@scottalanmiller said in Miscellaneous Tech News:
For those on the beta channel, NextCloud 18 is available!
What are the highlight features for Nextcloud 18?
@Dashrender said in PDQ Drops Inventory (Deploy) Agent:
@coliver said in PDQ Drops Inventory (Deploy) Agent:
@warren-stanley said in PDQ Drops Inventory (Deploy) Agent:
@coliver from memory it allowed endpoint status display, along with connection when outside the corporate network for running commands and application management.
It was part of the subscription and didn't require any other additional setup - so was nice in theory.
Ah. Salt and Ansible can do similar things but would require some backend work.
Salt has an agent, right?
Yes, and Ansible can be setup in a Pull configuration so it can act like it has an Agent as well.
From her past posts, I'm assuming it's going to be something aligning with open compute and taking things like how Facebook designed their racks/servers into account.
Like here:
https://twitter.com/jessfraz/status/1106336080956018689?lang=en
@Dashrender said in Integrating OnlyOffice with NextCloud:
@JaredBusch said in Integrating OnlyOffice with NextCloud:
@JaredBusch said in Integrating OnlyOffice with NextCloud:
I just did this with Nextcloud 17.0.1 and OnlyOffice 5.4.2, running on separate Debian 10 instances.
both NC and OO are running certbot themselves because bad planning. i have 60 days until NC renews and 90 until OO renews to look at WTF I did here and clean it up.
Why is that bad planning?
Because things were rush/done without full planning for what was needed to make things happen correctly.
That was not my thing. But the thing I'm presented with now. I can fix it. Just annoying.
@Danp said in When Can We Fork a Topic:
@scottalanmiller Did it move as expected or did it disappear into the netherworld?
So many posts in the thread that it went to, I gave up trying to find it. I'm assuming that it is there. I'll test this more when we have a smaller fork to send it to.
@popester said in Pen Test gone really bad with the Government:
Sheriff got a case of the red ass.
And a case of the "I'll show you bunch of city slickers!"
@black3dynamite said in Nasty PHP7 remote code execution bug exploited in the wild (Nextcloud specifically called out):
From Fedora 30, installing php. PHP-FPM is a weak dependencies for php and also nginx-filesystem gets installed too.
haha weak dependency, no body called me that in years.
@DimS said in Pitney Bowes hit by crypto:
Well, if the backups were stored off-site, a single days worth of data could have been the only loss there, which is the exact schedule they should be made for a service provider of their scale.
Hell yeah, this is a major company with gobs of customer data.
@Obsolesce said in Why big ISPs aren’t happy about Google’s plans for encrypted DNS:
That all said, even though I don't care, I'd still prefer the ISP is totally out of the loop and am for encrypted DNS.
Glad to see you come back with this.
The old adage, if ya got nothing to hide/done nothing wrong, then what do you have to worry about, Sadly, this is so not true.
@iinterval said in Google Pixel Phone:
Android phone is Market leader no anyone to compete them Google try to make different type specs but I think that not compete
Giving you the benefit of the doubt, but that is gibberish, has nothing to do with this thread, and you posted a spam link. Any more posts like that and your account will be removed without further warning. If you have something to contribute or ask, do so without promotional links please.
I won't have any Win 7 systems by that time. At least that is the goal. I was thinking it was Jan 20, 2020. Guess I just confabulated that based on the year being 2020. Still have about 40 systems to issue to replace them.
@quintana said in Wazo to sponsor Astricon 2019:
@JaredBusch I have a small demo for creating your own call control with our API. Find the source code here, it's in python, but i only use the rest api an websocket in the platform https://github.com/sboily/wazo-demo-programmable. I'm using the application API. http://www.wazo-platform.org/documentation/api/application.html#tag/applications
Will look into it later this week. thanks.
@notverypunny said in Itarian/Comodo One No Longer Free:
We've been using it for remote patching. Looking at the paid options for PDQ and the licensed versions of Chocolatey as potential replacements.
Been using PDQ Deploy with PDQ Inventory. I have been using PDQ Deploy for several years now (a couple on free and a few on Enterprise) and it saves me so much time. I have over 100 custom packages now.
@Dashrender said in Pentagon Warns Against Using Lenovo Equipment:
@brandon220 said in Pentagon Warns Against Using Lenovo Equipment:
I had to laugh about it. Last year I got dinged for not blocking github and the similar sites. This time they tell me I can go on github and get a piece of software that will compare my firewall config and detect any changes. The logic makes ZERO sense.
audiors are allowed to make up any damned rules they want. it's just nutz.
But companies are alllowed to hire any auditors that they want.
Been using Wasabi for several months now. Was using AWS S3 for several years prior. Haven't had any issue with Wasabi. Using the same tools, as it is S3 compatible.
@JaredBusch said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@Fredtx said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@scottalanmiller said in Wide ransomware virus infection sourced from 3rd party IT's remote agents.:
@Fredtx how did it get determined that it was their agents that did it and not just a coincidence or something?
We received several support calls from the whole Oregon area and that was one of the common denominators for all the computers that were infected with that variant. I for one hand did not work with the customer, but that's what our techs saw and found. Tbh, I'm trying to understand how that could happen when most of the ransomware cases involves a self executable file.
So many different MSPs, but they all shared one tool?
It was only one MSP (PM Consultants) who’s agent spread the infection to their own customers. Their customers called our support desperate for help.
What agent was it? Knowing which program was compromised is a big deal, those agents are hosted by the vendor 99% of the time.
I was told it was Connect Wise.
Old and Unpatched, or weak passwords then.
Likely. Attach probably came through an MSP workstation.
@bnrstnr said in XCP-ng 8.0 is available:
The xe-guest-utilities package in Fedora, CentOS, RHEL official repo isn't enabled by default. If you update and lose PV, just run systemctl enable --now xe-linux-distribution
Will do.
@IRJ said in Well this is bad... VPN vulnerability release:
This really seems like a backdoor was found
http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html
And this is an oh got me moment
Sounds that way, yeah.
