Topics created by travisdh1

@bnrstnr said in Wyze cam alternative firmware.:

Is Dafang still the best choice here?

Yes, but not for long. Wyze is finally going to be adding things native.

@JaredBusch said in Oracle Java starting down the paid licensing path.:

This is for old releases.

I know but Unifi is still only supports Java 8
https://help.ubnt.com/hc/en-us/articles/360008240754#7

Screenshot

@travisdh1 just use the UK for now
https://www.support.hp.com/gb-en/drivers

It works

@dustinb3403 said in Colo centers around Cleveland, OH:

Hey I didn't say the reasoning was correct, I was just pointing out the reasoning that @travisdh1 said he wanted to use specific vendors.

That was my point, though, that that vendor selection criteria is what is bad. Selecting vendors only by not being good choices? That doesn't make sense.

@travisdh1 said in Frustration with Office 2016 and MS Project Pro 2016:

@dbeato said in Frustration with Office 2016 and MS Project Pro 2016:

@travisdh1 said in Frustration with Office 2016 and MS Project Pro 2016:

@dbeato said in Frustration with Office 2016 and MS Project Pro 2016:

I also used the ODT as below

Download
setup.exe /download configuration.xml

Install
setup.exe /configure configuration.xml

Just to confirm, that did work. Have a cookie on me.

I just had a kitkat so yeah!!

Welcome to the Dark Side.

White Chocolate KitKats are where it's at

@taurex said in Cloudflare and Nginx reverse proxy background.:

@travisdh1 Are there any benefits of configuring your own reverse-proxy if it's running behind CloudFlare that is essentially the one already? I know they offer their own Origin CA certs that you can install on your web servers to encrypt the traffic between CF and your cloud. As long as you're happy to stick with CloudFlare, there will be no need to run cron jobs with certbot renewals every 3 months.

As @JaredBusch said, you can run self-signed certs with CloudFlare just fine. This was for my home lab, so I purposely do things the hard way sometimes, just to see what it's like. That's why I originally tackled this anyway. Running a reverse proxy mostly so I don't have to pay for nearly 30 IP addresses on the box I rent for it.

@obsolesce said in Risks to Geo Blocking:

@scottalanmiller said in Risks to Geo Blocking:

So for the first time in YEARS, we just did some geo blocking today. How is this timing possible?

Oh yeah? Which? Why?

Only access for one tech, so trying to limit as much as possible. But it didn't work, (probably nothing to do with the geo blocking) so I don't know if they ended up keeping it or not.

@stacksofplates said in Fedora 28 Guacamole base install.:

@scottalanmiller said in Fedora 28 Guacamole base install.:

@stacksofplates said in Fedora 28 Guacamole base install.:

@scottalanmiller said in Fedora 28 Guacamole base install.:

@stacksofplates said in Fedora 28 Guacamole base install.:

@scottalanmiller said in Fedora 28 Guacamole base install.:

@stacksofplates said in Fedora 28 Guacamole base install.:

@scottalanmiller said in Fedora 28 Guacamole base install.:

@irj said in Fedora 28 Guacamole base install.:

@scottalanmiller said in Fedora 28 Guacamole base install.:

@irj said in Fedora 28 Guacamole base install.:

I see no value in Guacamole, personally. No Machine is a much better option.

Doesn't deal with the web interface. NX requires a client. Guacamole is as much a front end to NX as it is to any other protocol.

I wonder how often you really need people with no technical expertise to connect remotely to a linux machine?

For example, I have users on Chromebooks that need remote Linux access. \

SSH or RDP. I agree with @IRJ, it (Guacamole) just seems like a hassle.

RDP is pretty cumbersome in some cases for that stuff. And does that mean no NX, or having to maintain multiple for each box?

I definitely find Guac worlds easier. For one thing, it maintains a list of available resources. So the access listing is centralized, rather than making people maintain it on desktops.

I've never found d RDP cumbersome. I'm not talking about using NX on a Chromebook. Anything that isn't a Chromebook, NX is easier. For the Chromebook people SSH is native RDP is easy.

This whole thread is around how Guacamole isn't easy. You also don't need this to have a centralized list. If you're using CM you're going to have a list of systems anyway.

CM?

Configuration management.

Okay, wasn't sure. Yes, pushing out NX configs shouldn't be too bad, in theory.

NoMachine finds all of the systems in a network. For example, if you're on ZT it will list all available clients on that network. I was saying if you just wanted a list for people to SSH/RDP to, you already have it.

What we want, ideally, is not to use something like ZT (although it's an option that we will kick around), and not to make a list for everyone. But to have a portal (or something like a portal) that lists all of the machines available specifically to the person in question. We have specific pools and assigned boxes. For example, Maggie has a dedicated machine just for her, I don't want to see it in my list. And she doesn't want to see mine. But we both want to see remote machines dedicated for something we share.

Meh, what difference does it really make? If anything, I'm glad. Having high quality hardware allowed a lot of shops to try to justify buying something that was fundamentally wrong for an unrelated reason.

The settings are
network.trr, network.trr.mode and network.trr.uri

@stacksofplates said in Vuls and VulsRepo install on CentOS:

I was trying to understand how to read that report I posted from your site. I can't figure it out.

I honestly haven't dug into it yet, but it also doesn't look like it's worth the time either.

@black3dynamite said in Anyone here have success accessing the Pi-Hole admin page from behind a reverse proxy?:

@travisdh1 said in Anyone here have success accessing the Pi-Hole admin page from behind a reverse proxy?:

@black3dynamite said in Anyone here have success accessing the Pi-Hole admin page from behind a reverse proxy?:

@travisdh1 said in Anyone here have success accessing the Pi-Hole admin page from behind a reverse proxy?:

@black3dynamite said in Anyone here have success accessing the Pi-Hole admin page from behind a reverse proxy?:

This might help.
https://www.c-rieger.de/pi-hole-behind-your-nginx-reverse-proxy/

https://www.reddit.com/r/pihole/comments/7n87y6/figured_out_how_to_use_pihole_in_a_nginx_reverse/

Rolling back to this. The web page is being displayed now, after following these instructions.

Now it's not displaying any statistics. I saw that the log files were in /var/log instead of /var/log/pihole (which was empty.) I wonder if something has been messed up in the install script at this point.

What OS are you using for Pi-Hole? I'm using Debian. If you are using Fedora and have SELinux set to enforcing then that can be causing the problem. See what happens when setting it to permissive.

It is Fedora 28, but I purposely disabled selinux on it for now when I started having these issues. Good guess tho.

You can try repairing Pi-Hole by using this command: pihole -r

Ran it, but it didn't make any difference. I really thing there is an issue with the log file locations, in that the web interface is probably looking in /var/log/pihole for the log files, but everything else is pointing to /var/log.

Probably meant to invoke asylum.

@jaredbusch said in DNS-over-HTTPS with Fedora based PiHole and Cloudflare:

The entire concept is just stupid.
You cannot hide from your provider.

I'd agree with you, at least for now. This is just one small step in the right direction. It won't really make much difference until it's supported by all endpoints.

More remote code vulnerabilities. Haven't had time to look at what product(s) yet.
https://tools.cisco.com/security/center/publicationListing.x

@dafyre said in User account having to reset password with each login.:

@dbeato said in User account having to reset password with each login.:

@travisdh1 said in User account having to reset password with each login.:

@gjacobse said in User account having to reset password with each login.:

@travisdh1 said in User account having to reset password with each login.:

@gjacobse said in User account having to reset password with each login.:

@travisdh1 said in User account having to reset password with each login.:

@dustinb3403 said in User account having to reset password with each login.:

Is there a rogue service attempting to use this user account? Is the profile being locked (AD style) or just the password is being expired and having to be reset every time they login?

It tells her the password is wrong, and she has to go through the password reset routine each time she logs in. It's a user created within SodiumSuite.

Ah - Make sure the Organization is in all CAPS, user lower, password as typed

Bother, she just left for the day. I'll double check with her tomorrow on that.

lol,..

The joys of faith-based non-profits.

Well, leaving early I assume 🙂

Leaving on time for me... in about 3 minutes, lol. Has been a busy day around here today!

I meant for them.

@scottalanmiller said in Cisco: we're not competent.:

https://arstechnica.com/information-technology/2018/02/that-mega-vulnerability-cisco-dropped-is-now-under-exploit/

They can own all the ASAs!

Lenovo... giving you the finger.