devilsadvocate

sweet. have a good night. merry christmas

okay

have fun sitting on the tarmac in ATL when a stiff breeze closes it down.

those are my only connector options for the last 20. i am 1000% on board.

He was released after protests at the jail https://www.newsweek.com/us-citizen-detained-ice-florida-birth-certificate-2061379

They have literally put me in a box. I could not get renewal quotes at all for vsphere ent+ and vrops

And then telling every single person not to ise that thing. The only thing you are doing different is azure files and some hacks to tunnel it through an always on vpn. The reality is one drive is perfectly fine for H drives. Sharepoint, if properly planned and managed would be fine to divvy up department drives in nearly all cases, especially in the smb space that rules this subreddit. You are ignoring any nuance and telling everyone not to use sharepoint and then in your comments acknowledging the use case and admitting you use it similarly and considered the nuances

So whats your solution. Continue to rely on on-prem fileservers and vpns and a cadre of scripts to remount said file shares?

I dont even care about that. They dont have manners, neither do i. I usually reply with “congrats on getting your domain on our blocklist”

Its also funny and shocking when i get told im not like other IT people. But shit like this happens and i go “oh i see”. All the time

Im with you. Even in irc its either youngins bitching about user things, leadership edicts when they cant see the forest from the trees or folks looking for crutches and shortcuts. Frankly i tell most people i work in a sector and dont include tech (ie: banking, fundraising, education etc)

This isnt directly related but for similar reasons (having to re-sign in and mfa auth a ton of stuff for a meeting) we are moving to logitech teams rooms and going byod. You can add the room to the meeting and use their android tablet to join the room, share from there. Or use their usb-a/usb-c displaylink dock to just directly connect your laptop to the room devices and use those.

Have a couple users like this. It is what it is. Your focus should be engineering systems on zero trust snd maintaining the ability to supoort,patch and audit machines even if off network and vpn

That is the filesystem. Its basicaly a hacked ntfs that can do active active connections

Thats because you do need to fix it on your own. Therapists can help you identify what needs chnaging tweaking or fixing. They can help you understand what works and doesnt and why. But they cant do the work. Thats on you.

I honestly dont really have any friends in real life that play games.... There are a couple that I have played with for years here and there. And tbh most of the games I play are generally skewing older anyhow. So there is that. My Boss and another co-worker do play games and have invited me to play. The few times I did that, i legit setup sockpuppet accounts to do so. I dont trust those fools.

Also why i dont share my discord or game Id with anyone. I keep that as a hard separation. Too many toxic gaming communities i dont want them knowing my real identity

I freaked a helpdesk fool out playing guitar in my office while doing perf evals. He thought i just had it sitting there and didnt know how to play….

I have a guy that writes like that. Drives me nuts. And annoys everyone.

PA is a palo alto branded firewall (to add yo your list)

Not OP. I do run my own router, and switch and AP's because I have a bigger house and this is a more stable setup. I really only update the switch and AP's like once a year when i have time. The router I do every other month or so. Have spares too just in case. I have a lab otherwise too. I USED to use it quite a bit. When i worked in banking security i would even have legit ASA/firepower and PA's to alpha test some changes before needing to apply for maintenance windows at work (work paid for them as well). I would also be able to spin up services to test things etc. Change management was very serious there and it was more beneficial at times to just break fix things that didnt play well. I manage people now more than anything so I dont really touch it for work anymore. And I have a lot of experience so I can figure things out at work without having to gronk on things at home. Server-wise I have a few vms for monitors. Zabbix, postfix etc. Dont really do much with them, just email me if stuff goes down. Mostly i run stuff for at home. Plex, Sonarr, Radarr, a couple game servers for my kid. Stuff like that. OFC its all backed up nightly and sent to a couple places etc.

And by many buyers that know better

Probably a 10. Have separate router and switch and aps. Backups are automated via synology active backup for business. I don’t really DO a lot with it most of the time. But i do tinker. I do have virtual servers and the like. But its mostly running things like plex or homeassistant or subsystems for management/monitoring.

AI bot most likely.

Rdp doesn’t need brute force to be breached. There have been bypasses, attacks and exploits via windows in the past attacking the rdp process itself or the underlying authentication process it uses. It’s why Microsoft has things like rd gateways to try and help mitigate some of that. It’s generally a poor idea to expose it.

Microsoft doesnt listen on 587. They use tls on port 25 because they fuckin can. Also you shouldn't use smtp Auth. Personally I would use a postfix relay if you don't have an on prem exchange box.

We had at least 3 instances of just mashing reboot fixing it because the updater won the race. Granted it was 3 of a couple thousand but it did happen. It also needed a hardwired connection, wireless didn't have time to Auth and drivers to initialize. But if the wired connect was quick enough it worked here and there.

So I'll say this. Your bosses job IS t9 be involved in office politics. But that only works if executive leadership will back them. When they don't or if they don't its loss territory. Their job is to know where it's reasonable for execs to back you and when they'd be hung out to dry. And their job is to make those reads and maximize your input and voice and sometimes that's trading horses and re prioritizing things or allocating someone to help get over a hump in another department. Since IT is not a money maker their value is in operations and efficiency. Granted some suck at it all. Heck I do a lot of the time. I've done well to stay clean and gain enough good will from executives that I now get the benefit of the doubt, even when executives are maybe the sqeakey wheel. Which is it's own problem in itself in my case. Management has its uses and is still important. There's definitely some shit birds like any role but good it management is the difference between those companies that can recover in an incident and those that act like delta and point fingers.

I'm in a similar boat. Though some have noticed I'm disengaged. It's worth noting I have turned down legit offers over the years for various reasons. The grass isnt always greener and I'm not going to take a lateral move. But I am moving from passively taking leads under consideration to actively hunting after my managements actions during the IR re:crowdsrrike. I even violated my own advice and did let one of our new avps know I was intending to leave. Again I knew better and the advice I previously gave just solidified I should have trusted my own gut. Stress does weird shit to the mind and it's easy to.lpse objectivity.

Two pieces of advice. 1. Don't ever continue to excel on promises of things in the future. That's a common thing management will do to string you along. I've done it to low performers (with contingencies). But I'll be honest with anyone that's solid. Most managers will do it to anyone. 2. Don't ever complain about management to their management or up the chain. It basically never works and you look like a drama queen. Don't go out bitching. Just leave. These are lessons I learned from experience and I work in management now. People don't quit jobs they quit managers. I made it 6 years at my current t role. Within the last 2 my manager began seeing me as a threat to his security. It's not going to get better. I've played the game and proved and re-proved myself keeping a team wirh 0 turnover through covid and multiple mergers, return to office edicts etc. Ive been promised succession and raises by 3 vps now. Only you look out for #1 and you have to go get yours. Very few will advocate for you. It's known my manager doesn't. He had been actively shoving me out because I surpassed him and advocated for a colleague he was actively undermining. So that ire is now on me.

I mean. I wouldn’t call it stable to date.

Cisco likes to remind me of this fact here and there when a sourcefire rule update/reload causes it to just drop all traffic and our network admins activate the “fuck snort” route

This the problem with allowing networking folks control of us systems folks! J/k - I’m probably making the same move back into networking I remember you talking about roughly a decade ago now.

Yeah it was a channel update (aka definition update). I can go look at my squid logs but I’m pretty sure each endpoint checks in to CS for them every x minutes at random intervals. I want to say it’s 8-15 minutes on its own. I had machines up all night unaffected because they checked in before the release and it was pulled by the time it checked back in. In fact most of my HA services stayed up out of sheer luck. Like I lost 2+ sql nodes, 4+ front ends etc but not ALL of them in the clusters. In my server environment of 400+ hosts we only had about 100 down. Workstations were more sporadic and harder to fix (bitlocker, laps, and remote made it tougher) but the transient nature of laptops also helped there.

They should 100% be. You can still do phases based on time in minutes. It doesn’t need to be days. N: immediate N-1: 30 minutes N-2: 60 minutes. They pulled the update within 10-15 minutes. This would allow people to stage their systems based on their own priorities and stay safe and test. cS as well. There’s 0 reason you can’t delay a definition/channel update for an hour or have it configurable in most environments. Even 0 days that go public generally take a bit to see mitigations implemented.

Today the latter was chosen. It’s unfortunate. I like the org overall and all of the new senior leadership. But I’m not sure how you come back from that. Many on my team lost respect for our leadership today. Damage was certainly done to moral. My leadership and standing was undermined and I was told in no small terms that this was only the beginning and there was now nothing I could do to stop it. So I don’t know how you come back from that. some of the middle management has been around for a while and resort to pretty petulant acts when they feel threatened. Today was that day. It’s wasn’t about the work. I have interviews lined up next week (unrelated to today). I’ve turned down multiple offers outright in last two years. If I get this one I won’t be turning it down. Again that doesn’t make me feel good. I don’t want to leave in spite and drama. But I can’t be undermined and cursed at in front of my colleagues either. I’m a grown ass man that was basically sobbing in the car simply trying to do my job while my management undermined that effort. Never happened in my career. I did have a call with senior leadership after COB and their take on the response was overwhelmingly positive. They were surprised to hear what was done while we were trying to triage. But I doubt anything will come of it that’s salvageable for me.

I was very close. But not because of the outage. But because my leadership wouldn’t let me run incident response and decided to cause chaos and havoc in the process while they were panicking. I guess I’m not long for this org.

Sent him out with substandard training. And substandard gear (no radio) and rather than eject, dude saves the aircraft on a non standard landing surface. End result: punishment for being substandard while doing basically extraordinary shit. Hell he shoulda changed his name to John Yossarian.

Modern windows has OpenSSH baked in. Supports password and key based auth fine. You can also use Windows subsystem for Linux if you feel so inclined. Though I don’t for admin. Personally I just use the new windows terminal that has tabs. Use ssh keys for everything and then sudo is just as auth. Servers will do AD password auth for ssh but I only use that for the initial login. Keys make things like moving files much easier.

Yeah it's been quite nice for us. Low power mode on amd with higher core counts seems to generally perform better. Though because it's amd there's sometimes odd bugs with new versions of windows.

For us. Amd meant the fans didn't run 24/7 with the 11th Gen intels on dell they would scream. Amd lenovo brought our cost per unit down almost 30%, put them in low power and passive cooling works for most. And they get better battery life and longevity as a result.

https://archive.is/BVqsq Better version

Veeam doesn't even reccomend it these days. We moved to xfs on Linux cause refs was awful

We started doing. Jamf us cheap af and does most of what we need. Only thing that gets weird is printers. Most of our apps are web based and there's an office suite and edge for macos. It's easier than ever to do

Yep. In the moment/in a meeting i have said "Please to yell at me" or "i dont do the yelling thing, happy to talk about it when you are able though." If it happens again i tell HR. Or if i wasnt able to de-escalate myself, i tell HR. Only once has a manager of mine doubled down. they made him say sorry, i left on my own recognizance shortly after because it was clear he had a vendetta though.

Same one

Ollie north is still around. Fuckhead is a military “expert” consultant for Fox News from time to time.

Okay.

It’s 100% hit me in the past. Most notably if one of the dcs didn’t see the domain up and used the public firewall profile. Typically flipping the nic on and off will fix it. But it’s a trivial thing to check and test. Additionally some malformed GPO can muck with firewall rules. So I’d be hard pressed to be as sure as you seem to be without hands on the situation.

We used exchange the same way, but it served as a sync point for users groups etc. If you dont have the need to keep DL's, mailboxes/accounts etc in sync with your M365 tenant (you are a rare bird), postfix will do it just as well. Damn sure much easier to maintain and patch.