3CX Desktop VoIP Client Hit with Supply Chain Attack

The 3CX VoIP Desktop Client was compromised by what is believed to be a threat group associated with the North Korean government. Millions of users of the 3CX software are affected. The malware in the compromised version of the 3CX VoIP client exfiltrated data from affected users, allowing full remote control of infected systems.

The attack affects both Windows and macOS users. The attack gained notice when 3CX users began complaining that security products were flagging and, in some cases, removing the software from their computers.

https://www.cisa.gov/news-events/alerts/2023/03/30/supply-chain-attack-against-3cxdesktopapp

More detailed information and discussions for those that are interested:
Youtube Video

@Obsolesce said in Shell Speeds, Bash and PowerShell:

I was basing that off of these points, which makes Node seem like the VERY clear winner.

https://da-14.com/blog/python-vs-nodejs-which-better-your-project

Written by javascripts developers - what do you expect?

I stopped reading right here "The main thing we want from a programming tool is performance."
If the main objective would be performance, developers would still work with assembler.

The main thing you want is to cut the cost (time) of development, while having adequate performance.

I think you have to realize what chatgpt is and what it's not.

Essentially it's a chat bot, "designed to engage in natural language conversations with users on a wide range of topics".

It's not designed to be factually correct. It's designed to talk.

It's like having a conversation with one of those armchair internet experts that doesn't have any actual experience and has never left their moms basement, but can google anything.

I did this just now so I though I'll add it to the thread.

Install NFS Server on Debian 9

apt install nfs-server

As you may know debian installer start services automatically so it's just less to write.

By default folders for nfs goes into /srv.

@pmoncho said in Network Termination Points - CompTIA Network+ N10-007 Prof Messer:

@Pete-S said in Network Termination Points - CompTIA Network+ N10-007 Prof Messer:

@melvinsilva said in Network Termination Points - CompTIA Network+ N10-007 Prof Messer:

The way cables are organized and distributed is very important.

I have learned that the best way to have minimum affectation when a switch fails is to plug cables between patch panels and switches as follows:

Patch Panel cables organization ---> Horizontal (port 1, port 2, port 2, so on)
Stack Switches ---> Vertical (switch 1 Port 1, Switch 1 Port 2, Switch 2 Port 1, Switch 2 Port 2, so on)

At the end you should have this:

PP 1 Port 1 ---> Switch 1 Port 1
PP 1 Port 2 ---> Switch 1 Port 2
PP 1 Port 3 ---> Switch 2 Port 1
PP 1 Port 4 ---> Switch 2 Port 2
PP 1 Port 5 ---> Switch 3 Port 1
PP 1 Port 6 ---> Switch 3 Port 2

I like it like this (but without the blanks between):

Stacked switched don't have to be mounted next to each other.

I like these two except when port 1 on switch 3 goes bad and the only open port is port 22. Then before replacement arrives, port 20 goes bad, old user on port 3 is gone, so person decides to use port 3 temporarily. Now temporary becomes long term and we can all see the future now.

True! Then you'll feel like this...

Or you can keep a spare on the shelf.
Otherwise you might have 48 angry people if the switch dies on you.

I'd just put twenty 15TB NVMe drives in my little 1U server and call it a day.

If you need more storage density you could also go with another chassis using the NF1 format SSDs from Samsung.
That's a whopping 0.54 PB in 1U.

@dafyre I checked our supplier and fully stocked with 36 15TB Samsung PM983 NVMe drives it would be priced at around $115K with 768GB RAM and two Xeon CPUs and a couple of 25Gb NICs.

AMD or Intel makes no difference whatsoever.
If AMD's where too slow then it was the wrong CPU for the application and it was a purchasing error, not an error on AMD's part.

Pick the model what has enough performance for what you want and the best price.

@scottalanmiller said in AMD Vs Intel:

@Pete-S said in AMD Vs Intel:

@Obsolesce

Looking at the test you posted it says that in general benchmarks the Intel 8700K is 8% faster.
Lets just say that that is an indisputable fact without making any assumptions on what the tests actually test.

Now is says that the AMD cpu is priced at kr 2594 and the Intel at kr 3311. That's means that the Intel is 28% more expensive.

So you pay 28% more for 8% higher performance - that means that the AMD 2700X is a better pick than the Core i7-8700K.

Looking at the prices today, it was a lot more than 28% more expensive. Closer to 40%.

I was going by the screenshot from the test.

Price might vary from day to day and market to market.

I remember a long time ago we bought a couple of HPE servers with E3 Xeons in them and they were so cheap that it was like you paid market price for the CPU and got the rest of the server for free. So if you buy machines (and not CPUs) you should compare the price of the machines against each other, and not the CPU per se. Sometimes you can get a good deal that will skew the results toward an Intel or AMD.

It's interesting to see some people talking about how HPE and Dell is great and that their products are higher in quality than Supermicro...and then find that Supermicro is being rebranded by HPE and Dell at the high-end of their product lineup. :face_with_tears_of_joy:

A while back I had an old HP server, G5 I think, where Fedora and CentOS wouldn't install. Debian 9 did fine though so I would try Debian. I always do the install in text-mode (not graphical) BTW.

Download the netinstall image and select below options for a minimal install with SSH.

For the XO team it's easy to think that it is their product and they have rights when all open source products stands on the shoulders of others. They would not have any product and not even an OS to put it it wasn't for others time and effort.

IMHO open source products should not have any information about support or no support. It's not in Mozilla Firefox, it's not in Apache OpenOffice, it's not in Oracle Virtualbox just to name a few. To write "no support" or at your own risk is just to increase sales, nothing else.

@Obsolesce said in WordPress Cutover Main Page Works, but Secondary Pages Do Not:

@scottalanmiller said in WordPress Cutover Main Page Works, but Secondary Pages Do Not:

BANGING HEAD ON DESK

It's an Ubuntu-ism. On Fedora this is not needed. On Ubuntu you have to...

a2enmod rewrite

What's that?

That's a script that enables the mod_rewrite module in apache - apache2 enable module.

Honestly it's not hard. You just pick the fastest cpu with the highest clock, the fastest GPU, then motherboard and memory to match, fast SSDs and a chassis with adequate power supply and cooling that will get the job done. Order, pay, assemble and play.

Building a mid-end gaming rig is harder because then you have to weigh performance versus money.

You should test how fast different dns servers resolve hostnames from your location. It's very location dependant.
Then pick the fastest ones.

Since you guys gave rackspace support such a glowing review, I will not even consider them as an option.
Thanks!

For the port to be identified as open there has to be something listening on that port, for instance a webserver. If you open the firewall but there is nothing listening it will say it's closed.

Think of it is if you knock on the door of someones home and they don't answer. Is the door bell blocked or are they not home? How can you tell?

Actually there are two ways to "close" a port - reject or drop incoming packets. But that is another discussion.

What's the problem? Just put the workstation groups on different vlans and route their traffic differently. Block either in firewall, http proxy or dns.

@scottalanmiller said in Another VPS Kid on the block upcloud.com:

@Emad-R said in Another VPS Kid on the block upcloud.com:

@Emad-R

Plain KVM is so mature and everywhere I am starting to think we should all huddle up and create our own VPS service. I think between all ML we have around 500 VMs or so

So like.... 1-2 servers

It would be interesting to know the vCPU to core count ratio on these cloud providers. I'm guessing 10-15 vCPUs on each real core.

So a 16 core server can have 160-240 VMs.

So 1-2 servers sounds about right

If we compare the E5-2667 v4 and the 6146 v1, the technological difference is nowhere near as large as between the E5-2643 V1 and E5-2667 v4.

The Gold 6146 was introduced mid 2017 while the E5-2667 v4 was mid 2016. Both use 14nm. Both use DDR4. The 6146 has 12 cores over the E5-2667v4 8 cores but it doesn't have the TDP to match that so it can probably not run as many cores in turbo at the same time as the E5-2667v4.

So all said and done, I'm not sure the 6146 actually is faster per core when all cores are under very high load. When you run a single core task 6146 should be faster but then the CPU has the ability to go into the highest turbo frequency on that core.

There is also the whole meltdown/spectre problems that have had a huge negative effect on performance. So if the new systems have patches for this and the old one don't, it could put the new systems at a big disadvantage.

Small things like BIOS settings can make a big difference when you are tuning for maximum performance. If you look at HPE and Dell for instance they have recommendations on BIOS settings for HPC applications that go against common IT practice but are what is needed for maximum performance.

Have you been in contact with Supermicro and their HPC guys? I think you need experts to tune your cluster to maximum performance.