https://www.ciphertechs.com/solutions/governance-risk-compliance/

@scottalanmiller said in Topics of Systems Administration:

It's great stuff to know, but if we are approaching SA as a role, should we really teach all the application specific skills on top? And if so, why these and why not loads of databases, printers, directory servers, web servers, WordPress and so on? How do we pick which applications to teach and which to expect people to learn separately?

Experience is the only teacher here. A book or online training will only teach you a very small portion of your jobs throughout your career.

I agree with @JaredBusch. I've never seen this unicorn SA position you've always talked about. I've worked in a few enterprises, SMB, and for software companies. I have never seen a SA making $400k that never touches anything outside the OS.

I'm surprised nobody has mentioned elastic yet.

There's an open source version and a free version (more features).

@DustinB3403 said in What do you use for petabyte storage?:

I just use the empty space in between Obsolece's ears

@Obsolesce

I tagged him because you're too scared to do it.

@Pete-S said in Notification mail in linux?:

Or is email perhaps not a good way to get notifications when there is a problem?

Maybe email in this manner is old-skool and it would be better to use something else?
Like external log server, system monitoring (Zabbix) perhaps?

Yeah I would use SIEM. Then you'd create and manage your alerts from there. You could send to email, slack, etc.

You can use postfix for alerting as JB mentioned. I use postfix on the my personal servers because I don't manage enough to justify a SIEM.

@scottalanmiller said in Sell the business??:

@IRJ said in Sell the business??:

@Dashrender said in Sell the business??:

@wirestyle22 said in Sell the business??:

@siringo said in Sell the business??:

I am the sole support person for a medical clinic business. I've been supporting them for around 7 years.

When I started it was a simple 2 server business with 1 external site and in house Exchange.

Now they have 7 sites and all the things that go along with that.

I'll be wanting to get out of this IT game in about 4 years & spend my days on the beach.

So the question is, how do I go about finding someone to take over the support of this client without doing myself out of a job & income before my beach days arrive?

It's not just about trying to find an alternate support solution for what happens in 4 years, it's for now mainly, due to me being the only person who knows their entire IT setup. If I get hit by that bus, they will be in trouble.

The business has sites in rural areas which from time to time will require on site visits, so more than online only support will be required.

Should I sell the support service as a business? If so, how do you work out what it's worth?

Just interested to hear the thoughts of others.

I'd probably create as much documentation as humanly possible and hand it over to an MSP that you vet. Getting rid of the single point of failure (you) is important. Your documentation is what dictates how smooth the transition will be.

huh - Not sure I'd give it to the MSP - instead give it to the business, let them decide who it needs to go to... if you can be part of the vetting process for your replacement, great, if not, not your concern.

I agree with you dash. Who gives a fuck if you're retiring and hand over documentation.

Well, his job NOW is to care. So he's doing the right thing. Once he leaves, sure, THEN he doesn't care. But until he actually does leave, he's paid (presumably) to care a lot and that's what he is doing. So this is the perfect discussion to have now.

I did say to hand over documentation. It sounds like he doesn't even have that. We all agree that documentation is his job. So that he can walk out the door one day and not care what happens after that moment. He can feel confident giving the company documentation that is well written and available for anyone.

That's why I said hand over documentation. Other than that don't give a fuck because as you and I mentioned the "company" is worth zero. So why put in any effort into finding a replacement. Someone will always take the work.

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@travisdh1 said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

I'm not familiar with Manage Engine Data Security Plus, so no idea how it compares to that.

Manage Engine Data Security Plus = File server auditing - monitor, alert, and report on all file accesses and modifications made to your file server environment.

I really need this kind, to monitor our Windows File server shares, once in a while, people come to ask me who deleted or modified these etc.

@IRJ Is Wazuh can do something like this? once I install an Agent on Windows File Server?

Yes it can. You can also exclude file types or directories to reduce false positives

@wirestyle22 said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@JaredBusch said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@wirestyle22 said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@Obsolesce said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@wirestyle22 said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@stacksofplates said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@wirestyle22 said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

@stacksofplates said in Return Values in Bash Script and generate e-mail which shows successes, errors and if the directory is empty:

Rather than mess with multiple arrays, you can just have a single dictionary that holds the file and status. A single function can decrypt the file. Then just save the file name and status of the decryption in that dictionary. Then loop through the dictionary and here I just print the data, but you could email it or send to Slack or whatever.

This was a quick pass so probably can be cleaned up a bit.

My reasoning behind two arrays was to keep it organized. If I do all successes in one and then all failures in the other. So I have this now:

#!/usr/bin/env bash
source "/home/user1/subdirectory1/master.sh"
decryptedFolderPath="/home/user2/subdirectory2/"
archiveFolderPath="/home/user1/subdirectory1/archive/in/"
extension=${fileName##*\.}
newFileName=${fileName%.*}
fileWithoutTimestamp="$newFileName.$extension"
encryptedItems=$(ls encryptedFolderPath*.pgp)
statusArray=()                                   

for i in $encryptedItems
do
gpg --batch --homedir /home/user1/.gnupg/ --passphrase "$PASS" --list-only --list-packets --yes --decrypt "$i" | grep -q "encrypted" > "$decryptedFolderPath"/"$fileWithoutTimestamp"
outPut=$(gpg --batch --homedir /home/user1/.gnupg/ --passphrase "$PASS" --list-only --list-packets --yes "$i" | grep -q "encrypted")

if [ $? != 0 ]; then
echo "$i is not a pgp file"
statusArray+=("failed to decrypt $i, with status code $? output from pgp: $outPut")
fi

if [ $? == 0 ]; then
statusArray+=("Succesfully Decrypted $i")
echo ${#statusArray[@]} | mail -s 'report' [email protected]
v=${i%.*}
encryptedFile="$v"
fileName=${encryptedFile##*/}
@@ -27,4 +34,4 @@ continue
fi
done

mv "$i" "$archiveFolderPath"

I think this is what you meant, right?

Well no. I meant Python can easily work with dictionaries (hash maps) vs doing multiple arrays. You'd have to switch to a hash map in Bash vs the multiple arrays.

Gotcha. Yeah it sounds more convenient it just going to take me more time to learn than I have with this current script

Isn't this the one you've been working on for like a year now? I'd say that's enough time to learn a little about scripting.

I built the original one awhile ago. Now I want to build more functionality into it. It's been static for a very long time.

Except, bash is not the place to build more functionality.

You use bash for basic stuff, or when there is no better option available.

technically there is no other viable option because I don't have the time to learn the alternative before I need this to be done by. the plan is to remake it in python later. after I convert some stuff and feel comfortable, I'll only use python

I learned the basics of python in a day or two. I bought udemy course and built a few python apps. I was able to find tutorials to build security tools like scrapers and scanners.

I've since added to these scripts and combined some of them. I'm not a python master, but it's very easy to pick up. There's also so many resources out there.

@scottalanmiller said in Net+ Study Help - Subnetting:

@itivan80 said in Net+ Study Help - Subnetting:

@scottalanmiller They need to start revising these questions. I mean if they want to get it as close as possible to real life scenarios. Just a thought.

That, too. Like this is not a skill anyone would ever need. Ever.

Especially considering the hundreds of free online calculators. The ones that can do this in their head are network guys from 90s, and the only reason they can do it in their head is because they've worked with it back when there was a lack of technology like VLANs.

I just bought a pre-built desktop from Dell. I opted not to upgrade the memory as it was much more expensive to do through them.

My system is only coming with a single 8gb RAM stick which is obviously unacceptable. The motherboard has 4 RAM slots and supports up to 128GB.

I'm looking at single 32GB sticks vs 2x16. The single sticks are appealing to me because it makes it easier to upgrade in the future. I could eventually have 32x4 to make 128GB.

Now I don't see needing more than 40gb currently which is why I was thinking 32gb would be fine.

Ok that's alot of rambling... My main question is single stick performance vs using RAM in channel. What would you do?

It's extremely shitty development practice for the devs to have any concern about hypervisor. Put it on Docker and use on any platform on prem or in the cloud.

@siringo said in Windows Inventory Tool?:

Wondering if anyone can suggest a free inventory tool for Windows networks?

I need to get a list of PC & server hardware & software
Disk capacities
Installed apps
OS versions
Printer make and models
and so on.

Thanks for any help.

Powershell

https://4sysops.com/archives/how-to-build-a-powershell-inventory-script-for-windows-servers/

I paid $3k for pre built with 3090.

If you are worried about just ROI, you can get one with 3080 for around $2200-2500. You'll get your money back faster that way.

@hobbit666 said in Build or Buy?:

@irj said in Build or Buy?:

Yeah that's what I did and I'm mining with while not gaming. I received my PC on April 17th and I've already made over $400 back mining in less than a month.

Which is why there is no GPUs right now. You could nearly have it paid off by Christmas instead of start looking at Christmas. Of. Course the mining payout depends on alot of factors, but even if you get only $100 a month, you have half your investment back in a year.

What you using for the mining. Been very very long time since I looked at it

RTX 3090 and Nicehash

@travisdh1 said in Changing subnet mask?:

@irj said in Changing subnet mask?:

@siringo said in Changing subnet mask?:

Sorry if this is a dumb question but ...

Inherited an old SBS network which has been upgraded, but is still using the 10.0.0.0 /8 setup.

I was thinking of changing the subnet to /24.

Currently all devices still have 10.0.0.x addresses.

Some of the their network gear is managed and I need to arrange with them to change settings within their Cisco gear to /24.

If I get the Cisco gear changed, prior to me changing the servers, PCs, printers etc to /24 will everything remain working??

For example, If I get the Cisco gear changed to /24 on weekend 1, will everything still communicate & work fine until I can change the other gear on weekend 2??

I know the subnets are different, but with all devices having 10.0.0.x addresses I'm thinking they still may be seen by the /24 devices????

Does that make sense?

Create /24 VLANs. Separate severs, printers, workstations with different VLANs. Then you can block workstations from even seeing server VLAN.

Seems like a lot of work with no business need from what we know.

Can you expand on this?

How is this alot of work and how is there no business need to segregate important data?

Because in my experience data security is pretty damn important from a business perspective.

@dashrender said in Looking for Security camera options:

You know, not many on this forum have the luxury of working for enterprise customers, not even Scott. Most of our clients are going to those hobby businesses as we call them around here. So that is the context I generally live in. Since you're fortunate to be in that enterprise space, you generally come from that context, so I get it....

Saying I'm fortunate or it's a luxury would imply that it fell into my lap. I worked very hard to get where I'm at today.

Scott runs NTG and certainly makes bank working off SMB and has the ability to expand his income by adding clients and employees. When you're 1 man show there's not much room to grow.

That being said, one man IT guys make great security or enterprise IT people because they have an understanding of nearly everything it takes to run a network. We kept interviewing security employees with degrees and only security experience. They were not good. I recommended that we ask our recruiter to reach out to one man SMB guys. We found a very knowledgeable person that could be trained on how to do various security functions very easily.

@jaredbusch said in Bring order into IT environment in chaos:

@scottalanmiller said in Bring order into IT environment in chaos:

@pete-s said in Bring order into IT environment in chaos:

@eddiejennings said in Bring order into IT environment in chaos:

I've used DokuWiki in the past for documentation.

Yes, me too. But for this customer I will suggest they get something that is cloud based. And a little more specifically made for the purpose.

I can't find a good cloud based wiki. Either they suck or they are crazy expensive.

That has been my experience also

Confluence is quite good. Free for under 10 users, too.

@ambarishrh said in Recommendations to replace existing Surface Pro4:

I've checked the xps 13 and thinking of getting it. The one they have here is 16GB 1TB

But at the same time, since I rarely take the device out, also checking for a powerful mini PC

I actually prefer a 13 inch screen. I've used Dell xps 13 two years ago and it's a good laptop. I had the Ubuntu edition and really liked it. I know @stacksofplates has had a few generations and is a big fan.

I've solved all your problems

@dustinb3403 said in Spreadsheet background image:

@gjacobse So 32 minutes give or take...

I'd say that's probably the average to use a image in a word document so it doesn't look like shit.

That's per image. Imagine adding 5 images and trying to get them to align properly with text