@flaxking said in Azure or 0365?:

I'd say there's probably more roles out there to move up into. Companies may be using Microsoft 365, but could be using other providers for their cloud infrastructure. They might also expect their cloud engineers to know multiple platforms. I had experience creating highly available environments on-premise before breaking into Azure.

This is a good point. The number of M365 jobs out there probably outnumbers Azure jobs. And the M365 jobs typically need just one skill, whereas a typical Azure job will require many. And one is a logical step from helpdesk, and one is a total focus change.

Example: I have an IPv4 network, and you have an IPv4 network, and we want to talk to each other. But there's no IPv4 network between us. We need to tunnel our networks somehow through whatever is between us so that we can network to each other. That in between network could be anything, NetBEUI, IPX/SPX, IPv6, whatever. As long as we tunnel through it, our IPv4 networks can see each other (but not the network inbetween).

@WrCombs said in Just for Fun - Network + Journey:

@pmoncho said in Just for Fun - Network + Journey:

@WrCombs said in Just for Fun - Network + Journey:

@pmoncho said in Just for Fun - Network + Journey:

@WrCombs said in Just for Fun - Network + Journey:

@scottalanmiller said in Just for Fun - Network + Journey:

What is the best way to secure the most vulnerable attack vector for a network?

Choices:

A] Remove unneeded services running on the servers
B] Provide end-user awareness training for office staff
C] Update all antivirus definitions on workstations and servers
D] Use biometrics and SSO for authentication

Hey First Question - Thanks Scott

My first instinct D]Use biometrics and SSO for Authentication

The key words in the question is "most vulnerable attack vector" so IMHO, D] would incorrect.

Well People would be the most vulnerable

so B?

Correct, B. @scottalanmiller will have to confirm though.

I thought that too, but then I thought that was too easy and that he probably was meaning something else .

The test SHOULD be too easy. If you really know the material, and are paying attention to the reading (because the questions are designed to not let you skim them), it should feel pretty obvious a lot of the time.

@stacksofplates said in Grub Entries cleanup and maintenance:

@travisdh1 said in Grub Entries cleanup and maintenance:

@DustinB3403 You never touch grub yourself. You let the system take care of it for you when it adds or removes kernels.

As to removing old kernels, it depends on the distribution you use. A good distro just takes care of this for you. The annoying ones make you do it manually.

RedHat/CentOS/Fedora = automatically cleans up older kernels. You don't do anything and it will keep a sane number by default. I think it's 4 and a recovery option.

Debian/Ubuntu = keeps all kernels till you manually remove them. I forget offhand what the command is besides it's an option for apt.

This is one reason I'm happily moving things from the old rental box to my new server for my home lab. The old rental box has Ubuntu with a tiny little 256MB /boot partition. It can keep ~3 kernels, and that's it, ugh!

You can install without /boot. IIRC there is a other config change with unattended-upgrades to auto remove kernels.

You normally can, yes. Since my current home lab box is a rental, I could only choose from the options they gave me at the time. Today, they'd let you use your own iso, but still wouldn't recommend them for anything other than a test lab.

@JaredBusch said in Home lab projects - for Middle aged teens:

@DustinB3403 said in Home lab projects - for Middle aged teens:

@JaredBusch said in Home lab projects - for Middle aged teens:

@scottalanmiller said in Home lab projects - for Middle aged teens:

@DustinB3403 said in Home lab projects - for Middle aged teens:

@scottalanmiller said in Home lab projects - for Middle aged teens:

Home PBX

I was definitely considering setting up a home PBX but I don't know if I want to subscribe to any actual phone numbers

You can learn a lot without doing that. Although voip.ms makes it SO cheap.

And you can make calls without buying a phone number at all. Just pay per use.

What option is that? I don't recall seeing that (granted this was some time ago)

VoIP.ms has never required purchasing a number to have an account and setup a trunk.

You simply have no way to receive calls from the PSTN.

Ah.

I also had to fix a permissions issue from a while back, that wasn't affecting anything until I went to get this feature to be functional.

@scottalanmiller said in Linux Find command:

@dustinb3403 said in Linux Find command:

Hrm. . .

One more thing, would it be possible to print the last access date to this some how?

Possible, yes. Easy. No since the find command never shows that.

Would there be a better approach? I'm trying to create a list of things to make people clean up their crap, and I can show them "hey this hasn't been access in X years. . . delete it or I will"

@tim_g said in KVM - Virt-Manager on a Separate VM:

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

@tim_g said in KVM - Virt-Manager on a Separate VM:

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

@tim_g said in KVM - Virt-Manager on a Separate VM:

@dustinb3403 said in KVM - Virt-Manager on a Separate VM:

@jaredbusch said in KVM - Virt-Manager on a Separate VM:

@DustinB3403

I use my user in the libvirt group so I do not have to bother with the root user.

gpasswd -a jbusch libvirt

Then this works.
0_1512760351248_a5ddf1f5-ef56-46e1-b1a7-f9593c68a19c-image.png

Holy fuck it took way to long to get to this point.

So here is the stupid approach. ssh-keygen -t rsa generating. . . . . . . . . The key fingerprint is . . . ssh-copy-id -i /home/user/.ssh/d_rsa.pub user@kvm-server-ip

Login with user@kvm-server-ip password

Test the login

Disconnect from the remote server and run this next bit on your management system.

gpasswd -a username libvirt

Done, and it works.

@JaredBusch thanks for cutting through the bullshit and helping out here.

Wyd you talking about. JARED mentioned that step like 3 posts down from your OP, and it was mentioned several other times as well.

Huh?

Nothing was as simple as what I just did, Jared was getting to the point at the top of the topic, but there were additional steps I was missing (failed to do entirely). So I dumped all of the rsa keys, and started fresh.

The whole thing is taht simple.

generate your ssh keys copy the ssh keys add to libvirt group (mentioned in beginning of thread and every other KVM related thread)

Done. You can break that up into as many sub steps as you want, but that's what you do.

nevermind. . .

That's the entire point i tried to make in my 5-steps before it getting ripped apart for me wanting to use 4096 instead of 2048, and not using ssh-copy-id.

Because you were a twit about it.

Link was great, now I think I get what was going on with ls -fy > file 2>&1.

Bash points the stdout file descriptor to file, and then duplicates stderror to stdout, which is already pointing to file.

Added "Where to start?" here https://mangolassi.it/topic/13584/where-to-start

I've built one once... It was a Firewall / Router using straight up Linux, Shorewall, and ClamAV for a 10 meg connection. Our main firewall just went kaput, and the company was not responding to phone calls for support (it's a long story).

Set up Linux on a system with 8 NICs and went to town.

Edit:

It's not hard to build one if you understand the concepts of routing and such... Not for the faint of heart if you have to make one work well enough to be used in production.