@wrx7m said in Why DR Plans are Important and Need to be Tested:

This is a good reason to have more than one credit card from more than one bank.

This isn't just a credit issue though. It's people literally unable to access their own money, not money on credit. More so if people have the money in their checking/savings account to pay their bills why should they have to pay their bills on credit?!

The bank had better pay off any interest if their customers had to use a credit card to pay for anything during this time to get things back to Zero.

MSP Maturity Model. Strictly speaking, the MSPMM does not tell MSPs to make all of their customers identical. But in practice, it encourages it and many MSPs talk about the MSPMM in these terms - finding ways to make customers all run the same tools, software, practices, network design, etc. This makes management so much easier for the MSP, but has two major problems.

First, it forces the customer to conform to the vendor, which makes very little sense. IT needs to adapt to the business, not the business to IT. But that's another topic.

Secondary, it means that an attack vector that works on the MSP will likely work on every single one of their customers making the prospect of breaching the MSP that much better. Sure, if a targeted attack by experienced state-sponsored hackers goes after an MSP, the MSP has little chance of winning that battle. But that isn't the real risk. In the real world, the risk is automated attacks looking for common vulnerabilities and spreading organically through shared tooling - things that are only possible or reasonably likely when the environments are homogeneous: both amongst the MSP clients, and between clients and the MSP themselves.

The traditional approach of MSPs, especially VAR - MSP combo companies, is to have not only the same tools and software, but even the same hardware and products so that any hole anywhere because a hole everywhere and breaching any one piece of the infrastructure means you are likely to breach it all.

@Dashrender said in What SQRL Apps Are You Using:

@scottalanmiller said in What SQRL Apps Are You Using:

@Dashrender said in What SQRL Apps Are You Using:

@scottalanmiller said in What SQRL Apps Are You Using:

@Dashrender said in What SQRL Apps Are You Using:

@coliver said in What SQRL Apps Are You Using:

What's seems odd to me (even though it probably isn't) is that there are no major players also working on this in tandem. If this is supposed to be the next iteration of anonymous login there are a ton of security adjacent vendors that would love this.

No, they wouldn't because they can't make money off of it.

Actually they could, if it had any value. They could make a lot off of it. It's because it doesn't do anything useful that it has no value. OAuth already does all the good parts of SQRL and fixes the "not easy" problems.

No it doesn’t because oauth gives the control to that third party, it’s not trust no one.

SQRL does that too.

What no it doesn’t. You are the only one with your private key and everything is done on the fly based on that. No third party is ever involved.

That's the impression that they like to give, but it doesn't work that way. To share identities or have any "easy" between sites, it is still sharing just like OAuth (Actually, they state that they are just extending OAuth.)

So with SQRL you always have to trust at least one source, and if you want the features that most people want, then you have to trust a third party as well. The SQRL key carries no info, so is nothing more than a cookie, so requires the same third party sharing that we have now,. It's just a cookie that doesn't automatically get conveyed between unrelated sites.

Short of getting advisories from vendors, just putting something on the calendar is probably best.

It's not checked. However, some properties within are. But not all of it. It's telling you it's conditional. Still pointless though IMO.

But like anything - this could grow through the use of other compromises for privilege elevation, and bam - pown'ed.

So, circling back. How is the backup project going?

@Pete-S said in Geekbench observations:

@dafyre said in Geekbench observations:

@Pete-S said in Geekbench observations:

The relationship between the single-core and multi-core score should be about 80% of theoretical max on the multi-core score.

So if single core score is 3000 and you have 4 vCPUs then multi-core score should be 80% of 3000 x 4 cores = 9600. If the host is under heavy load the multi-core score will go lower and lower.

I think you are on the right track. This is largely in part due to how the underlying Hypervisor handles multi-core VMs. The way I understand it, is that in a multi-core VM, the Hypervisor has to wait for that number of cores to be ready to process before it signals to the VM that it can keep running.

IE: In your example, a 4 core VM, the underlying hypervisor will have to wait to have 4 cores waiting for work before it will tell the VM that it's cores are available.

I've read that before but I think it is some old feature of very old hypervisors called strict co-scheduling. It's not used anymore.

Nowadays basically every hypervisor has their scheduler that puts vCPU on real pCPUs according to the time share principle. So every vCPU get's a piece of the pie. But it has to account for hyperthreading, more than one CPU socket (NUMA), power saving, VM priority and other things. The underlying principle is though that all VMs and their vCPUs should get their fair share of CPU time.

Some hypervisors have different scheduler algorithms so you can pick other ways of scheduling that might be more optimized for your workload.

Depends, SMP doesn't really allow for that, all cores have to be in lock step. Only is AMP is supported can the hypervisor do that. It requires the hypervisor and system above it together to do non-SMP processing.

The only scenarios I've seen are:

PPPoE / DSL Jumbo Frames VPNs

@Pete-S click the menu (three stacked dots) by the post that had the answer so others know which solution worked best for you.

@EddieJennings said in Typical virtualization host server config?:

@Pete-S said in Typical virtualization host server config?:

We've calculated guesstimated 8GB RAM and 50 GB SSD storage per VM on average.

How did you come up with your guesstimate? Do you have some workloads in production right now that you'd be virtualizing with whatever host your configure and buy?

Yes, actually we have the hardware now but it hasn't been configured completely yet. We are still figuring things out.

The workloads are running on physical servers (Windows) and it's latency that is our primary concern, not capacity. We are moving the applications to linux and making them multi-tenant and horizontally scalable at the same time. So that's why we are guesstimating based on the config of the physical servers.

@DustinB3403 said in Openvpn HELPPP!!:

@abdel-hakim-abousrea to start, if you have access to the internet, you have a public IP, it could be a statically assigned IP or one that could change randomly.

Having a static public IP to use for this would be ideal.

Set up a FQDN for your system, even if it is a static IP. Either via some type of dynamic DNS or a manual records in your public DNS.

@dafyre said in Running Xrdp on Ubuntu:

Not sure what to do about the EFI issue....

What I do when I want to use mine like that is set up x11vnc-server and then run it through XRDP (and choose the console option). It's faster than stock VNC... Don't ask me why, lol. I haven't gotten instructions for that yet, I don't think.

If I remember right, after a reboot, you have to connect, close the connection, and then reconnect back using the XRDP+VNC option. I don't have any installation instructions for that setup on hand though. I can work it out and post them if you like.

This is likely where I went 'rouge' in that I didn't use x11vnc-server.. I had notes on that,.. at least I believe and have misplaced them. so I had forget that.

As I was starting to have other 'OS' Kernel issues (the mouse and keyboard wasn't working correctly) I nuked that partition from Windows, and will rebuild. Maybe it'll survive as I am of course getting grub 'errors' since that partition is gone.

@Pete-S It was on linux - ProFTPD

Sounds like a good idea guys. I will do it that way.

@JaredBusch

Good thing you brought this up. I couldn't believe that your recording where ADPCM because in our 3CX we just have PCM recordings.

It turns out that the ADPCM codec for recordings is a completely new feature in 3CX, which arrived in the latest version 15.5

I had to dig around before I could find that setting anywhere. But it's under the recording quota.

IMHO you should have a lot of recordings to enable it in the first place. In just 10GB you have room for 167 hours of non-compressed recordings. But maybe some users have it set up to recording everything on every call and a lot of extensions and small cloud hosted VMs.

3cx_compress_recordings.png

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@Obsolesce said in Windows Server 2012 R2 : randomly changes date/time ?:

@WrCombs said in Windows Server 2012 R2 : randomly changes date/time ?:

@DustinB3403 said in Windows Server 2012 R2 : randomly changes date/time ?:

I've seen the time slip, usually caused from a aging bios battery. But where time is jumping all over the place. That's a new one.

after I re synced, It slipped an hour ahead.

Check (as in look at) the timezone and the automatic daylight saving check box

Says eastern time .

wont let me change to Central Standard either

What do you mean it won't let you? Is it grayed out? Is there a link to click in the window to enable changes to be made?

When I change it to CST it says " Your current time zone is not recognized, Please select a valid time zone. "

Try PowerShell:

Set-TimeZone -Name "Central Standard Time"

Or whatever zone you're in and is current.

Powershell blows up

Don't know what that means. Screenshot?

Capture.PNG

even with copy paste it does that
and elevated

What's the result of this:

$PSVersionTable

Capture1.PNG

Oh. That's why. Are you able to install PS v 5.1?

I don't know the CMD.exe way to do it.

Im not sure, Give me a few

I'm sure a reboot would be required somewhere... but if you can, I found this:

https://social.technet.microsoft.com/Forums/ie/en-US/3b13b6a0-ecb2-429d-ad8d-533b7322c7ee/installation-of-powershell-50-on-windows-2012-r2

I did not do this,
I did however set it up to not be accessible from anyone but our Account which is completely locked and no one has the password, to see if the issue goes away.

@scottalanmiller said in DD-WRT:

I use Steam at home to play video games, it's not a business decision.

What if your job is to play video games?