Posts made by Seth Cooper

@Dashrender said:

All I can say is that they are still deploying an ActiveX module that digitally signed (and now expired) in 2010. Presumably that means the module hasn't been updated since then.
Frankly it's embarrassing for them to have to require client to disable security to allow these expired packages to be installed.

If that's the case, does that give them a tiny bit of leeway in the browser compatibility arena?

My last company's billing software used these same ActiveX controls that required your security on IE to be disabled to be installed, flaky install still at best after you jumped through all the hoops.

God was that a nightmare..

@scottalanmiller said:

And this it begins....

Really, at this point the more exploits found for XP the better it is for both Microsoft and IT in general. It helps to demonstrate why good practices, patching, support, keeping up to date and not forgetting about IT is important.

As a new IT guy to a company that just started an internal IT department this is helping me get through to them what I have told them since I started. The threats are real, I need to be able to centrally manage, patch, and implement fixes quickly. Unfortunately, it's taking the stick to make the decision and with it liability.

Just this news alone might have just netted me 75 more licenses of Webroot!

@scottalanmiller said:

Ha ha, perfect for American's who have crappy beer and want to make it as cold as possible so that they taste it as little as possible.

God all my family in Iowa would love this thing. Make the Coors and Busch Light go down nice and smooth.

@IRJ said:

Webroot is lightweight and fast.

http://www.webroot.com/shared/pdf/Passmark_Endpoint.pdf

My boss was skeptical that it was doing anything at all, such a small footprint.

I purchased 25 endpoint licenses for my Corporate office and have been impressed with the centralized management and literal 3 second installs off a 749kb .exe

This is truly the only AV that can support the legacy hardware on site without bringing them to a crawl.

I wish it had patch management/etc however. I haven't used the password suite as I use Dashlane and can't be more pleased.

Yep, keep the device for personal use.

I am curious though, how do you get into a gig to review tech and keep the hardware? Sounds pretty cool, do you work with a site we can read the reviews?

Thanks!

I have had this happen to me multiple times, my downfall was after my first company was bought out I didn't search if I had a "dream job" on the line and more often then not I got strung out. It sucks, I am sorry.

In other news I did get a job with another company that strung me a long for over a month and what Nic said rings pretty true, it's just a glimpse into how they operate. Although it's getting better after 7 months.

Sigh, what isn't illegal here anymore.

Enjoyable read, I am very much in an organization that praises busy Sue and loathes lazy Bob. I have been the topic of conversation a few times because they see me on a computer all day instead of running around filing, etc which to them has translated into I am doing things non work related. Sorry guys, you finally hired an IT guy and I am just catching up and doing my job! (It involves computers)

I probably also have some Sue tendencies when it comes to trying to organize and then I re-organize the same data in an easier format. It's a tough balance for sure.

Thanks for the interesting read!

Very limited, only logs on the policy level for short increments (up to an hour) and looking across the Juniper boards it looks like everyone states to get good traffic logs you need to do port mirroring.

My boss cringes if I mention to him upgrading his Office suite above 2003.. he only uses Excel 2003.

Although cheaper alternatives for the company as a whole he will entertain just not his stuff. Some people just dislike change, especially if it effects them.

@scottalanmiller said:

I used to live in flint and I remember crack houses being burned to the ground by concerned neighbors. Michigan is pretty hard core.

They know how to show they care!

Ever seen the Charlie LeDuff news specials? They are on youtube and while most have a funny undertone he does actual reporting on core issues with Detroit asking the tough questions.

@alexntg Yep, my branches use Juniper SSG-5's but I haven't seen any logging to do what you speak of.

@PSX_Defector I appreciate the generous offer and I will let you know if I do. But this is a backseat project for me at best. Might try the port mirroring first but all this has to be done in my non-existent free time. I am sure you know how that goes.

Thanks.

@PSX_Defector said:

@Seth-Cooper said:

How powerful of a box would a proxy need to be? Could I create such a thing efficiently from old server or workstation? I imagine that depends on the traffic.

I used to run a proxy and sniffer for ~100 users over a P4 512MB machine.

Don't need much.

Good deal, because that is about the exact specs of the spare hardware I have to use!

How powerful of a box would a proxy need to be? Could I create such a thing efficiently from old server or workstation? I imagine that depends on the traffic.

Of course the traffic falls off once I ask for input, but still curious!

I have PRTG monitoring SNMP traffic at my branches, I have seen a branch capped for 3 hours at 1.5M upload. I had limited all HTTP/HTTPS traffic to 1.5 out of 2M possible so it didn't effect our main service that uses telnet. Well of course everyone is complaining about the slow internet speeds. I am trying to find out what device is causing the issues, I don't care to be big brother but when you are impeding others from business then we have a problem.

Recently deployed Open DNS at my branches for extra protection and URL filtering. It lets me see the DNS requests but it's hard to discern from those which domain would be likely to be pulling high traffic. I do not have the licensing that allows you to bind Open DNS to AD and for it to resolve all requests to internal IP addresses either so when I find suspicious domains I can't verify the device. Is there freeware others might use to achieve this? I have tried Wireshark in the past but I didn't have the time to learn what I was looking at with the massive amount of data it collects. Do you have a good resource to learn it?

How do you guys find the culprit?

http://www.pcworld.com/article/2144562/hands-on-chrome-remote-desktop-app-for-android-makes-remote-access-easy.html

Pretty smooth from the little I have played with it.

I use them around the office occasionally.