As promised... I still think it's corny, but oh well, I had fun, ha ha!

'twas the night before Christmas and all through the house
the AC was running 'cause we live in the South.

The stockings were hung by the windows with care.
Hope Santa don't find them, they need some fresh air.

The children were plastered with sweat to their beds
While visions of cold lakes danced in their heads.

And Mama in her bikini and I in my speedo
We settled out brains while watching Jay Leno.

When out in the kitchen there arose such a clatter.
I sprang from the bed to see what was the matter.

Away to the fridge I flew like a flash.
Tore open the freezer and saw more ice crash.

The moon on the deck all covered with straw.
I saw three deer and heard a crow's caw.

When what to my wondering eyes should appear
A gigantic sleigh pulled by 4 John Deere.

With a heavy old driver a thunder and crack.
I smacked my forehead, I knew it was Jack.

Louder and Louder his tractors they came
He cursed and he shouted and hollered the same.

"Aww come on you pieces of trash. Go! I'm fixen
to tear you a new one and take you to Dixon!"

To the top of the dell to the top of the hill!
Roll away, roll away, watch out for Jill!"

As dry clay before the wind blows,
I saw them take flight, to where God only knows.

So past the tree tops and hillside they flew,
There went the sleigh and even Jack too.

And then in a moment I heard a loud jingle.
On top of my house stood old Kris Kringle.

Down the chimney he flew with a crash,
He covered the room and kitchen with ash.

A bundle of what-nots and things on his back.
He opened his sack, even that was black.

His bald head did shine and sparkle by light.
His face was all red from the suntan he had.
He laughed and laughed, I thought he was mad.

His mouth drew up to curl with a smile.
I wondered if he might stop and stay for a while

I offered him a smoke from grampa's old pipe.
The tobacco, it burned, but boy was it ripe.

He had a broad face and a fat big ol' belly.
It jiggled and wiggled like marmalade jelly.

I laughed when I saw him in spite of myself.

A shake of his nose and a jerk of his thumb
Told me I could go back to bed and play dumb.

He went straight to work with a clothes pin attached.
He filled the old stockings with all kinds of snacks.

He bowed ever so slightly and gave up a nod.
In a poof he vanished leaving only fresh sod.

I heard him shout out, "My God it is hot!"
Then he bellowed and cried:
"Merry Christmas All Y'all and to all a Good night!"

ZeroTier Site-To-Site Setup

ASSUMPTIONS:

• Site A is on 192.168.10.0/24
• Site B is on 192.168.122.0/24
• Site A's VM is 192.168.10.2 for the Local Network
• Site A's VM is 10.0.0.107 on the ZT Network
• Site B is 192.168.122.1 on the Local Network
• Site B is 10.0.0.129 on the ZT Network.

Step 1: Build a Private Network on https://my.zerotier.com

Step 2: Spin up a Linux VM at each site. Connect and authorize them to the ZT Network and note their IP address. For instance:

Some folks have reported SIGNIFICANT performance improvement when using 2 cores / 2 vcpus for the Linux VMs.

Step 2B. Enable IP_Forward:

Follow your distribution's instructions to enable ip_forward and make it a permanent change... On most distros, this should work:

sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

You can then sysctl -p /etc/sysctl.conf to reload the configuration or reboot.

sysctl net.ipv4.ip_forward should return

net.ipv4.ip_forward = 1

if everything is going to work correctly.

Step 3: From either of the Linux VMs, ensure that they can ping one another on the ZT Subnet.

Step 4: Set up the Routes inside on https://my.zerotier.com

*Once you set up the routes in ZeroTier Central, you do not have to manually add them to your Linux VMs.

Step 5: Set up the Site Routes at the Routers for Site A and Site B

SITE A Main Router:

You'll notice for the router at Site A that I am using the INTERNAL network address of my Linux VM.

SITE A Linux Router VM:

[email protected] /root # ip route
default via 192.168.10.1 dev eth0 onlink
10.0.0.0/24 dev zt1  proto kernel  scope link  src 10.0.0.107
192.168.10.0/24 dev eth0 proto kernel  scope link  src 192.168.10.2
192.168.20.0/24 via 10.0.0.116 dev zt1
192.168.122.0/24 via 10.0.0.129 dev zt1

SITE B, KVM Server, no need for separate VM:

[email protected]:/root# ip route
default via <my public ip> dev eth0 onlink
10.0.0.0/24 dev zt1 scope link  #ZT Subnet
192.168.10.0/24 via 10.0.0.107 dev zt1 #SiteA, 10.0.0.107 is the ZT IP for the Linux VM at Site A
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1  #This server is Site B

**This was done on systems that do not have UFW or firewall-cmd enabled. You may have to set them up to allow traffic between your sites.

Okay... I think that's it. Mine is working. :-)

If you have any questions or comments, ask away!

Samsung phones on their way back to the factory.

I was actually paying a little attention. I got the Dev 3 plan that's listed as $140 on the Web Site. I paid through Paypal and was only charged $70.

So it's all good. 8-)

Somewhere in another thread, somebody asked for a song about Mangolassi... So here it is. To the Tune of Beverly Hillbillies...

Now this is the story about N-T-G.
They made a forum; called it Mangolassi.
Then one day @scottalanmiller was looking for some food
@Minion-Queen showed up with a bubbling crude.
Mangos, that is.  Fruit drink, with alcohol.

Then @art_of_shred took a drink and said "Wheeeeeeee"
then they found him in the neighbor's tree.
Pecans or cherry?  I really can't see.
Then @scottalanmiller  said save some for me.

@bnrstnr said in What Are You Doing Right Now:

The VP of our company had his email hacked over the weekend. 4000+ spam emails sent from his account and a return email for each one stating that Microsoft couldn't deliver because it was flagged as spam.

I don't even know where to start with this because I know he kept plain text passwords in emails to himself. It's looking like they just hacked it to spam people, but who really knows? It appears that they had access for about a week and launched the spamming Saturday morning.

He had over 13,000 things in his deleted folder, too... I'm thinking he was using that as an archive.

He needs to wear this shirt for two weeks:

@Minion-Queen said in MangoCon 2017:

@Tracy_Burton said in MangoCon 2017:

@Minion-Queen
Sorry...When I see something posted, I assume its not still in progress.

As you should @scottalanmiller is the issue here :(

Pro Tip: If you want to keep a secret, don't tell @scottalanmiller .

@wirestyle22 said in Handling Downvotes:

@scottalanmiller said in Handling Downvotes:

@dbeato said in Handling Downvotes:

Imaging this on SW lol :P

I'm imagining a big ball of flames crashing from the sky in NJ.

Take the wheel jesus

I recently discovered a VPN-like service called ZeroTier (http://www.zerotier.com) that works similar to Hamachi or maybe Pertino (never used Pertino though!). Basically, it builds out a network within the internet... Each client would get an IP address in the IP space you specify (Private IPs, a la 192.168 or 172.16, et al). And each device in that network will be able to communicate with other devices that are connected and authorized.

The Technical FAQ on their site (https://www.zerotier.com/tech_faq.shtml) does a better job of explaining the way the nodes communicate than I can off the top of my head. The way the connection setups and everything works kinda reminds me of a P2P type application.

If you create an account on their web site and use their Controllers, the setup is quick and easy; their system provides networks that are free for up to 10 devices. You can also pay them a monthly fee of $4 per month per Network of more than 10 devices. There are currently clients for Windows (7 and up, including Server Editions), Mac, and Linux. It should also work on BSD based OSes as well, but you will have to compile it yourself. An Android version is in the works, but I am not sure about iDevices.

The software itself is open source, and you can build your own controller and create networks as large or small as you want. However, they do not offer a GUI by which to do this yet for self-hosted controllers, so you are left using the REST API for configuring the networks.

As an example, my current network runs on a hosted Linux VM as the controller, and it has my laptop, my office machine, and two other VMs connected to it. Each machine has an IP address of 192.168.y.z/24 The underlying OS sees those as actual network interfaces... IE: on my linux controller, it is listed as ztX, and in Windows, it shows up as another ethernet devie in Network & Sharing Center; I don't have a Mac to test on at the moment. You can also specify which subnet you want to use for your ZT Network, as long as it is not a publicly routable network, you should be fine.

They do have a gateway capability built in, but I have not tested it yet. It appears that you can have one of your client VMs provide access to the subnet behind it (equivalent of site to site VPN).

You can configure a network to be public or private. With the public, as the name suggests, no authorization is required and anybody that joins up will be granted an IP address. In a private network, each device that joins has to be manually authorized before it is issued an IP address on the network.

Using my own controller at the moment, things seem rather snappy. I get an average 45 - 50 ms ping time between one node and another. (I get a similar ping time using the public IP addresses between the two networks). I Copied a 2 megabyte file from SystemA to SystemB in ~3 seconds (would have been faster...but Windows...).

I did have to write my own PHP scripts for creating networks, deleting neteworks and authorizing devices (Not sure how to handle JSON in BASH / Shell scripting).

So far, it looks to be a secure VPN package with some nice level of controls. They are laying the groundwork for allowing rules (ACLs, if you will) so you can specify which devices can communicate to where, and in a true security first setup, unless you have a specific accept (allow) rule, the traffic is dropped.

The following screenshot is the admin dashboard on their site. Everything should be self explantory, but if you don't know what a setting is for ,the help menu along the right hand side provides a good enough bit of information to help.

Edit: Posted the dashboard screenshot, and fixed a few typos.

Update 8/31/2015 I got the Bridging feature that will let a ZeroTier Client become a bridge for the network that it sits in front of working. This effectively provides site-to-site or client-to-site VPN funcitonality. This feature has to be enabled for the devices using the server-side CLI if you are using your own controller.

IE: My home Network has a ZeroTier IP of 192.168.251.250, and my internal IP addresses are 192.168.10.1-254... So on my client, I add a route to 192.168.10.0/24 via my client's ZeroTier IP address... On my Linksys at home, I add a route for 192.168.251.0 via 192.168.10.10 (the LAN IP address of the ZeroTier client inside of my home network).

Hi all! I'm Brant Wells from Georgia way down south. I am currently working as an IT Minion for a college.

I'm more of a fan of K&R .

I definitely agree with @JaredBusch two spaces for the win.

@nadnerb said in What Are You Doing Right Now:

Been forcing Windows updates upon stubborn workstations.

I heard the lightning crackle in the air and felt the thunder boom. Windows updates tonight, signals a workstation's doom!

(Read: If your system is bitlockered, you better get the bitlocker keys before doing rebooting for windows updates as of late!)

@jaredbusch said in What Are You Watching Now:

@gjacobse said in What Are You Watching Now:

@dashrender said in What Are You Watching Now:

@gjacobse said in What Are You Watching Now:

@gjacobse said in What Are You Watching Now:

Watching Blue Origin launch

Successful Launch and return.

uh what?

In total, it's an eleven min flight. Blue Origin hasn't completed an orbital flight yet I don't believe.

But Blue Origin has at least made it to the Kármán Line. Unlike Virgin.

Rueters article said 106km.

Captain Kirk made it. Now Captain Picard needs a go.

@gjacobse said in What Are You Doing Right Now:

The ever growing list of things;

We're having some domain controller services problems with DC01. It appears to have lost 
all of the proper DNS registration as a domain controller. Has anyone tried to do anything with it like 
demote it? It is currently NOT replicating AD information, which is causing some issues with changes made 
on one DC not making to other DCs.

This also sounds like an RGE, lol.

@athornfam2 said in Milestone VMS Hardware:

Another option would be to migrate the physical server to our VMware cluster since our compute typically sits around 5-15% usage... We have (6) E5-2680 v3 @ 2.50GHz in our cluster but lack the 8TB's of storage... However, I just decommissioned a SAN from our production environment which contains 16TB's (raw) 10K drives. So, I could setup iSCSI again to our environment solely for the camera system.

If you are going to go that route, I recommend building your own ESX servers and storage for this.

(You can manage them with the same vCenter, just make sure your camera VMs have their own compute, network, and storage).

I'm running Avigilon software here (475 cameras) , and Network and Storage are our bottlenecks for speed. So if you were to put that load on storage meant for along with your general production VMs, it can definitely bring things to a crawl, lol.

@eddiejennings said in What Are You Doing Right Now:

@gjacobse said in What Are You Doing Right Now:

For the love of God, I’m watching football?

Never been a better time to start watching the Georgia Bulldogs :P

@rojoloco said in What Are You Doing Right Now:

@eddiejennings said in What Are You Doing Right Now:

@gjacobse said in What Are You Doing Right Now:

For the love of God, I’m watching football?

Never been a better time to start watching the Georgia Bulldogs :P

Boo. Yellow Jackets all day.

Sounds like it's time for the $10 bill to start passing back and forth again.

@wrcombs said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@wrcombs said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

Anyone used AmBit POS? It looks awful, but someone is recommending it.

Could be ran on IPads, Other than that I haven't heard much - It's not very popular in the Midwest that I can tell.

No public pricing or info. VERY clear that the vendor doesn't think much of the product.

I didn't look on the website, but does it say you can request a demo?

also - a lot of POS vendors dont put there price in a public setting because then their competitors will be able to potentially steal their business by saying "their systems are X amount and can do x,y,andz . we can do ours for Y amount. and ours do A,B,C as well as X,Y,Z" so not actually unheard of.

That's why you demo both.... and once you get prices from Company A and Company B, you start the haggling process yourself.

@dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@dashrender said in Random Thread - Anything Goes:

@nadnerb said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@pmoncho said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@travisdh1 said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

Ditto. But it still got stolen. I tried to use Google Pay and it was rejected, so I switched to credit card and used mine.

The local bank came up good for me though. I had the $$ back in my account a day later.

Ug bad website stealing cc info

Actually, it was a gas station here in town. Several other folks I know had something similar happen over a few days, so let's just say I won't be going back there, lol.

Someone has a skimmer on the pump you used

Except it was the inside card machine in this case, not the pump.

I just stopped in for a snack, lol.

Sounds like an inside job.

I... handn't thought about that. It very well could be.

Did you use the magnetic stripe on your card?

In this type of situation I only see the cashier as potentially being guilty if he was able to swipe the card without you seeing.

What at the changes he could attach a skimmer on an in store reader and you not notice? Unless they make them super tiny nowdays...

Or the firmware on the card reader got hacked. This is what I'm suspecting because I've stopped at that place several times over the last 5 or 6 years.

yeah - like the target hack.

Yeah, that's what I was thinking. I'm relatively certain the card reader itself isn't exactly modern, lol.

@dashrender said in Random Thread - Anything Goes:

@nadnerb said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@pmoncho said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@travisdh1 said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

Ditto. But it still got stolen. I tried to use Google Pay and it was rejected, so I switched to credit card and used mine.

The local bank came up good for me though. I had the $$ back in my account a day later.

Ug bad website stealing cc info

Actually, it was a gas station here in town. Several other folks I know had something similar happen over a few days, so let's just say I won't be going back there, lol.

Someone has a skimmer on the pump you used

Except it was the inside card machine in this case, not the pump.

I just stopped in for a snack, lol.

Sounds like an inside job.

I... handn't thought about that. It very well could be.

Did you use the magnetic stripe on your card?

In this type of situation I only see the cashier as potentially being guilty if he was able to swipe the card without you seeing.

What at the changes he could attach a skimmer on an in store reader and you not notice? Unless they make them super tiny nowdays...

Or the firmware on the card reader got hacked. This is what I'm suspecting because I've stopped at that place several times over the last 5 or 6 years.

@nadnerb said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@pmoncho said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@travisdh1 said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

@dashrender said in Random Thread - Anything Goes:

@dafyre said in Random Thread - Anything Goes:

Ditto. But it still got stolen. I tried to use Google Pay and it was rejected, so I switched to credit card and used mine.

The local bank came up good for me though. I had the $$ back in my account a day later.

Ug bad website stealing cc info

Actually, it was a gas station here in town. Several other folks I know had something similar happen over a few days, so let's just say I won't be going back there, lol.

Someone has a skimmer on the pump you used

Except it was the inside card machine in this case, not the pump.

I just stopped in for a snack, lol.

Sounds like an inside job.

I... handn't thought about that. It very well could be.

Did you use the magnetic stripe on your card?

No, I used the chip reader there.