• Blog Entries

    • By Destino in ES Coverage
         1
      Good afternoon Redskins fans!  I have once again been invited to sit in the relative comfort of the press box and shout my thoughts into the void via this blog.  As you watch the game today and see the rain  pour relentlessly from the heavens, know that I am safe and dry.  Know also that @Spaceman Spiff is out there somewhere, cold and unappreciated, rolling around in the muck trying to capture that perfect picture.  Maybe say a little prayer for his health (or laugh, whatever, I’m not judging you).  Also, be sure not to miss the pictures he posts on this site after each game.     
       
      Before we get into today's Redskins game, I want give some thanks for more positive occurrences in DC sports.  Congrats to the Washington Mystics for winning their first championship.  Congrats go out to the Washington Nationals as well for reaching the world series.  These two teams (along with the Caps) are working hard to change the sports related mood around this town, and we're all happier for it. 
       
      Lets move now into less cheerful topics, namely your Washington Redskins!  Yow know things are going bad, and I mean really dang bad, when your team has gone through three quarterbacks and two coaches and your not even half way through the season.  Today's fresh hell comes in the form of a specter of the our recent past coming to smirk at our misfortune.  Im talking of course of Kyle.  Kyle's spent the week assuring everyone that he isn’t holding a grudge, while very obviously holding a grudge.  “Everything else.”  You know what I’m talking about. 
       
      If all he brought to town were his hurt feelings we wouldn’t have a problem.  Sadly, he’s arrived with an undefeated football team that the NFL says we have to play this week.  This feels entirely unfair. 
       
      My generic key to the game:  Run the ball and stop the run.  The team (spoiler alert: 49ers) that does this today will win.   
       
      Redskins Inactives  
      QB Colt McCoy  
      S Deshazor Everett  
      CB Josh Norman  
      RB Chris THompson  
      LB Josh Harvey-Clemons 
      G Wes Martin  
      TE Vernon Davis  
       
      49ers inactives  
      QB CJ Beathard 
      WR Deebo Samuel  
      CB Ahkello Witherspoon  
      FB Kyle Juszczyk 
      T Mike McGLinchey 
      T Joe Staley 
      DL DJ Jones 
       
      1st Quarter Update
      Redskins 0 – 0 49ers
       
      Callahan wasn’t playing around when he said he wanted to run the ball.  That first drive was all runs, and looked great... right up until they tried to pass the ball.  Hopkins missed the relatively short fied goal, because of course he did.     

      Maybe Quinn isn’t a good choice to be returning punts?  Consider it.    
       
      That second Redskins drive looked more like what we’ve come to expect from this offense.  Run for negative yards, pass dropped, and an unsuccessful screen pass.  A quintessential Redskins three and out. 

      Passing yards this quarter:  Redskins 3. 49ers 9.  Are you not entertained?! 
       
      Half Time Update
      Redskins 0 – 0 49ers 
       
      How happy are you to spend your Sunday afternoon watching this game?  Consider that some people paid money, to sit in a poncho, in the rain, to watch this game. 
       
      It’s now time for those half time adjustments that our beloved skins do so well.  It’s unlikely the second half mirrors the first. 
       
      3rd Quarter Update 
      Redskins 0 – 3 49ers  
       
      Good news, this game will not end in a 0-0 tie.  Those half time adjustments have kicked in as expected and the 49ers have found a way onto the scoreboard in this messy throwback game.  The Redskins have decided to spend the second half collecting holding penalties and sadness.  Mercifully, only one quarter remains. 
       
       
Gamebreaker

Random Tech/IT Thread

Recommended Posts

Evaluating the complete costs of running email on-premise for a large international company and writing a business case to move to Office 365 is none too easy...

Share this post


Link to post
Share on other sites
2 minutes ago, bobandweave said:

 

Never saw this thread before. You probably figured it out already but if you can't use Get-ADcomputer then type in

 

import-module activedirectory

 

First and then it will work for you. 

Ya, don't work there anymore but want to say I tried that after spending some time looking for people with same problem. 

 

I really think it's because the DCs are too old, kept seeing articles that even importing that module to your local computer doesn't matter if the DCs don't allow AD queries vis powershell.  You ever seen the no ADWS thing before? 

 

I both DCs in that domain were 2008, not 2008r2 (started with r2), and I wanted to avoid login to the DCs via RDP to run powershell locally. WinRF wasn't enabled on DCs, and didnt get permission to do it, so login via powershell to DCs, import that module, and run commands may have worked, but not an option before I left.

2 minutes ago, Zguy28 said:

Evaluating the complete costs of running email on-premise for a large international company and writing a business case to move to Office 365 is none too easy...

No but seems to be in thing right now.  Third time I've witnessed a full migration, this will be first from gmail. You gonna keep an on-premise exchange server?  I was walking in same time they were decommissioning it, so didn't get chance to see how they worked together.

Share this post


Link to post
Share on other sites
22 minutes ago, Renegade7 said:

Ya, don't work there anymore but want to say I tried that after spending some time looking for people with same problem. 

 

I really think it's because the DCs are too old, kept seeing articles that even importing that module to your local computer doesn't matter if the DCs don't allow AD queries vis powershell.  You ever seen the no ADWS thing before? 

 

Depending on your OS as long as its Server 2008 R2 or newer your DC should have that. If it's an older OS or not at least to R2 then you would see that because it wasn't released until R2

 

Curious...writing scripts? Reason I ask is confused as to why you wouldn't want to go the RDP route? Glad it worked out. I will be keeping an eye on this thread to help whenever I can if I can

Edited by bobandweave

Share this post


Link to post
Share on other sites
24 minutes ago, Renegade7 said:

Ya, don't work there anymore but want to say I tried that after spending some time looking for people with same problem. 

 

I really think it's because the DCs are too old, kept seeing articles that even importing that module to your local computer doesn't matter if the DCs don't allow AD queries vis powershell.  You ever seen the no ADWS thing before? 

 

I both DCs in that domain were 2008, not 2008r2 (started with r2), and I wanted to avoid login to the DCs via RDP to run powershell locally. WinRF wasn't enabled on DCs, and didnt get permission to do it, so login via powershell to DCs, import that module, and run commands may have worked, but not an option before I left.

No but seems to be in thing right now.  Third time I've witnessed a full migration, this will be first from gmail. You gonna keep an on-premise exchange server?  I was walking in same time they were decommissioning it, so didn't get chance to see how they worked together.

We currently have 5 separate AD/Exchange 2010 org's. Looking to go hybrid on one and consolidate the other 4 into one 2016 org in a resource forest (they can't use commercial tenant and would have to go Fedramp w/ GCC High plan).

Edited by Zguy28

Share this post


Link to post
Share on other sites
3 minutes ago, bobandweave said:

 

Curious...writing scripts? Reason I ask is confused as to why you wouldn't want to go the RDP route? Glad it worked out. I will be keeping an eye on this thread to help whenever I can if I can

 

Thanks man, appreciate that.  Scripts are faster, and in regards to repeatable tasks, I'd rather script it now when I can.  If anything for efficency and practice. 

 

We had a script that could connect to a remote desktop and list all the software installed to make up for not having software to look for it or limiting permissions enough to prevent Rouge software despite having an approved software list (that I made from scratch and getting approval to add to it for people).

 

Another one was one I made that search a specific list of IPs for web servers with SAML software to search the identical configuration file they all had for a configuration line that was about to be deprecated and would break sso functionality if we left it after a certain date.  Had too much to do to rdp into each and find that.

Share this post


Link to post
Share on other sites
36 minutes ago, Renegade7 said:

@The Evil Genius what's signal strength on your current cable modem / router?  You talked to ISP about latest model available?  Cable providers are notorious for not reaching out about this for regular upgrades and people paying for a speed their equipment can't handle.  If you havent, start there.  

 

How far are we talking PS4 from cable modem (this is a modem / wireless router as well, right?).  Is that backroom walls made of concrete?  What kind of WiFi signal are you getting on your cell phone or laptop?  Same issue?

 

I'm asking you these questions first because one, ISPs brag about range of their wireless cable modems now, so save some money and call them on it.  And two, if you sitting in a concert block, that's not gonna help you either.  I use ethernet where ever I can, even if I have to make my own cables.

 

We actually bought an ARRIS - SURFboard AC1600 Dual-Band Router with 8 x 4 DOCSIS 3.0 Cable Modem about 5 weeks ago because we were tired of paying Comcast $10+  to rent their cable modem. The downside is weve seem to have lost a lot of signal strength/speed in doing so. The man cave is downstairs and is the only room on that floor (other than the garage and crawlspace). The router/modem is upstairs (guesstimate 60-70 feet?) And right now I'm only getting a spotty 5-15 Mbps on the wifi signal downstairs (via an app on my phone)...plus the signal drops a lot. 

 

I'm at a loss as to what to do. Can't really return the modem since it's past it return period..but even so, I'd hate to eat the cost and get another brand as we're are getting a decent 100+ Mbps upstairs (cable internet plan is for up to 250 Mbps). Although we used to get closer to 180mbps upstairs when we rented the modem/router. 

 

That's why I was asking about MoCa or  Powerline options. 

Share this post


Link to post
Share on other sites
11 minutes ago, Zguy28 said:

We currently have 5 separate AD/Exchange 2010 org's. Looking to go hybrid on one and consolidate the other 4 into one 2016 org in a resource forest (they can't use commercial tenant and would have to go Fedramp).

 

That actually sounds really cool : )  sounds like you solo planning it out, though, that sucks.  You mentioned FedRAMP, are there are FIPS docs to help guide to with that?  

 

Job asking me to get FedRAMP certified, have choice between easy aas CEH or OSCP (which I prefer) and they'll offering me side gigs.  I feel like I'm making this choice harder then it needs to be, they told me they won't be asking me to make exploits from scratch, but it want to learn how to do that better with python 

Share this post


Link to post
Share on other sites
2 minutes ago, Renegade7 said:

 

Thanks man, appreciate that.  Scripts are faster, and in regards to repeatable tasks, I'd rather script it now when I can.  If anything for efficency and practice. 

 

Absolutely 

 

 

2 minutes ago, Renegade7 said:

 

We had a script that could connect to a remote desktop and list all the software installed to make up for not having software to look for it or limiting permissions enough to prevent Rouge software despite having an approved software list (that I made from scratch and getting approval to add to it for people).

 

Ever heard of NEWT? That’s what I use for cases like that. Scans a network of 1000 machines in 15 minutes and gives you all kinds of information like software installed, DAT file dates, hardware configuration, and so much more all exportable and the software is pretty cheap and powerful with a one time cost.

 

I realize this defeats the purpose of not using software to do this type of job but the capabilities and the quickness of this program make me want to mention it to you. Youtube it, it’s made by Komodo Labs and simple to use. Might be helpful

 

 

 

 

  • Thanks 1

Share this post


Link to post
Share on other sites
18 minutes ago, The Evil Genius said:

 

I'm at a loss as to what to do. Can't really return the modem since it's past it return period..but even so, I'd hate to eat the cost and get another brand as we're are getting a decent 100+ Mbps upstairs (cable internet plan is for up to 250 Mbps). Although we used to get closer to 180mbps upstairs when we rented the modem/router. 

 

That's why I was asking about MoCa or  Powerline options. 

 

Lost last post due to stupid timeout, so I'll try to keep this short:

 

I feel you, 5-15 is brutal.  But for clarification, was it working before just fine with comcast modem?

 

If it was and it was me, I'd put that new router on ebay or Craigslist to try to get something back, call comcast to ask what their best moder is right now, then buy your own with equal or greater signal strength.

 

I don't like your new router, not with a drop like that, if I had choice between going back to something close to what was working before versus trying to save keeping the new one...I don't want to see you back here talking about the powerline extenders weren't good enough.

 

This is on my assumption that yall were fine with the comcast modem, jus wanted to save some coin by owning your own.

  • Thanks 1

Share this post


Link to post
Share on other sites

I never have bought a cable modem and router combo.  I look for the best cable modem reviews, then the best wireless router reviews.  Then by each separately.  Much more likely to be a compromise in one or the other if it's a package deal.  I currently have an SB6183 and an Airport Extreme in a 3 level fairly large house and it covers pretty well.

Edited by HOF44
  • Thanks 1

Share this post


Link to post
Share on other sites
19 minutes ago, HOF44 said:

I never have bought a cable modem and router combo. 

 

Ya, my apartment and townhouse weren't big enough to need something more then what Cox offered.  If I was in a house, I'd go same router as I'm comfortable configuring and separating the two.  Used to have a netgear firewall in my apartment, but I was jus practicing fitting it in there and still being able to connect to internet

Share this post


Link to post
Share on other sites
52 minutes ago, The Evil Genius said:

 

 

I'm at a loss as to what to do. Can't really return the modem since it's past it return period..but even so, I'd hate to eat the cost and get another brand as we're are getting a decent 100+ Mbps upstairs (cable internet plan is for up to 250 Mbps). Although we used to get closer to 180mbps upstairs when we rented the modem/router. 

 

That's why I was asking about MoCa or  Powerline options. 

Being dual band have you make sure that both the 5.0 and 2.4 bands are active? The 2.4 band generally gives you better long distance speed.  So make sure you are on that one and also that you try both to see which is better.  

  • Thanks 1

Share this post


Link to post
Share on other sites
2 minutes ago, The Evil Genius said:

Yeah I was getting 20-50 Mbps WiFi downstairs with the previous rented modem. Sucks that I chose...poorly. 

 

?

Meh, jus let it be lesson you don't have to learn twice, we all been there : )

 

That was right track, but check specs going forward

  • Thanks 1

Share this post


Link to post
Share on other sites

@The Evil Genius

 

I have a MoCA Network in my house for my Tivo system.  Verizon routers set up a MoCA network by default, so if you have Verizon then you’re a step ahead.  If not, then you’ll need a router that can create that.  Then you’ll need cable to whatever areas you want.  I also believe that you’ll need a MoCA converter/filter as well.  IMO it’s almost easier to hardware cat 6 if cable isn’t already there.

 

What about a WiFi repeater?  Those are rather inexpensive.

Share this post


Link to post
Share on other sites
17 minutes ago, Renegade7 said:

Jesus, what is that like 3 in a row now? 

Meltdown and Spectre were kind of a 1-2 punch, though AMD was also susceptible to some of the Spectre variants.  But Meltdown and L1 Terminal Fault seem to be much more serious than Spectre and the mitigations seem more costly.

Share this post


Link to post
Share on other sites
Just now, PokerPacker said:

Meltdown and Spectre were kind of a 1-2 punch, though AMD was also susceptible to some of the Spectre variants.  But Meltdown and L1 Terminal Fault seem to be much more serious than Spectre and the mitigations seem more costly.

Ya, I was on my way out while we're waiting for patches to come out for all the different processors we had just with Meltdown and Spectre, Azure and Linode didn't waste no time, shutting down our servers overnight without our permission despite some of the patches causing performance issues.  Then another one we were like, damn, now this?  I guess the only good thing about this is you have to exploit the box for access first then run one of these, its not a remote exploit by itself.  Local access is a different story.

 

I don't think we're ready for production quantum processors, but I'm going to have to keep my ear to the ground to how they plan to redesign how we do processors in the meantime.  Obviously where we are isn't good enough.

Share this post


Link to post
Share on other sites
16 hours ago, PokerPacker said:

Meltdown and Spectre were kind of a 1-2 punch, though AMD was also susceptible to some of the Spectre variants.  But Meltdown and L1 Terminal Fault seem to be much more serious than Spectre and the mitigations seem more costly.

 

Meltdown and Spectre also were released in January. I guess it took the assholes time to morph this into the next generation. Hopefully they learned some lessons that will help them with this one. Looks nasty

Share this post


Link to post
Share on other sites
On 8/17/2018 at 1:53 PM, bobandweave said:

 

Meltdown and Spectre also were released in January. I guess it took the assholes time to morph this into the next generation. Hopefully they learned some lessons that will help them with this one. Looks nasty

I wouldn't say it morphed for the next generation.  Meltdown and Spectre are still around (the hardware design process is long; they can't just fix fundamental problems in the CPU design in a few months and get it out to production), this is just a separate exploit of similar nature that has been sitting around waiting to be found (assuming the NSA or whomever hasn't been sitting on it as a day-zero).

  • Like 1

Share this post


Link to post
Share on other sites

Part of a message I got from a corporate lawyer today. Due to the President cutting some deal with ZTE. This could be a serious financial burden for some companies.


 

Quote

 

Congress included a provision in the 2019 National Defense Authorization Act, which the President has signed into law.  Under that provision (Section 889 of the Act), two years from now, all Federal agencies will be prohibited from contracting with any entity that uses telecommunications or video surveillance equipment or services from the following Chinese companies:

 

Huawei Technologies Company

ZTE Corporation (or any of their subsidiaries or affiliates)

Hytera Communications Corporation

Hangzhou Hikvision Digital Technology Company

Dahua Technology Company (or any of their subsidiaries or affiliates)

 

 

Share this post


Link to post
Share on other sites

https://krebsonsecurity.com/2018/08/indian-bank-hit-in-13-5m-cyberheist-after-fbi-atm-cashout-warning/

Quote

 

On Sunday, Aug. 12, KrebsOnSecurity carried an exclusive: The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. On Aug. 14, a bank in India disclosed hackers had broken into its servers, stealing nearly $2 million in fraudulent bank transfers and $11.5 million unauthorized ATM withdrawals from cash machines in more than two dozen countries.

 

The FBI put out its alert on Friday, Aug. 10. The criminals who hacked into Pune, India-based Cosmos Bank executed their two-pronged heist the following day, sending co-conspirators to fan out and withdraw a total of about $11.5 million from ATMs in 28 countries.

The FBI warned it had intelligence indicating that criminals had breached an unknown payment provider’s network with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs.

 

 

Share this post


Link to post
Share on other sites
On 8/20/2018 at 8:35 AM, Zguy28 said:

Part of a message I got from a corporate lawyer today. Due to the President cutting some deal with ZTE. This could be a serious financial burden for some companies.


 

 

Whoa, and I tight the kaspersky ban was big, hot damn. On surface I approve, but now wonder about reaction China will have towards companies like cisco (since nsa had that zero day tool that got out)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.