|
Charun posted:
Between it leaving your system after 24 hours, needing a week before taking it again is effective, and being woefully uncommon, I can't imagine why.
|
#
?
Sep 24, 2013 08:15
|
|
insider tip i once got: no one ever bothers testing for LSD 
|
|
| # ? May 16, 2024 05:45 |
|
|
What in the world is going on with this telephone extension wiring  (I never was very good with traditional telephone wiring, but I think someone's made a kludge of it which makes it all the more difficult)What I have here is standard network cable running to a telephone socket, another network cable comes out of it and all the wires are joined straight through to the same colours (some of them have been joined by twisting the two wires together and wrapping them with sellotape). 3 of these joined wires are clamped onto pins 2,3,4 of the krone block. I am guessing that 3+4 is the telephone pair, as it's a 6 pin connector and usually just the middle two have connections, but damned if I can get a dial tone. The network cable coming out of that goes to another socket, where 3 wires are clamped onto 2,3 and 5 (?!), the rest are just dangling there, then there's a 4 core wire with 3 wires piggybacked onto those 3 which then go through to another extension which is connected and working  Edit: Sussed it. Makes sense, one cable to run a few extensions, they just weren't wired properly and were kind of "thrown together" until the extension at the far end worked. Most telephones use a pair on pins 2 and 5, but some of the sockets are wired to 3 and 4, requiring an adapter on the phone lead. I don't particularly understand why there's a mix of these. The main problem was that it was wired incorrectly at the distribution point! Also pissing me off today is the spiralbond cable tidy stuff. I just love spending half an hour unwinding a huge length of it just to extract 1 lead... GargleBlaster fucked around with this message at 12:43 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 10:46
|
|
|
A while back someone in marketing put in a ticket to have Adobe CS 5.5 purchased and installed on one of their computers; it was already budgeted so no big deal, just has to go through my boss since she does all the purchasing. About two months go by before marketing starts wondering where their software is, so I poke my boss; "I bought it last month, didn't you read the ticket?" No notification that she updated the ticket, and on a stack of 50 it gets a little difficult to notice a ticket being updated. Whatever, grabbed the software and the key and went installing. Invalid key. I go through Adobe's chat support and after 20 minutes of terrible scripted answers I find out the key is for Adobe Acrobat 8. Let my boss know, and she says she'll get back to me. In the mean time I set the install to the 30 day trial so they can at least use it. Another month goes by and the trial expires and marketing is getting antsy so I poke my boss again. "Oh I updated the ticket with the new key." Still no notification, and I know the checkbox to send an email to all asignees on update works, but whatever, let's get the key in.  Invalid key
|
|
#
?
Sep 24, 2013 13:02
|
|
|
hihifellow posted:A while back someone in marketing put in a ticket to have Adobe CS 5.5 purchased and installed on one of their computers; it was already budgeted so no big deal, just has to go through my boss since she does all the purchasing. You have bought Adobe Premiere 5, congratulations!
|
|
#
?
Sep 24, 2013 14:46
|
|
|
Me  Getting a bunch of weird errors for these client images lemme see what is wrong Oh they weren't sysprep'ed but that shouldn't matterapparently to some DNS name changes = SID changes  Now I wait for the inevitable "well I never had to do it on XP/2003!"
|
|
#
?
Sep 24, 2013 14:54
|
|
|
Dilbert As gently caress posted:Me http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx According to Mark Russinovich SID duplication doesn't matter. Is that not the case? Demonachizer fucked around with this message at 15:34 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 15:31
|
|
|
Time to head off into the desert for the annual management retreat. It's at a resort-type place. If it's like the last two it's a complete waste of time, just an evening of boozing followed by a morning of pointless presentations. For unknown reasons I was asked to do an I.T. presentation so I'm doing the briefest possible status update. Hopefully that will reduce the chances of some yokel deciding that my presentation is a great time to complain about how he doesn't have a color laserjet of his own, or an iPhone 5s. Also: I get to ride herd on all the laptops and powerpoints. 
|
|
#
?
Sep 24, 2013 16:21
|
|
|
Just got word from the clients managers and my boss, without me saying anything, I am to look into alternative MDM options aside from BES 10 as they are all nervous about the implosion of Blackberry. YOTJ: Just had an old co-worker who is moving to a government job looking to find a replacement for himself at the engineering firm hes at. Mostly the same work with some SQL server management and AutoCAD support, neither of which I've done before. Shooting off a resume anyways.
|
|
#
?
Sep 24, 2013 16:25
|
|
|
This is barely even technical, but we have a computerized system for checking out visitors to the building we work in for security reasons, for several reasons, to make sure we aren't giving felons or whoever access to the building. I don't really know anything about it, we weren't involved in its implementation. I got a call today from a user who's having trouble logging in. She apparently thinks nothing of saying her password to this sensitive security system, out loud, not only to me but in front of visitors to the building. The same visitors she's supposed to be background checking. I'm sure these particular people were fine, but Jesus, does no one have any sense at all?
|
|
#
?
Sep 24, 2013 16:41
|
|
|
guppy posted:I'm sure these particular people were fine, but Jesus, does no one have any sense at all? So how's your first day in IT treating you?
|
|
#
?
Sep 24, 2013 16:44
|
|
|
demonachizer posted:http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx It certainly does matter in some cases. One of our new customers doesn't trust our build processes and provided "gold images" for the servers they wanted. They were basically cloned from existing servers of theirs in production. So, we got them, brought them up, and removed them from their AD and joined them to our AD. ... Can you guess what happened to their production systems when we did that? [yes, the networks are linked together.]
|
|
#
?
Sep 24, 2013 16:50
|
|
|
nitrogen posted:It certainly does matter in some cases. Yep. Trust relationships, computer account passwords, and domain memberships are all going to poo poo on themselves when sids are cloned.
|
|
#
?
Sep 24, 2013 16:51
|
|
|
AAAaaaaaaaaaaaa SO the company where I work has an internal domail setup as mycompany.local.ca And I am trying to install Lync, and need a proper 3rd party cert. No problem, right? Except that mycompany.local.ca is a subdomain of local.ca, and the guy who owns local.ca is not best pleased about us trying to get a cert for mycompany.local.ca. Our external domain name is mycompany.ca, does anyone have any ideas? Is the only option having our own signing authority? Alctel fucked around with this message at 17:04 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 17:01
|
|
|
Alctel posted:AAAaaaaaaaaaaaa In this case you'll have to do your own signing authority. You should be able to add it to any windows box via group policy. Having said that, you really should use something like int.mycompany.ca in these cases for reasons you're already discovering. Some folks use mycompany.[non-icann-TLD] but that isn't a good idea, considering how often they are adding new ones. I believe the only TLD that is carved out by RFC is .local, but if you are running multicast DNS, it wouldn't be a good idea to use it.
|
|
#
?
Sep 24, 2013 17:44
|
|
|
It was setup 6 years ago from a team from our parent company who hosed off and are not taking any responsibility :|
|
|
#
?
Sep 24, 2013 17:57
|
|
|
This is as good a chance as any to ask - I have a domain set up using .local (thanks to SBS  ). It's a Windows 2008 R2 domain with just the one DC. Is there a semi-painless way to migrate to a internal.company.tld type arrangement? I'd rather get it out of the way before it becomes an even bigger issue down the road.
|
|
#
?
Sep 24, 2013 18:23
|
|
|
Caged posted:This is as good a chance as any to ask - I have a domain set up using .local (thanks to SBS [ASK] me about the new CIO migrating a company of 600 onto a .local domain
|
|
#
?
Sep 24, 2013 18:34
|
|
|
It's a page old but I'd definitely be down for one of those USB bottle openers. This shithole is going to hell in a hand basket and I want to be able to efficiently drink myself silly when it happens. 
|
|
#
?
Sep 24, 2013 18:35
|
|
|
So I'm getting tired of my current position and rather than look for another similar position I'm considering getting some business cards printed up and striking out as a "consultant." Have any of you other goons done anything like this successfully? I have plenty of ways I could get my card in the hands of potential customers, I'm just not sure if it's a feasible thing.
|
|
#
?
Sep 24, 2013 18:36
|
|
|
I've never understood why the gently caress people can't handle using corp.company.com or ad.company.com. Is DNS too loving confusing?Nativity In Black posted:So I'm getting tired of my current position and rather than look for another similar position I'm considering getting some business cards printed up and striking out as a "consultant." Have any of you other goons done anything like this successfully? It's a tough market if you're talking about IT generalist stuff. On the low end you are competing with every 18 to 20 year old that knows how to run malwarebytes, or install a video card and can post an ad on craigslist to do these things for 20 dollars flat rate. On the upper end you have to deal with an already crowded MSP space. If you have a more specialized set of skills, freelancing can work, but honestly general break/fix work has become so commoditized its not worth the effort. skipdogg fucked around with this message at 18:42 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 18:37
|
|
|
Is using .local all that bad? I cannot see any major company using Bonjour/ZeroConf, so what exactly is the problem with .local? My company has been using it for several years now and I've never ran into any issue with it. The AD domain name was actually established well before the company even had a external domain name, so I assume that is why .local was used. Edit: We also have zero Apple products... (thankfully!) Our external domain name is really long, it would be a major PITA to use that name internally... And all the abbreviated .com forms of it are already registered by others :/ stevewm fucked around with this message at 18:48 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 18:46
|
|
|
Alctel posted:AAAaaaaaaaaaaaa Internally you won't need a third party cert, you can get one from your internal CA. Externally the cert will typically have the sip.domain.com as the common name and then your lyncdiscover.domain.com etc as the part of the subject alternative name. I just rolled lync 2013 out with edge services for my employer so you can pick my brain if you have any questions.
|
|
#
?
Sep 24, 2013 18:49
|
|
|
stevewm posted:Is using .local all that bad? I cannot see any major company using Bonjour/ZeroConf, so what exactly is the problem with .local? It used to not be a big deal but is becoming more of an issue. A long time ago .local was a recommended way to set up a domain. That has changed but the people who learned it have not. The main argument I see is managing DNS is too loving difficult for these morons to handle and they get confused. No one is saying you name your AD Domain company.com. You can name it internal.company.com or ad.company.com or corp.company.com. You can set the friendly netbios name of the domain to whatever the hell you want. Basically there are zero good reasons to use a .local these days and plenty of reasons not to.
|
|
#
?
Sep 24, 2013 19:22
|
|
|
The main reason against using .local as an internal TLD is that if you ever need to get an SSL certificate for that host - without setting up your own CA - past Nov 2015 won't work: http://support.godaddy.com/help/article/6935/phasing-out-intranet-names-and-ip-addresses-in-sslsquote:As a result, effective October 1, 2016, Certification Authorities (CAs) must revoke SSL certificates that use intranet names or IP addresses.
|
|
#
?
Sep 24, 2013 19:34
|
|
|
skipdogg posted:I've never understood why the gently caress people can't handle using corp.company.com or ad.company.com. Is DNS too loving confusing? I've worked for two companies who serve extensive web traffic. They needed to be up internally no matter what happened externally; they've both been targets of Anonymous and other idiots in the past. One of them actually got DNS hijacked (by the Iranians, we think?) once; that was an exciting Tuesday. Anyway, those people just used companynamecorp.tld. I can't imagine why you'd need companyname.local.tld; that's the dumbest idea to solve this problem. Nobody wants to gently caress with companynamecorp.tld; all they want to do is say "ha! We took down companyname! We are clever and smart and totally not ineffectual!"
|
|
#
?
Sep 24, 2013 19:39
|
|
|
.local is also going away in ~2015, according to MS. Currently it conflicts with multicast and Bonjour, but hey any excuse to get off a .local is good for me. Alctel, take a look at this image, along the bottom. http://zoom.it/3aUS It's Lync 2010-specific, and I don't think it's been updated, but this is a kind of confusing explanation of the signaling types and how they flow in a Lync environment. The cert stuff along the bottom is golden, though, as frequently the FQDN of the server or pool is both the SN and SAN. There's some additional complexity added by things like Lync Phone Edition devices, which require the proper DNS entries to deploy quickly and efficiently. Also, some phone edition devices will behave strangely if your internal domain doesn't match the declared SIP domain in your Lync topology. Are you going to be federating with outside companies as well? Edit: Image link helps. Oddhair fucked around with this message at 19:50 on Sep 24, 2013 |
|
#
?
Sep 24, 2013 19:45
|
|
|
nexxai posted:The main reason against using .local as an internal TLD is that if you ever need to get an SSL certificate for that host - without setting up your own CA - past Nov 2015 won't work: http://support.godaddy.com/help/article/6935/phasing-out-intranet-names-and-ip-addresses-in-ssls Well... crap... thanks for posting that. First I had heard of this! We do in fact use some SSL certificates with the internal AD name. So I'm either going to have to rename the domain, or setup our own CA..
|
|
#
?
Sep 24, 2013 20:16
|
|
|
poo poo that pisses me off: getting emails from my old house representative about a rescheduled town hall, then finding there's no way to unsubscribe. I ended up sending his office a nastygram and linking to his yes vote on the can-spam act. Apparently it only applies to commercial spam, but if you voted yes on the measure make sure your own site voluntarily complies 
|
|
#
?
Sep 24, 2013 20:16
|
|
|
So we got an email from our internal security folks warning about cryptolocker, saying not to click any links or open attachments etc., giving an example of what the email looks like. Except the screenshots and text they included in the warning are all the "you're poo poo is encrypted, give us money plz" stuff, with instructions to just delete the emails. Correct me if I'm wrong, but once you get that email you're already boned, right?
|
|
#
?
Sep 24, 2013 20:35
|
|
|
The email itself is harmless, unless you run the attachment. There were thoughts that cryptolocker could also get to you through a previous infection, and getting it pushed through the botnet, but I'm not sure if that's been spotted in the wild. The email has nothing to do with that though.
|
|
#
?
Sep 24, 2013 20:38
|
|
|
poo poo that pisses me off: Last week I thought I was YOTJ'ing on up. This week? Whole bunch of bullshit -- that's on hold, my contract is expiring early on Friday [so is my wife's] and we're waiting on the new contract offers. Major projects go live 1 October, and no one who has actually attended the training is going to be here to support it. Next three days I'm backing up important documents, working on a transition plan and hopefully they get their poo poo in order before I accept a position elsewhere.
|
|
#
?
Sep 24, 2013 20:43
|
|
|
Verdugo posted:poo poo that pisses me off: Last week I thought I was YOTJ'ing on up. This week? Whole bunch of bullshit -- that's on hold, my contract is expiring early on Friday [so is my wife's] and we're waiting on the new contract offers. It's not your problem if they don't! Although be ready to quote them for support when they don't get their ducks in a row and call you after your contract is done for help.
|
|
#
?
Sep 24, 2013 20:45
|
|
|
Think I've got a crypto email, anyone have a trashbox and want the link so they can open it and play with it?
|
|
#
?
Sep 24, 2013 20:48
|
|
|
MF_James posted:It's not your problem if they don't! Although be ready to quote them for support when they don't get their ducks in a row and call you after your contract is done for help. Well, outside of this contract nonsense I really enjoy my job, so I'm more hoping they get their poo poo in order and I can resume work. I'm definitely not worrying about it after Friday.
|
|
#
?
Sep 24, 2013 20:51
|
|
|
Orcs and Ostriches posted:The email itself is harmless, unless you run the attachment. There were thoughts that cryptolocker could also get to you through a previous infection, and getting it pushed through the botnet, but I'm not sure if that's been spotted in the wild. The email has nothing to do with that though. I think you misunderstood me. My understanding is that once you get the email informing you your files are encrypted and asking for money to fix it, you're too late to prevent it and can either pay up or hope you've got good backups. This is the email that's being warned against, not the one that actually causes the infection. Or am I misunderstanding how the virus works?
|
|
#
?
Sep 24, 2013 20:59
|
|
|
Yeah the email I have is a spoofed e-fax email. The link goes to some site called aiola.it and wants you to get your fax!!  (complete with .pdf.zip extension)
|
|
#
?
Sep 24, 2013 21:02
|
|
|
Do you mind posting the cryptolocker email you got, so I can alert people here to be more careful than usual with attachments?
|
|
#
?
Sep 24, 2013 21:12
|
|
|
stubblyhead posted:I think you misunderstood me. My understanding is that once you get the email informing you your files are encrypted and asking for money to fix it, you're too late to prevent it and can either pay up or hope you've got good backups. This is the email that's being warned against, not the one that actually causes the infection. Or am I misunderstanding how the virus works? Oh, sorry, I got it now. You don't get an email saying your poo poo is encrypted. You get one email with the payload attachment. Once you run that, crypto locker has infected you. The program itself should have a popup saying you're boned, and at that point, yeah. Pay or stay boned.
|
|
#
?
Sep 24, 2013 21:13
|
|
|
Orcs and Ostriches posted:Oh, sorry, I got it now. You don't get an email saying your poo poo is encrypted. You get one email with the payload attachment. Once you run that, crypto locker has infected you. The program itself should have a popup saying you're boned, and at that point, yeah. Pay or stay boned. OK, I didn't know how it informed you that your stuff was encrypted. The email I got wasn't worded especially well, but it sounded like we were being warned of emails containing the "Your personal files are encrypted!" message, which would be a really bizarre way for the virus to propagate itself.
|
|
#
?
Sep 24, 2013 21:18
|
|
|
|
| # ? May 16, 2024 05:45 |
|
|
I have actually been dealing with CryptoLocker all day today. We got infected but we have backups, right now I am just dealing with the machine that was infected. All my network drives have been restored so we are good there. What happens is the user gets an email and after clicking on the PDF file they get the virus and it starts encrypting everything pretty much. It will travel over network drives too. You do not get another email saying you are infected, just the initial one. You will get a pop-up (maybe, ours didn't until I was trying to remove it) saying you are infected and you have 72 hours to pay the ransom. Thanks to backups I didnt have to go that far though. It is a pain to deal with but if you have backups you should be good. One thing that helps is they are kind enough to store a list of all the encrypted files. Someone has a program you can run on the infected computer and it will put them in a text file for you. I used that to make sure I restored all the encrypted files to good versions. This is a good post on the virus And a post by Rob Dunn on the spiceworks page here has the links to the file to see which files are encrypted. you can use MalwareBytes to get rid of the infection BUT DO NOT do this until you are sure you can get the files back because removing the virus will take away your opportunity to pay the ransom and get your files back that way. Read one or both of those threads before doing anything. I really didn't have anything better to do today than work on this poo poo. Thanks random hacker assholes.
|
|
#
?
Sep 24, 2013 21:26
|
|
