Scenario:
User runs as local admin (why is outside of the scope of this scenario)
Tech port forwards to user's workstation to expose RDP
Aside from creating a strong password for user, tech does nothing else to secure RDP access

Software support for a specific program is allowed in by user and creates a new admin account with a weak password for the user to test

Password is guessed/brute forced from the web and computer is compromised.

@momurda said in Hiring infrastructure technician:

@flaxking There is no location listed? Is it Vancouver BC? Somewhere further east?

It's listed, you just probably didn't know what you were seeing. It's in Manitoba, in a small town. So we're probably going to have to hire remotely for any special talent.

@scottalanmiller said in Where to read Code? or Best practices to Learn Code?:

@flaxking said in Where to read Code? or Best practices to Learn Code?:

With proper vetting of someone who is using modern tools, I can't imagine that since I don't have the aptitude for that kind of thing, I could ever be able to justify the cost of me learning it and hours spent messing around to get it right.

Outsource it every time, absolutely. You can say that about any task that isn't your bailiwick. But I don't think you can get that for peanuts. Cheaper than trying to do it yourself, yes, definitely. But it's still a costly process to get done well.

That's true, it influences customer perception and directly affects usability. A business is definitely going to want to invest there.

However, if I'm doing a personal project to help myself learn web development, I'm going to pay peanuts for it, just so I have something I'm working with. And learn some good outsourcing lessons in the process.

How about Powershell?

$uri = "ftp://uploadpath.com/in/fstest.txt" 
$file = "c:\localpath\fstest.txt" 
$user = "username" 
$pass = "password"

# create the FtpWebRequest and configure it 
$ftp = [System.Net.FtpWebRequest]::Create($uri) 
$ftp = [System.Net.FtpWebRequest]$ftp 
$ftp.Method = [System.Net.WebRequestMethods+Ftp]::UploadFile 
$ftp.Credentials = new-object System.Net.NetworkCredential($user,$pass) 
$ftp.UseBinary = $true 
$ftp.UsePassive = $true 
$ftp.EnableSsl = $true 
# read in the file to upload as a byte array 
$content = [System.IO.File]::ReadAllBytes($file) 
$ftp.ContentLength = $content.Length 
# get the request stream, and write the bytes into it 
$rs = $ftp.GetRequestStream() 
$rs.Write($content, 0, $content.Length) 
# be sure to clean up after ourselves 
$rs.Close() 
$rs.Dispose()

Might have to remove options like $ftp.EnableSsl = $true and $ftp.UsePassive = $true

@nerdydad said in Career Goals - Futures in Linux Careers:

I see that there is KVM and LXD and Kubernetes and OpenNAP.

That's kind of a weird list of things to put together. Is that like a solution stack you want to try?

Anyways, I would recommend getting vary familiar with monitoring and metrics. That's something that you can apply to your current job. Learn how to create meaningful alerts from the data being collected. The industry needs more people who can do this kind of stuff with their eyes closed, and less cowboys who put it off as a 'nice to have some day'. So you might want to get familiar with some open source options so you have something up your sleeve no matter where you're working and no matter the budget.

In 5 years we might be dealing with the descendant of Kubernetes, but you might as well get your foot in the door now since that kind of shit is the future.

@scottalanmiller said in Creating MangoLassi Podcast:

@dbeato said in Creating MangoLassi Podcast:

@scottalanmiller said in Creating MangoLassi Podcast:

We're going to have an official one up soon. Just waiting on the site to get made.

Oh okay, so then I should stop right?

Yeah, I think so, I'm trying to get one up by tomorrow.

Did this ever happen?

@matteo-nunziati said in Do we dislike Ubuntu:

I'm quite opposite: when developping stuff I really like to reduce the amount of maintanance of the OS. Of course too old is something I don't like, therefore I find a good balance by using ubuntu LTS and recently I've done a short test on opensuse leap too.

I find it more work because the tools I want to use require newer versions of packages

@NetworkNerd said in Weigh in on Holiday Career Topics:

@scottalanmiller said in Weigh in on Holiday Career Topics:

For a moment I thought you were looking for holiday career ideas, like making a few extra dollars by being a mall santa.

There's an interesting one. Weigh in on your recommended holiday side hustle. If anyone out there has a holiday side hustle, I would be curious to know what it is if you don't mind sharing.

Once I did 'Holiday Help' phone/chat support for Best Buy. I helped someone troubleshoot their new dryer.

Powershell in a Month of Lunches is a great book to get started with. Don Jones really understands adult learning, so he can really keep you engaged.

I like to mix some more formal training at first with a project in mind. As soon as you learn something in your training, apply it in your project. And then when you are done with the training, continue researching in order to complete the rest of your project goals.

Powershell is interesting because you can make scripts without having a clue what an object is, but understanding about objects is fundamental to learning powershell, so I really would recommend starting with some kind of training rather than just trying to create a script.

@scottalanmiller said in IS BASIC programming still in vogue?:

@flaxking said in IS BASIC programming still in vogue?:

@thwr said in IS BASIC programming still in vogue?:

@flaxking said in IS BASIC programming still in vogue?:

I am currently learning VB6 from a 1998 textbook...

You could talk to a tree for the same effect Not a good idea to start with VB when you want to learn programming

Not starting to learning programming, just need to also work with our legacy code

That's the problem with VB, it's all for ancient "we can't update it" code. VB was okay through around 1999, but never in the .NET era. So any legacy code made with it is pretty much guaranteed to have originated from a "developer" that was just mucking about and couldn't adapt to a more modern language and was carrying over bad VB habits from the 90s; and then a company that never updated code for close to twenty years now.

2 years left on the roadmap to have migrated all of our legacy code. It's a lot of work when you have a whole LoB application originally created in VB6.

@wrx7m said in Resume Revamp - Advice on Format/Layout and Type of Content:

When listing technologies and products, would you include version numbers? For Windows and some other MS products (Exchange) I would imagine you would. But, for other things like Veeam or ShoreTel, would you? Also, if it spanned multiple versions, would you just hyphenate (Windows 7-10)?

In the format I use, it would be without version in the list, but if I mention it in a project I might provide more version information

Is this open to international participants?

And can we choose a theme?

I've used WSUS before and didn't like it. Now at my current company they are looking into starting to use it for our new web service project. Salt has a pretty promising looking execution module and state module, but I can't wrap my head around the process we would use with it in order to manage updates without creating too much extra work by managing them.

It seems like that could be accomplished by just deploying each cumulative update. (This is for Server 2016) So would we just be updating the state with the latest cumulative update and removing the previous one from the installed list?

Is anyone using Salt for managing updates? What's your procedure? Are you using another tool?

@wrx7m said in Resume Revamp - Advice on Format/Layout and Type of Content:

I also have been seeing a lot of graphical graduated scoring for skill sets. Like this-

Is that really a thing?

No, it looks stupid, and creates more questions. If you are going for a project focused resume style, your project descriptions would be what gives them an idea of your skill level

@jaredbusch said in Need audio cable help:

I think What I need is two cables.

The standard 1/4 mono to 3/8 mini stereo as you both (and myself) found previously.

And then plug it in to the mic jack of this.
https://www.amazon.com/Kingtop-Adapter-Tablet-Headsets-Version/dp/B01I3A47I4

I would think that would work. When you have a separate mic input like we used to have, you could plug in headphones and use them as a mic. It's these new all input and output in one input jacks that are causing an issue, and I really don't know if you can find an input only one for phones these days.

Yeah, I think you're going to have to gut Windows. But on Windows 10 you can't ever do an upgrade or it will try and bring everything back.

OH&S (in Canada) was a part of my apprenticeship schooling. Both the employer and the employee have responsibilities, but if you ever actually report anything that can be traced back to you in a company of less than 200 people, you might as well start job searching.

But if your employer still asks you to do something if you tell them you don't think it is safe, it's probably time to start looking anyway. The biggest problem I see is that employees will not tell the employer they think the work is not safe.

I've used pdftk and pdfsam for merging before.

If you can focus on something you can use in your current job, it will definitely help your resume out because you can actually list professional experience with what you learned.

However, that route can make the transition to something else you want to do slower, if you can't use what you want to learn in in current job.

I was able to transition from IT into development, but I've been having a hard time really breaking away from the Microsoft world.

Haha, I just posted a long post on a forum before watching this video, and I literally thought, "I think I have a lot of good points in this post, but what are the chances someone is going to read this post at all?"

Often when reading a thread that's come up from a Google search, I will just skip over a WoT and only go back if later posts either didn't fill in the context, or indicate that there was good information in it.