|
They've been incestuous the entire time, borrowing from each others developments. But by definition, Citrix is a bolt-on to Windows and just like Microsoft does with all of their 3rd party vendors, they'll eventually decide they want a piece of that pie. That's one reason I have a hard time buying this "new" Microsoft. They have always been "Embrace, Extend, Extinguish." They're just doing a better job of marketing themselves these days. We had antitrust action against Microsoft for including a browser in their OS for fucks sake. Look at where we are today. And it's not just them, it's Google and Amazon as well. The cloud lock-in is real.
|
# ? Nov 6, 2019 15:16 |
|
|
# ? May 14, 2024 17:18 |
|
Internet Explorer posted:They've been incestuous the entire time, borrowing from each others developments. But by definition, Citrix is a bolt-on to Windows and just like Microsoft does with all of their 3rd party vendors, they'll eventually decide they want a piece of that pie. great username/post combo and especially pertinent given that azure ran out!!! of compute capacity in US-East last week. I don't know how that wasn't bigger news because it's absolutely catastrophic for them.
|
# ? Nov 6, 2019 16:24 |
|
The Iron Rose posted:and especially pertinent given that azure ran out!!! of compute capacity in US-East last week. I don't know how that wasn't bigger news because it's absolutely catastrophic for them. A little known secret is that the cloud is just other people’s data centers. And believe it or not, those data centers have finite (though massive) capacity and sometimes surges in demand overwhelm even the best efforts in predictive provisioning. It happens. More often than you probably think. The workarounds are easy, though, which is why it doesn’t make the news more often. Spin up in a different region or wait a week for capacity to arrive.
|
# ? Nov 6, 2019 16:34 |
|
The Iron Rose posted:
It’s not news because it happens all the time to not just ms but aws and gcp too Lots of compute types have quotas that reflect the limits of the region you are in and you have to reach out to support deploy past it It happens more often for high end compute resources, and this ms thing is only getting traction because a bunch of people that don’t know any better ran into it
|
# ? Nov 6, 2019 16:39 |
|
HDX/ICA is still a better protocol vs RDP... but we live in a world of cheap bandwidth and the solution to a shittier protocol is more bandwidth so who cares. Citrix has been banking on their existing customer base for years to get them in other markets. Already have a Netscaler for your Citrix Gateway? Might as well use it for your ADC and/or WAF. Already have a ton of other Citrix poo poo? Might as well use Citrix SD-WAN. They actually have a pretty decent market share for those markets, which is crazy considering Netscaler sucks as a WAF and their SD-WAN offering is pretty horrific as well. Random Azure + other company partnership question. A few people at my (current) company are making a big deal out of Azure partnering with VMware to do "VMware in Azure". I literally can't think of a single use case where this makes sense over Azure's normal offerings, at least not for anything we do. Horizon in Azure, just use Azure Virtual Desktops. Server workloads, why not use Azure IaaS. Etc, etc. Maybe a virtual appliance that doesn't have a cloud version yet? What (if anything) am I missing?
|
# ? Nov 6, 2019 17:07 |
|
TheFace posted:HDX/ICA is still a better protocol vs RDP... but we live in a world of cheap bandwidth and the solution to a shittier protocol is more bandwidth so who cares. Makes hybrid environments a little more streamlined if they are Vmware centric. I also find it silly though.
|
# ? Nov 6, 2019 17:09 |
|
TheFace posted:HDX/ICA is still a better protocol vs RDP... but we live in a world of cheap bandwidth and the solution to a shittier protocol is more bandwidth so who cares. Sickening posted:Makes hybrid environments a little more streamlined if they are Vmware centric. I also find it silly though. My take was for DR compliance, and maybe for infrequent capacity needs ( annual reports ). It would be workable and cost effective for both of those, but it’s not a cloud solution in any real way.
|
# ? Nov 6, 2019 17:14 |
|
Hughmoris posted:Anyone out there resign from a job before having the next one lined up? How'd it work out for you? I know its against the Golden Rule but I'm leaning towards doing it. I got pulled into a meeting with my boss and the CEO once. First question out of CEO's mouth was 'are you happy here?' to which I immediately responded "Nope, you'll have my resignation by the end of the day." It was actually a fairly fine conversation. I liked the people I worked for. My boss was actually very cool. But they hired me into a helpdesk job with helpdesk pay and expected me to do development work. At one point I was asked if I felt comfortable taking over the CIO's work, so he could sit at home and work on his other development projects. Sorry, but I'm not even gonna LOOK at a repo for $30k/yr. It was a decent job. I learned a LOT but they were pushing me in a direction I didn't want to go. They were kind enough to give me 3 months severance (lol what the gently caress? okay sure!) and I found a job a month later after dicking around for 29 days.
|
# ? Nov 6, 2019 17:45 |
|
Does anyone know of a good utility for identifying applications that are using SNMP? We have a finding from a recent audit of systems that were found to potentially be using SNMPv1. I've been tasked with identifying and mitigating this somehow.
|
# ? Nov 6, 2019 19:15 |
|
The Dreamer posted:Does anyone know of a good utility for identifying applications that are using SNMP? We have a finding from a recent audit of systems that were found to potentially be using SNMPv1. I've been tasked with identifying and mitigating this somehow. Without knowing a lot about your particular situation I'm gonna go out on a limb and say this is a security audit snipe hunt.
|
# ? Nov 6, 2019 21:26 |
|
deedee megadoodoo posted:Without knowing a lot about your particular situation I'm gonna go out on a limb and say this is a security audit snipe hunt. Quite possibly. I work for a bank and our external auditors seem to have to find at least a few bad things each audit. They provided us with a list of IP's that were found to have active SNMP connections but they weren't able to tell us definitively if they were actually using v1 or what apps may have been using SNMP. I've been tasked with investigating whether they actually are using v1 and if so to figure out if we can have them use a newer version.
|
# ? Nov 6, 2019 21:32 |
|
Snmpwalk will probably work.
|
# ? Nov 6, 2019 21:51 |
|
The Dreamer posted:Quite possibly. I work for a bank and our external auditors seem to have to find at least a few bad things each audit. They provided us with a list of IP's that were found to have active SNMP connections but they weren't able to tell us definitively if they were actually using v1 or what apps may have been using SNMP. I've been tasked with investigating whether they actually are using v1 and if so to figure out if we can have them use a newer version. Are you absolutely certain it’s v1? I can honestly say I’ve *never* seen SNMPv1 ever being used in the wild. The version that usually trips up audits is v2c, and that’s been around since 1996. It’s the unencrypted, non-auth version of the protocol. Even if (which people usually didn’t) the default “private” and “public” community strings were changed, it’s stupid easy to sniff that poo poo out. If you have to use SNMP, then SNMPv3 is the way to go. I can’t imagine any product or OS that doesn’t support v3, but then again I would not be surprised to find out there’s stuff out there. But honestly, if the device/server/application you’re monitoring has a RESTful API, you’re better off going that route instead. Proteus Jones fucked around with this message at 22:03 on Nov 6, 2019 |
# ? Nov 6, 2019 22:00 |
|
Proteus Jones posted:If you have to use SNMP, then SNMPv3 is the way to go. I can’t imagine any product or OS that doesn’t support v3, but then again I would not be surprised to find out there’s stuff out there. Off the top of my head, the UCS mini for the Cisco ISR doesn't support SNMPv3 & Cisco WLC doesn't support SNMPv3 trapping.. You could create a bash/python script to snmpget a list of IPs using generic/company known SNMP community strings, if you get a bite you'll know v1/v2c is running. No 100% way to verify without logging in to everything though. Sepist fucked around with this message at 22:26 on Nov 6, 2019 |
# ? Nov 6, 2019 22:22 |
|
Theres a ton of poo poo that doesn't support SNMPv3 or does but with an asterisk.
|
# ? Nov 6, 2019 22:26 |
|
Proteus Jones posted:Are you absolutely certain it’s v1? I can honestly say I’ve *never* seen SNMPv1 ever being used in the wild. The version that usually trips up audits is v2c, and that’s been around since 1996. It’s the unencrypted, non-auth version of the protocol. Even if (which people usually didn’t) the default “private” and “public” community strings were changed, it’s stupid easy to sniff that poo poo out.
|
# ? Nov 6, 2019 23:09 |
|
Proteus Jones posted:Are you absolutely certain it’s v1? I can honestly say I’ve *never* seen SNMPv1 ever being used in the wild. I have three tripplite pdus which for some reason by default has an available V1, v2c, and v3 connection.
|
# ? Nov 6, 2019 23:35 |
|
Proteus Jones posted:Are you absolutely certain it’s v1? I can honestly say I’ve *never* seen SNMPv1 ever being used in the wild. The version that usually trips up audits is v2c, and that’s been around since 1996. It’s the unencrypted, non-auth version of the protocol. Even if (which people usually didn’t) the default “private” and “public” community strings were changed, it’s stupid easy to sniff that poo poo out. The audit finding was pretty generic. Basically, "we can tell SNMP is running, make sure you're not using v1 and that if you're using a new version change the community strings from defaults". Our InfoSec people don't think we actually have anything running v1, but since it was in the audit, we have to investigate, verify, and log whatever we find. Bigass Moth posted:Snmpwalk will probably work. Sepist posted:Off the top of my head, the UCS mini for the Cisco ISR doesn't support SNMPv3 & Cisco WLC doesn't support SNMPv3 trapping.. Thanks I'll try writing up a script using one of these and see what I can find.
|
# ? Nov 6, 2019 23:39 |
|
Defenestrategy posted:I have three tripplite pdus which for some reason by default has an available V1, v2c, and v3 connection. poo poo with awful embedded management servers like PDUs, printers, server OOB management cards, are the most likely candidates to still be running v1. Along with other garbage like requiring SSLv3 / Java 1.6 / IE 6 etc.
|
# ? Nov 6, 2019 23:42 |
|
I still see SNMP v1 used to manage ancient switches once in a while. That's pretty easy to track down if there's any management of the network devices though.
|
# ? Nov 6, 2019 23:48 |
|
Salesforce had a decent sized outage today. I got to make tickets like customers. I must’ve told them to do the needful 10 times.
|
# ? Nov 7, 2019 00:55 |
|
mattfl posted:Where in Florida are you looking and have you looked into the AdventHealth system yet? We're pretty large in Florida and we always seem to have clinical informatics positions open at hospitals. In fact, at the hospital I work at, we just had one of our clinical informatics people leave so I'm sure we have an open position. Our Corporate IT offices are also always hiring informatic type people as well. I'm looking in the panhandle and maybe near Jacksonville. I'm sure my preferences will loosen as the clock ticks. GnarlyCharlie4u posted:I got pulled into a meeting with my boss and the CEO once. I bet that felt good.
|
# ? Nov 7, 2019 01:34 |
|
I did the exact same thing at the last place. Timing worked out perfectly, so I dropped notice at my performance review. She started going into whatever bullshit, so I went “let me stop you right there,” and slapped my official notice letter on the table.
|
# ? Nov 7, 2019 02:13 |
|
Hughmoris posted:Anyone out there resign from a job before having the next one lined up? How'd it work out for you? I know its against the Golden Rule but I'm leaning towards doing it.
|
# ? Nov 7, 2019 05:11 |
|
Hughmoris posted:I'm looking in the panhandle and maybe near Jacksonville. I'm sure my preferences will loosen as the clock ticks. Meh. I felt rather indifferent. Like I said I liked the people, but the job was poo poo. On a more positive note? I just had an argument with our network engineer... He's convinced you can't connect 2 computers NICs without a crossover cable. I had the pleasure of telling him all about MDI-X and that a lot has changed since 1995.
|
# ? Nov 7, 2019 05:22 |
|
GnarlyCharlie4u posted:Meh. I felt rather indifferent. Like I said I liked the people, but the job was poo poo. just make sure you don't use autonegotiate, otherwise the cisco gods will smite you
|
# ? Nov 7, 2019 05:22 |
|
gently caress me that bit me once, never again
|
# ? Nov 7, 2019 05:36 |
|
devmd01 posted:I did the exact same thing at the last place. Timing worked out perfectly, so I dropped notice at my performance review. Did similar two jobs ago. Management had gone to poo poo at the company, my direct manager was let go (they set extremely unrealistic performance goals because the new CIO didn't want him there) so I started looking for a job the day after he was fired. I didn't like the new CIO at all and without my manager as a buffer I sure as hell wasn't going to stay. This same CIO was extremely rude about giving me a raise I was promised and that my manager fought to get me, saying to my face "You couldn't find a job in this market that would pay you this much"... I found one that paid me more, and about two weeks after my manager was fired I had an offer. Wrote up my letter of resignation, and it just so happened that the CIO called me into a meeting with my new manager that same day to talk about my future with the company. I stopped him in his tracks, "Here is my letter of resignation, consider this my two week notice". On the Monday of my last week there was a huge company meeting super early. They announced that about 45% of the employees had been let go. If that wasn't bad enough the CEO was up in front of everyone talking about how excited he was about this new direction of the company, and the Director of Sales was telling people they should be excited about "making the cut". Either I dodged a bullet, or maybe my leaving saved someone else's job, but either way I'm so glad I didn't stay a second longer than I had to there.
|
# ? Nov 7, 2019 14:44 |
|
Vulture Culture posted:I don't know what kind of RN you are, but if you have onco experience, PM me and I might be able to put you in touch with something remote to fill the gap Sent you a PM.
|
# ? Nov 7, 2019 15:10 |
|
deedee megadoodoo posted:Without knowing a lot about your particular situation I'm gonna go out on a limb and say this is a security audit snipe hunt. Our auditors just made us block Gmail. Still super salty about that.
|
# ? Nov 7, 2019 15:23 |
|
Heffer posted:Our auditors just made us block Gmail. Still super salty about that. Attempting to block webmail seems like an extreme exercise in futility. Sickening fucked around with this message at 16:38 on Nov 7, 2019 |
# ? Nov 7, 2019 15:24 |
|
Auditors will have a finding, always. They will never go through an environment and come away with "Everything looks great! No changes needed."
|
# ? Nov 7, 2019 16:28 |
|
Why did they choose gmail, this is cruel and unusual.
|
# ? Nov 7, 2019 16:54 |
|
My work also blocks gmail. It is cruel and unusual.
|
# ? Nov 7, 2019 16:56 |
|
My work did awhile ago, but I can't ever see accessing my own personal email on a company owned device so it really doesn't affect me. I mean, pretty much everyone has a smartphone now. Most companies MitM SSL on company owned devices. I sure as poo poo don't want my personal correspondence open to any security guy who cares to take a look.
|
# ? Nov 7, 2019 17:07 |
|
bull3964 posted:Most companies MitM SSL on company owned devices. I'm not sure this is true but I otherwise agree with you.
|
# ? Nov 7, 2019 17:20 |
|
bull3964 posted:MitM SSL on company owned devices Wouldn't this show as an invalid certificate?
|
# ? Nov 7, 2019 17:21 |
|
Internet Explorer posted:I'm not sure this is true but I otherwise agree with you. If you work with PHI/PII or financial, I can't see you getting through an audit if you don't. bobmarleysghost posted:Wouldn't this show as an invalid certificate? No, because group policy loads the 3rd party root in on every device. If I were to go to google right now on my work notebook, it would tell me the ssl cert was issued by zscaler. bull3964 fucked around with this message at 17:25 on Nov 7, 2019 |
# ? Nov 7, 2019 17:22 |
|
bobmarleysghost posted:Wouldn't this show as an invalid certificate? No, because you deploy your certs with mdm or gpo to the devices trusted store. Note: in windows and android, and possibly iOS, Firefox ignore the device cert store without special configuration
|
# ? Nov 7, 2019 17:24 |
|
|
# ? May 14, 2024 17:18 |
|
Right, makes sense.
|
# ? Nov 7, 2019 17:28 |