As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Sysadmin] Routing to null

1679111299

Posts

  • SeidkonaSeidkona Had an upgrade Registered User regular
    New job just asked if I wanted a Mac or PC.

    I said if I can't run Linux then I want a Mac.

    Sadly since I got the better job with the bigger company they do not support Linux so Mac it is.

    He did say they were trying to get it allowed.

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • bowenbowen How you doin'? Registered User regular
    TL DR wrote: »
    The guy I share an office with is studying for his CCNA and has been silent with his head buried in study material all morning

    He just abruptly stood up, said "Fuck the OSI model", and walked out of the room

    he's not wrong

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • bowenbowen How you doin'? Registered User regular
    Mac with enough memory and cpu to run linux and windows in a VM

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • That_GuyThat_Guy I don't wanna be that guy Registered User regular
    Don't forget about Linux Subsystems for Windows. It's kinda janky but is better than nothing

  • ThawmusThawmus +Jackface Registered User regular
    Install one of the distros that looks exactly like Mac OS and see if anyone notices.

    Naw, I kid. You should be able to do an awful lot on Mac that you already do on Linux. They have linux servers, I hope?

    Twitch: Thawmus83
  • DrovekDrovek Registered User regular
    edited May 2019
    Entaru wrote: »
    New job just asked if I wanted a Mac or PC.

    I said if I can't run Linux then I want a Mac.

    Sadly since I got the better job with the bigger company they do not support Linux so Mac it is.

    He did say they were trying to get it allowed.

    Current job got me a Mac. I hate that thing with a passion, but at least it has a native terminal.

    MBPs made me hate USB-C.

    Drovek on
    steam_sig.png( < . . .
  • SeidkonaSeidkona Had an upgrade Registered User regular
    edited May 2019
    Thawmus wrote: »
    Install one of the distros that looks exactly like Mac OS and see if anyone notices.

    Naw, I kid. You should be able to do an awful lot on Mac that you already do on Linux. They have linux servers, I hope?

    All I really need is to provision myself a box on the internal Network as my dev box.

    I do almost everything from the terminal anyway .

    Plus one of the Mac terminals supports tmux command mode.

    I could admin Linux boxes from a toaster. I am not too worried about it.

    Seidkona on
    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    The OSI model doesn't seem like something to get stressed about

    It isn't that complicated

    And it's just an abstract mental model, not an inviolable law

    However, I've never done the CCNA, and Cisco often crawls up their own ass with esoteric terminology so maybe his study materials were particularly fucky

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • TL DRTL DR Not at all confident in his reflexive opinions of thingsRegistered User regular
    I interpreted as though he said "fuck packets"

  • bowenbowen How you doin'? Registered User regular
    Feral wrote: »
    The OSI model doesn't seem like something to get stressed about

    It isn't that complicated

    And it's just an abstract mental model, not an inviolable law

    However, I've never done the CCNA, and Cisco often crawls up their own ass with esoteric terminology so maybe his study materials were particularly fucky

    Cisco stuff is awful and cisco and oracle still existing is almost entirely because they overinflate the value of their certifications.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • ThawmusThawmus +Jackface Registered User regular
    I'm still angry that I can't get Mikrotik certs without flying halfway across the country. So I do think everyone's up their own asshole, even the little guys.

    Twitch: Thawmus83
  • LD50LD50 Registered User regular
    Wait guys, didn't we have this exact same conversation about installing linux on a macbook and skinning it to look like ios like a year ago?

  • DarkewolfeDarkewolfe Registered User regular
    edited May 2019
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    Darkewolfe on
    What is this I don't even.
  • DrovekDrovek Registered User regular
    LD50 wrote: »
    Wait guys, didn't we have this exact same conversation about installing linux on a macbook and skinning it to look like ios like a year ago?

    yeap
    v8y1t1ap0ah8.jpg

    steam_sig.png( < . . .
  • SeidkonaSeidkona Had an upgrade Registered User regular
    LD50 wrote: »
    Wait guys, didn't we have this exact same conversation about installing linux on a macbook and skinning it to look like ios like a year ago?

    We only have like 6 conversations.

    Who wants to talk about editors?

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Darkewolfe wrote: »
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    It sounds like you just need to have a more positive attitude and be oriented to success.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • ThawmusThawmus +Jackface Registered User regular
    Darkewolfe wrote: »
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    We would have been successful if you had been more of a team player!

    Twitch: Thawmus83
  • SeidkonaSeidkona Had an upgrade Registered User regular
    That_Guy wrote: »
    Don't forget about Linux Subsystems for Windows. It's kinda janky but is better than nothing

    But with a Mac I get iTerm2 with tmux command mode.

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • DarkewolfeDarkewolfe Registered User regular
    Feral wrote: »
    Darkewolfe wrote: »
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    It sounds like you just need to have a more positive attitude and be oriented to success.

    I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."

    What is this I don't even.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Darkewolfe wrote: »
    Feral wrote: »
    Darkewolfe wrote: »
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    It sounds like you just need to have a more positive attitude and be oriented to success.

    I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."

    Oh god fuck that person
    Fuck him with a rusty railroad spike

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • SeidkonaSeidkona Had an upgrade Registered User regular
    Darkewolfe wrote: »
    Feral wrote: »
    Darkewolfe wrote: »
    Quelle surprise, the application we were forced to rush to production by executives in 1/6 the schedule we suggested has some unanticipated problems!

    The fact that ANYONE has the audacity to act like this wasn't anticipated infuriates me more than anything else. I basically signed every e-mail on the subject (where I try to provide info on how to accomplish) up to this point with "and as an addendum to the above, I still think this is a terrible idea."

    It sounds like you just need to have a more positive attitude and be oriented to success.

    I fucking shit you not, someone said, "I need you guys to bring me solutions, not problems."

    Were they trying to talk you into helping them build an exclusive island music festival at the time?

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    We have two VPN's going to our customers through Rackspace. The first customer vpn has no issues. We can ping through and we can access what we need through it. The second customer is up and running and we can ping through it but it's a coin flip on whether or not we can telnet into what we need. Sometimes it works and sometimes it doesn't.

    The frustrating thing is we have an older server/vpn connection on-site and it works fine with no issues on both so something is going on but the customer and Rackspace can't find out what's up.

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • ArcSynArcSyn Registered User regular
    Still hate certificates and security.

    AD-DC1 has certificate. LDP can connect locally to port 636 and bind securely.
    AD-DC2 can connect to DC1 over 389, but not 636.
    Sonicwall can connect to DC1 over 389, but not 636.
    DC1 Firewall is set to allow 636 connections.

    I'm missing something, but all of the "walkthroughs" I've found gloss over all of this as if once you put a certificate on the server it all works magically.

    4dm3dwuxq302.png
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    ArcSyn wrote: »
    Still hate certificates and security.

    AD-DC1 has certificate. LDP can connect locally to port 636 and bind securely.
    AD-DC2 can connect to DC1 over 389, but not 636.
    Sonicwall can connect to DC1 over 389, but not 636.
    DC1 Firewall is set to allow 636 connections.

    I'm missing something, but all of the "walkthroughs" I've found gloss over all of this as if once you put a certificate on the server it all works magically.

    Hmm. I would start by verifying that port 636 is actually accessible from any other host by running nmap against DC1.

    Also, I've usually found that the cert needs to be trusted by the clients. For example, we use PKI with Microsoft cert servers. For LDAPS to work from appliances, we have to import our PKI root and intermediate certs into the appliance.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • ArcSynArcSyn Registered User regular
    Yeah, I need a certs for dummies site.

    4dm3dwuxq302.png
  • wunderbarwunderbar What Have I Done? Registered User regular
    user breaks a personal view in sharepoint, which means she can't see any documents in this view.

    she emails our sharepoint guy, our IT manager, our IT manager's boss, and the CEO of the company, saying that sharepoint is broken and all the data in sharepoint is gone.

    I'm real glad I have Friday off this week.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    ArcSyn wrote: »
    Yeah, I need a certs for dummies site.

    I wish I had a good resource on that, yeah.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited May 2019
    In theory, certs should be easy. In practice, there are too many vendor-specific idiosyncrasies.

    I fucking spun my wheels for literally two fucking years on getting an EAP-TLS wifi network working with Apple devices... and it turned out that the reason for the failure was our Windows NPS/RADIUS mobile device certs had certificate chains using the RSASSA-PSS algorithm all the way down to the roots, Apple doesn't trust that algorithm, so I had to reissue our whole PKI chain.

    (┛◉Д◉)┛彡┻━┻

    And then around 2014-2017 saw a big sea change in how we thought about SSL with stuff like Poodle, the Symantec breach, the sunset of SSL 3.0, getting serious about weak encryption algorithms like 3DES, etc, but there's huge intertia where not all vendors have caught up. And even if a vendor has caught up, maybe the devices/servers in the field aren't updated, and it's a big mess.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    On that RSASSA-PSS thing, I engaged with Apple support, Meraki support, and our MDM vendor to figure out why I couldn't get Apple devices to trust our PKI chain and NOBODY could figure it out. This was 2015-2016.

    I didn't even think about that until Firefox pushed out an update where RSASSA-PSS certs threw an error in the browser, alerting me to the compatibility issues with that algorithm.

    Then in 2017 articles started appearing online about it and I was like Molly Grue from Last Unicorn, "Where have you been!?"

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Meanwhile I still have staff here who, in 20-fucking-year-of-our-lord-19, deploy HTTP servers in production without issuing trusted certs or even turning on SSL.

    I'll get an email from a team member where they're inviting non-IT staff to beta test a new system and please log in to http://whatever.contoso.com with your Active Directory username and password, and I have to walk over and hit them with a rolled up newspaper.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    I've run out of tables to flip

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • ThegreatcowThegreatcow Lord of All Bacons Washington State - It's Wet up here innit? Registered User regular
    Feral wrote: »
    I've run out of tables to flip

    old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?


    ...I'll see myself out now.

  • TL DRTL DR Not at all confident in his reflexive opinions of thingsRegistered User regular
    Feral wrote: »
    I've run out of tables to flip

    old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?


    ...I'll be seen out by security now.

  • ThegreatcowThegreatcow Lord of All Bacons Washington State - It's Wet up here innit? Registered User regular
    TL DR wrote: »
    Feral wrote: »
    I've run out of tables to flip

    old server blades or file cabinets are quite satisfying in my experience. Make a nice resounding crashing noise when it happens. Then when people come over to investigate the noise, just cheerily reply that you're backing up file systems by flipping them on their "back"! eh? ehhh?


    ...I'll be seen out by security now.

    Suddenly my former SysAdmin's habit of taking depreciated/retired hard drives and server blades out to the desert to ventilate with his guns makes a heckuva lot more sense. (was pretty fun when I tagged along a couple of times not gonna lie)

  • wunderbarwunderbar What Have I Done? Registered User regular
    I hate users people everyone everything.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • wunderbarwunderbar What Have I Done? Registered User regular
    We have a remote user who constantly complains about how her windwows laptop is terrible and how her mac is just so much better and she wishes she could work off of her personal mac instead of our windows laptops.

    So, she actually did have an issue with the laptop we gave her, pretty sure the wifi card was flaking out, and was going to bring it in for us to swap her out to a new one. We were joking that we should put an apple sticker over the dell logo on the new laptop so we can say we gave her a mac.

    You bet your ass the laptop she brought in had an apple sticker over the dell logo.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • mcpmcp Registered User regular
    So I guess Azure shit itself globally?

  • TL DRTL DR Not at all confident in his reflexive opinions of thingsRegistered User regular
    mcp wrote: »
    So I guess Azure shit itself globally?

    Office 364, bb

  • wunderbarwunderbar What Have I Done? Registered User regular
    edited May 2019
    mcp wrote: »
    So I guess Azure shit itself globally?

    Everyone say it with me:

    it's always DNS.

    nmstwu6wfu6t.png

    wunderbar on
    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • LD50LD50 Registered User regular
    mcp wrote: »
    So I guess Azure shit itself globally?

    IT CERTAINLY DID. Good thing I went home at 5.

This discussion has been closed.