slazer2au

@[email protected]

This profile is from a federated server and may be incomplete. View on remote instance

slazer2au ,

o.O so it's not a bank that has failed, rather a banking middleman who provides Banking as a Service (BaaS)

Look, if silicon valley bank collapse didn't trigger a meltdown then this wont either.

slazer2au ,

Where are you jumping to? I hear people going Hyper-V and nutanix(?)

slazer2au ,

Bit late, the path is already there with Azure Arc

slazer2au ,

MS is currently going through some legal battles in the EU about unfair pricing so it will be interesting how that turns out.

slazer2au ,

Is someone still running the cloud to farts plugin from the early 2010s?

slazer2au ,

I would assume so low because the lack of people reporting it. Or they just don't know what is happening to them is illegal.

slazer2au ,

As long as both ends are a matching pair you should be ok. Of they ran single mode fibre use single mode sfps.

Check out FS.com
Plenty of options for plugables.

slazer2au ,

Not like they will get the reference.

https://res.cloudinary.com/teepublic/image/private/s--mAV5C7vL--/t_Resized%20Artwork/c_fit,g_north_west,h_1054,w_1054/co_ffffff,e_outline:38/co_ffffff,e_outline:inner_fill:38/co_bbbbbb,e_outline:3:1000/c_mpad,g_center,h_1260,w_1260/b_rgb:eeeeee/c_limit,f_auto,h_630,q_auto:good:420,w_630/v1669561008/production/designs/36931199_.jpg

slazer2au ,

What do you mean will? They have.

slazer2au ,

Careful, one day be may delete a federal database doing that.

slazer2au ,

Also test your backups. Start with the 3-2-1 rule (3 copies, 2 different media, 1 offsite)

If you want to get fancy there is the 3-2-1-1-0 rule. 3 copies, 2 different media, 1 offsite location, 1 read only, 0 days since a failed backup.

slazer2au ,

No. Because you assume it means work related, as opposed to don't be an ass.

I had to migrate from Samba AD to Windows Server AD and I'm sad (RIP Samba)

Samba is amazing, Windows server is a lot less so. The problem with Windows server is that it takes tons of steps to do basic things. On Samba I had Samba tool and it was very nice and friendly. On Windows server you have a ton of different management panels....

slazer2au ,

If you are using LDAP auth for your hypervisor (vsphere as an example) how do you auth after a kaboom event and your AD server VMs have not auto started.

I remember reading somewhere (prob /r/Sysadmin) that having one bare metal AD server just incase everything goes offline.

slazer2au ,

I recall that ESXi doesn't let you do crap from the console. Just configure management. Be interesting to hear what options Prox and Hyper-V may have.

slazer2au ,

Seconds? Years? Decades? Meters? AU?

Care to give a unit?

slazer2au ,

Yep. Which is why I said time and distance units.

slazer2au ,

Oh, the unit is the universe.

slazer2au ,

Cisco and web UI are a nope all cisco enterprise exams are based on the cli with the exception of DNAC.

The ISR900 series has a max throughput of 250Mb so it will not work for your case.

Go for the opnsense on a mini pc. It will be more capable than a cisco router

If you are keen on continuing down the cisco line get GNS3 or EVE-ng setup and learn the cli with the iosv and iosv_l2 images.

slazer2au ,

I am a fan of the AooStar R7 at the moment.

aoostar.com/…/aoostar-r7-2-bay-nas-amd-ryzen-7-57…

As you have the Nas you don’t need the 2 bays populated but it comes with 2 nvme slots and capacity up to 32tb of ram.

slazer2au ,

Containerise oxidised and syslog-ng because I am annoyed that we have no automated way to update the config of those with our current automation.

Tailscale as a tool for PCI compliance (to avoid port forwarding)

So I recently discovered that the camera NVRs are majority insecure. This lead to my company failing to get PCI compliance which wasn’t all that unexpected. However, this leads to the awkward situation of me comparing mesh VPNs. I’ve been playing around with netbird but I’m looking for a more polished solution....

slazer2au ,

In all honesty of you are in a commerical environment and scale where PCI and mesh VPNs are cropping up you should consider hardware firewalls.

FortiNet has FortiGate ADVPN as part of the base image and no extra licenses required. If you include the licenses you can get PCI reports from the FortiGate.

Juniper has SRX mesh, don’t go for the cisco tax of DMVPN, Palo Alto has LSVPN

slazer2au ,

The chef is intact but is holding 2 plates now.

slazer2au ,

Only when we get past money as a motivational factor.

So never.

slazer2au ,

You assume the system were written this century and could even have those features.

slazer2au ,

God speed from a 2D cousin.

slazer2au ,

That’s fine. People don’t read the article anyway and it was the support portal of Okta that was breached.

So you are effected if your IT team had a support ticket open with okta and provided a support file and even then only the user details in the support file was effected.

slazer2au ,

It depends if your POE device can communicate back to the switch to lower the power output to match its requirements.

A switch will generally push the full power over the wire unless the remote device can talk back with LLDP power management TLV to lower the power, while connecting with a wall wart the device will pull only what it needs.

slazer2au ,

How are they not secure? You are still doing TLS to the service, maybe they have weak keys but it is still a form of secure connection.

slazer2au ,

Press X to doubt.

slazer2au ,

So you don’t have application lifecycle management?

slazer2au ,

It’s like the people bitching about MS changing Azure AD to Entra and how they have to rewrite part of their automation flow. But the module to access Azure AD has been on the depreciation path for over a year.

slazer2au ,

How long till employers sue the government saying the labour board doesn’t have the authority to do this. Like when telcos sued the government saying the FTC doest have the authority to impose net neutrality?

slazer2au ,

Be interesting to add 2 more columns the C suite compensation packages and their percentage of income. Might help give people more context.

slazer2au ,

I’d say rip your ears but the G series is far quieter then the E series.

slazer2au ,

opentf.org

Already a push to create a foundation based owner of a terraform fork.

slazer2au ,

Y’all have fancy labs.

All I have is a HP dl380 Gen8 sitting sideways between my desk and my wife’s desk. Its use is now eveng for ccnp studies.

slazer2au ,

2x Xeon E5-2650 8x 16Gb ram (128 total) 2x 600GB 10K SAS

Thinking of upping the CPU and getting more drives though.

My wife calls it the noise machine for obvious reasons during booting.

slazer2au ,

Seems legit.

slazer2au ,

Honestly, why not do fortiswitch with your FortiGates? Using the fortilink feature fortiswitchs can be managed from the FortiGate

In addition if you get the fortigate cloud license you are then able to use the FortiCare portal to manage the device and can still login locally to make changes. Do not get the fortimanager cloud that is a seperate offering you do not want in this case as local changes will mess with things

slazer2au ,

In normal operation a router or firewall running NAT will allow you to access the internet and receive traffic you requested and drop any unsolicited traffic originating from the internet.

If you were to access google, your PC will try to access google.com on port 443 with your PC being the source of port 5673 (any number between 1024 and 65000ish). Any traffic from Google to you will be permitted provided they are using the correct port pairings. If google then decides I am going to send you traffic on port 5677 your router/firewall will drop the traffic as it is unsolicited.

Now for the problem. Upnp allows a piece of software running somewhere in your house to register itself with your router and say “hey, if you see traffic destined for port 5555 from anywhere on the internet forward it to me, even if I didn’t start the conversation”. Considering how bad software is written this can give a threat actor a beachhead into your LAN to then vomit as much traffic back out as it wants, it could be a DDoS a mining not or just regular traffic sniffing.

Revoking the SSH Keys of a Friend Sucks

I’m just going to be vulnerable for a minute here. I met the first person in real life who had similar server-y linux-y obsessions to me and we’d send eBay links of systems to drool over to eachother. They ended up being a terrible person but hid it from me pretty well until they couldn’t anymore and now I no longer have...

slazer2au ,

How nerdy you talking? Because I was tempted to get this, then I saw the price. shop.telegeography.com/…/2023-submarine-cable-map…

slazer2au ,

Is there no conditional access for the rds portal?

Time for a CYA email to your manager, project manager, and legal voicing your concerns about the lack of security for an rds Gateway and lack of best practices.

slazer2au ,

The reason his responses were fumbling? He’s just a hobbyist that’s managed to get one of his projects into a good enough place to make money off of. Are you expecting a PR team level of response?

For $600/year. I kinda do. If you get to the point of selling something it is beyond a hobby and you should have some form of professional services to outsource this kind of work to.

slazer2au ,

I just received a request to deploy a new VM that is going to be used for managing and provisioning switch ports on some new networking gear. The vendor has provided a document with their minimum requirements for this. 24 vCPU’s 84GB of RAM 600GB HDD with a minimum I/O speed of 200MB/s

Let me guess Cisco DNA centre?

slazer2au ,

There is. Netbox and Ansible

slazer2au ,

Man, 7.0 has been a hot mess with their WAD. I haven’t upgraded any customer off 6.4 yet. I think I will skip 7.0 and jump straight to 7.2.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • All magazines
    •