KoRMaK posted:

Moving to a new gig at Oracle?

notwithoutmyanus posted:

! Instant offer after interview, reachable via Chicago public transit (train), salary jump and better politics! Goodbye, poo poo rear end giant corp, hello new corp.

MJP posted:

OKAY SO
I GOT AN OFFER AND ACCEPTED IT

Sirotan posted:

I'm deploying this (well, S4B) to my org this weekend. I did some testing of course before I started to install it everywhere but am not entirely confident it's even going to work come Monday morning.

larchesdanrew posted:

Here I go

larchesdanrew posted:

gently caress my gay rear end life. The "interview" was just me pissing all over a cup and then verifying that, yes, I know what a network switch is. The real interview with the hospital itself isn't until later.

larchesdanrew posted:

pr0digal posted:

A machine isn't connecting to the SAN, better go check it out!





That would do it.

pr0digal posted:

I'm assuming a user kicked it right out of the box under the desk. That thing on the end is what it's supposed to plug into. Whole thing just popped right out.

Thankfully fixing it is not my problem

RFC2324 posted:

Were you not aware that Scots are notorious hoarders?

RFC2324 posted:

Some of my best friends are scottish

iRend posted:

An interview came in.

We're interviewing a network tech / firewall dude for a SIEM / IPS role. Very similar area of expertise, but very different hardware/policies.

We've been told by higher ups we're not allowed to ask technical questions of the candidate.

What sort of questions are left???

larchesdanrew posted:

Apparently they hired an IT guy two weeks ago. He was supposed to start last Monday and then just never showed up and no one can find him.

PCOS Bill posted:

I thought nationalization made everything better and more efficient.

DroneRiff posted:

outsourced IT supplier

Agrikk posted:

Okay, so on Friday I was on a call with a partner and some of its sub contractors. Maybe ten of us on the call.

Partner decided that we needed, needed, to have video enabled on the WebEx session to build teamwork since most of us work remotely and in different countries, etc.

Meeting progresses and about 45 minutes in, one of the subcontractors stands up in front of his chair at his desk, drops trou and boxers, sits back down and starts to rub one out. On camera.

I cannot un-see this.

FireSight posted:

I've brought this up to Apple, talked my way up to a "Senior Enterprise Advisor", and apparently having this on two networks with different network equipment isn't proof enough for a good on their end. Fuckers are making me take an AppleTV home and test it on a CONSUMER grade router to prove that it's an OS issue and not a network configuration bug.

go3 posted:

AV is just another line of defense.

quote:

When you install TrendMicro Antivirus on Windows, by default a component called Password Manager is also installed and automatically launched on startup.

http://www.trendmicro.com/us/home/products/software/password-manager/index.html

This product is primarily written in JavaScript with node.js, and opens multiple HTTP RPC ports for handling API requests.

It took about 30 seconds to spot one that permits arbitrary command execution, openUrlInDefaultBrowser, which eventually maps to ShellExecute().[

TrendMicro helpfully adds a self-signed https certificate for localhost to the trust store, so you don't need to click through any security errors.

fishmech posted:

Sure, but it's also integrated into the OS these days in the first place, so it's essentially impossible to go without it unless you're pulling the sort of bullshit where you run hacked up "slimdown" OS installs to begin with.

Installing a third-party AV in 8/8.1/10 is kinda like insisting on still installing Trumpet WinSock to handle TCP/IP.

odiv posted:

So is the plan to just keep the people who browse like a moron off the internet?

go3 posted:

and in non-business environments?

online friend posted:

don't browse the internet like a moron, use adblockers and don't open shady emails

and don't download shady poo poo from wehavefiles4u.ru

go3 posted:

dont browse the internet like a moron.

christ we cant even convince people to stop getting blackout drunk while pregnant.

Thanks Ants posted:

So is the point basically that an environment with average users where endpoints can't be locked down with AppLocker should just be prepared to recover from backups a lot? I heard that AV is poo poo loads of times in the other thread but is there literally nothing that can be done if the user is an idiot and training is also not an option? Is OpenDNS Umbrella a load of crap as well?

fishmech posted:

For that you'd use MSE because of course you would.

I'm not following that, Windows Updates logs when updates are installed, and MSE/Defender definition and executable updates (depending on OS version) are specifically called out in those logs. How can that be harder to track?

Internet Explorer posted:

Even though we have 1000 feet of wall, front and back to work with, we must limit ourselves to 100 feet, one sided. This is to ensure compatibility with executions done in the early 1900s and not confuse the firing squad, causing a catastrophic failure. (Don't ask about the catastrophic failure that caused us to implement this policy, it was a doozy!)

Pearnicious posted:

Oh. My. God.

Someone is obeying the law by getting a permit to conceal a handgun? In a country where it is perfectly legal and normal for law-abiding citizens to purchase, own, and carry firearms?

GO TELL HR NOW! THIS LADY IS OBEYING THE LAW AND IS OBVIOUSLY A PSYCHO!

There's no possible way that her passport is for something like a vacation or...here's a thought, maybe just to take a commercial flight within the US? http://www.washingtontimes.com/news/2016/oct/13/real-id-law-facing-backlash-from-states-refusing-t/

Guns do stupid things to people's minds, as is evident here. I'd bet that all of you here in the US have probably been within 5 feet of an armed CCW permit holder multiple times in your lives in public places and been none the wiser.

If owning a gun somehow magically makes a person a psychopath murderer, then everyone here is magically a super-hacker by virtue of using a computer.

SEKCobra posted:

Pfft, obviously you implement policy to disallow this sorta practice. Hell, how am I gonna teach my users to not get hacked if I MITM them. Not to mention that it would be illegal here to even do that.

Collateral Damage posted:

Generally when a system says your password can't be similar to a previous password then yes, it stores your password in plain text.

It is theoretically possible that it generates a small rainbow table of possible permutations when you set your password and checks against that, but I think that's giving people who think that enforced password changes is good security too much credit.

Collateral Damage posted:

Well if you're providing the old password it's obviously easy to compare. But if it says "Your password can't be similar to your 5 previous passwords" then you know it has at least 4 of those stored in clear text.

But if you have the password "Password01" and then change it to "Awful123" and then try to change it to "Password02" and it tells you it's too similar to Password01, then it has Password01 stored in clear text somewhere. e: Unless you have generated rainbow tables, of course.

Malachite_Dragon posted:

I'd like to apologize on her behalf When I got my new cochlear implant processor and was told it was bluetooth compatible, I was so goddamn jazzed. And slightly weirded out. The music is inside my head now!

Agrikk posted:

Ever get a case/ticket that you know is the leading edge of a very massive shitstorm, but the case creator just doesn't know it yet?

I got a support case escalated to me, followed by a very nervous phone call by <customer> VP of Operations saying basically the same thing:

"Hey Agrikk, we are running low on IP addresses in our Production VPC. Can you please increase the number of available IP addresses?"

So I take a look at the VPC in question and it has a /20 mask specified. and almost all of the four thousand IP addresses are in use. Welp!


Edit:

For those who might not know, it is currently impossible to resize a CIDR block on an existing VPC. Choosing the right-sized CIDR is literally The One Thing You'd Better Not gently caress Up when examining your VPC design for just this very reason.

AWS has a helpful doc on the subject:


That's it, just snapshot all of the production instances of a $XX billion company and flip them over to a new VPC! What could possibly go wrong with migrating and re-IP-ing several thousand EC2 instances, RDS databases and service endpoints?

Yeah, this is going to be a fun conversation to have. But at least I know what I get to work on for the next few months.

MrMojok posted:

As I have established numerous times in the IT threads, I don't know jack poo poo. So again I come to you guys for ideas.

Today, and last week or the week before, people at several client sites discovered they couldn't pull up pinterest.com. The name couldn't be resolved.

At one site, I connected to their fortigate firewall and that firewall (using Cogent's DNS servers) could resolve pinterest OK. But the local DC could not. At one point on the DC I did dnscmd/clearcache and this helped the DC to suddenly begin resolving pinterest, however on the local user PCs even after ipconfig/flushdns they still couldn't.

Both times I ended up on the DC doing net stop dns&net start dns, and suddenly all local user PCs could resolve the site again.

Looking at the event logs on servers at the affected sites, I don't see anything other than the "DNS server encountered a bad packet from xxx.xxx.xxx.xxx" type errors. The only site I know of this has happened with is pinterest, although I assume others might have been affected and we just didn't know.

It has happened at sites where we use Cogent, and Level3 for internet. Although as I said when connecting to the site's firewall, I could resolve the name. It appears to just be an internal DNS problem in each case.

Anyone have any ideas on this?

SeaborneClink posted:

I secretly hope you're my company's TAM.

Agrikk posted:

It's cool. I hope that you are that user.

GreenNight posted:

poo poo. Wrong thread

Blue_monday posted:

My bosses are finally onboard with Macs in a Windows environment being a spectacularly bad idea. This is after three years of me telling him this, and repeatedly being demonstrated by the litany of problems the Macs have caused over the years. They are also now finally onboard with wireless devices being a bad idea.

Inspector_666 posted:

We have constant issues with the Macs locking out AD users but I don't know enough about macOS to even know where to look in the logs to find out what or why.

Inspector_666 posted:

I'm not actually that incompetent, I don't think.

Inspector_666 posted:

I don't know enough about macOS to even know where to look in the logs to find out what or why.

LethalGeek posted:

It's almost like there is a pattern in the world with Macs, their users, and everyone being tired of their junk.

quote:

They are also now finally onboard with wireless devices being a bad idea.

MF_James posted:

This all started because a guy complained about supporting a single mac

Inspector_666 posted:

We have constant issues with the Macs