Burned by Eschewing Best Practices
-
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky] -
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
-
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
Luckily my older KVM is forward compatible with USB connections
-
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
-
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
We are required to have a media center for one of the networks. Anything going on or off that network has to go through the media center. Only a select group of people/PCs can movie media on or off, so USB is disabled in the other machines. We were able to leave two open for keyboard and mouse and remove the kernel module for USB storage, but strictly following SCAP it's supposed to be completely disabled.
-
@stacksofplates said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
We are required to have a media center for one of the networks. Anything going on or off that network has to go through the media center. Only a select group of people/PCs can movie media on or off, so USB is disabled in the other machines. We were able to leave two open for keyboard and mouse and remove the kernel module for USB storage, but strictly following SCAP it's supposed to be completely disabled.
I was harassing Brant, not you. I understand there are law requirements.
Frankly I'd love to disable most if not all USB ports to keep users from plugging random USB sticks they might find in the parking lot into our computers. Other than keyboard/mouse the staff has little to no reason to use USB sticks. The exception is me and booting to Clonezilla for image deployment. I don't bother with PXE booting.
-
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
-
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
I've never toured a datacenter. I guess mostly because I refuse to use anything less than a level 4 data center....
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
I've never toured a datacenter. I guess mostly because I refuse to use anything less than a level 4 data center....
Pretty sure this was a level 4, but I'd have to confirm.
-
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
We are required to have a media center for one of the networks. Anything going on or off that network has to go through the media center. Only a select group of people/PCs can movie media on or off, so USB is disabled in the other machines. We were able to leave two open for keyboard and mouse and remove the kernel module for USB storage, but strictly following SCAP it's supposed to be completely disabled.
I was harassing Brant, not you. I understand there are law requirements.
Frankly I'd love to disable most if not all USB ports to keep users from plugging random USB sticks they might find in the parking lot into our computers. Other than keyboard/mouse the staff has little to no reason to use USB sticks. The exception is me and booting to Clonezilla for image deployment. I don't bother with PXE booting.
Ah ok ha. Ya it's actually one of the things I agree with. All Mary has to do is bring in a USB with crypto to load pictures of her cat as a wallpaper, and you're screwed.
Plus there is nothing stopping people from just taking information and putting it on the USB drive and leaving with it.
-
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
Not good ones. Good ones don't give tours. High end ones... even the admin staff isn't allowed in. If you are getting a DC tour, it's either not open yet or it isn't a serious DC.
-
@scottalanmiller said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
Not good ones. Good ones don't give tours. High end ones... even the admin staff isn't allowed in. If you are getting a DC tour, it's either not open yet or it isn't a serious DC.
Yep, we have had tours of two datacenters recently (looking to collocate a DR site) both were in the building phase and basically said we wouldn't be allowed in when they go live.
-
@scottalanmiller said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@stacksofplates said in Burned by Eschewing Best Practices:
@dafyre said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
So yesterday we had a bunch of computer parts arrive with a dedicated port each ps2 keyboard and mouse...
I tell the boss and he says "that's good"... um no its not we don't have ps2 keyboard and mice...
What in the world did you order that came with PS/2 ports?
We got brand new z440s this year and they have PS/2 ports.
You can completely disable USB on them so you need another way for input. Plus they are rackable so I'm assuming it's also for backwards compatibility with older KVMs.
So use your existing USB keyboards and mice with them, lol.
You can, but if you disable the ports in the BIOS you can't.
[snarky]
So don't disable the USB Ports!
[/snarky]Sometimes you are required to ha.
Yeah, Haven't you seen all the spy movies where the spies are trying to plug in USB sticks into servers/whatever in DCs? Ya gotta disable them ports, dem bad..
If you've lost physical access to the system, you're data is already at an extremely high risk level of being compromised.
You do know that datacenters love to give tours of their facilities right? Sometimes they are on the ball, sometimes not. I did a tour a few years ago... it would have been easy for me to plug in a USB stick in one of the open cabinets we were shown.
Not good ones. Good ones don't give tours. High end ones... even the admin staff isn't allowed in. If you are getting a DC tour, it's either not open yet or it isn't a serious DC.
They were still building, but there were live systems already on site as well.
-
@Dashrender said in Burned by Eschewing Best Practices:
They were still building, but there were live systems already on site as well.
If you're doing any construction on a datacenter you do not run live systems.. doesn't matter what it is. That's a very bad sign for that Datacenter.
-
Allowed non-IT people to work in IT and make decisions about the equipment to order and use. Also create separate boot and data partitions, boot partition using SSD's!
-
Not the OP's fault, he's just stuck supporting a known bad environment: OpenFiler, iSCSI with VMware...
https://community.spiceworks.com/topic/1948389-openfiler-woes
-
@scottalanmiller said in Burned by Eschewing Best Practices:
Not the OP's fault, he's just stuck supporting a known bad environment: OpenFiler, iSCSI with VMware...
https://community.spiceworks.com/topic/1948389-openfiler-woes
uh, wow, have to feel for them
-
@travisdh1 said in Burned by Eschewing Best Practices:
@scottalanmiller said in Burned by Eschewing Best Practices:
Not the OP's fault, he's just stuck supporting a known bad environment: OpenFiler, iSCSI with VMware...
https://community.spiceworks.com/topic/1948389-openfiler-woes
uh, wow, have to feel for them
Yeah, that guy got screwed.
-
What's amazing is that we were mocking OF 2.99 for being "static and abandoned for years" and that was 3.5 years ago! It has to be at least six years without any updates or movement now. And yet people still ask about it and deploy it? How does that happen? It has been a very, very long time since it was a very well publicized "never use" product.
