Consolidated Business & Enterprise Computing Rant Thread

Discussion in 'Business & Enterprise Computing' started by elvis, Jul 1, 2008.

  1. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,184
    Location:
    Canberra
    My buddy at Digicor is bitching about this *right* now.

    Must be that time of the month.
     
  2. Smokin Whale

    Smokin Whale Member

    Joined:
    Nov 29, 2006
    Messages:
    5,183
    Location:
    Pacific Ocean off SC
    A written process and strategy for backup management. Everything documented and up to date when changes occur. Regular checks on systems. A reasonable time for backup retention and multiple backup locations (both locally and cloud based).

    I'd like to employ some strategies for cold storage/offline backups but it's not a massive priority. The only way I'd be really screwed at the moment is if fileservers were physically destroyed or had ransomware running on it locally but I can't imagine that happening considering they're pretty well secured. Yes, I'd be able to restore cloud backups in this situation which would mean a fair bit of downtime but I most likely never will for the environments I work with (not flood or fire prone, break-ins are very rare).
     
  3. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,771
    Location:
    Brisbane

    Here is my script to run after entering a remote powershell session on a hyper-v server.

    Code:
    # This script creates a new Hyper-V machine with hard drive, memory & network resources configured.
    
    Echo "Variables"
    $SVR1 = Read-Host "Enter the Virtual Machine name (Press [Enter] to choose Server01): "
    if ($SVR1 -eq ""){$SVR1="Server01"} ; if ($SVR1 -eq $NULL){$SRV1="Server01"}
    
    $VMLOC = "d:\virtual machines\config files"
    
    $message = "Enter RAM amount in GB (or specify unit)"
    do
    {
        [int64]$RAM=$null
        [string]$SRAM=Read-Host $message
        switch -regex ($SRAM)
        {
            '^\d+KB$' { $RAM = 1KB * $SRAM.Substring(0,$SRAM.Length-2) }
            '^\d+MB$' {$RAM = 1MB * $SRAM.Substring(0,$SRAM.Length-2) }
            '^\d+GB$' { $RAM = 1GB * $SRAM.Substring(0,$SRAM.Length-2) }
            '\D+' {Write-Verbose 'No valid integer entered'} #no number means $null 
            '^\d+$' {$RAM = 1GB * $SRAM}
            default {$RAM = 1 * 1GB} #no entry = 1GB
        }
        $message = "Invalid Entry, please enter RAM amount in GB (or specify unit)"
    }
    until ($RAM) 
    
    $RAM
    
    $Network1 = "VmTeamSwitch"
    
    $Processor = Read-Host "Enter the number of processors (Press [Enter] to choose 2): "
    if ($Processor -eq ""){$Processor="2"} ; if ($Processor -eq $NULL){$Processor="2"}
    
    $VHDPath = "D:\Virtual Machines\VHD"
    
    $VM_ROOT_VHD = "$VHDPath\$SVR1\${SVR1}_OS_C_Drive.VHDX"
    
    $VHDTemplate = "D:\Administrative\Template VHDX\2012 R2 OS\AUTemplate.VHDX"
    
    
    Echo "Create VM Folder"
    MD $VMLOC -ErrorAction SilentlyContinue
    MD $VHDPath\$SVR1 -ErrorAction SilentlyContinue
    
    Echo "Create Virtual Machine"
    New-VM -Name $SVR1 -Path $VMLOC -MemoryStartupBytes $RAM -SwitchName $Network1 -generation 2
    
    Echo "Copy Template VHDX and rename"
    Convert-VHD -path $VHDTemplate -DestinationPath $VM_ROOT_VHD
    Add-VMHardDiskDrive -VMName $SVR1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 0 -Path $VM_ROOT_VHD
    
    Echo "Set number of processors"
    SET-VMProcessor –VMName $SVR1 –Count $Processor
    
    Echo "Set OS VHD as 1st boot order"
    $vhd = Get-VMHardDiskDrive -vmname $SVR1
    Set-VMFirmware -VMName $SVR1 -FirstBootDevice $VHD
    
    
    
    
    Saves me a lot of times running up a VM. I boot the template image up every now and again to install updates, take it offline, copy it and then boot the copy to sysprep. This way I dont hit the limit of syspreps I can do on the original image
     
  4. -Antiskeptic-

    -Antiskeptic- Member

    Joined:
    Aug 14, 2006
    Messages:
    955
    Location:
    Reservoir, VIC
    Sorry, my point around DLP was that the woman had a full copy of the movie sitting at home.
     
  5. Smokin Whale

    Smokin Whale Member

    Joined:
    Nov 29, 2006
    Messages:
    5,183
    Location:
    Pacific Ocean off SC
    Yeah I now see that this was probably more targeted towards Elvis, kinda saw it as a open for all question. I'm sure he does things pretty differently.
     
  6. -Antiskeptic-

    -Antiskeptic- Member

    Joined:
    Aug 14, 2006
    Messages:
    955
    Location:
    Reservoir, VIC
    You raise good points though, basically you need replication to separate site/s so that you can loose a whole site/Data Center and restore from or fail-over to a replicated SAN etc.
     
    Last edited: Feb 11, 2016
  7. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,184
    Location:
    Canberra
    #feelingfancy

    Finally got my head around this CSP/DPOR/O365 horseshit today.

    How do I assign other members of my team to have access to my O365 Partner admin page?

    Can I do it without giving them access to our 365 tenancy?
     
  8. TehCamel

    TehCamel Member

    Joined:
    Oct 8, 2006
    Messages:
    4,183
    Location:
    Melbourne
    yep
    Logon > Partner tile > Partner Center > user management
    "Assists your customers as:"
    "Helpdesk agent" or "admin agent"

    ignore "manages your company as"
     
  9. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,184
    Location:
    Canberra
    Last one.

    Can I use my MAPS O365 E3 licenses but disable the email side (because we have on-prem 2016)?

    Or do I need E1 Licenses?

    (doing the hybrid thing)
     
  10. TehCamel

    TehCamel Member

    Joined:
    Oct 8, 2006
    Messages:
    4,183
    Location:
    Melbourne
    uhmmmmmm
    I would say yes.. because an E3 is basically E1 with OfficeProPlus
    do you get E3 with MAPS?
     
  11. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,184
    Location:
    Canberra
    Bah I want the other one then. Basically an enterprise o365 with proplus only.

    And yeah, maps gives you 5x e3 for being a sub.



    *edit*

    nm, worked it out

    [​IMG]
     
    Last edited: Feb 11, 2016
  12. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,346
    Location:
    Brisbane
    Heh a piece of software here takes ~2hrs to install and you cannot use the computer during that. If they fuck up the installation in one of a fun variety of ways they need to reimage the PC.

    That's a pretty good question, I always assumed stuff would be watermarked to make tracing it pretty easy but apparently not.

    Writeup here for those curious

    https://blog.exodusintel.com/2016/01/26/firewall-hacking/
     
  13. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,382
    Location:
    Canberra
    Last edited: Feb 11, 2016
  14. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,346
    Location:
    Brisbane
  15. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,382
    Location:
    Canberra
    what's more concerning is that there are no TALOS or ET ruleset updates which contain the payload signature.

    possibly deliberate obfuscation to allow time for patching to take place.
     
  16. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,382
    Location:
    Canberra
    Talos has dropped:
    ET open rules have dropped:
     
  17. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,771
    Location:
    Brisbane
    Prayer not a rant:


    Monday could be interesting. Launching our electronic system to system integration with our customers. Please go seamlessly, please go seamlessly.
     
  18. fR33z3

    fR33z3 Member

    Joined:
    Jul 16, 2001
    Messages:
    2,164
    Location:
    Perth
    How long till we see an ASA exploit go wild? There's a lot of public technical info already on the vulnerability.

    Given the mass IKE scanning that some research agencies have detected, I think its fair to say that attackers are preempting the exploit and are narrowing down their list of target IPs so they can get first dibs on victims.

    Given ASAs are commonly a first-line defense on the internet, I think this has the potential for giving us enterprise network engineers headaches we have not experienced for a long time. We see our gear as hardware appliances. But not only are they mostly software - they are mostly x86 software now.

    Virus infected windows server - Sure.
    Rootkited linux system - Possible.
    Bot controlled ASAs - Never. Blasphemy. Possible. Probable.
     
  19. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,366
    At least Cisco have seen the sense is allowing people not on service contracts the ability to get the updated software, that should go some way towards mitigating it, But I expect many of these will sit unpatched until the are replaced (or until someone writes a worm to patch them) It certainly sounds like its a Code Red type situation.
     
  20. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    43,112
    Location:
    Brisbane
    If you want to work on big movies that belong to other studios today, all your computers are physically locked up and there's an air gap between them and the Internet. Standard MPAA rules. Even then, everyone has a video camera in their pocket today, so 100% preventing the leaking of material is impossible. At some point you have to trust your crew. But doing everything you can to stop a full, uncompressed movie leaking to the Internet is also something you want to get right.

    Pixar working on a Pixar film is a little different. There's nobody to sue if that goes wrong. Although with that said, I too am surprised that a producer managed to get the whole film on a portable hard disk to her house. It was certainly a different time back then, however.
     
    Last edited: Feb 14, 2016

Share This Page

Advertisement: