 said in What Are You Doing Right Now:

@dbeato said in What Are You Doing Right Now:

Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1

Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.

Did you enable MFA after that on the accounts?

We looked into MFA before this ever happened, but it doesn't seem to work well since we have Office 365 through GoDaddy. The authentication seems to run through GoDaddy first so it makes it act fairly wonky. I'm now testing a "pure" Office 365 account and going to enable MFA there to confirm my suspicions that GoDaddy is where my issues lie.

@travisdh1 said in Securing NextCloud:

I forgot before: You can also login to the admin interface and looking at the settings page. It'll give you a list of performance and security optimizations with links to instructions on how to make the changes.

Yeah that's where this all started. It only states that I need to...

1. Modify/enable the HSTS header to at least 15552000 seconds
2. PHP OPcache not properly configured and to make changes to the php.ini.

From that though, I got to the hardening and security guide and started to go even deeper down the rabbit hole.

Great, in-depth story on Marcus Hutchins, author of MalwareTech blog and primary person credited with stopping the WannaCry ransomware.

https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/

Once you figure out where you're going to put it, whether some hardware you own or cloud, this guide by @JaredBusch will walk you straight through setting it up. https://mangolassi.it/topic/16380/install-nextcloud-13-0-0-on-fedora-27

From my reading, they were disclosing to the big boys at Amazon, Microsoft, Google, but not to these other guys. So now they're scrambling.

I guess in reality you can't really reach out to EVERYONE affected immediately. You have to draw the line somewhere of who knows ahead of time and who doesn't. I just would have thought some of these providers were large enough to justify disclosure

Local security vendor I know is setting us up with Vitek camera system. He really likes them and speaks highly of them. He's been in the business for a while and used various brands, so his recommendation went a long way. I think they're reasonably priced as well.

16 Channel NVR with built-in 16 port POE switch roughly $1,000. No recurring costs.

4MP 1080p Dome Cameras were about $220 each.

Cameras: http://www.vitekcctv.com/Sections.asp?SubSectionID=164

NVR: http://www.vitekcctv.com/Sections.asp?SectionID=1029&SubSectionID=167

Right at 3 months in on my morning workout routine and it's going well. Surprised at how fairly easy it has been to maintain the mornings. Already seeing the physical results. Couldn't tell you how much weight I've lost/gained as I don't really care. I imagine it's little to none either way.

@dashrender said in question about setting up a new domain controller:

@tim_g said in question about setting up a new domain controller:

@dashrender said in question about setting up a new domain controller:

If Appriver stopped paying their bill (ok not likely, unless they go bankrupt) MS will cut off all of Appriver's customers from access.

The thing about this, is that you can easily switch back your licensing to MS... it doesn't interrupt anything. It's the same license. What changes is who you are paying.

Are you sure? From those complaining about GoDaddy, the switch is not easy.

We are with GoDaddy currently because we were using a different hosted exchange provider years prior who apparently couldn't compete once Office365 came out. They partnered with GoDaddy for a seamless transition so we took that route assuming we could always just change out and go straight through Microsoft later.... WRONG.

My understanding is that we'd have to backup everyone's mailboxes, recreate users, restore mailboxes, etc. Not as simple as just handing the "contract" over to someone else.

$50 with no annual fee in Mississippi. Nationwide average is $127 as of 2016

Also... https://www.llcuniversity.com/llc-filing-fees-by-state/

Rebuilding RAID array after a failed drive occurred today. First one I've encountered in a few years. Timely. Thankfully RAID 10 and moving quickly.

Output after a fresh install...

[zmagee@fedoratest ~]$ sudo dnf install fwupdate-efi microcode_ctl
Last metadata expiration check: 0:10:54 ago on Fri 19 Jan 2018 04:17:13 PM CST.
Package fwupdate-efi-10-1.fc27.x86_64 is already installed, skipping.
Package microcode_ctl-2:2.1-20.fc27.x86_64 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
[zmagee@fedoratest ~]$

@momurda said in Student Loan Forgiveness Rant:

That isnt how it works from @PenguinWrangler description.
The forgiveness will be taxed as income, probably at the rate bonuses/lottery income, much higher than regular income unless he is making tons of money(he isnt if working for feds).
He is essentially an indentured servant to the federal government for the next decade.

Also, people saying the government shouldnt be spending money on education, LOL.
It should be the highest expenditure of the federal government and local governments.
It should dwarf the War Department's budget.

You don't solve problems by just throwing money at them. We've been trying that with education and it isn't working. I agree that education should be a priority, but that doesn't always equate to dollars spent. The gov't is (seemingly) highly inefficient with the way they currently spend our dollars.

And no, education shouldn't be higher than our defense budget. I wish they could be closer (due to less demand of need for defense) but unfortunately we live in a messed up world with some crazy people. Our government's first and most important responsibility is the protection of its citizens.

@bnrstnr said in Non-IT News Thread:

@Dashrender said in Non-IT News Thread:

@RojoLoco said in Non-IT News Thread:

@JaredBusch I feel that pain. Wells Fargo is my mortgage holder/servicer.

I had them for 5 years - never had a problem, not once.

Of course - i was never late with my payments either.

The only problems I've had with them is that their account people have no idea how to calculate what to take out for escrow. Every year they send me a check because they take too much. I've tried calling and going over the numbers with them, and they just don't get it. I'm half tempted to just say screw the escrow altogether if they'll let me. Referring to the stupid letter at the end of the year saying "you have these choices for your escrow payment... if you do nothing your payment will automatically raise to this amount"

Now that I type this it totally seems like a scam, given Wells Fargo's reputation. Take way more escrow from every single customer and profit on the interest. Bastards.

I cancelled my ESCROW account as of last year for a couple reasons. I'm one who shops around home/auto insurance annually and every time I switch home insurance it's a nightmare. As you say, the amount they deduct is always off, and usually on the high side (although this makes sense on their end to ensure that always have sufficient funds). Plus it puts me in control to hold my money and earn interest on it and pay my property taxes in the most tax efficient way for me.

If you could bring your host count down to 3, you MIGHT be able to pull this off without additional licensing. I don't know that for a fact but something you may want to look into.

Otherwise, you're looking at a minimum of vCenter Standard ($7,500 including support) plus either vSphere Standard licenses (~$1500 per socket) or ROBO licensing. You're probably looking at a cool $10-15k if option 1 isn't available.

@dashrender said in Student Loan Forgiveness Rant:

@dustinb3403 said in Student Loan Forgiveness Rant:

@scottalanmiller said in Student Loan Forgiveness Rant:

@dashrender said in Student Loan Forgiveness Rant:

What torqued my wife and I off was that a new program was put in place for teachers to have gov't funded loans forgiven, but she didn't qualify because she was before the start date they picked. But of course all the teachers since then.... HUGE reduction in student loan fees.

All of that said - I'm with Dustin in that the government shouldn't be using public money to put people through college. The government, often requiring college degrees, just furthers a system of waste and control.

I'm the opposite, the gov't should put everyone through college. It's the picking and choosing that is the problem.

I'm not against fully funded community college for everyone. I'm against forgiving debts that people have promised to pay back because a person is unable to find a higher paying job.

You agreed to the terms of the loan, now pay it back. Sorry you can't get/find a better job. Not the public's issue.

I'm just not picking up what you're putting down. The loan came from the government, so the government has that as a benefit for working for them...

If the loan came from Wells Fargo, and you went to work for them, then they would have that as an option to offer you.

Question - do you think it's BS that people that work for Cox Communication get free free cable/phone/internet because they work there? The loan forgiveness as a government employee is really no different.

HIs whole argument here is that it's the public sector which is offering this benefit with "our" tax dollars. I think he's fine with private businesses doing this same matter because they aren't operating with a $20trillion and growing debt with no solution in sight.

@mlnews said in Non-IT News Thread:

Pelosi calls for family 'intervention' with Trump

The US House of Representatives' Democratic leader has said President Donald Trump's family should stage an "intervention" with him.

Speaker Nancy Pelosi also said she was concerned for the president's well-being, a day after he abruptly cut short a meeting with her.

Nancy Pelosi calling out Trump about his well-being and saying he needed intervention....

https://media.giphy.com/media/l36kU80xPf0ojG0Erg/giphy.gif

Just subscribed on Castbox. Will check out soon.

@jaredbusch said in Least Privilege Accounts Setup:

@jaredbusch said in Least Privilege Accounts Setup:

@zachary715 said in Least Privilege Accounts Setup:

@jaredbusch said in Least Privilege Accounts Setup:

I create an AD account specifically for local admin rights.

This account information is ususally given to department managers.
So if software or something needs installed, and they choose not to contact me, they can.

They are also warned that fixing something will be billed...

So you have one AD account setup that multiple department managers use when they need something that requires admin privileges? And then what you give that account local admin rights on each machine, or give it some sort of admin authority within the domain itself?

That account gets local admin rights only. No other access.

If I was an on site IT department, I woudl probably do it a bit different. I would have time to experiment and setup better methods.

Yeah this is what I'm going through now and why I'm coming to the community to get input. Trying to think through this carefully and make sure I do it right and the way I want it done the first time.

I've been watching a lot of David Goggins videos lately. I just love his mentality and mental toughness and am trying to embrace it more in not only my health but in every aspect of my life.

WARNING: LANGUAGE

Youtube Video