I know it's meant to joke about the perception of IT in the corporate world, but who else would love to have the workroom that Moss and Roy have?
Space for a couch, their own kitchenette, far enough away from people you wouldn't get a bunch of random people "dropping by"
Sounds great to me!
Am i the only one annoyed by this?
Every time something happens at scale conversations are stopped and stuck into a single thread leaving everyone with a wall of text to filter through to find discussions relevant to your environment.
Sure merge identical threads but pooling the Spectre stuff makes it a nightmare to have meaningful conversation.
Edit: here's my proposal:
When something like this happens again create a megathread which serves as an index to the various discussions taking place in other threads. If a thread is found to be a duplicate pick the most comprehensive and link the other back there ie only allow one thread discussing "Spectre on Windows" but allow a separate thread for Unix systems.
Our business made the decision to close for the day, but we still had people working from home that we wanted to support so my team kept our phones nearby and checked in every so often. So far everything seems to have worked better than intended.
Our VPN endpoint hit a record number of concurrent connections which was about 9x higher than our previous maximum.
We are not out of the woods yet, but the majority of the storm has passed and the number of connected users is starting to decline.
Safe travels to anyone who has to brave this storm.
I need help with setting up dlink switch + Graylog What inputs should I enter, what should I do on switch side. Any useful dashboards/plugins?
Is hardware support required when patching a Windows Hyper-V guest?
When I run Get-SpeculationControlSettings it kicks back that I've got BTI hardware support present on the host, but hardware support is not detected on the guest VM, is this the expected behaviour of this patch?
Hey guys. My infosec team is in the midst of their audit, and they're needing to use some software to gather data for this, and that requires that some software agents be installed on my DCs. Long story short, I need to allow a member of the infosec team to RDP onto my domain controllers to install this stuff. I normally would do it myself, but, again, this is a long story, the infosec team needs to do it themselves.
So, I need to allow one of them RDP access, and give them the ability to install software on my DCs, but I need to shield them from being able to access ADUC, DHCP, DNS, etc... so that my boss doesn't have another stroke.
This can be a pretty hairy situation, but I don't even know what to ask 'the oracle' to find a best practices guide or something for provisioning this. Any ideas?
We are in the process of implementing Fortigate devices as our firewalls. However there is no real vpn solution for Chromebooks. As I know there are a lot of sysadmins out there that have a fleet of Chromeboojs anybody got this working (and not the sslvpn option) or a workaround for a good LT2P solution?
Hi,
We have a server whose RAID contoller failed. The only spare we have is a different model. Can you typically restore a RAID 1 set up with a different controller or will it make you reformat the drives?
Failed Card: ASUS Pike ii 3008-8i Spare: Intel RS3UC080
With the new year, school faculty are asking that I put three kiosks in the foyer. These will be designed so that students can quickly print something, check their schedule for that day, and that's it.
I have the kiosk machines set up. I basically went with Mini PC's. I have my computer set as is, loaded Reboot Restore Rx on it to ensure that the machines are locked down so users can't make changes.
Only issue I have is that Reboot Restore is scheduling the few updates coming through for a time when the machines are likely turned off. I put out one kiosk as a 'test' this week and 2/3 days it's been out the machines are offline. Which means Reboot Restore can't run the updates.
I basically need some advice for something to essentially cause those machines to boot up before RRRX runs the updates. I'm thinking possibly GPO but I'm not overly familiar with it. The program shuts machines down after it's done, I just need to worry about boot up.
Thanks in advance.
Probably something simple but Google let me down;
I have a user that when she replies to or forward emails the messages prior loses the information on who the original mail has been sent to and changes those to:
https://i.imgur.com/4MsUuL4.png
I will add more information here as they become available:
I’m looking for some way to securely activate AD accounts for new staff over the web with verifying on some AD details, (Employee ID, etc). Do any of you use this method or know a way I can do this?
Hello,
I just got sent the following email from stats canada about mandatory participation into a cyber security survey and I was wondering if anyone here knows if this is legit or not. Seems like its real but i just wanted to check in with you knowledgeable people in case i'm being bamboozled. Is this common in the it world?
*La version française suit le texte anglais. This email was sent by an automated system. Please do not reply. Statistics Canada is conducting the Canadian Survey of Cyber Security and Cybercrime, and your business or organization has been selected for participation. Please submit the completed questionnaire within 21 day(s). If you do not submit your completed questionnaire, you may be contacted by a Statistics Canada interviewer. Your participation is mandatory Your contribution is important as it enables us to produce accurate and timely data. Your participation is mandatory under the authority of the Statistics Act, which ensures that the information you provide will be kept confidential and will only be used for statistical purposes. We do not release any information that could identify a business or organization, unless consent has been given, or as permitted by the act. Important note for businesses or organizations selected to complete multiple questionnaires Please note that if your business or organization has been selected to complete more than one questionnaire, you may be prompted to enter a password before accessing a list of questionnaires. Accessing the questionnaire Select the Login to the Survey link below and click Start. Login to the Survey If the Login to the Survey link does not open: • Copy this link https://www68.statcan.gc.ca/ecp-pce and paste it into the address bar of your browser. (As this is a secure website, it will not work if you paste it into a search engine such as Google. Please ensure to paste it into the address bar that appears at the top of your browser page.) • Enter your Secure Access Code: xxxxxxxxxxxxxxxxxx The purpose of this survey is to collect information on the impact of cybercrime to Canadian businesses including investment in cyber security measures, and cyber security training. It also tracks the volume of cyber security incidents, and the associated costs with responding to these incidents. Results from this survey may be used by businesses for market research studies, by trade associations to study performance and other characteristics of their industry, and by governments to develop economic policies and technology strategies. The information you provide may also be used by Statistics Canada for other statistical and research purposes. For more information about this survey, visit http://www.statcan.gc.ca/survey. Contact us Telephone 1-877-949-9492 (TTY: 1-855-382-7745) Monday to Friday (except holidays), from 8:00 a.m. to 7:00 p.m. (Eastern Time) Email STATCAN.infostats-infostats.STATCAN@canada.ca
Thank you, Lise Rivais Director Collection Planning and Research Division Statistics Canada Government of Canada*
We have a client that has a Sonicwall TZ300, and port 443 and 80 are being forwarded to an internal server. They have another internal server that needs to communicate on those same ports, and they also have a couple extra public IPs. I have gone through the wizard and did it step by step, and when asked what public IP to use instead of the default one i just incremented it to the next one.
I do see in the nat policies that are created after using the wizard that on the 'statistics' for one of the nat policies that there is a few packets being detected but the device is not reaching the internet according to the device (it is a postage meter).
am i missing something, does the sonicwall even allow using another external IP to be setup like this?
any tips or pointers are appreciated.
This topic has come up several times here on r/sysadmin--I know because I searched--but all the informative ones are too old to be reliable thanks to Sensu's rapid development in the last two years.
So my shop is moving away from Nagios, finally. We've been experimenting with Icinga2, but recently decided to give Sensu a try, also. The talk is that we might do a division of labor between them, probably alongside our existing Observium and Netview instances. We have a fair sized network, running several hundred hosts and almost as many routers, switches, PDUs, and vnc servers. We don't have a lot of churn with VMs or containers, but some of our clients do.
I know a lot of shops use multiple solutions since no one solution covers everything equally well, so I'm curious what some of you have found to be the best applications of Sensu and Icinga2. I'm just getting into Sensu and so far it really doesn't seem to offer anything Icinga2 doesn't so where to split the load escapes me.
We are at the point where Windows 10 is going be our primary OS as we are currently in Terminal Server environment.
We have concerns over the adverts in Windows 10 pro and we are looking at upgrading to Enterprise to be able to control this.
Just wanted to test the waters and see how many orgs actually use Win10 enterprise in the real world? To put things into perspective, we are only around 200 workstations.
Hello,
I'm only a year into doing IT work, yet I'm also the only IT employee at my workplace. The owner makes buying decisions and is very good about making security a top priority. He doens't know much technical stuff, but has a good friend who just finished his masters in computer forensics something or other that keeps him informed and advises on the business.
I have been asked to find a SIEM system for our network and was curious if anyone has any recommendations for my situation. Again, I've very new (only 1 year experience) but I'm basically the systems admin/helpdesk/anything that plugs in guy. The network I manage has about 40 workstations, 40 ip phones, 4 physical severs (1 file server), 6 virtual and a windows 7 pc running Lanstate Pro as a network monitor. All servers, save 1, are running 2012 or 2012r2. I'm not very confident when it comes to making buying suggestions and I don't know a damn thing about SIEMs other than what I've read on wikipedia and a few google links.
Would anyone be able to make a few suggestions on SEIM systems that would be most ideal for my situation?
Hi Reddit Folks!
I'm looking into two solutions to test in a lab then apply them to production environment...
For test environment, i want to be able to make 5+ user folders and allow them to have full permissions to their folder and not allow other users to access their files. And of course, allow IT folks to have access but i'm guessing this part, i would just use a security group and apply it to the root or which ever level that applies to users folders.
2nd, in an after the fact situation and there is a new user that is hired, would the proper procedure be to create a new folder manually and then manually add that security permission based on their user name to have full access?
Thanks in advance for your help and time!
I had an interview today with the Director of Technology for a school district. I looked her up on linkedin. Shes a Dr. but has a doctorate in english... She had no technological background. It just reminded me of that women who was the CTO of equifax. I feel like these people are put at the top because they have just been in their perspective industry for so long or they are diversity hires(which i don't mind but have some experience atleast). I feel like if I accept the job and have to work for her I will have to debate why we need to make certain changes instead of her already understanding.
I noticed all my Windows 10 clients show Not Applicable for all the 2018-01 Security Updates even though it's been approved. I also have the clients manually check in and it states the machine is up to date.
Been searching everywhere to find a fix for this and absolutely no luck so far. Here are the pertinent lines and thanks for any insight on this matter. (If there is a more appropriate /r than sysadmin, I am open to suggestions)
SYSPRP spopk.dll:: Failed to query pending CBS operations; hr = 0x80070543[gle=0x000003f0] SYSPRP ActionPlatform::LaunchModule: Failure occurred while executing 'Sysprep_Clean_Validate_Opk' from C:\Windows\System32\spopk.dll; dwRet = 0x543[gle=0x000003f0] SYSPRP SysprepSession::Validate: Error in validating actions from C:\Windows\System32\Sysprep\ActionFiles\Cleanup.xml; dwRet = 0x543 SYSPRP RunPlatformActions:Failed while validating Sysprep session actions; dwRet = 0x543 [0x0f0070] SYSPRP RunExternalDlls:An error occurred while running registry sysprep DLLs, halting sysprep execution. dwRet = 0x543 [0x0f00d8] SYSPRP WinMain:Hit failure while pre-validate sysprep cleanup internal providers; hr = 0x80070543
