And internet is back. UNMS reports outages nicely.
Posts made by donaldlandru
-
RE: What Are You Doing Right Now
-
RE: What Are You Doing Right Now
Just as @scottalanmiller gets reasonable connectivity, I am sitting here without Internet. Thanks lightning bolt.
-
Separation information for HPE Software
https://milled.com/hp-business/separation-information-for-hpe-software-h3eaNg20Lih-YVFa
to;dr HP sharing your info with more companies
On September 1, 2017, Hewlett Packard Enterprise Company plans to spin-off and merge its Software business with Micro Focus International to create one of the world's largest pure-play enterprise software companies, with outstanding engineering resources and a focus on delivering value for customers through a world-class software portfolio.
-
RE: Zabbix + ELK In A Box
@jaredbusch said in Zabbix + ELK In A Box:
@donaldlandru said in Zabbix + ELK In A Box:
From the page itself
We haven’t performed any major capacity planning exercises or performance validation exercises to validate the limits of what Zabbix + ELK In A Box can do at the recommended configuration i.e. 2 vCPU’s, 4 GB RAM. However, we would highly recommend that you use limit use of Zabbix + ELK In A Box to a small setup i.e. ~15-20 machines. For larger environments we would highly recommend designing and building your own scalable monitoring and log file analysis solution from scratch to meet your requirements.
Seems more like a quick way to get a PoC environment up before investing in learning how to deploy the applications.
That would be fine. But still a bad idea in general.
Also that page mentioned Ununtu 14. Just WTF
Agreed! Bad designed, and the article is over 2 years old.
-
RE: Ubiquiti released EdgeOS 1.9.7
@dustinb3403 said in Ubiquiti released EdgeOS 1.9.7:
@donaldlandru said in Ubiquiti released EdgeOS 1.9.7:
@gjacobse said in Ubiquiti released EdgeOS 1.9.7:
Guess it was time both of an update and a reboot.
Now running 1.9.7
Man, I should have grabbed a copy of my colo router uptime, 334 days before the update.
Reboot to make sure it boots!
Yes, this! Luckily I have a stack of these things in case it didn't boot.
-
RE: Ubiquiti released EdgeOS 1.9.7
@gjacobse said in Ubiquiti released EdgeOS 1.9.7:
Guess it was time both of an update and a reboot.
Now running 1.9.7
Man, I should have grabbed a copy of my colo router uptime, 334 days before the update.
-
RE: Unifi Controller in Oracle Virtual Box Problems
@dustinb3403 said in Unifi Controller in Oracle Virtual Box Problems:
The guide you're following tells you to create /etc/apt/sources.list.d/100-ubnt.list
So do a
sudo touch /etc/apt/sources.list.d/100-ubnt.list
and then put in the 3 records, save the file and go from there.Unless I am reading the site incorrectly you should only need one line in your sources
For Debian/Ubuntu, add the repo, which would be one of these depending on the specific release branch wanted:
deb http://www.ubnt.com/downloads/unifi/debian testing ubiquiti
deb http://www.ubnt.com/downloads/unifi/debian oldstable ubiquiti
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti -
RE: Zabbix + ELK In A Box
From the page itself
We haven’t performed any major capacity planning exercises or performance validation exercises to validate the limits of what Zabbix + ELK In A Box can do at the recommended configuration i.e. 2 vCPU’s, 4 GB RAM. However, we would highly recommend that you use limit use of Zabbix + ELK In A Box to a small setup i.e. ~15-20 machines. For larger environments we would highly recommend designing and building your own scalable monitoring and log file analysis solution from scratch to meet your requirements.
Seems more like a quick way to get a PoC environment up before investing in learning how to deploy the applications.
-
RE: Random Thread - Anything Goes
@wirestyle22 said in Random Thread - Anything Goes:
@travisdh1 said in Random Thread - Anything Goes:
@dafyre said in Random Thread - Anything Goes:
@nadnerb said in Random Thread - Anything Goes:
@quixoticjeremy said in Random Thread - Anything Goes:
@scottalanmiller said in Random Thread - Anything Goes:
@donaldlandru it's amazing how it is all common sense.
For it being "common" sense it sure isn't very common.
Common sense is only common if taught commonly
See: Critical Thinking skills.
I think all users have the "door effect" @scottalanmiller mentioned. Only in most cases the "door" is a computer!
What is the door effect?
I don't know either. A quick search and I think this might be it https://www.scientificamerican.com/article/why-walking-through-doorway-makes-you-forget/
-
RE: Ubiquiti UNMS - First impressions
While not feature rich, UNMS has some support inside the UMobile Android App as well
Devices Screen
Site Screen -
RE: Ubiquiti released EdgeOS 1.9.7
My test is running on a $5 instance, no swap, and seems to be doing ok with one device.
-
RE: Ubiquiti released EdgeOS 1.9.7
@jaredbusch said in Ubiquiti released EdgeOS 1.9.7:
This means it is time for me to get off my ass and setup UNMS
Not much to see in here yet; however, it was pretty simple to get it going. Maybe I should write the how-to
-
RE: Ubiquiti released EdgeOS 1.9.7
Upgrading my home ER-X now and deploying going to deploy UNMS on a Debian 8 vultr instance.
-
RE: Lenovo - if it's on your network, you ARE breached.
@dashrender said in Lenovo - if it's on your network, you ARE breached.:
Your article doesn't really have enough information. It doesn't say if it was ever discovered why these certs where included
I was trying to avoid manufacturer links however here is Dell's statement
Doesn't excuse the blatant security risk they created by doing it
-
RE: Lenovo - if it's on your network, you ARE breached.
@scottalanmiller I will review your links; however, I think the overall point was missed here.
My point is not Lenovo is safe, my point is there are other companies doing the same or similar shady practices and yet they are being marked as safe. Much like officiating, I don't care if someone always is right or wrong, just be consistent.
Dell has (had) Superfish as well, links in my original post, yet that is ok to you because they are not Lenovo
HP has the same SMM BIOS remote execution code that is being discussed as Lenovo owning your network. Yet, this thread says HP is safe. Again, on the only argument is that it is nor Lenovo.
-
RE: Lenovo - if it's on your network, you ARE breached.
@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:
@donaldlandru said in Lenovo - if it's on your network, you ARE breached.:
@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:
@black3dynamite said in Lenovo - if it's on your network, you ARE breached.:
This is an issue when using Windows only?
No, everything.
Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.
I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.
That's great, you're entire network has already been pwnd tho, thanks to that absolutely assinine BIOS code.
And do you have links to back up these claims? Quite a few Google searches later and at the BIOS level I have not found a vulnerability that was also not found in other manufacturers BIOS as well by other IBV's. This suggests that the issue may be further up the chain. Nasty Lenovo UEFI exploit also affects products from other vendors
While it does not excuse the behavior, the worst thing I have seen in this Lenovo issue, is not what they have done, yet simply the fact they were not up front about it.
Why so I not see any posts saying to banish Siri enabled devices from the network? IBM thought Apple storing transcripts and recordings of interactions was a threat.
How about Barracuda? Between large subnets of allowed addresses on their support ports and hard coded common passwords, I don't see any if you have Barracuda, Russia owns your network posts.Samsung TV's, Amazon Echo's, Google Homes, and other platforms do nothing but use methods to scan your network and force control over your devices and collect data, yet no screams for bans on those.
While a poor example, Windows 10 does almost everything Lenovo is getting cheap for natively. (E.g. Telemetry, you can't turn it 100% off. If you remove an update it automatically puts itself back on. Hell even today I had a machine with expired WebRoot, my only options were to renew webroot or install Windows Defender before continuing) the last one may actually be webroot doing the nagging I have not confirmed that.
Now let be clear, I am not going out and saying Lenovo's are 100% safe, in fact my research today on this topic shows it is not. However, that same research shows no manufacturer is safe. Check out this article on eDellRoot Dell computers with the eDellRoot root certificate may allow attackers to sign SSL/TLS certificates as legitimate sources and can be vulnerable to man-in-the-middle attacks. Even without the article pointing out several times this being reminiscent of Superfish it sounds pretty close to me.
I would support the title of this post being
Some Lenovo consumer modelscomputers are susceptible to really shady things because manufactures want to make money, but the title as is, in my opinion, does not accurately represent the situation.Edit: added source for BIOS claim. Updated closing thoughts based on additional research.
During my search, I think the comment found below sums up the whole thing.
NOT intending to excuse Lenovo, but I work in the business, and ALL major companies (HP, Microsoft, Apple, Google, AT&T, Verizon, Comcast, etc...) Hate Us, and would happily sell razor blades to babies if they could figure out how to weather the lawsuits & still turn a profit... -
RE: Lenovo - if it's on your network, you ARE breached.
@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:
@black3dynamite said in Lenovo - if it's on your network, you ARE breached.:
This is an issue when using Windows only?
No, everything.
Superfish is included with the wifi drivers to a point that the wireless chips will not work without it. As for the BIOS level access, well, that's as bad as it gets.
I don't know what Wi-Fi chipset you have; however, we have the direct from Intel drivers so if SuperFish is included here I don't think that is a Lenovo issue.
-
RE: What Are You Watching Now
Sitting in Atlanta watching mnufc vs DC united on MLS live