[Sysadmin] Routing to null

RandomHajile

He got a bike route delivering NEWSPAPERS! Dude needs to start a consulting business and charge businesses, even if he wants to keep working on the tools for free.

Athenor

A friend of mine also posted this on Facebook. Take with a grain of salt, because none of us know this person:

He might also benefit from remote work placement.

I'm guessing, but I think the main benefits of remaining in a position you find familiar are safety, support, and time management. Particularly if you grew up with a history of receiving bullying, you don't want to put yourself out there where it might happen again versus a place you know you are accepted.

Remote work can help you engage with doing things from a safe environment while limiting/controlling social situations that could feel unsafe.

If you grow up in an environment where no one has done that before, it's hard to navigate though. That's why a paper route in your twenties makes more experiential sense than independent contracting.

Feral

Athenor wrote: »

Feldorn wrote: »

Athenor wrote: »

I wanted to give a shoutout to a guy who lives in the same town as me that I've never met (to my knowledge) and has done far more for the world than I ever have.

https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

You know what’s amazing about that story? His employer won’t pay him enough to cover his bills.

Yet the article quotes a security researcher who is worried about law enforcement taking advantage of him.

...

You know what? You're absolutely right, I hadn't even considered that angle! The article was just heaping praise on the guy, who seems to be one of the company's best workers, and yet he's basically working poor. And I should've noticed, because I worked in a very similar position for a local MSP, being paid 1/3 what I am now.

Huh. and here I was, bringing this up to all sorts of friends and connected folks in town, including spreading the story at work, and feeling like I should try to help him out.. when the real answer would be for his employer to pay more based off the publicity this article generates for them.

Or he should get a job with a security company where they just give him a VPN connection into a sandbox VM cluster and let him analyze malware all day for $200k/yr

Feral

He also admits that he has imposter syndrome.

I really feel for the guy, I know what it's like to not know your own worth.

Thawmus

The more I read about this guy, the more I'm certain I've actually talked to him before.

The username is super familiar to me, and I swear I was on bleeping's forum last time I was dealing with ransomware. They had a utility on there for me to download and run against a file before and after encryption to determine the key, and then decrypt everything with said key.

Pretty sure he also just took donations, which if I remember right my company was not interested in jumping through the hoops to do.

LD50

Athenor wrote: »

Feldorn wrote: »

Athenor wrote: »

I wanted to give a shoutout to a guy who lives in the same town as me that I've never met (to my knowledge) and has done far more for the world than I ever have.

https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

You know what’s amazing about that story? His employer won’t pay him enough to cover his bills.

Yet the article quotes a security researcher who is worried about law enforcement taking advantage of him.

...

You know what? You're absolutely right, I hadn't even considered that angle! The article was just heaping praise on the guy, who seems to be one of the company's best workers, and yet he's basically working poor. And I should've noticed, because I worked in a very similar position for a local MSP, being paid 1/3 what I am now.

Huh. and here I was, bringing this up to all sorts of friends and connected folks in town, including spreading the story at work, and feeling like I should try to help him out.. when the real answer would be for his employer to pay more based off the publicity this article generates for them.

Really his employer should pay more because he should be earning a livable wage. He should be earning MORE than a livable wage, if his public security experience is anything to go by.

Feral

It sounds like he works for some shitty two-bit small-town MSP

I speculate it's probably poorly managed and has cash flow problems

Inquisitor77

He has to have been contacted by any number of security companies and governmental agencies by now... I would not be surprised if he just can't bring himself to move out of his comfort zone. Which if true basically means that his employer is taking advantage of a his issues.

Feldorn

Feral wrote: »

It sounds like he works for some shitty two-bit small-town MSP

I speculate it's probably poorly managed and has cash flow problems

He works for a PC repair shop.

Seidkona

Feral wrote: »

He also admits that he has imposter syndrome.

I really feel for the guy, I know what it's like to not know your own worth.

How true.

That goes for anyone reading this thread and lurking. Seriously know your worth more than the world is giving you. Almost universally.

Athenor

Inquisitor77 wrote: »

He has to have been contacted by any number of security companies and governmental agencies by now... I would not be surprised if he just can't bring himself to move out of his comfort zone. Which if true basically means that his employer is taking advantage of a his issues.

I am aware of multiple efforts to offer help if desired. As I don't know him, I am not directly reaching out. But he does seem cool.

Feldorn

I mean, the article makes it clear he is there because he likes it and it’s a good fit.

As someone who worked 2 jobs for awhile I also know it isn’t worth the stress.

I guess that situations like that get to me.

Feral

Feldorn wrote: »

Feral wrote: »

It sounds like he works for some shitty two-bit small-town MSP

I speculate it's probably poorly managed and has cash flow problems

He works for a PC repair shop.

Yeah I looked it up after my post

It's a tiny PC repair shop in a small town strip mall next to a Great Clips

Feral

Feldorn wrote: »

I mean, the article makes it clear he is there because he likes it and it’s a good fit.

As someone who worked 2 jobs for awhile I also know it isn’t worth the stress.

I guess that situations like that get to me.

The article makes clear that he has imposter syndrome and doesn't know his own worth

You don't need to work 2 jobs when you just work 1 job that pays you well

Inquisitor77

Yeah all I'm saying is that he very clearly has issues. Whether it's imposter syndrome or something more severe or simply an incredibly rigid set of principles, I couldn't say. But most people do not stay working at a poverty-wage job when they can very clearly make six figures doing something they already do for fun, on their own time, after having received multiple offers to do so.

At the very least he could just, you know, go write code for someone. Instead of work at a tiny computer repair shop that services people who don't know how to save contacts to their phones.

Like, read this excerpt and tell me that the owner of "Nerds on Call" isn't running a small-time Walmart employment operation:

In 2017, the FBI awarded Gillespie a Community Leadership Award for his “public service, devotion and assistance to victims of ransomware in the United States and Internationally.” Gillespie prominently displays the award in his home. In April 2018, he and his wife flew to Washington for the award ceremony, accompanied by his boss at Nerds on Call. The joke around the office was that the boss “went with him to try to nerf anybody trying to recruit him,” said Gillespie’s former co-worker, Jacobs. “He would be very difficult to replace.”

Athenor

I should note that I have no clue about the people over at Nerds on Call. They have survived around here for longer than most shops.

wunderbar

So we're rolling out 2FA through an authenticator app that supports both code and push.

about a week ago we set it up for our CEO.

Our CEO today comes and tells us that she can't sign in, the 2FA isn't working.

Our CEO thought that they didn't need the 2FA app on their phone anymore, and deleted it.

LD50

wunderbar wrote: »

So we're rolling out 2FA through an authenticator app that supports both code and push.

about a week ago we set it up for our CEO.

Our CEO today comes and tells us that she can't sign in, the 2FA isn't working.

Our CEO though that they didn't need the 2FA app on their phone anymore, and deleted it.

I think every sysadmin that supports 2fa runs into this.

My favorite is that we have 2fa set up to allow doctors to e-prescribe controlled substances. Unlike our normal 2fa that we use for remote login etc., this 2fa is not managed by IT because setting it up requires a bunch of extra vetting. We have doctors that will do exactly what your CEO did and then get angry that they can't prescribe narcotics and then get even angrier when we tell them they need to grab 2 forms of ID and meet with management.

Myiagros

I'm liking the software we have that uses Google Authenticator, it's so much easier than managing 3-5 different programs or having to get email or text codes.

That_Guy

They've been trying to roll out Duo 2FA at my office. Every few weeks I get an email about signing up and downloading the app but I just ignore it. I figure, if I ignore it for long enough it'll either go away or I will.

schuss

We use the MS one and it's pretty nice, as you just get a pop up on your phone with "approve?" And y/n

wunderbar

That_Guy wrote: »

They've been trying to roll out Duo 2FA at my office. Every few weeks I get an email about signing up and downloading the app but I just ignore it. I figure, if I ignore it for long enough it'll either go away or I will.

We use duo as well. I actually like it quite a bit, except for how it handles offline situations, that's not as elegant.

lwt1973

Manager: This issue is happening for several people in my department.
Me: Who is having the issue?
Manager: This person.
Me: Who else?
Manager: I don't know but it happened three hours ago for several other people.
Me: So you don't know who else?
Manager: Just look through the logs and you'll see it.
<I look through the logs and can't find anyone else having the issue.>

Feral

I occasionally run reports on our on-prem Exchange to gather statistics about email usage.

It occurred to me this week to sum up the size of Deleted Items folder in each mailbox and compare it to our overall mailbox size.

(Not soft-deletes or recoverable items, but the contents of users' respective Deleted Items folders.)

1) Guess how much of our Exchange mailbox footprint is taken up by Deleted Items

2) Guess how big our largest Deleted Items is

LD50

Feral wrote: »

I occasionally run reports on our on-prem Exchange to gather statistics about email usage.

It occurred to me this week to sum up the size of Deleted Items folder in each mailbox and compare it to our overall mailbox size.

(Not soft-deletes or recoverable items, but the contents of users' respective Deleted Items folders.)

1) Guess how much of our Exchange mailbox footprint is taken up by Deleted Items

2) Guess how big our largest Deleted Items is

Oh, you mean my long term file storage?

LD50

I legit have 8k items in my deleted items folder. I have automated rules that move TONS of garbage every day.

Feral

Nobody wants to guess with me. Okay.

23% of our total mailbox footprint is taken up by Deleted Items folders.

Our largest Deleted Items folder is 10GB.

Aioua

Time for that auto-delete policy.
You get 30 days in deleted items and then *poof*

LD50

Aioua wrote: »

Time for that auto-delete policy.
You get 30 days in deleted items and then *poof*

We have an autodelete policy.

Dizzy D

10Gb is honestly not the worst that I've seen. Most of our customers are financial or government institutions so we have autoarchiving policies. Just needed to work on a script this week to prevent it from autoarchiving the calendar and tasks folders, because it turns out that people want to look up old meetings from time to time.

Feral

Aioua wrote: »

Time for that auto-delete policy.
You get 30 days in deleted items and then *poof*

Yeah, we're trying to get organizational buy in for that

You can imagine how well that's working

Almost a verbatim quote: "I would be very unhappy with a retention policy because I often need something that I deleted and then I have to go into my deleted folder to retrieve it."

Feral

Also I had multiple people say that if we do set a retention policy, it should be set to one year

Darkewolfe

Feral wrote: »

Also I had multiple people say that if we do set a retention policy, it should be set to one year

This shit is honestly easy, though.

Price out the cost of addressable storage from the average cloud host (it's about $30 a TB per month). Assess the average monthly rate of mailbox growth in your org. Tell the CEO, "For every month past 3 months that you want to retain, it costs you $X."

Feral

Darkewolfe wrote: »

Feral wrote: »

Also I had multiple people say that if we do set a retention policy, it should be set to one year

This shit is honestly easy, though.

Price out the cost of addressable storage from the average cloud host (it's about $30 a TB per month). Assess the average monthly rate of mailbox growth in your org. Tell the CEO, "For every month past 3 months that you want to retain, it costs you $X."

The average mailbox in our organization grows at 1GB per year. High-traffic mailboxes (executives and IT are at the top) are roughly double that.

23% of our mailbox footprint is Deleted Items.

(2 GB mailbox growth per year / 12 months per year) * ($30 per TB / 1024 GB per TB) * 0.23 Deleted Items per mailbox =

(drumroll)

$0.001 per month per mailbox for Deleted Items storage.

Darkewolfe

Then I guess it's not a problem.

LD50

All our email is azure hosted now, and we remove all the storage limits. I think it's technically 99 gigs or something crazy but I don't think there are any inboxes in danger of going over that limit right now.

We retain everything internally anyway, so it doesn't really matter how much we let people store. Storage is cheap, yo.

Seidkona

One thing that bothers me about the "storage is cheap" is that it is potentially creating a future tech debt problem.

Feral

LD50 wrote: »

All our email is azure hosted now, and we remove all the storage limits. I think it's technically 99 gigs or something crazy but I don't think there are any inboxes in danger of going over that limit right now.

We retain everything internally anyway, so it doesn't really matter how much we let people store. Storage is cheap, yo.

We don't have quotas on our on-prem Exchange. We don't really have a storage issue.

What we do have is a lot of IT techs and several managers / executives who believe that we SHOULD have quotas, for various reasons. I'm tired of arguing with them about it.

bowen

I don't think I have deleted emails in 10 years, and I have the largest email inbox of my entire staff, get the largest flow of emails, and most of the staff share email accounts (reception/lab/etc). I am using about 2.5gb

How are people using more than 10gb? Are y'all sending ISOs via email?

Thawmus

bowen wrote: »

I don't think I have deleted emails in 10 years, and I have the largest email inbox of my entire staff, get the largest flow of emails, and most of the staff share email accounts (reception/lab/etc). I am using about 2.5gb

How are people using more than 10gb? Are y'all sending ISOs via email?

Images.

In every fucking mail.