|
pixaal posted:Backup or anti-virus? It's just AV, thank god, we are switching to veaam for backup and I'm not managing it. Apparently at some point I became the SME for Symantec products, basically the previous guy dumped it on me because he didn't want to deal with it anymore, and I can't blame him. My current issue is that the loving LUA can distribute to the production distribution center, but not the pilot one, I think it's a permissions issue, but permissions on both folders are the same. (we just built a new LUA server and imported the config from the previous one, so some poo poo obviously needs changed) Probably walking away for 20-30 minutes and coming back to it will reveal whatever answer eludes me currently.
|
#
?
Mar 29, 2016 20:44
|
|
|
|
| # ? Jun 4, 2024 11:20 |
|
|
pixaal posted:Backup or anti-virus? Email encryption. 
|
|
#
?
Mar 29, 2016 20:48
|
|
|
At least it's not Management Platform/Altiris. I stood it up from scratch for a 180+ site, 4000+ workstation, 200+ server environment and that's not an experience I want to go through again. I will say that it is far more powerful than SCCM, especially when it comes to getting poo poo Done Right Now, but I really would rather not deal with it ever again in my career unless someone was offering me faaaat stacks of cash.
|
|
#
?
Mar 29, 2016 20:58
|
|
|
Oneiros posted:Things pissing me off: "We don't tell you when we do pentests. That way, we test you and your reaction to an attack." I walked out, that day. I was too pissed for coherent thought.
|
|
#
?
Mar 29, 2016 21:10
|
|
|
pixaal posted:Studying for a work skill should be considered acceptable. Also consider Power Shell in a Month of Lunches as a great book for your desk. Did like an hour and a half, not counting lunch, of studying so far. Slow day. Can't really act like this is work-related, aside from CCNA being an "IT-related" skill. I will never touch a router or switch for as long as I work in this department, but whatever. Boss doesn't really micromanage or pay much attention to what I do, I do have that going for me. Just gotta stop checking SA so often. 
|
|
#
?
Mar 29, 2016 21:58
|
|
|
Lord Dudeguy posted:"We don't tell you when we do pentests. That way, we test you and your reaction to an attack." You definitely pass. Wait where are you going
|
|
#
?
Mar 29, 2016 22:01
|
|
|
Coworker adjusted desk upwards so that he could work standing up. Next day, coworker places backpack on desk. The desk, not secured properly, collapses, damaging his equipment and his knee. I am reminded of that one comic where the kid shoves a stick in the front tire of his bicycle.
|
|
#
?
Mar 29, 2016 22:02
|
|
|
pixaal posted:Studying for a work skill should be considered acceptable. Also consider Power Shell in a Month of Lunches as a great book for your desk. Posh in a Month of Lunches is the most readable and well organized technical book I've ever picked up. Can't recommend it enough for anyone who uses Windows
|
|
#
?
Mar 29, 2016 22:07
|
|
|
MF_James posted:It's just AV, thank god, we are switching to veaam for backup and I'm not managing it. Apparently at some point I became the SME for Symantec products, basically the previous guy dumped it on me because he didn't want to deal with it anymore, and I can't blame him. My current issue is that the loving LUA can distribute to the production distribution center, but not the pilot one, I think it's a permissions issue, but permissions on both folders are the same. (we just built a new LUA server and imported the config from the previous one, so some poo poo obviously needs changed) Finally figured this out, dug into apache tomcat install and apparently there's a structure for both distribution centers, and somehow a sub-folder in there got moved into another sub-folder, and it manifested as a permissions issue. Jesus that was loving stupid. I looked through the install log and it definitely installed the poo poo correctly, I don't loving know what the hell happened. The best thing I could think of is the guy that actually built the server, installed the application and then imported the config, started loving around and screwed it up, but I don't even know, that seems pretty dumb.
|
|
#
?
Mar 29, 2016 22:47
|
|
|
pixaal posted:Backup or anti-virus? Does it really matter?
|
|
#
?
Mar 30, 2016 00:01
|
|
|
Lord Dudeguy posted:"We don't tell you when we do pentests. That way, we test you and your reaction to an attack." OK. I'll bite why would you walk? If you're just doing vulnerability assessments, then I get that. But with a pen-test, you legitimately want to test as close to a real-world scenario as you can. Typically it will be an outside company, though I've seen some larger companies with a dedicated team that did nothing but roam the earth and attack branch offices and subsidiaries. But usually, only very few people are read in to the pen-test and those are typically C-level and upper management. It's just like a physical pen-test where you actually try to access restricted areas and get propriety (physical) files. You also make sure you have a very narrow scope of what's being tested, specifically to NOT interrupt or damage mission critical systems (you set up different tests for those and hope they're enough). The last part about scope is important a needs to be spelled out in any contract, and there have been pen testers that have landed in legal trouble by exceeding the defined scope of the testing. But the point of all that is get as close to "live fire" as you can, including the response. People perform differently when they think it's live as opposed to "just another dry-run".
|
|
#
?
Mar 30, 2016 00:58
|
|
|
Maybe they hadn't cleared it with upper management, so they did it on a really bad day when IT didn't have time to drop everything in response to a test?
|
|
#
?
Mar 30, 2016 01:10
|
|
|
22 Eargesplitten posted:Maybe they hadn't cleared it with upper management, so they did it on a really bad day when IT didn't have time to drop everything in response to a test? Well, the first part is valid, but the second part I'm a little torn. I sympathize with being that busy and then having to drop everything to respond to what you think is a real incident. But that's also a valid test, especially if the incident response is timely and good despite all that. And the morale boost is pretty big (despite being pissed at being put through all that stress) when management recognizes what fantastic job was done by IT and Info Sec groups. Another thing came to mind, would be if the company didn't really have defined security policies and incident handling procedures. In those cases pen-tests are morale destroying, pants-on-head moronic exercises. All those prove is how easy it is to get Senior Management to spend money. You need to have a foundation before you can build a house.
|
|
#
?
Mar 30, 2016 01:16
|
|
|
I still remember the day fondly when KPMG locked out every account in our domain via brute forcing the passwords as part of pen testing. That was fun.quote:And the morale boost is pretty big (despite being pissed at being put through all that stress) when management recognizes what fantastic job was done by IT and Info Sec groups. In my experience this doesn't really happen. It's all about being chastised for failing; passing with flying colors is simply "doing your job" to most management.
|
|
#
?
Mar 30, 2016 01:28
|
|
|
Wrath of the Bitch King posted:I still remember the day fondly when KPMG locked out every account in our domain via brute forcing the passwords as part of pen testing. That was fun. I guess I've been lucky where I've worked. Back when I did security operations at a bank, we all got an outing for lunch at Fogo de Chao in Chicago as well as company recognition. After that initial panic in the pit of your stomach, you start following your procedure to the letter and working down the call-tree and delegating tasks.
|
|
#
?
Mar 30, 2016 01:41
|
|
|
Wrath of the Bitch King posted:I still remember the day fondly when KPMG locked out every account in our domain via brute forcing the passwords as part of pen testing. That was fun. My company gets constant As on security audits done yearly. The first year they were applauded for outstanding efforts. Now it's status quo and anything less than scoring in the top 95th percentile of our industry is unacceptable.
|
|
#
?
Mar 30, 2016 01:44
|
|
|
flosofl posted:Cripes. If I got that response, I'd walk too. Even a failure should be approached as a learning experience for a test. Who was the guy who worked in a place where every unhandled exception was announced via loudspeaker?
|
|
#
?
Mar 30, 2016 01:57
|
|
|
flosofl posted:Cripes. If I got that response, I'd walk too. Even a failure should be approached as a learning experience for a test. That's kind of the point behind that kind of readiness testing. You praise what got done correctly and then work to correct what didn't. And schedule another one for months later. You have to remember that there are still loads of places where IT is looked at as a miserable center that adds nothing to the business but operating expenses. That's 100% wrong, obviously, but it's the kind of myopic vision that management and executives out-of-the-know can have. From what I've noticed it's prevalent in the 50+ years of age bracket more than anywhere else.
|
|
#
?
Mar 30, 2016 05:09
|
|
|
I think I'm cursed to work with crappy eCommerce platforms. Lined up a good job helping a well known local company leveraging their reknown/age/etc into an online play for equipment and consumables (high end retail coffee). They've done almost nothing online, so I'm basically being given a big old blank cheque to develop the ecommerce side. I mention their SKU count, provide some eCommerce platform examples, provide a roadmap where an integrated SaaS platform could literally transform their business in the next six months with lots of fresh development, show some (extremely conservative) CPC projections, point out the weaknesses of all their competitors in the online space. Everyone's happy and nodding saying "this is great!". And then at the very end: "We still want to keep our OpenCart site so can you do any improvements there first?" Great. A site that's sold less than $20,000 in the last 2 years and gets maybe 20 visitors a day. With their suppliers and established service department they could be doing six figures in a year and I've got to baby this crap sack along. (nota bene: this is not the opencart thing I mentioned in my previous post. Yes, there's two of them) On the plus side for all you guys I'm jobbed in the biz again so I'll be posting here more often. Missed you guys.
|
|
#
?
Mar 30, 2016 05:12
|
|
|
Scaramouche posted:"We still want to keep our OpenCart site so can you do any improvements there first?" "No." Just point to all the large companies using opencart for their ecommerce, like, uh Exactly.
|
|
#
?
Mar 30, 2016 06:36
|
|
|
Currently pissing me off: The entire DevOps movement, and developers having a say in what the IT department uses for ANY solution. Our dept (IT/Techops) is just getting started in moving all of our monitoring over from an ancient Centreon/Nagios installation and moving it all to Zabbix. I've been working on this on and off for about 2 months now, from attending training, to thinking about how we want to architect our new monitoring system, and even writing some Ansible playbooks to deploy the Zabbix agent to some of our systems in the butt. Today my code PR finally got merged and we're testing the Ansible playbook on our stage environment tomorrow. 6:30 PM rolls around and our Sr Engineering Director (my boss's boss) swings by my desk for a quick chat. We talk about the new monitoring system, how literally everyone knows it's going to be a night and day improvement over what we currently have, when he casually mentions something called Prometheus. Before I can ask him how he likes terrible movies, he shows me the webpage for a build-your-own monitoring system that he has the developers looking at. Turns out his end goal is to sidestep the entire monitoring system rebuild and place his own solution for monitoring into our environment. Taking a quote from these guys website: quote:Prometheus stores time series in memory and on local disk in an efficient custom format. Scaling is achieved by functional sharding and federation. Basically they use a database to store poo poo, but it's custom so it's cool Now yeah, that's vastly oversimplifying things, but good god, Developers really love the smell of their own poo poo. Looking at their product, we'd basically have to take everything that Zabbix does out of the box and completely write something from the ground up to do what we want. Developers are worse than small children, the more shiney and impressive something is, the quicker they need to switch to it. And on and on. Tell me Devs, hows your ELK project going to replace our Splunk environment? 7 months in and nothing to show for it? Go figure. edit: Also Docker. To quote our DBA "Once we dockerize everything we will have no need to run virtualization in our datacenter"  K bro Wicaeed fucked around with this message at 07:11 on Mar 30, 2016 |
|
#
?
Mar 30, 2016 06:57
|
|
|
Wrath of the Bitch King posted:You have to remember that there are still loads of places where IT is looked at as a miserable center that adds nothing to the business but operating expenses. Brings us right back around to earlier today when "power is out, grab an extension cable, IT closet isn't on generator power WHY?!"
|
|
#
?
Mar 30, 2016 07:14
|
|
|
I'd rather a developer create requirements than some stupid user. We made a computer lab full of all in ones on wifi running XP. Because it looked nicer than creating a computer lab that actually worked  .
|
|
#
?
Mar 30, 2016 07:25
|
|
|
MisterOblivious posted:Brings us right back around to earlier today when "power is out, grab an extension cable, IT closet isn't on generator power WHY?!" We moved the access racks a year ago, and at the time we had a COO who was more like Chief of Overhead than Chief of Operations, in that everything he did was trying to cut operational costs. He had decreed that we were going to remove the backup generator because the service agreement on it comes to a whopping $4000 per year, even though the job of removing it would cost us probably $50k+ So when we moved the racks he said "don't pay for protected power outlets, we're removing the generator anyway". Well he's gone now and I'll happily throw his memory under the bus. I just got off the phone with an electrician who will come and put in new outlets on Friday. 
|
|
#
?
Mar 30, 2016 07:30
|
|
|
Wicaeed posted:
oh man. sounds like devops made up of dev and no ops guys to smack some sense into the environment. I share your pain though. In the past 12 months at we've also had some dev try to reimplemented splunk. Thankfully that never went anywhere, but still, goddamn. As one of my colleagues says: you can't get a developer to not develop. poo poo pissing me off: people who depro machines without taking them out of monitoring, just repointing their DNS to their new replacement.
|
|
#
?
Mar 30, 2016 14:14
|
|
|
Ancient IBM line printer quit working this morning. It'd boot up and then just turn off. AS/400 guy re-seats the network card (after I googled possible solutions for him to try before calling in a tech 3 hours away) and then it boots up just fine. Help desk guy says "oh it sounds like chip creep, you know about that right"? AS/400 guy "Uh....yea...." HDG "its from the circuit board heating up and cooling down, it expands and slowly moves out of place" AS/400 "Yea..from the vibration" If he says "chip creep" today I have to buy lunch.
|
|
#
?
Mar 30, 2016 14:50
|
|
|
Today is the 5th time a colleague tried to tell me the script I wrote to automate the deletion of AD accounts and home directorys's isn't working. Today is the 5th time I told him to look at the object modified date. I don't mind if he noticed something not working. I actually prefer to know as soon as possible so I can fix it. but I told him 5 times to check the modified date 1st.
|
|
#
?
Mar 30, 2016 15:22
|
|
|
Wicaeed posted:Currently pissing me off: The entire DevOps movement, and developers having a say in what the IT department uses for ANY solution. Sounds like the issue is your boss's boss springing this on you. Without knowing the details of both stacks, you realize time series databases are basically the heart of anything that generates and consumes metric data, right? From the days of rrdtool to all the open source stuff underpinning the options you mention? Developer buy-in on a platform is important. We had graphite and collectd providing box-level stats for almost a year before some of the devs tried pushing application metrics to it and standing up grafana for better dashboards, and the usefulness of graphite instantly tripled. Contextualizing what the application is doing and the impact it has on the database is a lot easier when devs and ops people are using the same tool. And that's the fault of whoever is sending people chasing after ELK and Splunk simultaneously or two different monitoring/metrics platforms at once.
|
|
#
?
Mar 30, 2016 15:49
|
|
|
Things not pissing me off - haven't tested yet but for those using iDRAC Virtual Console http://www.dell.com/support/home/us/en/04/Drivers/DriversDetails?driverId=JHF76 -Added support for HTML5 virtual console and virtual media. (iDRAC7 and iDRAC8 only)
|
|
#
?
Mar 30, 2016 16:39
|
|
|
|
|
#
?
Mar 30, 2016 16:43
|
|
|
It's about goddamn time, but I just did a round of firmware updates on our entire vmware cluster two weeks ago. 
|
|
#
?
Mar 30, 2016 16:44
|
|
|
Lightning Jim posted:Things not pissing me off - haven't tested yet but for those using iDRAC Virtual Console Nice. I'll do some testing today on a few R620/630.
|
|
#
?
Mar 30, 2016 16:51
|
|
|
I'm not sure if it supports the R320 but my test one keeps trying to use the Java viewer. Used Chrome and Safari.
|
|
#
?
Mar 30, 2016 17:09
|
|
|
Thanks Ants posted:I'm not sure if it supports the R320 but my test one keeps trying to use the Java viewer. Used Chrome and Safari. A) R320s, like all R/TX20s, have an iDRAC7, so yeah it will B) Well, that makes sense because the plugins required was either ActiveX which is Windows and IE only, or Java.
|
|
#
?
Mar 30, 2016 17:35
|
|
|
iDRAC6
|
|
#
?
Mar 30, 2016 17:41
|
|
|
Lightning Jim posted:A) R320s, like all R/TX20s, have an iDRAC7, so yeah it will This is with the new firmware. After power-cycling the DRAC I get options for Native, HTML5 or Java in Chrome and Native, Java or undefined in Safari. The HTML5 viewer tries to load in Chrome and then launches a popup with a browser error in, the Dell error message hints at a potential certificate problem. Will need to do a bit of poking around.
|
|
#
?
Mar 30, 2016 18:21
|
|
|
Holyfuckingshit HTML5 idrac. Yes. I am now stopping my day and patching on a test machine.
|
|
#
?
Mar 30, 2016 18:23
|
|
|
Thanks Ants posted:This is with the new firmware. After power-cycling the DRAC I get options for Native, HTML5 or Java in Chrome and Native, Java or undefined in Safari. The HTML5 viewer tries to load in Chrome and then launches a popup with a browser error in, the Dell error message hints at a potential certificate problem. Will need to do a bit of poking around. I think that might be the generic cert but I wonder if didn't regenerate Also, things more more amazing me/pissing me off: a co-worker (who is also a goon) managed to get a really pissed off customer who was over his head and didn't seem to know it. He called in complaining his NIC was bad and didn't work. Cause of problem: NIC is 2 ports 10Gb SFP and 2 ports 1Gb CAT. Customer had plugged a CAT into the SFP port because it was "port 1".... This guys also claimed he has an CCIE so he of course he knew what he was doing... 
|
|
#
?
Mar 30, 2016 18:27
|
|
|
not pissing me off, Bash is coming to windows natively rm -r /windows
|
|
#
?
Mar 30, 2016 19:29
|
|
|
|
| # ? Jun 4, 2024 11:20 |
|
|
Alighieri posted:not pissing me off, Bash is coming to windows natively
|
|
#
?
Mar 30, 2016 19:35
|
|