Systems Administration

VMware bridged network issue (why does this work)?

Sysadmin - Fri, 11/16/2018 - 18:58

Was having some issues when going form NAT to bridged network on VMware (free one)

The issue is I would lose connection, but later discovered why. When installing the free version it seems like VMnet0 network adapter doesn't get installed (which I believe its the one you need for bridged network setting ). Also you really have no way of adding it.

But after hours of searching I found a solution: Simply go into your Network Connections and disable all the VMware Network adapters (VMware1/2/etc) and leave only the one you use to connect to the internet enabled. For some reason that does the trick.

Would love to know why, anyone have any idea why this works?

submitted by /u/MrPositive1
[link] [comments]

Honeypots in the enterprise

Sysadmin - Fri, 11/16/2018 - 18:55

Anyone running honeypots in their environments? What are you running? Looking for advice or suggestions on types of open source honeypots to start with but feel free to talk about any commercial solutions as well. Any success stories?

submitted by /u/_d3cyph3r_
[link] [comments]

We asked the US military for its 'do not buy' list of Russian, Chinese gear. Surprise: It doesn't exist

The Register - Fri, 11/16/2018 - 18:47
El Reg drills into banned technology with Freedom-of-Info request

The US Department of Defense's "do not buy" list of foreign software and equipment turns out to be about as long as the list of bug-free Windows releases or privacy-focused Facebook apps.…

MLC SSDs in a server?

Sysadmin - Fri, 11/16/2018 - 18:45

Are MLC SSDs in server in RAID1 for a small shop ideal?
Yes or no and why?

submitted by /u/dishsoap2018
[link] [comments]

Bitfusion Enables Network Attached GPUs on any Virtual Machine Environment with VMWare and Mellanox at SC18 - Virtualization Information - Fri, 11/16/2018 - 18:34
Bitfusion, the Elastic Artificial Intelligence (AI) software company, announced a reference solution architecture combining Bitfusion's FlexDirect with VMWare and Mellanox platforms for attaching GPUs to any virtual machine over the network....(read more)

Liquidware Expands Alliances Team as Computing Heads to the Cloud - Virtualization Information - Fri, 11/16/2018 - 18:24
Liquidware, the leader in adaptive workspace management, announced the appointments of 23-year veteran and three times Microsoft MVP, Robert Corradini, to lead its robust alliances programs as Director of Alliances, and fellow Microsoft MVP, Jeff Pitsch, as Senior Solutions Architect, effective October 2018....(read more)

Looking for some guidance on making a simple reporting solution

Sysadmin - Fri, 11/16/2018 - 18:22

I have a piece of software that, when it errors, it sends an email out as well as sends information out to a text file (a single text file that aggregates data all day long).

When an error occurs, i need to get the error line (from the text file), the 10 lines above it and 10 lines below it, wrap that up in an email, and send it to some set email addresses.

I have some basic bat file scripting experience. Would anyone be willing to give me some advice on what to research or where to look to make something that would solve my problem?

Right now, when we get an error email, we have to search the text file, copy out the lines of text, and then email it off.

submitted by /u/jundle
[link] [comments]

[Update] - SMS and Call Permissions: One Step Closer

Tasker: Total Automation for Android - Fri, 11/16/2018 - 18:21

I've got some good news!

After Google got in touch with me about the SMS and call permissions in Tasker, they've now added Task Automation apps as an exception in their exception list!

I would be shocked if Tasker was denied the permissions now! 😁

In any case, I'll post the final confirmation after I (hopefully) get the approval from Google!

Thanks again for all your help throughout the whole process everyone! You're all super awesome!

Also special thanks to Mishaal Rahman for letting me know that the exception list was updated! 😀

submitted by /u/joaomgcd
[link] [comments]

Zenoss Establishes Presence at Nutanix .NEXT Europe - Virtualization Information - Fri, 11/16/2018 - 18:18
Zenoss Inc., a leader in software-defined IT operations announced it is a sponsor and speaker at the Nutanix .NEXT Conference Europe, a leading IT industry data center and cloud conference. ...(read more)

Setting up FTP server for an outsourced app

Sysadmin - Fri, 11/16/2018 - 18:17

Alrighty so I've been tasked with setting up an ftp server that'll hold all of our company data so the app that is being developed for iPads can access it.

So, what steps can I take to make FTP safe?

it'll be filezilla since it has to connect to an existing windows share.

submitted by /u/sysadminworkaccount
[link] [comments]

How to acquire domain name when the owner is very rude dude?

Sysadmin - Fri, 11/16/2018 - 18:15

Hello Everybody, Thanks in advance for any assistance or wisdom provided. So I am trying to acquire a domain name from a company that does not appear to be using it The only problem is their IT team does not want to play nice. I have looked up to see if this is on MX records and WHOIS and from what I can see the registration will expire in 2020. I would like to know if there are any other ways than simply waiting for a chance to register for the domain name before they renew. Any advice is good advice and I greatly appreciate it. Have a great day, Aaron

submitted by /u/DrDankMemesS
[link] [comments]

Alternatives to SurveyMonkey?

Sysadmin - Fri, 11/16/2018 - 18:08

My organization is looking into an alternative to survey monkey that wont limit us to only being able to logon from just two computers. Any suggestions?

submitted by /u/feisty-techie
[link] [comments]

[HELP] Check for updates greyed out

Sysadmin - Fri, 11/16/2018 - 17:55

I'm getting a strange issue that I'm having trouble nailing down, hoping you guys have some ideas on what to do next as I'm running out of ideas.

I've got two machines, machine A and machine B. Both machines are in the same OU, and both machines are logged in to the same AD account. Machine A has the 'Check for updates' button disabled on Windows Update and does not have the 'check online for updates from microsoft update' link - Machine B has both the button and check online links available. Both machines are managed by SCCM but we would like to be able to log in as certain AD users and be able to check for updates manually on occasion.

Clicking on 'View configured update policies' on machine A shows that 'Disable check for updates by user' is set by Group Policy; however, there is nothing found in gpresult or rsop that would be setting it.

Machine A - Check for Updates button greyed out:

Machine A - 'Disable check for updates by user' shows as being set by Group Policy:

Machine B - Everything as it should be:

Machine B - Wildy different settings showing as being set:

So what the hell is going on here? Why would 2 machines that are configured near identically, in the same OU, logged in as the same AD user be getting such different results? Why is Machine A showing up with 'Disable check for updates by user' with no matching actual policy running on it anywhere to be found in gpresult/rsop?

Any ideas on what I should be trying next to figure out the source of these differences?

Thanks so much to anyone who can point me in the right direction.

submitted by /u/xevilrobotx
[link] [comments]

MSO 2016 OEM In-Practice for SBA

Sysadmin - Fri, 11/16/2018 - 17:50

This is mostly just an FYI, for those Small Business Admins out there looking towards purchasing new workstations that include OEM copies of Microsoft Office 2016 H&B or Standard.

You might file the tidbits below under "Additional reasons to enroll in a Volume License Program".

We recently just went through a very painful 2-week process of discovery with our main reseller following a substantial purchase for our SMB of 50 people.

Some tidbits I'd like to pass on.

These units for all major PC manufacturers are now no longer being shipped pre-activated and must be tied to an email account under the Microsoft Services Agreement before being able to download, activate, and use.

We have had a number of issues, primarily with being unable to log in to redeem and download the software we purchased.

After multiple escalations with both our reseller and Microsoft, they were able to determine that there is a conflict between O365 and the system responsible for redemptions/activating OEM copies of MSO 2016.

This conflict prevents using O365/E365 based company accounts, with an error that the account doesn't exist, but when attempting to create the account you receive an error that the account already exists.

The solution provided to us was to create a new,free, personal email account for each device tag to tie OEM machines to a MS email account to allow login, before being able to take subsequent steps towards activation.

Another thing to be aware of, the MSA agreement governs these personal accounts; and there is small section that states if the accounts are not logged into regularly, the account will be closed (by microsoft) and any license or product associated with the account may be lost.

Its unclear to us at this time whether that time-frame is 5-years, or 1-year. The section refers to closing the inbox and one-drive after 1-year if both aren't logged into separately in that time, and most inbox closures result in the account being closed from experience; but this may be different. We are still waiting for a response clarifying this question from our contact at MS.

In the interim we plan on scheduling a recurring task for our IT staff to log into each account associated in this way; to prevent this loss as a refund was not an option since a significant amount of labor prepping these systems for use was performed before the issue was discovered. I'm sure discussions will continue, exploring options to make the unmanageable manageable.

Edit: correction from pre-installed to pre-activated for specificity. The trial comes pre-installed.

submitted by /u/dundir
[link] [comments]

Powershell Appreciation thread

Sysadmin - Fri, 11/16/2018 - 17:31

The amount of time and clicks and aggravation I've saved myself with what amounts to 30 minutes of testing and writing powershell scripts is -ludicrous-.

My most recent time-saver this week was a quick script to take a list of machines, connect to the hidden admin share and search for a file with a specific name, then search those files for a specific line in the file. (config file updates for workstations, sanitized code for the curious below)

What've you written recently, and how much time has it saved you?

$hostlist = Get-Content "<file with hostnames>" $searchtext = "<text to search for>" foreach ($hostname in $hostlist) { $FilestoCheck = Get-childitem -recurse "\\$hostname\c$\<path to the file>" | select -Expand Fullname foreach ($File in $FilestoCheck) { if (Get-Content $file | Select-String $searchtext -quiet) { Write-Host "$hostname : Search line found in $file " } } }

submitted by /u/IBringPandaMonium
[link] [comments]

Securing video surveillance on an untrusted network

Sysadmin - Fri, 11/16/2018 - 17:21

I have been asked to set policies for secure video recording, transmission and storage on a highly untrusted network and premises. A tenant of a building forces (bullies) the facility management and demands that the NVR should remain in the tenant's control. Facility management is worried of video tampering by the tenant or access to the video feed/storage without their consent. The tenant demands that the facility management should not have access to the video storage without his consent. Another problem is that the network switches belong to the tenant and are prone to configuration tampering and security degradation by disabling 802.1X or port-mirroring.

I have read:

and already considered implementing:

  • separate Public CA-signed certificate per IP camera
  • AES-CBC 256-bit SD card encryption (Edge Storage)
  • RTP/RTSP video tunneled over HTTPS
  • HTTP digest authentication
  • Syslog Server at a separate location
  • LeoNTP Stratum 1 NTP Server

I haven't yet solved:

  • NTP Authentication (Axis cameras do not seem to support it)
  • Blockchain timestamping (no camera manufacturer seems to support OriginStamp or other time-stamping authority)
  • Multi-factor authentication for accessing cameras and NVR.
  • IEEE 802.1X

Please share your thoughts on how to secure this video surveillance network.

submitted by /u/intelx88
[link] [comments]

Make Image from USB Device Using dd

Command Line - Fri, 11/16/2018 - 17:16

I bought a PS2 to PS3 memory card reader. That's PS as in PlayStation. It fits the PS2 memory card and plugs in to USB on the other end.

I didn't actually want to plug it into the PS3, instead I wanted to make an image of the PS2 memory card for backing up using dd on OS X. But I can't find where the device is using df or mount or disk utility. I know I won't be able to read the contents via Finder but that's okay.

I've also tried diskutil list but I only get the partitions on my interal Mac HD. Doesn't seem to list any USB devices?

How do I make an image of the memory card?

submitted by /u/JillSandwich404
[link] [comments]

Dump "replay"

Sysadmin - Fri, 11/16/2018 - 17:15

Forgive me, found this tool long ago for windows where you could create a dump file and replay in time what each thread for each process was doing. Hopefully someone remembers. Anyone have suggestions for loading debug symbols , viewing call stack, for a dump file?



submitted by /u/FE4RCHAMP
[link] [comments]

Amazon tries to ruin infosec world's fastest-growing cottage industry: Finding data-spaffing S3 buckets

The Register - Fri, 11/16/2018 - 17:12
AWS comes up with blanket policies to smother public-facing cloud storage silos

Amazon Web Services is taking steps to halt the epidemic of data leaks caused by the S3 cloud buckets it hosts from being accidentally left wide open to the internet by customers.…

What happens if you have a Microsoft MPLS agreement...

Sysadmin - Fri, 11/16/2018 - 17:10

...and they audit you, and you don't comply? Just curious - their introductory email says if you don't comply, they can revisit it in the future.

submitted by /u/Sengfeng
[link] [comments]