22.05.2017 05:39:00 Quelle: http://go.theregister.com/

Hi! I’m Foxy! It looks like you want to run Flash. Do you need help?

Firefox 55 to get all up in your face if a web page needs Adobe's hell-spawn

Developers of the Mozilla's Firefox Web Browser have indicated that version 55, due in August 2017, will be openly hostile to Adobe's Flash plugin.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 05:41:00 Quelle: http://go.theregister.com/

Java Daddy James Gosling goes to work for Amazon Web Services

He left Oracle years ago so this is no biggie, but clearly cloud is where big brains want to roost

Java creator James Gosling has announced he now works for Amazon Web Services.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 05:41:00 Quelle: http://go.theregister.com/

Bloodbath at LeEco US as Chinese tech upstart implodes with layoffs

Kiss goodbye to that Android bike and Transformers car

It has all gone pear-shaped for Chinese conglomerate LeEco after the firm told nearly 70 per cent of its US staff that their services will no longer be required.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 17:48:00 Quelle: http://go.theregister.com/

.Science and .study: Domains of the bookish? More like domains of the JERKS!

Only few bad apples at internet badness hotspots, though

The .science domain has become a “hotspots” of malicious or abusive activity on the internet, according to a new study out Tuesday.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

14.12.2016 18:57:00 Quelle: http://www.itiko.de/

Der neue Avira Password Manager: Nie mehr Passwörter vergessen

E-Mail, Facebook, Instagram, Amazon oder das Online-Bankkonto: das sind nur einige Beispiele dafür, wo sich Anwender täglich aufs Neue einloggen. Um auf Nummer sicher zu gehen, sollten Nutzer für jeden Account ein unterschiedliches, sicheres Passwort verwenden. Die Realität sieht jedoch anders aus: Die meisten Anwender nutzen ein Passwort für mehrere Konten und ändern es nur […]

    ext. Link anzeigen

28.04.2017 17:03:00 Quelle: http://go.theregister.com/

Well, hot-diggity-damn, BlackBerrys KEYone is one hell of a comeback

Much, much more than a nostalgia trip

24-Hour Test  The hottest phone in town this week isn't the new Samsung but, improbably, BlackBerry's comeback device. Partly this is a quirk of a staggered rollout by TCL, which has awarded the UK virtual exclusivity for a month before the US gets it. But it's not entirely down to production issues.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 17:46:00 Quelle: https://www.reddit.com/

Looking for Knowledge Management Solution

In IT, we have to deal with a multitude of problems each and every day. But one of the most basic problems, yet still apparently generally unsolved, seems to be Knowledge Management.

Since all other problems can be handled much more easily if we get knowledge management down. Often the biggest problem is figuring out if there's already a documented solution, and where, and if it's still up-to-date.

In our company, we use e-mail, a ticketing system, office documents on a file share, a wiki, a blog, an internal messenger, a simple website, plaintext documents, a database with custom Access frontend, and handwritten notes. And that's just what comes to my mind right now.

This is, obviously, neither effective nor efficient. Information is getting segregated, hard to find and even harder to keep updated.

But isn't this a common problem that all organizations - and all people - face? Shouldn't this be a solved problem by now?

If anyone around here has some insights of how to successfully tackle this huge and generic problem, I'd love to hear it. And even if it's just a partial solution, anything is better than nothing.

I'm not just looking for a solution that's only applicable to admins. Every department and every individual has these problems. It's just that admins are the most likely ones to implement the solution. That's why I think it makes sense to ask around here, but if you know a more appropriate sub, let me know.

In the end, there won't be just a technical solution, I'm sure. There need to be processes and procedures to support it. But a good knowledge management system will let us document and find those processes and methods. So it's sensible to look for a system first and add the process afterwards, within that system.

Finally, I'm convinced that only an on-premises solution will suffice. Cloud-based knowledge management means you store your most valuable asset, your knowledge, in an environment outside of your control. While I consider that dangerous for an individual, for a company, it would be a definitive no-go.

Looking forward to your suggestions or a lively discussion...

submitted by /u/WolframRavenwolf
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 23:39:00 Quelle: https://www.reddit.com/

GoDaddy accidentally renews all(?) Code Signing Certificates for Three Years - No public announcement for over 24 hours and counting

Yesterday received an email stating that my new code signing certificate is ready. Knowing that I did not request a new certificate I questions all of members of my team and upper management, no one knew of any request for new or renewed certificates.

Call GoDaddy and after about a 5 minute wait was told that all code signing certificates were renewed for three years. I don't know if all really means all, as I have not heard or seen anyone else announce that they are experiencing this. I ask for a email detailing what happened here and what the next steps are in the process on GoDaddy's side... I would assume at this point that GoDaddy will revoke certificates.

I'm super concerned that no notice has been sent to end users, after over 24 hours you would think that they would send an email to all effected users stating that there was a problem and that they are looking into the next steps. I spoke with a manager today and was told that the announcement is delayed due to their legal department.

Anyone else stuck in the middle of this?

submitted by /u/Scribbling
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 23:40:00 Quelle: https://www.reddit.com/

Small-ish IP phone system replacement advice..help?

I'm looking at an investment in our phone system over next year or so.

We're a single location, non-profit Edu.

We've got about 300 phones total.

We're currently running a bit older version of Cisco Callmanager/Unity across 2 servers to handle things. There's no real problem with the way things are working, but we're at a point where the hardware is EOL and some is EOS. The software is also at least 2 versions behind. And I try to make it a policy to not have mission critical devices left unsupported.

We'd be looking at about $50k to get current on software, servers, and voice gateways with Cisco.

The thing is - our needs are pretty darn simple. We just use voice line and VM. We do a couple of hunt groups..but that's about it. We don't want/need fancy full color HD LED LCD phones, web browsing from the phone, video, app integration..etc etc. It seems like from the past few software updates from CISCO that we're clearly not really their target here. The bells and whistles being added aren't really providing value to us since we aren't implementing those features. We end up having to pay a bunch for updates and upgrades simple to stay current enough to maintain support from CISCO in the event that something actually does go wrong.

So when budget time comes around again, I'm really question the value here and if there isn't a better solution. Of course, changing anything at this point - 10+ years after going with CISCO - means potentially dealing with "why did you change it? The old one worked fine!" comments from everyone NOT involve in the budgeting. So if there's not an equally stable and reliable service that comes in at a better price/value, then we'll just stay status quo here.

With that, I've not gotten a whole lot of alternative bids yet.

At a glance, the whole "cloud" and SaaS solutions that seem popular online don't at all look like a good fit once the budgeting is done. They just don't seem to scale well to 300+ devices (pricing wise). They look ideal for the 5-50 person office. Internal resources spent on keeping the CISCO gear going is very minimal so I'm not necessarily in any sort of hurry to push that to the cloud.

I've got a quote for a replacement system using Mitel equipment. The annual costs should be a lot less and I'm told that the update/upgrade process and expenses are considerably less costly (than our current CISCO system). But the upfront cost is going to be more (obviously) because it would also have to include the cost of buying all new handsets too. When I spoke to my Cisco vendor that was about her last appeal to get me to stay - she noted that I;d have to buy all new handsets if I went anywhere else. This is true - and the handsets we have are about 10 years old - but they all still work. I think we've had maybe 2-3 fail in that time.

So anyhow.. Is there some other big name I should be considering? Do you have experience/opinion on MiTel? Or Mitel vs. Cisco CM/Unity? Reliability, manageability, and stability are keys. Support, price, and durability are next.

Thanks!

submitted by /u/combobulated
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 23:36:00 Quelle: http://feedproxy.google.com/

Citrix veröffentlicht XenDesktop und XenApp 7.14, automatische Updates für Receiver

Citrix XenDesktop steht jetzt in Versin 7.14 bereit.Neue Versionen von XenDesktop und Receiver hat Citrix auf seiner Haus­messe Synergy 2017 in Orlando vorge­stellt. In XenDesktop 7.14 spiegelt sich die Zusammen­arbeit mit Micro­soft wider, die beide Unter­nehmen 2016 ankün­digten.

der Autor auf            ext. Link anzeigen

24.03.2017 10:17:00 Quelle: http://blog.wiwo.de/

Krokers RAM: Neues CeBIT-Konzept beweist auch, wie zerstritten die Aussteller sind

Mein Rant am Morgen: Von der Sommer-CeBIT als Event und Festival profitieren längst nicht alle Teilnehmer – die Interessen streben weiter auseinander. Es dürfte eine anstrengende Woche für Oliver Frese gewesen sein: Nicht nur, dass sich der Vorstand des CeBIT-Ausrichters Deutsche … Weiterlesen

der Autor auf            ext. Link anzeigen

17.05.2017 17:40:00 Quelle: https://www.reddit.com/

we received an email threat of a DDOS on our domain.

should we worry about is or do we call the interwebs police?

here is the source of the email, appears to come from Italy

EDIT: note the real domain name has been changed

Return-Path: www-data@localhost.localdomain X-Envelope-To: blah@fake.com X-Final-To: blah@fake.com X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL: -0.800,BAYES_00: -1.665,HTML_MESSAGE: 0.001, HTML_MIME_NO_HTML_TAG: 0.377,MIME_HTML_ONLY: 0.001,SUBJ_ALL_CAPS: 1.6, TOTAL_SCORE: -0.486,autolearn=no X-Spam-Level: Received: from blah.smtproutes.com ([20.7.9.48]) by blah(server) with ESMTPS (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256 bits)) for blah@fake.com; Tue, 16 May 2017 06:23:41 -0400 X-Katharion-ID: 1494930203.13053.cal1-mh782 (0.0) Return-Path: www-data@localhost.localdomain Received: from localhost.localdomain ([194.243.107.146]) by blah.smtproutes.com [(192.9.6.48)] with ESMTP via TCP (TLSv1/TLS_DHE_RSA_WITH_AES_256_CBC_SHA); 16 May 2017 10:23:23 +0000 Received: from localhost.localdomain (localhost [127.0.0.1]) by localhost.localdomain (8.14.4/8.14.4/Debian-2ubuntu2) with ESMTP id v4GANQhL023997 for blah@fake.com; Tue, 16 May 2017 12:23:26 +0200 Received: (from www-data@localhost) by localhost.localdomain (8.14.4/8.14.4/Submit) id v4GANQT3023996; Tue, 16 May 2017 12:23:26 +0200 Date: Tue, 16 May 2017 12:23:26 +0200 Message-Id: 201705161023.v4GANQT3023996@localhost.localdomain To: blah@fake.com Subject: DDOS ATTACK X-PHP-Originating-Script: 33:pp.php MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 From: blah@fake.com

Last warning!<br> Your site fake.US will be DDoS-ed starting in 8 hours if you don't pay only 0.1 Bitcoins @ 1DoCJEfxXnCdy6jHfbX6YSckkd8Yy2VdYcf5<br> Users will not be able to access sites host with you at all.<br> If you don't pay in next 6 hours, attack will start, your service going down permanently. Price to stop will increase to 1 BTC and will go up 1 BTC for every day of attack.<br> If you report this to media and try to get some free publicity by using our name, instead of paying, attack will start permanently and will last for a long time.<br> This is not a joke.<br> Our attacks are extremely powerful - over 1 Tbps per second. No cheap protection will help.<br> Prevent it all with just 0.1 BTC @ 1DoCJEfxXnCdy6jHfbX6YSckkd8Yy2VdYcf5<br> Do not reply, we will not read. Pay and we will know its you. AND YOU WILL NEVER AGAIN HEAR FROM US!<br> Bitcoin is anonymous, nobody will ever know you cooperated.<br> 
submitted by /u/sprocket90
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:40:00 Quelle: https://www.reddit.com/

Dell Precision machines and audio issues

Do we have any super stars out there that work with Dells often? I don't think this ever worked but my head phone jack in the front is constantly humming. Back audio jack doesn't work at all. Latest Realtek drivers installed on Windows 10 creators OS. I see the audio moving the levels in the sound mixer.

Only sound works from the sound bar when it's plugged in.

Should I call support on this?

Thanks!

submitted by /u/burdsjm
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

27.04.2017 11:03:00 Quelle: https://www.reddit.com/

Building a new HA server setup - need fresh eyes please :)

Hi Folks, I'm planning a new server system for my work and I'm in need of a fresh pair eyes. I work at a government high school (1800 users and approx 400 desktops and max 1000 devices). Our budget got hit super hard this year (lost 2/3rds from last year) and on top of that, all of our servers need replacing this year.

Disclaimer: Some of this'll look like madness to most experienced admins, but there is method to my madness in most cases. Madness without method is what I'm hoping others will find and I can then iron out.

Any $ values are in Aussie dollars.

Situation/History: School was built in 2007 and came with 3x Dell 2900s and a HP of some kind. 7 years later, we replaced them with virtualised Dell T420s. One primary and one backup. Running free esxi 5.5 (ram limited). Now 4 years later those vhosts are constantly ram overallocated and hdd capacity is nearly at max, and we were looking at having to replace them for a cost of approx $20k total. On top of that, the main domain controller host (server managed by the government) needs replacing for another $14k. I won't bore you with more details, but basically that $14k was a surprise - unbudgeted. We don't have that much money. At all. Period. Nada. Basically, my plan (almost approved) will half the $20k and provide future benefits as well.

Goal: Replace the current reliability of a warrantied/supported single server with redundancy. Rather than just trying to be cheap, I'm changing when the money is required (though methods of cheap are used). eg. $5000-$7000 every 2 years instead of $20k every 5 years. More flexible/scalable than the old systems. Standard HA stuff for large installations really, but it'll be new for us.

The Plan: TLDR

2x vHost servers running Proxmox. HA/Clustered.

2x Servers for storage hosts. same specs as vHosts, but with HBA cards.

2x Direct attach diy/homebrew enclosures - ZFS based. (Madness!)

Proxmox boots VMs over NFS/iSCSI from the primary storage. Proxmox backs up to the backup storage. VMs are bootable from primary or backup. Additional storage on backup storage for file level/StorageProtect backups.

Problems?

The Plan Act II: TSNED (Too Short, Not Enough Detail)

2 vhosts means failover/redundancy. One goes down, the other picks up the load. 48GB of ram each to start with. CPU performance doesn't need to be amazing (our existing server is 2x E5-2420 and they average 20% usage over the day). vHosts could potentially be second hand servers (save $) since the redundancy is there. I'd be quite happy with a few R710s in our environment for example. That said, our aim would be to have at least 2 servers in warranty/support at any point in time. The main thing is that I'll get the performance of each node on a normal day, and I can add more nodes if I need more performance, but if something goes down, I still have options.

Storage will be hosted by Dell servers, but direct attach enclosures will be DIY style. Since they're not dual head in any way (didn't see the point when I'd have backup vms anyway), the redundancy here will be in having primary and backup vm storage being bootable. If I lose the primary array/pool or enclosure, I can just boot the VMs from the backup array until the primary is restored. If I lose the server hosting the storage, I can swap in a different machine, swap the hba card, then simply import the ZFS pool and boot the VMs. FreeNAS has an advantage in being able to backup the config file for all the OS settings, but I'm familiar enough with napp-it that which one I go with will more likely depend on performance testing. And if I somehow lose both of the VM stores, there'll still be the essentials on a 2nd pool in the backup enclosure. Primary and Backup storage enclosures will be on opposite sides of the campus to protect against physical damage. First node will be a previously retired but since upspeccd (thanks ebay) Dell T610 and the primary storage server is an IBM x3850 (I think) with 4x quad core cpus @ 2.6GHz and 128GB of RAM. The current 2 production servers will get rearranged and added to the Proxmox cluster after their VMs are transferred over and the VMs have been running stable for a month or 2.

Storage specifics: Norco RPC-4224 24 bay enclosure, Intel RES2CV360 SAS Expander, 10x WD Gold 4TB HDDs (4 Mirror vDevs, 2 spares) for Primary storage, 10x WD Red 4TB HDDs (4 Mirror vDevs, 2 spares) for Backup Storage. Backup enclosure will also get the 13x 3TB seagate SAS drives (10 disk raidz2 plus 3 hot spares) out of the existing servers. Now here's the next madness point, I'm considering using Corsair desktop PSUs. Since they're nearly 1/4 of the price of a redundant PSU set, I can have a backup in storage, plus I can get them supplied locally (vs cross country). Local supplier is the same with the HDDs actually when compared to getting SAS drives. I have local access to the servers at all times, so I can swap a PSU quite easily (modular too). I use the RPC-4224 and RES2CV360 at home so I'm already familiar with those. I've already been advised recently to get an NVMe SSD for a SLOG, so I need to add that to my cost calculations. Mirror vDevs because it's easy to add more storage to the pool. I'd only need 2 (+backups) drives and gain 4TB of capacity, vs raidz2s which would require a lot more. Also, last time I used ZFS extensively, it really didn't like iSCSI on raidz2. iSCSI vs NFS will likely also depend on performance testing, but I'm leaning towards NFS since the iscsi partition is just one more thing that could break. iSCSI on primary, NFS on backups could be an option. I'd almost certainly go OmniOS/napp-it if I go iSCSI. Also since the primary and backup enclosures are using the same hardware, I plan to have some parts (chassis, sas expander, and a few cables) in the storeroom ready in case of a failure.

Networking isn't a huge concern at the moment. Brought in some personal 10gbit fiber equipment for the time being. I will be setting up logging so I can see the average traffic and consider purchasing 10gbit if necessary, or simply swapping to 1gbit copper and leaving it at that. I have a dedicated SAN vLAN setup and Proxmox runs over a vLAN trunk.

I'm still pretty new to Proxmox, but this same hardware setup could be used for HyperV or vSphere. I should mention vSphere is too expensive at this point in time to get the licensing required for multi-host management. I don't technically need High Availability in the common sense, but its already in Proxmox and it's automatic once setup so I may as well use it, whereas my storage is manual so overall it's not really HA anyway. At the end of the day, we're a school. A few hours of downtime once every few months even isn't the end of the world and realistically, I wouldn't expect anything extreme happening even once every 2 years.

I've already looked at HyperV, and while I could probably get it working, it was eating up a lot of time trying to get it to do what I wanted. HyperV replica was where I got the idea of having primary and backup ready-to-go VM storage. Hopefully Proxmox can do it, if not, zfs send is my backup plan. Same end result. VMs themselves consist of about half a dozen windows server VMs, and about half a dozen ubuntu server VMs for small tasks (nginx streaming server, ntp server, etc).

I think that's most of it. I'm confident in most of it individually, its putting it all together that I haven't done yet. The new storage system will be the expensive part. Currently it's sitting at $10k total initial cost. If anyone can suggest a storage specific subreddit, I might ask there as well. (edit: sorry, tried to format everything nicely, but reddit formatting is alien to me)

So, can anyone see potential problems anywhere that I haven't thought of?

submitted by /u/notDonut
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

06.04.2017 22:57:00 Quelle: http://go.theregister.com/

F-Secure gobbles up Zdziarskis Little Flocker, spits it into antivirus kit

Is this the end of the road for the file system firewall app?

F-Secure has completely absorbed Little Flocker, the macOS security tool built by computer forensics boffin Jonathan Zdziarski.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:41:00 Quelle: http://go.theregister.com/

LinkedIn finds friends to join its Open19 data centre standards effort

Stacks up against Open Compute with one design for data centres of all sizes plan

LinkedIn wants you to brick it in the data centre by following it and its friends with a new standard for data centre hardware that pushes its ambitions to the edge and into competition with the Facebook-derived Open Compute Project.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:41:00 Quelle: http://go.theregister.com/

Google wants to track your phone and credit card through meatspace

World's biggest advertising company needs to prove ads are worth the money

Google wants stores to gather purchase data on its behalf, to bolster its case that advertising on the platform works.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:40:00 Quelle: http://go.theregister.com/

GPU-flingers bash: Forget the Matrix, Neo needs his tensors

What's a tensor? Glad you asked...

HPC blog  Last week, Nvidia held its biggest ever GPU Technology Conference (GTC). The big walk-away is that GPUs are rapidly becoming an expected and standard component of computing, table stakes in many cases, across the computing platform. Big deal right there and hence the frothiness of much of the coverage.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 05:42:00 Quelle: http://go.theregister.com/

IBMs ShinyHappy™ SAP Ariba deal papers over SaaS fail

Emptoris procurement product is being taken behind the shed just five years after acquisition

IBM and SAP Ariba last week shared a stage and delivered the ShinyHappy™ news that the two are throwing their respective Watson and Leonardo artificial intelligences at “cognitive procurement solutions that redefine the source-to-settle process.”…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

10.01.2017 02:00:00 Quelle: http://www.kommune21.de/

Dormagen: Übersichtlich und modern

Die von der Firma wer denkt was konzipierte Beteiligungsplattform der Stadt Dormagen präsentiert sich nun im neuen Look.

    ext. Link anzeigen

07.04.2017 16:53:00 Quelle: http://feedproxy.google.com/

WLAN-Access-Points von Lancom mit Wave 2 und SDN

Die WLAN-Access-Points der Reihe LN-170x und LN-68x von Lancom SystemsDer Aachner Netzwerkspezialist Lancom Systems hat seine Palette von WLAN-Access-Points (AP) für Geschäftskunden um vier Modelle erweitert. Sie unterstützen den aktuellen Standard IEEE 802.11ac Wave 2. Der LN-1700 und LN-1702 erreichen Bruttodatenraten von bis zu 1733 MBit/s, der LN-862 und LN-860 von 867 MBit/s.

der Autor auf            ext. Link anzeigen

24.05.2017 11:41:00 Quelle: http://go.theregister.com/

Whats got a vast attack surface and runs on Linux? Windows Defender, of course

Penguinistas, rejoice: Tavis Ormandy lets you fuzz Windows

Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:40:00 Quelle: https://www.reddit.com/

MS Action pack signups

Hi Guys,

Is anyone else having problems with signing up to the Microsoft Action Pack? I simply get the error

"Error

We are sorry, an error has occurred. Please try again later" this is after I've signed in with a Microsoft Account. Am I missing something? (Pebkac?)

submitted by /u/Deepeh
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

18.05.2017 23:39:00 Quelle: https://www.reddit.com/

Applications/devices that use SMBv1 and might break when disabling it

Over the past week i examined more than 10 enterprise Windows environments and came up with a basic list of applications and devices that for sure use SMBv1:

-Aruba

-Juniper

-Pulse Secure SSO

-printers: HP, Toshiba, Xerox

  • Different FAS systems such as Netapp

  • EMC VNX

  • Canon scanners, printers

  • Old Linux versions- Many RH based ERP's

  • Hitachi printers

  • Some types of NEC monitors (got it from a colleague)

  • Dedicated kiosk applications for MRI machines (risky)

It was a long, bloody week. If you can add to this list it will be great. There was one thread that discussed this subject but it was unclear. Let's try and keep this as a good list for other sysadmins

After this bloody week i found this article (wish it happened on Monday). https://calcomsoftware.com/disable-hardening-smbv1/ Feel free to add...

submitted by /u/lutad
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 05:39:00 Quelle: https://www.reddit.com/

Anyone seeing fake Wannacry messages

I don't have the system back yet, but one of my users says he was at the Washington Post and got a Wannacrypt decryptor screen. The Help Desk had him shut down and unplug so I haven't seen the screen. System Center shows his system as being patched to May, no other systems on that network had any issue and I didn't see anything in my Kaspersky console.

Has anyone seen any fake Wannacry scams?

submitted by /u/dpeters11
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

22.12.2016 13:09:00 Quelle: http://feedproxy.google.com/

Amazon Last Minute Angebote: Philips Hue, Beats PowerBeats2, Withings Body, iPhone 7 Hüllen, 240GB SSD, 8TB ext. Festplatte und mehr

Der heutige Donnerstag stellt den letzten Tag der Amazon Last Minute Angebote dar. Heute habt ihr letztmalig die Chance, bei der Aktions-Woche zuzuschlagen. Solltet ihr noch nicht alle Weihnachtsgeschenke zusammen haben, dann werft einen Blick auf die Amazon Blitzangebote sowie die Angebote des Tages. Das heutige Motto lautet „Vom 13. bis 22. Dezember 2016 findet […]

    ext. Link anzeigen

24.05.2017 05:41:00 Quelle: http://go.theregister.com/

How good are selfies these days? Good enough to fool Samsung Galaxy S8 biometrics

Iris-scanner defeated with a camera in night mode, a contact lens, and a printer

Chaos Computer Club's "Starbug" has taken a look at the Samsung Galaxy S8's iris-scanning authentication feature and found you can beat it with a photograph.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

17.05.2017 17:39:00 Quelle: https://www.reddit.com/

WannaCry didnt arrive via email?

https://nakedsecurity.sophos.com/2017/05/17/wannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook/

Is it really possible that there are this many SMB1 open ports on the Internet to cause this?

Do you buy this analysis?

I understand there only needed to be one per Network, but is still seems weird.

submitted by /u/jduffle
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

19.05.2017 11:38:00 Quelle: https://www.reddit.com/

ADFS - Not a valid win32 filetime

We have a domain with forest trusts to 4 other forests. We are having issues with authentication through ADFS from one of the forests to one relying party. This works fine for the domain where the ADFS-server is located and all other trusted forests which makes me believe it's something on that specific forest that is having issues. Same issue for all users on this forest.

The actual error message is just 'An error has occured' on the ADFS page.

Only thing relevant that I found was http://c7solutions.com/2017/01/rc4-kerberos-and-ad-fs-issues which shouldn't be relevant because the forest/domain level is at 2008R2.

Domain controller on the forest having issues just shows a Credential Validation 4776 (Successfull) so seems to be authenticating correctly.

ADFS Auditing give error 300:

The Federation Service failed to issue a token as a result of an error during processing of the WS-Trust request. Activity ID: 00000000-0000-0000-b002-0080000000c6 Request type: http://schemas.microsoft.com/idfx/requesttype/issue Additional Data Exception details: System.ArgumentOutOfRangeException: Not a valid Win32 FileTime. Parameter name: fileTime at System.DateTime.FromFileTimeUtc(Int64 fileTime) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetPasswordExpiryDetails(SafeLsaReturnBufferHandle profileHandle, DateTime& nextPasswordChange, DateTime& lastPasswordChange) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetLsaLogonUserInfo(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String authenticationType, String issuerName) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetLsaLogonUser(UserNameSecurityToken token, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String issuerName) at Microsoft.IdentityServer.Service.Tokens.MSISWindowsUserNameSecurityTokenHandler.ValidateTokenInternal(SecurityToken token) at Microsoft.IdentityServer.Service.Tokens.MSISWindowsUserNameSecurityTokenHandler.ValidateToken(SecurityToken token) at Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token) at Microsoft.IdentityServer.Web.WSTrust.SecurityTokenServiceManager.GetEffectivePrincipal(SecurityTokenElement securityTokenElement, SecurityTokenHandlerCollection securityTokenHandlerCollection) at Microsoft.IdentityServer.Web.WSTrust.SecurityTokenServiceManager.Issue(RequestSecurityToken request, IList`1& identityClaimSet) 

AD FS Tracing error 52 basically gives the same thing:

ServiceHostManager.LogFailedAuthenticationInfo: Token of type 'http://schemas.microsoft.com/ws/2006/05/identitymodel/tokens/UserName' validation failed with following exception details: System.ArgumentOutOfRangeException: Not a valid Win32 FileTime. Parameter name: fileTime at System.DateTime.FromFileTimeUtc(Int64 fileTime) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetPasswordExpiryDetails(SafeLsaReturnBufferHandle profileHandle, DateTime& nextPasswordChange, DateTime& lastPasswordChange) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetLsaLogonUserInfo(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String authenticationType, String issuerName) at Microsoft.IdentityServer.Service.Tokens.LsaLogonUserHelper.GetLsaLogonUser(UserNameSecurityToken token, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String issuerName) at Microsoft.IdentityServer.Service.Tokens.MSISWindowsUserNameSecurityTokenHandler.ValidateTokenInternal(SecurityToken token) at Microsoft.IdentityServer.Service.Tokens.MSISWindowsUserNameSecurityTokenHandler.ValidateToken(SecurityToken token) 

Anyone got any ideas?

submitted by /u/Recol
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

22.05.2017 23:39:00 Quelle: https://www.reddit.com/

Linux shops, how do you do it?

EDIT: I suppose I'm awful at asking the right question. When I say linux shop I mean top to bottom linux, No windows Desktops for end users. Linux workstations for getting things done. Effectively replace MS for Linux/open source solutions.

Every time I've seen linux desktops in business the users were developers with god rights on their machines that did not authenticate centrally. Effectively these were unmanaged. I don't see how that doesn't create a tons of security and compliance problems.

User Management - I suppose is mostly covered by something like OpenLDAP. I've never used it successfully, what are the pitfalls of that? Does it stop at user authentication and password policy or can you define workstation policies there similar to GPOs in Active Directory?

Full Disk Encryption - (again this mean users facing) Looking for something akin to Symantec Endpoint Encryption or bitlocker. Something that can be centrally managed in the event laptop users forget their passcodes. Even while working remotely.

End-user Helpdesk Support - Just using VNC? How do you support end users? What about someone that forgets their password while working remotely? The same common user issues you see with MS users.

Patching - How is that best managed? In the MS world we would setup a centralized WSUS Server to download all the patches and the workstations would hit that box to download patches. This prevents 100+ machines all hogging up the internet pipe at once. Updates go over the LAN and are curated.

Reporting - I don't mean server, network, or application reporting. (That topic is done to death in this subreddit) How can I verify the patches and software versions are updated on all users workstations. Compliance reporting, etc.

===== Original Question ====

What does a full linux shop look like from an IT perspective? User management, security groups/permissions, patching, reporting, backups, desktop environments, etc?

How do helpdesk employees support end-users remotely?

How is Full Disk Encryption managed centrally?

Legacy applications that need to run on Windows or .NET, can they be emulated now a days?

I've used linux on single machines or run one-off servers for specific uses but never as joined to a domain to authenticate or managed patching centrally. I'm assuming OpenLDAP for most of this but never heard of anyone doing it successfully and practically for small business.

submitted by /u/TerribleHang0ver
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

15.05.2017 12:14:00 Quelle: http://blog.wiwo.de/

Behörden und Finanzinstitute springen an die Spitze der häufigsten Ziele von Cyberangriffen

Behörden und Finanzinstitute sind 2016 deutlich häufiger als im Jahr davor attackiert worden; der alte Spitzenreiter Einzelhandel fällt auf Rang vier zurück. Der zum japanischen Telekommunikations-Riesen NTT gehörende IT-Dienstleister Dimension Data hat kürzlich seinen „2017 Global Threat Intelligence Report“ veröffentlicht. … Weiterlesen

der Autor auf            ext. Link anzeigen

02.05.2017 11:02:00 Quelle: https://www.reddit.com/

Question/Help with batch script loop waiting for process to stop.

Hi Guys,

So all I'm wanting to do is run a batch script that unloads Trend officescan, then uninstalls trend, then loops waiting for the ntrmv.exe to not exist before continuing on with installing the new anti-virus we are going to. So I have this so far:

@ECHO OFF

"C:\Program Files (x86)\Trend Micro\OfficeScan Client\upgrade.exe" unload

"c:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRmv.exe"

:LOOP1

tasklist /FI "IMAGENAME eq NTRmv.exe" >nul 2>&1

IF ERRORLEVEL 1 (

GOTO CONTINUE1

) ELSE (

timeout /t 20

GOTO LOOP1

)

:CONTINUE1

"msiexec.exe /qn /i "antivirus.msi" PIDKEY=<serialkey> Launchapp=1"

So what happens is the loop just keeps going even after ntrmv.exe isn't running and I'm not sure why, or exactly how to debug it since I have very little experience in scripting.

Edit: Also i did have a variation of this that used the following instead of the loop:

start /wait "c:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRmv.exe"

But that would never go past that step as if it had halted. Any reason why? I assume because I was using it wrong and misunderstanding it.

submitted by /u/Frodamn
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.04.2017 22:59:00 Quelle: http://go.theregister.com/

Brit behind Titanium Stresser DDoS malware sent to chokey

20-year-old Herts man slapped with two years' stripey suntan time

A Hertfordshire man has been jailed for two years after netting nearly £400,000 from the malware he wrote as a 15-year-old student.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:41:00 Quelle: http://go.theregister.com/

EU ministers approve anti-hate speech video rules

Facebook, Google, Twitter and friends face clampdown

European Union ministers have approved new rules for video that will oblige Facebook, Google, Twitter and others to remove hate speech and sexually explicit videos online or face stiff fines.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 11:40:00 Quelle: https://www.reddit.com/

Igel Pocket

Hi folks,

has anyone played around with the new Igel Pocket (USB Igel Client)?

I have two for testing & trails. Unfortunately we have mainly Fujitsu Esprimo Q520 mini PCs in the offices and the Pocket does not properly discover the network card it seems.

A e1000 intel network card is shown in the igel client settings, dhcp client tries to get an ip address but fails.

Is it possible (and how) to change network card drives used? or inject your own drivers?

Thanks for any help!

submitted by /u/cmwg
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

17.05.2017 17:46:00 Quelle: http://go.theregister.com/

Vodafone loses Euro6bn mainly due to Indian biz writeoff

UK market remains particularly poor performer

Vodafone has reported a substantial loss of €6.1bn (£5.2bn) during its full-year results 2016/17, mainly due to a writedown of its Indian business.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2017 11:40:00 Quelle: https://www.reddit.com/

Another post about religion...

We have several large storage arrays connected to more than a few vmware hosts. The OS guys want to connect 10+, 10G links to the same switch the storage arrays are connected to (with 4, 10G links each... several installations).

I tell them they're Nucking Futs, and they're going to saturate the links to the storage arrays, and after a while, they're never going to get the 10GB links they're asking for.

They tell me that the file transfers will be so fast, that 2 computers will never be talking at the same time... They also tell me that the storage isn't fast enough to transmit 40GB of data anyway... Which.... I'm not sure how that helps their argument... and not sure how to respond.

Am I out of my gourd? What's the ideal way to set this up?

submitted by /u/ravenze
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

30.04.2017 23:00:00 Quelle: https://www.reddit.com/

Two Factor Authentication for Management Accounts

As a MSP, we have "management" accounts for various services(myQNAPCloud, WatchGuard Support, SendGrid, etc). Given the amount of security concerns, we would like to implement Two Factor authentication. However this generally means that then the account needs to be tied to a specific employee's mobile device.

My question is, how are other MSPs enabling Two Factor for these type of accounts? Have a dedicated mobile device with forwarding enabled? Or maybe have it assigned to the owner's phone and use IFTTT to forward the auth code to all employees that may have access?

submitted by /u/reject423
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2017 05:39:00 Quelle: https://www.reddit.com/

When a Windows host goes bad, Linux & HP switches slow to a crawl?

This morning we had quite an interesting problem.

In the wee small hours of Saturday morning, a desktop computer that sits in our server room had a bit of a brain fart. This computer is used by us technicians while we are configuring servers and contains firmware and utilities for things like our SAN and switches etc…..

We have a Dell PDU (Power Distribution Unit) that was sending emails all weekend with things like ‘Network Interface restarted’ No worries I thought, I will simply reboot it when I get to work on Monday as its clearly on the fritz.

Then Monday Morning at 6:04AM, Alerts came through from our CentOS proxy server, then HP switches kept flapping. Ping tests showed about 75% packet loss, with 200ms ping times on our local network.

 

WTF?

 

HP Switches now flapping, but not our Cisco’s, Linux hosts with huge packet-loss?

Fireing up Wireshark, we discovered the following:

Imgur

 

The desktop in the server room was doing the following:

DHCP DISCOVER ———>

<——— DHCP Offer

DHCP Request ———>

<——— DHCP ACK

 

MANY times a second. Essentially flooding our DHCP Server. DoS anyone?

All our clients continued access to the internet (apart from the ones going through the proxy) and were able to get DHCP leases and network resources.

After looking at the desktop,

-The DNS Client Events errors saying the DNS Server timed out,

-The NETLOGON service looses connection to the DC

-Group Policy and other services drop off the network.

 

At the end of this,
-Why did this happen?

-Why was it only Linux hosts and HP switches that were upset by this occurring?

-Hardware? Software?

We will see if we can reimage this machine this afternoon.

 

TL;DR: Desktop computer farted, causing the network to react to the smell, and the DHCP server assured the computer that it was all going to be ok. It wasn’t…

submitted by /u/TheNetworkGuy2
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

16.05.2017 14:10:00 Quelle: https://www.reddit.com/

Microsoft really sometimes has some of arguably most insane defaults - Do YOU know the configuration of TryNextClosestSite, SiteCostedReferrals, DfsDnsConfig, PreferLogonDC, SysvolNetlogonTargetFailback, AutoSiteCoverage & DnsAvoidRegisterRecords for

Holy fuck these are some of the most idiotic defaults I've ever encountered:

Googling "site:microsoft.com DsQuerySitesByCost" yields the following interesting pages:

How DFS Is Used During the Logon Process

When a client logs on to a domain, the client contacts a domain controller and requests a special type of referral, known as a SYSVOL or NETLOGON referral, to gain access to the scripts and policies stored in the SYSVOL and NETLOGON shared folders on domain controllers. (Specifically, the client requests SYSVOL and NETLOGON referrals from the active domain controller, which is preceded by a + under the appropriate domain in the client’s domain cache.) These referrals map the paths \\DomainName\Sysvol and \\DomainName\Netlogon to a list of SYSVOL and NETLOGON shared folders for all domain controllers. Clients store these referrals in their referral cache. To see examples of these referrals, see the figure “Sample Referral Cache Output” earlier in this section.

DFS objects do not exist in Active Directory for these shared folders; instead, the domain controller simply recognizes that it is responsible for these paths and responds to queries of the form \\DomainName\Sysvol and \\DomainName\Netlogon. These referrals are distinct in that although the targets are hosted on a domain controller, the targets are not roots themselves and do not appear in any of the DFS tools, nor can the SYSVOL and NETLOGON shared folders host links.

Domain controllers generate SYSVOL and NETLOGON referrals each time a client requests a referral. By default, the list of domain controllers listed in a SYSVOL or NETLOGON referral are sorted as follows:

  • All domain controllers in the client’s site are grouped in random order at the top of the list.

  • Domain controllers outside of the client’s site are listed in random order.

It is possible to configure DFS to sort the domain controllers outside of the client’s site in order of lowest cost. You can enable this feature by adding the SiteCostedReferrals registry entry on each domain controller and then restarting the DFS service on each domain controller. The DFS service then obtains site cost information for all domain controllers and stores this information in its site cost cache.

  • DFS Tools and Settings explains SiteCostedReferrals in more detail, where we also find the idiotism of DfsDnsConfig - a source of problems a bit better known that the preceding two clowns:

When set to 1, specifies that this server will use fully qualified domain names (FQDN) in referrals. When set to 0 (the default), specifies that this server will use NetBIOS names in referrals.

Bonus: If you want to do some powershell scripting that accounts for the behaviours described above, this page (unfortunately the page itself, but not the code, is in German):

https://social.technet.microsoft.com/Forums/Windows/de-DE/37228099-ae67-4219-998f-77a26917fc8d/weg-der-replikation-darstellen-script-fr-site-to-site-replikation?forum=powershell_de

has MSFT employee Raimund Andrée providing some powershell code using the above mentioned APIs to dig out data not available by other means. The same person apparently also has written some quite useful Powershell modules also related to complex replication topics, and also some other useful things:

https://gallery.technet.microsoft.com/scriptcenter/site/search?f%5B0%5D.Type=User&f%5B0%5D.Value=Raimund%20Andr%C3%A9e&sortBy=Date

Now, why Microsoft decided that "LUL RANDOM" should be the default? Who knows. I find it a bit hard to apply Hanlon's razor in this case, but I'll not engage in speculation here.

P.S.:
If you have RODCs, you also want to look at AutoSiteCoverage, which is default disabled on RODCs. And since I tried to find how that interacts with the above, I found this guide from shortly after 9/11, which contains a few additional useful and 'great' details:

P.P.S.:
After looking up all of the above manually, I found this:

https://jorgequestforknowledge.wordpress.com/category/active-directory-domain-services-adds/dc-locator/
(which, possibly falsely, claims that PreferLogonDC is enabled by default in 2k8+. I doubt that, but haven't verified it. The modus operandi of MS in cases like that seems to just include the functionality, so you don't need a hotfix anymore, but not enable it. Other than that, this seems like a useful resource that I wish I had found earlier. Which is why I also wonder if DfsEnableSmartClient is actually deprecated & non-functional, or not.)

Which also pointed me to this 'great' bug:
KB2666938 - Client computer uses site-less SRV records after you restart the computer in Windows 7 or in Windows Server 2008 R2

submitted by /u/AforAnonymous
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)