At some clients/employers I've worked, Blackberry email is considered a mission-critical service. If it goes down, everybody scrambles.
At some places, it's not. It's considered a second-priority service. If it goes down, well, we'll get it back up sometime today. Maybe tomorrow. Just use OWA in the meantime.
Obviously, I prefer the latter.
Feral on
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
the "no true scotch man" fallacy.
0
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
Ok, so at the moment, whenever anyone connects to our VPN (provided by Windows 2008's NPS) from a Windows Machine, all traffic is forwarded through the VPN tunnel. Which is not ideal.
Any ideas on where the issue lies?
Is it the DNS that the VPN Clients are assigned? Should we reduce the scope of the addresses it will resolve?
Is it something on the clients themselves? Is there something you can fix in the Network profile/settings?
Is there something in how the VPN is set up?
This is an embarassing question, my networking knowledge has failed me.
It's on the clients themselves. In TCP/IP properties for the VPN connection, there's an option to "use default gateway on remote network."
Edit: this setting is enabled by default for a reason. It means any perimeter security (web filters, firewalls, etc.) you have in place in your company network are moot. The client is now effectively circumventing them. This means that the system could potentially be compromised, and compromise your network in turn. Most small businesses, though, don't really care.
Ah HA!
That is true. One the one hand, I don't trust my users that much. On the other hand, the user who is complaining is the boss. On the other hand, I don't trust him that much. It's the trilemma!
Apothe0sis on
0
Options
TL DRNot at all confident in his reflexive opinions of thingsRegistered Userregular
edited November 2010
I am guilty of being the nerd that doesn't RTFM a lot of the time
I am guilty of being the nerd that doesn't RTFM a lot of the time
+1 here. I'm not stupid enough to toss them out like some people I know. But most of the time it's more fun to try it on my own for a few minutes to take it all in. If it was something mission critical then I would just RTM. But I don't do that work currently.
Question, would anyone here recommend Untangle's free services at all? I need to build a box that will protect my mother's home and I'm looking into various options.
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
edited November 2010
I never got to try Untangle, it completely locked up my ESXi host every time I tried to install the appliance. Had to perform a hard reset each time.
I will say that pfSense has all the same bells and whistles but never locked up my ESXi host and works pretty well.
Apothe0sis on
0
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
edited November 2010
My problem with manuals is that no one ever seems to get the right balance between being so mind numbingly tedious and being insufficiently informative. Microsoft documentation, somehow does both.
I grind my teeth every damn time a manual explains that to create a new file you select new from the file menu. The reason we have that particular universal metaphor is that it IS universal.
My company used to roll out Untangle boxes until we became a Barracuda reseller.
Untangle is okay. It's a swiss army knife. It does a lot of jobs, none of them as well as a dedicated appliance. But it's very stable and performance is good, so for a home user I think it would be fine.
Most of my quibbles about it are about enterprise-level concerns; management, clustering and failover, policies, etc. Like on the web filter, for instance, I can unblock a site for everybody, or I can unblock one person for all sites, but there is no way to allow one person to go to one site. If the recruiter needs LinkedIn access, I have no choice but to open up the whole Internet to him, porn and spyware and ads and Farmville and all.
But yeah that's not really a home user issue.
Feral on
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
My problem with manuals is that no one ever seems to get the right balance between being so mind numbingly tedious and being insufficiently informative. Microsoft documentation, somehow does both.
I grind my teeth every damn time a manual explains that to create a new file you select new from the file menu. The reason we have that particular universal metaphor is that it IS universal.
Well, when I say "manual" I mean "administrator's guide."
So I guess it's more like RTFAG
Feral on
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
We got around the web filtering question by spreading rumours through the right channels* that IT monitor all traffic** and that with the recession management are looking to cut back any departments that aren't pulling their weight***. Never had an issue again.
*Reception is a tool to be used the same as you would a scalpel. Delicately but precisely.
**Not even slightly true. Honestly, who has the time to sit and sift through logs that size?
***Probably true.
We got around the web filtering question by spreading rumours through the right channels* that IT monitor all traffic** and that with the recession management are looking to cut back any departments that aren't pulling their weight***. Never had an issue again.
*Reception is a tool to be used the same as you would a scalpel. Delicately but precisely.
**Not even slightly true. Honestly, who has the time to sit and sift through logs that size?
***Probably true.
ben0207 on
0
Options
Donovan PuppyfuckerA dagger in the dark isworth a thousand swords in the morningRegistered Userregular
edited November 2010
NOBODY on Earth gossips as much as a bored receptionist...
Does anyone know anything about SORBS. They blacklisted us and after doing some research they really don't seem to be a legit company.
They are a legit company but they are also assholes that make it a bitch to get de-listed.
At least you can get de-listed. I can't remember off-hand which it is, but there's at least self-righteous jackass out there who runs a relay blacklist and refuses to de-list anybody ever, for any reason.
Does anyone know anything about SORBS. They blacklisted us and after doing some research they really don't seem to be a legit company.
They are a legit company but they are also assholes that make it a bitch to get de-listed.
At least you can get de-listed. I can't remember off-hand which it is, but there's at least self-righteous jackass out there who runs a relay blacklist and refuses to de-list anybody ever, for any reason.
Yeah i read the wiki page about them, i guess they use to charge $50 to get de-listed. They are trying to force us to install their SSL on our servers.
AthenorBattle Hardened OptimistThe Skies of HiigaraRegistered Userregular
edited November 2010
I figured if anyone would know the answer to this, it would be you guys.
I'm looking for a good power supply tester. Now, looking at Newegg, it appears there is only 1 model out there that everyone just slaps their own branding on and sells.. Which makes it fun trying to decide which one to get, in case there are differences under the hood. Now, what I'm looking for is a power supply tester that can test actual working loads and stress a power supply. Is that even available? Is it worth the investment?
Does anyone know anything about SORBS. They blacklisted us and after doing some research they really don't seem to be a legit company.
They are a legit company but they are also assholes that make it a bitch to get de-listed.
At least you can get de-listed. I can't remember off-hand which it is, but there's at least self-righteous jackass out there who runs a relay blacklist and refuses to de-list anybody ever, for any reason.
It's debatable if you actually can. The ISP I work for has stopped trying.
They have a bunch of our static IP blocks on their dynamic list. A couple of years ago we wanted to get one block, or even just one single IP listed as static like it should be. They wanted us to send them a complete CIDR list of every single IP we own.
Does anyone know anything about SORBS. They blacklisted us and after doing some research they really don't seem to be a legit company.
They are a legit company but they are also assholes that make it a bitch to get de-listed.
At least you can get de-listed. I can't remember off-hand which it is, but there's at least self-righteous jackass out there who runs a relay blacklist and refuses to de-list anybody ever, for any reason.
It's debatable if you actually can. The ISP I work for has stopped trying.
They have a bunch of our static IP blocks on their dynamic list. A couple of years ago we wanted to get one block, or even just one single IP listed as static like it should be. They wanted us to send them a complete CIDR list of every single IP we own.
When we finally did they still didn't fix it.
So even if we do everything they ask they may or may not unblock us. Freaking awesome.
So tempted to report asshole black-listers to each other as virus sites.
Wonder if it would actually work...
You may have luck with a lawsuit if it is actually interfering with business. Lawyers usually scare these geese pretty quickly.
Going that route would just take so long. I just can't take a company seriously when they have no e-mail contact info or phone contact info easily accessible. I have barely dealt with these people and i officially hate SORBS as a company.
Thanks....now i feel dumb. Every browser i use won't let me click on the Privacy Link to get to that page, but typing the address in will get me there. grumble grumble
BES isn't that much of a pain in the ass. Just don't hide the BES account in Exchange (it doesn't like that). Make sure that whatever DC it marries itself to doesn't go down (it doesn't like that either). I run the handheldcleanup utility every once in awhile. But really don't have many problems at all. We've got 550 users on one server w/ BES4.1.7 and Exchange 2007 SP1 RU6. I'm told BES5 has some nice features, but you lose reporting. I haven't looked into the BES Xpress, the concept is nice. Hosted BES with no license fees, you only have 75 IT policies, but really, who users 500 IT policies anyway.
BES really is a snap in terms of admistration of units. Setting it up can be a pain in the ass. Recently Xwall has been blocking activation emails though so I have to call out explicit exceptions to it in xwall or to the user.
mrt144 on
0
Options
mrt144King of the NumbernamesRegistered Userregular
Ok, so at the moment, whenever anyone connects to our VPN (provided by Windows 2008's NPS) from a Windows Machine, all traffic is forwarded through the VPN tunnel. Which is not ideal.
Any ideas on where the issue lies?
Is it the DNS that the VPN Clients are assigned? Should we reduce the scope of the addresses it will resolve?
Is it something on the clients themselves? Is there something you can fix in the Network profile/settings?
Is there something in how the VPN is set up?
This is an embarassing question, my networking knowledge has failed me.
It's on the clients themselves. In TCP/IP properties for the VPN connection, there's an option to "use default gateway on remote network."
Edit: this setting is enabled by default for a reason. It means any perimeter security (web filters, firewalls, etc.) you have in place in your company network are moot. The client is now effectively circumventing them. This means that the system could potentially be compromised, and compromise your network in turn. Most small businesses, though, don't really care.
But it's obviously bad when all http traffic is being pushed through to the remote server the VPN is tunneling to.
mrt144 on
0
Options
TL DRNot at all confident in his reflexive opinions of thingsRegistered Userregular
edited December 2010
Email blacklisting is my favorite thing to deal with. I've had customer service reps insist that their customer had to initiate the service ticket. Meaning my company would have to call our client, explain to a non-tech person the gist of how mxrecords work, and then have them try to explain to their customer.
TL DR on
0
Options
mrt144King of the NumbernamesRegistered Userregular
Email blacklisting is my favorite thing to deal with. I've had customer service reps insist that their customer had to initiate the service ticket. Meaning my company would have to call our client, explain to a non-tech person the gist of how mxrecords work, and then have them try to explain to their customer.
The only thing worse is when you explain to someone whose on a blacklisted Comcast subent why we didn't get their time sensitive email.
My boss wants us to switch from Desktop Authority to using Group Policy. I have experience with modifying GPOs but I've never built it from the ground up. It isn't too complicated, just shared drives for the different departments, WSUS, and he told me not to worry about printers. I talked it over with a few contacts of mine and they say that it may be best to give everybody full access and then set policy by blacklist. Thoughts?
My boss wants us to switch from Desktop Authority to using Group Policy. I have experience with modifying GPOs but I've never built it from the ground up. It isn't too complicated, just shared drives for the different departments, WSUS, and he told me not to worry about printers. I talked it over with a few contacts of mine and they say that it may be best to give everybody full access and then set policy by blacklist. Thoughts?
I am honestly not sure what you mean by blacklists.
Setting up NTSF permissions is a snap, though, just make sure you do it by group and not assign policies by individual user.
Mapping drives in Sever 2003 is also pretty easy using logon scripts. I use visual basic ones that I found online and just changed to fit what I need. You can do printers that way as well.
I think that Sever 2008 will let you map drives directly via GPO instead of forcing outside scripts to run, but I have not spent much real time with server 2008 yet. Also, Windows 7 machines in a 2003 domain do not like mapping drives this way, at least not until you turn off the UAC.
chamberlain on
0
Options
Apothe0sisHave you ever questioned the nature of your reality?Registered Userregular
edited December 2010
You can indeed map directly using the preferences section of the 2008 style group policy.
I hate GPO. Like, with a passion. Oh lawl, did you want to disallow that? Better hope the sysadmin before you didn't set up a bajillion policies where it's specifically set to allow it on every single one of them. Yes, this is a thing.
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
The all-in-ones are common now. You should be able to switch it to bridged mode.
90% of the time with cable modems it's the modem causing issues anyways. I've had numerous techs tell me they can see my modem when it was unplugged from the get go. The call:
"Hi this is Yaheed from support."
"Hi Yaheed, great many tidings to you, I'm Bowen."
"Hi Bowen what can I do for you?"
"Well, I'm having trouble with my modem, it seems I'm getting disconnected a lot."
"Oh okay, can you.."
"Now, before you tell me to cycle the power I've done all that, I do that every single time."
"Oh well, I'm looking at the equipment right now, everything appears to be fine."
"Oh?"
"Yeah, the serial number is [blah]"
"Oh well... how can you see if it's fine if it's powered off?"
"... someone will be out tomorrow."
Thanks Timewarner. Maybe you should automatically put me through to Tier3 support instead of Tier1 when my number calls. They've also gotten into the habit of not giving out passwords to their routers now too. Which is wonderful when your friend/boss/coworker asks why they can't play vidya games because their firewall won't let them. I mean they even turned off the windows one too!
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
The all-in-ones are common now. You should be able to switch it to bridged mode.
90% of the time with cable modems it's the modem causing issues anyways. I've had numerous techs tell me they can see my modem when it was unplugged from the get go. The call:
Thanks Timewarner. Maybe you should automatically put me through to Tier3 support instead of Tier1 when my number calls. They've also gotten into the habit of not giving out passwords to their routers now too. Which is wonderful when your friend/boss/coworker asks why they can't play vidya games because their firewall won't let them. I mean they even turned off the windows one too!
As someone that works ISP tech support I've never had that happen. I wonder if TW's tools cache information improperly. Or it gives incomplete info (my tool will sometimes suggest that a modem is online, but it will not load any details and won't respond to pings).
The problem I see most often is that if the modem somehow loses its connection (which can be a problem with the modem or its connection), it has to fully reconnect and then the router has to be powercycled. Otherwise they don't seem to be able to use their old DHCP lease nor do they request a new one. It could be something quirky on our service that causes that.
Of course, my company doesn't provide routers to customers, either. Well, not entirely true - we do wireless modems now but they are completely non-configurable for residential customers and there isn't much we can configure for commercial (and that's done on our end). They are intended to be a wireless device for lazy people.
The all-in-ones are common now. You should be able to switch it to bridged mode.
90% of the time with cable modems it's the modem causing issues anyways. I've had numerous techs tell me they can see my modem when it was unplugged from the get go. The call:
Thanks Timewarner. Maybe you should automatically put me through to Tier3 support instead of Tier1 when my number calls. They've also gotten into the habit of not giving out passwords to their routers now too. Which is wonderful when your friend/boss/coworker asks why they can't play vidya games because their firewall won't let them. I mean they even turned off the windows one too!
As someone that works ISP tech support I've never had that happen. I wonder if TW's tools cache information improperly. Or it gives incomplete info (my tool will sometimes suggest that a modem is online, but it will not load any details and won't respond to pings).
The problem I see most often is that if the modem somehow loses its connection (which can be a problem with the modem or its connection), it has to fully reconnect and then the router has to be powercycled. Otherwise they don't seem to be able to use their old DHCP lease nor do they request a new one. It could be something quirky on our service that causes that.
Of course, my company doesn't provide routers to customers, either. Well, not entirely true - we do wireless modems now but they are completely non-configurable for residential customers and there isn't much we can configure for commercial (and that's done on our end). They are intended to be a wireless device for lazy people.
In the past supervisors have told me to lie and tell customers that it was okay to get them off the phone faster. If they called back again,it was an actual issue and not something that happened because of inclement weather or a small brown out or something.
I suspect that is what happened. He figured I was being belligerent over the phone and just wanted to get me off the phone, probably thinking I was one of those guys that knew enough tech to be dangerous but not enough to know anything else.
When I actually had an issue because the modem was burnt out (wouldn't even power on) and they tried the exact same thing. I was able to get a tier 2 support on the phone who was like "Yeah I can see right here your unit isn't even powered on."
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Yeah. While I was a good residential support agent (we don't really have tiers over there) I know we have a lot that really, really suck. But that's a culture thing, call centers are slave to numbers, customers be damned.
Things aren't nearly as bad in commercial support where I am now. The techs are for the most part pretty good, we have downtime so we don't feel pressured to rush anyone off the phone. And best we don't have scripts to run through (i.e., we can use our brains!). I have never, ever been told to lie to a customer.
Logitech's tech support is horrendous too by the way. If their equipment wasn't so good it'd be more of an issue.
My girlfriend had one of those wireless headsets and the port the charger plugs into broke because it's flimsy. I had the hardest time getting them to understand the actual headset was broken and not the charger. They kept saying that they'll be sending a charger out, or, a new bluetooth adapter. That was so infuriating. When I finally got someone on the phone after the 5 emails through their RMA system it was some foreign tech support that actually turned out to be useful. That shocked me.
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Posts
At some places, it's not. It's considered a second-priority service. If it goes down, well, we'll get it back up sometime today. Maybe tomorrow. Just use OWA in the meantime.
Obviously, I prefer the latter.
the "no true scotch man" fallacy.
That is true. One the one hand, I don't trust my users that much. On the other hand, the user who is complaining is the boss. On the other hand, I don't trust him that much. It's the trilemma!
+1 here. I'm not stupid enough to toss them out like some people I know. But most of the time it's more fun to try it on my own for a few minutes to take it all in. If it was something mission critical then I would just RTM. But I don't do that work currently.
Question, would anyone here recommend Untangle's free services at all? I need to build a box that will protect my mother's home and I'm looking into various options.
I will say that pfSense has all the same bells and whistles but never locked up my ESXi host and works pretty well.
I grind my teeth every damn time a manual explains that to create a new file you select new from the file menu. The reason we have that particular universal metaphor is that it IS universal.
Untangle is okay. It's a swiss army knife. It does a lot of jobs, none of them as well as a dedicated appliance. But it's very stable and performance is good, so for a home user I think it would be fine.
Most of my quibbles about it are about enterprise-level concerns; management, clustering and failover, policies, etc. Like on the web filter, for instance, I can unblock a site for everybody, or I can unblock one person for all sites, but there is no way to allow one person to go to one site. If the recruiter needs LinkedIn access, I have no choice but to open up the whole Internet to him, porn and spyware and ads and Farmville and all.
But yeah that's not really a home user issue.
the "no true scotch man" fallacy.
Well, when I say "manual" I mean "administrator's guide."
So I guess it's more like RTFAG
the "no true scotch man" fallacy.
*Reception is a tool to be used the same as you would a scalpel. Delicately but precisely.
**Not even slightly true. Honestly, who has the time to sit and sift through logs that size?
***Probably true.
*Reception is a tool to be used the same as you would a scalpel. Delicately but precisely.
**Not even slightly true. Honestly, who has the time to sit and sift through logs that size?
***Probably true.
XBox: Loki HKD
PSN: Loki_HKD
They are a legit company but they are also assholes that make it a bitch to get de-listed.
Yeah i read the wiki page about them, i guess they use to charge $50 to get de-listed. They are trying to force us to install their SSL on our servers.
XBox: Loki HKD
PSN: Loki_HKD
I'm looking for a good power supply tester. Now, looking at Newegg, it appears there is only 1 model out there that everyone just slaps their own branding on and sells.. Which makes it fun trying to decide which one to get, in case there are differences under the hood. Now, what I'm looking for is a power supply tester that can test actual working loads and stress a power supply. Is that even available? Is it worth the investment?
It's debatable if you actually can. The ISP I work for has stopped trying.
They have a bunch of our static IP blocks on their dynamic list. A couple of years ago we wanted to get one block, or even just one single IP listed as static like it should be. They wanted us to send them a complete CIDR list of every single IP we own.
When we finally did they still didn't fix it.
So even if we do everything they ask they may or may not unblock us. Freaking awesome.
XBox: Loki HKD
PSN: Loki_HKD
Wonder if it would actually work...
Nintendo Network ID: AzraelRose
DropBox invite link - get 500MB extra free.
You may have luck with a lawsuit if it is actually interfering with business. Lawyers usually scare these geese pretty quickly.
Going that route would just take so long. I just can't take a company seriously when they have no e-mail contact info or phone contact info easily accessible. I have barely dealt with these people and i officially hate SORBS as a company.
XBox: Loki HKD
PSN: Loki_HKD
http://www.sorbs.net/w3c/privacy.shtml
SORBS points to GFI (looks like they have a headquarters in malta or something).
XBox: Loki HKD
PSN: Loki_HKD
BES really is a snap in terms of admistration of units. Setting it up can be a pain in the ass. Recently Xwall has been blocking activation emails though so I have to call out explicit exceptions to it in xwall or to the user.
But it's obviously bad when all http traffic is being pushed through to the remote server the VPN is tunneling to.
The only thing worse is when you explain to someone whose on a blacklisted Comcast subent why we didn't get their time sensitive email.
Update, my mother went to AT&T Uverse and now has an all in one gateway instead of just using a plane cable modem and an ancient linksys of mine.
I am honestly not sure what you mean by blacklists.
Setting up NTSF permissions is a snap, though, just make sure you do it by group and not assign policies by individual user.
Mapping drives in Sever 2003 is also pretty easy using logon scripts. I use visual basic ones that I found online and just changed to fit what I need. You can do printers that way as well.
I think that Sever 2008 will let you map drives directly via GPO instead of forcing outside scripts to run, but I have not spent much real time with server 2008 yet. Also, Windows 7 machines in a 2003 domain do not like mapping drives this way, at least not until you turn off the UAC.
Just don't ask me to support it, please.
90% of the time with cable modems it's the modem causing issues anyways. I've had numerous techs tell me they can see my modem when it was unplugged from the get go. The call:
"Hi this is Yaheed from support."
"Hi Yaheed, great many tidings to you, I'm Bowen."
"Hi Bowen what can I do for you?"
"Well, I'm having trouble with my modem, it seems I'm getting disconnected a lot."
"Oh okay, can you.."
"Now, before you tell me to cycle the power I've done all that, I do that every single time."
"Oh well, I'm looking at the equipment right now, everything appears to be fine."
"Oh?"
"Yeah, the serial number is [blah]"
"Oh well... how can you see if it's fine if it's powered off?"
"... someone will be out tomorrow."
Thanks Timewarner. Maybe you should automatically put me through to Tier3 support instead of Tier1 when my number calls. They've also gotten into the habit of not giving out passwords to their routers now too. Which is wonderful when your friend/boss/coworker asks why they can't play vidya games because their firewall won't let them. I mean they even turned off the windows one too!
As someone that works ISP tech support I've never had that happen. I wonder if TW's tools cache information improperly. Or it gives incomplete info (my tool will sometimes suggest that a modem is online, but it will not load any details and won't respond to pings).
The problem I see most often is that if the modem somehow loses its connection (which can be a problem with the modem or its connection), it has to fully reconnect and then the router has to be powercycled. Otherwise they don't seem to be able to use their old DHCP lease nor do they request a new one. It could be something quirky on our service that causes that.
Of course, my company doesn't provide routers to customers, either. Well, not entirely true - we do wireless modems now but they are completely non-configurable for residential customers and there isn't much we can configure for commercial (and that's done on our end). They are intended to be a wireless device for lazy people.
Still stuck with my 45 minute commute and obsolete hardware.
In the past supervisors have told me to lie and tell customers that it was okay to get them off the phone faster. If they called back again,it was an actual issue and not something that happened because of inclement weather or a small brown out or something.
I suspect that is what happened. He figured I was being belligerent over the phone and just wanted to get me off the phone, probably thinking I was one of those guys that knew enough tech to be dangerous but not enough to know anything else.
When I actually had an issue because the modem was burnt out (wouldn't even power on) and they tried the exact same thing. I was able to get a tier 2 support on the phone who was like "Yeah I can see right here your unit isn't even powered on."
Things aren't nearly as bad in commercial support where I am now. The techs are for the most part pretty good, we have downtime so we don't feel pressured to rush anyone off the phone. And best we don't have scripts to run through (i.e., we can use our brains!). I have never, ever been told to lie to a customer.
My girlfriend had one of those wireless headsets and the port the charger plugs into broke because it's flimsy. I had the hardest time getting them to understand the actual headset was broken and not the charger. They kept saying that they'll be sending a charger out, or, a new bluetooth adapter. That was so infuriating. When I finally got someone on the phone after the 5 emails through their RMA system it was some foreign tech support that actually turned out to be useful. That shocked me.