@black3dynamite The updated information is here
https://www.knowbe4.com/what-is-social-engineering/

I can share the PDF if you need it from my Dropbox as I cannot upload a document here.

Man, I have so many posts there... but anyway...

@wrx7m said in Server 2016 EFS turned on:

@dbeato Do you use the factory image?

Some customers are small and Don't need VL for imaging, some customers buy their own computer and then let us know after it is brought to the busines and then it is a decision to reinstall or use what the vendor sent (which in the case of Delll, they have not been sending crapware on their installs).

@coliver said in Random Thread - Anything Goes:

@hobbit666 said in Random Thread - Anything Goes:

@coliver said in Random Thread - Anything Goes:

This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

Or just use HTTPS

Why wouldn't Let'sEncrypt work? Do these systems not have access to the internet at all?

Some devices are not online just internal and they wouldn't do HTTP confirmation but they could do DNS confirmation.

If it is on a same drive, I would just do all files in one partition. I usually use LVM. (Coming from a Debian/Ubuntu background).

@travisdh1 said in Happy Birthday Thread:

@scottalanmiller said in Happy Birthday Thread:

Happy 0th Anniversary to @travisdh1

Congratulations!

@notverypunny said in DD-WRT:

Anyone else on here using DD-WRT? I've been running it on a TP-Link Archer C7 v2 at home for a while now... just tried to check their site for updates and there's no listings in the downloads section anymore. Just wondering if anyone on here had any news or insight.... didn't spot anything skimming their forum really quick and I didn't see anything on the front page.... hopefully just a passing bug on the site.

Mmm no, I have moved onto Ubiquiti, last time I touched ddwrt was maybe 2013.

@DustinB3403 said in dbeato why are you migrating from Hyper-V to XCP-ng:

@dbeato why are you migrating from Hyper-V to XCP-ng?

Because I want to

You could use

sudo mysql -u root

(ModEdit)
OpenVAS - Open Vulnerability Assessment Scanner
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

---

1- Download and install Ubuntu 18.04 on Server.

https://ubuntu.com/download/server

2- Upgrade OS to latest updates performing

sudo apt update && sudo apt upgrade

3- Add Software APt for OpenVas

sudo apt-get install software-properties-common

4- Add OpenVas Repository

sudo add-apt-repository ppa:mrazavi/openvas
sudo apt-get update
sudo apt install openvas9
sudo apt install sqlite3
sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync
sudo service openvas-scanner restart
sudo service openvas-manager restart
sudo openvasmd --rebuild --progress

5- To enable pdf reports:

sudo apt install texlive-latex-extra --no-install-recommends
sudo apt install texlive-fonts-recommended --no-install-recommends

-To install openvas-nasl utility

sudo apt install libopenvas9-dev

7- Access your Openvas to your Ubuntu Server IP address, i.e. https://192.168.x.x:4000. Username and password by default is admin/admin

Just wanted to let anyone using Exchange 2013/2016 and Let's Encrypt the following issue when applying the CUmulative Updates for Exchange. You might get this message on Step 16 out of 18 or 9 of 11 of the installer

Mailbox role: Transport service FAILED
The following error was generated when “$error.Clear();
Install-ExchangeCertificate -services IIS -DomainController $RoleDomainController
if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
{
Install-AuthCertificate -DomainController $RoleDomainController
}
” was run: “System.Security.Cryptography.CryptographicException: The certificate is expired.
at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception
, ErrorCategory errorCategory, Object target, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception
, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCert
ificate.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.b__b()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String fun
cName, Action func, Boolean terminatePipelineIfFailed)”.

So to address the issue, do either of the following guides:

https://practical365.com/exchange-server/expired-certificates-cause-exchange-cumulative-updates-fail/
or
https://www.stephenwagner.com/2019/02/19/exchange-2016-cu12-install-upgrade-fails-using-lets-encrypt-ssl-cert/

Reported issue here:
https://github.com/PKISharp/win-acme/issues/1074

I disable Windows Offline Files for that reason, it is a pain to deal with and causes more problems than anything else. But yeah, even if it was locked out and the computer went to sleep it will mark it as offline since the computer detected a change on the network connectivity.

@Dashrender said in Printers - IP or WSD:

WSD sucks, that is all I am going to say. Causes more problems than it is worth. Always end up doing static IP.

@black3dynamite said in Software to complete Disable/Enable Windows updates on Windows 10?:

What about setting the active hours during the time of use?

# Enter -Value in 24hr format 10PM is 22
# ActiveHoursEnd = 0 (12AM/00:00:00)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings' `
-Name ActiveHoursEnd `
-Value 0

# ActiveHoursStart = 6 (6AM/06:00:00)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings' `
-Name ActiveHoursStart `
-Value 6

Even still Microsoft doesn't honor that and puts a button of "Restart me now" in WIndows. However this can be alleviated if the user actually reboot their computers on a consistent basis, maybe just setup a task scheduler with reboot every night or something like that to avoid this.

We were requested to Setup DKIM on a Microsoft Exchange 2016 Server and since Microsoft doesn't include DKIM as part of the Exchange Inhouse Server we needed to rely on a DKIM Signer tool. We found an opensource tool and that works with Exchange. In this case we are using the https://github.com/Pro/dkim-exchange project.

Installation
1- Download the Latest Package to the Exchange Server- https://github.com/Pro/dkim-exchange/releases/latest (Select the Configuration.DkimSigner.zip file)
2- Once Downloaded it Extract the Zip File to any folder you want on the Exchange Server.
3- Run the Configuration.DkimSigner.exe from the Extracted files.

4- Once it opens, wait until your see the Install option available and click on it.

5- Let the installer finish and Close it.

Now to Configure the Application
1- Go to the C:\Program Files\Exchange DkimSigner folder

2- Run the Configuration.DkimSigner.exe application
3- Click the Configure Button

4- Move up the "Exchange DKIMSigner" Transport Agent

5- Press Close.
6- Go to the DKIM Settings and set the "Header Canonicalization & Body Canonicalization" Options as Relaxed

7- Then press the "Save Configuration" button
8- Go to the "Domain settings Tab" and press the "Add" button
9- Enter your domain name and set your Selector (DKIM record selector)

10- Press the "Generate new key" button

11- You will be prompted to save your Key on the Server (The default save locations is "C:\Program Files\Exchange DkimSigner\keys")
12- Press Save.
13- Created your DKIM DNS records based on the "Suggested DNS Name" and "Suggested DNS record"

14- Press the "Save Domain Button"

15- Go to the Information Tab and Press the Restart Button under the "Transport Service Status"

Once the service restarts then your emails will be signed . Use a DKIM validator or other method to confirm your DKIM emails are signed. Also don't forget to setup your DMARC DNS record. (You can use MXtoolbox for that - https://mxtoolbox.com/DMARCRecordGenerator.aspx)

The GPO at the root of your domain will be applied to all your users and computers. However if you create one GPO and then link it only to the OU then only the members of that OU will get it to apply.

Also is this GPO a USer or Computer policy?

Fix for this is to revert to an earlier version of Microsoft. I have a .bat file here

https://github.com/dbeato/scripts/blob/master/Office 365/Fix-Outlook-Restart.bat

@scottalanmiller said in Resentment to Purchasing Software - Split From Unrelated Topic on IT Professionals:

@dbeato said in Resentment to Purchasing Software - Split From Unrelated Topic on IT Professionals:

I can tell you that the Office 365 and G-Suite customers of mine are the ones we need to spend less time with them to configure or support them. They have had their outages but that is less than hosting their own Exchange or IMAP/POP Server in contrast. The custoemrs with internal Email Servers and File Servers require more management than Office 365 for sure as well.

What services are you seeing that are requiring more time? Zoho? Zimbra? I've directly compared those two against O365. They are definitely way less time to support.

Another telling thing is.... when we get brought customers with disasters, it's always O365. Sure, they are the majority of the market, and certainly the absolute "go to" for shops that don't evaluate needs and just go for whatever has the most markup, so that's a big factor. But we see zero need for the kinds of regular recovery from any other service. It's a unique market saving people from O365 problems.

Of course, compared to just hosting Exchange, I expect it to be better. But I think we all know that that's a bad comparison, using "Exchange is so bad, that this better management of Exchange looks acceptable" is really highlighting just had hard it is to find an example of something less problematic than O365.

Services that require more time and upkeep, Dovecot/Mail/Exim/PostFix, Zimbra, mDaemon, Kerio Connect, Zentyal, Open-Xchange, for sure it is a pain in the but to maintain as well. Zoho not so much since it is also a cloud hosted service so that is no on the picture. I am talking about something you need to manage, upkeep and setup everything to manage the customer. Is almost a monopoly where the customer is being hold hostage to your upkeep. Anything that is cloud managed the customer can do 95% of the things without intervention of outsider management.

The amount of customers that we have rescued for those types of systems is greater than anything else and that is just about email. I can tell stories of File servers, Self-Hosted Apache Servers and so forth.

Exchange is not bad, most of the issues we find have to do with Autodiscover, Backups, Logs filling and so forth but not the functionality.

Posting from what I posted in Spiceworks
Since you have Exchange Online Plan 2 you have a 100 GB Mailbox and unlimited in-Place Archiving for the mailbox. https://www.microsoft.com/en-us/microsoft-365/exchange/compare-microsoft-exchange-online-plansFor Exchange Online The Retention Policies go in hand with the Archive Mailboxes. The retention policies are set so you can move files to the archive on a predetermined  amount of time or you can also add deletion policies as well. https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-archive-mailboxes?view=o365-worldwi...The Litigation and in-place holds is for Legal and Case matters so nothing that the user does deletes from the mailbox but it keeps all those emails and changes on the mailbox without the user destroying information. https://docs.microsoft.com/en-us/exchange/policy-and-compliance/holds/holds?view=exchserver-2019

@DustinB3403 URE always means that you should recreate your whole Array, I would go even further and replace the drives. That said was this RAID5?