As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Sysadmin] Routing to null

1343537394099

Posts

  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    From my understanding of IT so far...

    Admins : day to day running of a system, configuration, setup, tear down.

    Engineers: builds new systems and designs new configurations

    Analyst : Complains about lack of documentation and sends me sla nastygrams.

    Technician: grunt work.

    In all actuality nothing matters except engineers get paid more than admins get paid more than analysts get paid more than technicians.

    I like the new gig but was told to rewrite my powershell as batch scripts because our security team doesn't let service desk run PS scripts.

    "Security"

    Wrap all your ps into one line batch scripts and see how long they take to notice.

    For real fun base64 encode the scripts: https://community.idera.com/database-tools/powershell/powertips/b/tips/posts/converting-powershell-to-batch

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Our security monitoring systems trigger alerts on base64 encoded PS commands.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • SiliconStewSiliconStew Registered User regular
    What they should be doing is setting up their systems to only run signed powershell scripts and then sign their in-house scripts after they've been properly tested. Gives protection against malicious scripts without severely hampering the ability to administer things in a modern Windows environment. Blocking powershell but allowing batch scripts is not any actual useful amount of security.

    Just remember that half the people you meet are below average intelligence.
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    Feral wrote: »
    Our security monitoring systems trigger alerts on base64 encoded PS commands.

    I suspect if their idea of "security" is "use batch scripts instead of powershell" then they probably don't have any monitoring systems :P

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Aioua wrote: »
    Feral wrote: »
    Our security monitoring systems trigger alerts on base64 encoded PS commands.

    I suspect if their idea of "security" is "use batch scripts instead of powershell" then they probably don't have any monitoring systems :P

    Oh yeah for sure.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    For the record, we don't block Powershell. We just monitor for base-64 encoded commands as one (of several) indicators of obfuscation.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Bendery It Like BeckhamBendery It Like Beckham Hopeless Registered User regular
    Turns out person giving me that direction may not grasp the reasoning behind it, a simple wrapper will work per other team members in the case that it's even necessary.

    Thank glob

  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    Feral wrote: »
    For the record, we don't block Powershell. We just monitor for base-64 encoded commands as one (of several) indicators of obfuscation.

    Yeah that's a legit thing to block, it seems they only legit reason to do the encoding is to discourage tinkering but any user that's able to crack the script open and tinker would be able to do the decoding.

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    Oh wait, my favorite use of encoded commands: when you've got issues with like, nesting escape chars across multiple shells and you just need to do SOMETHING to remove one of the layers of pain.

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • wunderbarwunderbar What Have I Done? Registered User regular
    Let me tell you how much I love it when I spend 4 hours working on an issue that presents a specific error code and the actual problem ends up being completely unrelated to the specific error code it was throwing.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • TaminTamin Registered User regular
    edited October 2019
    had some silly questions

    Over the summer I worked through a study guide for the CCENT, and passed in September. The primary issue is that the 2-volume set I picked up years ago was for the CCENT 100-101 and the CCNA 200-101.

    When I realized that the tests had changed I checked the syllabus / blueprint for the 100-105 and thought, "hey, this volume still covers 95% of the material, and the rest doesn't seem to be a focus." So perhaps I skated by.

    I've been trying to move on to the CCNA, but (amongst other things) the gulf of differences between the 200-101 and the 200-105 syllabi feels significantly wider. The local libraries only have one book that covers the correct test, and it's been a poor resource*.

    The question I'm trying to ask here is
    would it be reasonable to pick up the guide for the CCNA 200-301 with the aim of passing the 200-105?

    It'd be more expensive, sure, but the material would in theory better prepare me for an actual job. I'm cross-referencing the syllabi, but I suspect the -301 is a superset of the -105. Is that a fair suspicion?

    (an additional question: a long time ago I was fond of the nutshell line of books, and noticed there's a Portable Command Guide available. Would that a worthwhile addition to my toolkit?)

    * yesterday in particular, I checked the website for errata and they a) claimed the errata was behind a registration gate, and b) suggested that, "...mistakes can still slip through the next".

    Tamin on
  • twmjrtwmjr Registered User regular
    Tamin wrote: »
    had some silly questions

    Over the summer I worked through a study guide for the CCENT, and passed in September. The primary issue is that the 2-volume set I picked up years ago was for the CCENT 100-101 and the CCNA 200-101.

    When I realized that the tests had changed I checked the syllabus / blueprint for the 100-105 and thought, "hey, this volume still covers 95% of the material, and the rest doesn't seem to be a focus." So perhaps I skated by.

    I've been trying to move on to the CCNA, but (amongst other things) the gulf of differences between the 200-101 and the 200-105 syllabi feels significantly wider. The local libraries only have one book that covers the correct test, and it's been a poor resource*.

    The question I'm trying to ask here is
    would it be reasonable to pick up the guide for the CCNA 200-301 with the aim of passing the 200-105?

    It'd be more expensive, sure, but the material would in theory better prepare me for an actual job. I'm cross-referencing the syllabi, but I suspect the -301 is a superset of the -105. Is that a fair suspicion?

    (an additional question: a long time ago I was fond of the nutshell line of books, and noticed there's a Portable Command Guide available. Would that a worthwhile addition to my toolkit?)

    * yesterday in particular, I checked the website for errata and they a) claimed the errata was behind a registration gate, and b) suggested that, "...mistakes can still slip through the next".

    I haven't spent a lot of time reading up on the changes to the CCNA program, but I looked over the exam topics this morning. Your plan isn't entirely unreasonable; however, I see what appear to be two big differences between the 200-105 and 200-301. The newer exam doesn't seem to cover either EIGRP or OSPFv3 (for IPv6 routing). So the question is whether or not the book for 200-301 covers these topics sufficiently. There appear to be other, smaller differences as well.

    Ultimately the question I think is: will you be ready to take the 200-105 well before February 23rd? After that, you are forced into the 200-301. If you suspect that's possible, just get the 200-301 and be prepared to take that in February. Otherwise it may be worth finding a used copy of something for the 200-105.

    If you have any questions/run into anything while prepping feel free to @ me or drop me a PM.

  • TaminTamin Registered User regular
    I appreciate the response!

    I definitely intend to take the 200-105 before the year is out, though the holidays may eat into some of my study time. I'm trying to avoid going back to fast food, even (especially) temporarily, and my projections don't support dragging this out much past the new year.

    Thanks again! I'll look into a used copy through abebooks or something.

  • Bendery It Like BeckhamBendery It Like Beckham Hopeless Registered User regular
    edited October 2019
    So I'm trying to pull a list of pcs in AD but not in SCCM.

    Im not sure where I'm fucking up so I'm going with "you overcomplicated it"

    Doing an Ad query and a Cm query in to array $1 and $2 respectively
    Foreach ($computer in $2) {if ($1 -notcontains $computer) {$notin += @($computer.name)}}
    

    This is giving me a single object, thousands of characters long of pc names with no spaces.

    I've been going over the refs and stack overflow but I think I'm missing a basic concept and am hoping someone here might have some tips on how to get my head on straight.

    Bendery It Like Beckham on
  • wunderbarwunderbar What Have I Done? Registered User regular
    What I wanted to do this morning: anything else but what I did

    What I actually did this morning: screwing with broken SQL crap.

    kill me.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • FeldornFeldorn Mediocre Registered User regular
    So I'm trying to pull a list of pcs in AD but not in SCCM.

    Im not sure where I'm fucking up so I'm going with "you overcomplicated it"

    Doing an Ad query and a Cm query in to array $1 and $2 respectively
    Foreach ($computer in $2) {if ($1 -notcontains $computer) {$notin += @($computer.name)}}
    

    This is giving me a single object, thousands of characters long of pc names with no spaces.

    I've been going over the refs and stack overflow but I think I'm missing a basic concept and am hoping someone here might have some tips on how to get my head on straight.

    Why do you have @($computer.name) at the end? That initializes an array with all the computer names every time the loop runs.

    $(computer.name) might be what you want.

    Also, make sure to initialize $notin =@()

  • Bendery It Like BeckhamBendery It Like Beckham Hopeless Registered User regular
    Feldorn wrote: »
    So I'm trying to pull a list of pcs in AD but not in SCCM.

    Im not sure where I'm fucking up so I'm going with "you overcomplicated it"

    Doing an Ad query and a Cm query in to array $1 and $2 respectively
    Foreach ($computer in $2) {if ($1 -notcontains $computer) {$notin += @($computer.name)}}
    

    This is giving me a single object, thousands of characters long of pc names with no spaces.

    I've been going over the refs and stack overflow but I think I'm missing a basic concept and am hoping someone here might have some tips on how to get my head on straight.

    Why do you have @($computer.name) at the end? That initializes an array with all the computer names every time the loop runs.

    $(computer.name) might be what you want.

    Also, make sure to initialize $notin =@()

    Thank you, that cleared up my misunderstanding.

  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    How I hate shared spreadsheets. Because the users don't close out of them for 12+ hours sometimes Excel just decides they are corrupt and their file size goes down to 0 so I have to restore them from backup.

    Anyone have experience with them in Office 365 and do they work well in that environment?

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • wunderbarwunderbar What Have I Done? Registered User regular
    lwt1973 wrote: »
    How I hate shared spreadsheets. Because the users don't close out of them for 12+ hours sometimes Excel just decides they are corrupt and their file size goes down to 0 so I have to restore them from backup.

    Anyone have experience with them in Office 365 and do they work well in that environment?

    I've never encountered that before, ever.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    wunderbar wrote: »
    lwt1973 wrote: »
    How I hate shared spreadsheets. Because the users don't close out of them for 12+ hours sometimes Excel just decides they are corrupt and their file size goes down to 0 so I have to restore them from backup.

    Anyone have experience with them in Office 365 and do they work well in that environment?

    I've never encountered that before, ever.

    I've had it twice now. I have no idea what they are doing to cause it.

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • LD50LD50 Registered User regular
    lwt1973 wrote: »
    wunderbar wrote: »
    lwt1973 wrote: »
    How I hate shared spreadsheets. Because the users don't close out of them for 12+ hours sometimes Excel just decides they are corrupt and their file size goes down to 0 so I have to restore them from backup.

    Anyone have experience with them in Office 365 and do they work well in that environment?

    I've never encountered that before, ever.

    I've had it twice now. I have no idea what they are doing to cause it.

    It could be some sort of excel addon causing issues. We've got tons and tons of shared sheets and have never had problems like this. Most of our excel grief has been caused by 3rd party addons though.

  • MyiagrosMyiagros Registered User regular
    Sat down at a client in front of the tower servers to set up the new firewall. Few minutes into configuring the boss comes by and asks if something is wrong because they can't reach the internet. Look down and the server is off.

    The power button in the case was stuck and when my knee pressed against the case it held down the power and shut it off.

    iRevert wrote: »
    Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
    Steam: MyiagrosX27
  • ThawmusThawmus +Jackface Registered User regular
    Myiagros wrote: »
    Sat down at a client in front of the tower servers to set up the new firewall. Few minutes into configuring the boss comes by and asks if something is wrong because they can't reach the internet. Look down and the server is off.

    The power button in the case was stuck and when my knee pressed against the case it held down the power and shut it off.

    Man, I have been there.

    Twitch: Thawmus83
  • MyiagrosMyiagros Registered User regular
    Best part was that I looked at the server next to it and the button was stuck as well. Almost took down both the Exchange server and the file server at the same time. I can't wait until the physical servers are gone and those are virtualized.

    iRevert wrote: »
    Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
    Steam: MyiagrosX27
  • SiliconStewSiliconStew Registered User regular
    Myiagros wrote: »
    Best part was that I looked at the server next to it and the button was stuck as well. Almost took down both the Exchange server and the file server at the same time. I can't wait until the physical servers are gone and those are virtualized.

    It will save you so much time accidentally killing servers when you can do them all at once from a single button. :P

    Just remember that half the people you meet are below average intelligence.
  • wunderbarwunderbar What Have I Done? Registered User regular
    but the virtual servers still have to run on a physical server that has a power button.

    Unless you have multiple hypervisors with high availability to protect against that.

    but then what if someone accidentally unplugs the hypervisors

    well then you have dual power supplies

    but then what happens if someone accidentally turns off the PDU

    well then you have multiple PDU's with each power supply plugged into a separate PDU

    but then what if the power to the rack goes

    well then you have a UPS

    but what if the UPS dies

    well then you get a generator and have bypass so you can go without the UPS if required

    but what if the generator dies

    well then you go get a beer and start looking for a new job.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    wunderbar wrote: »
    lwt1973 wrote: »
    How I hate shared spreadsheets. Because the users don't close out of them for 12+ hours sometimes Excel just decides they are corrupt and their file size goes down to 0 so I have to restore them from backup.

    Anyone have experience with them in Office 365 and do they work well in that environment?

    I've never encountered that before, ever.

    I encounter file corruption issues with shared Excel workbooks all the damn time, across multiple environments.

    DFS makes the problem even worse.

    I generally hate that feature largely because of that.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • DarkewolfeDarkewolfe Registered User regular
    Microsoft won the Jedi contract to do all DoD cloud work for several years, to the tune of ten billion. I'm honestly surprised.

    What is this I don't even.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Myiagros wrote: »
    Best part was that I looked at the server next to it and the button was stuck as well. Almost took down both the Exchange server and the file server at the same time. I can't wait until the physical servers are gone and those are virtualized.

    It will save you so much time accidentally killing servers when you can do them all at once from a single button. :P

    *stares in high availability*

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Donovan PuppyfuckerDonovan Puppyfucker A dagger in the dark is worth a thousand swords in the morningRegistered User regular
    wunderbar wrote: »
    but the virtual servers still have to run on a physical server that has a power button.

    Unless you have multiple hypervisors with high availability to protect against that.

    but then what if someone accidentally unplugs the hypervisors

    well then you have dual power supplies

    but then what happens if someone accidentally turns off the PDU

    well then you have multiple PDU's with each power supply plugged into a separate PDU

    but then what if the power to the rack goes

    well then you have a UPS

    but what if the UPS dies

    well then you get a generator and have bypass so you can go without the UPS if required

    but what if the generator dies

    well then you go get a beer and start looking for a new job.

    Then you have the roof of the building covered in solar panels and a couple of wind turbines...

  • schussschuss Registered User regular
    Darkewolfe wrote: »
    Microsoft won the Jedi contract to do all DoD cloud work for several years, to the tune of ten billion. I'm honestly surprised.

    I'm not. Part of gov contracts is knowing how tick boxes. Azure has gotten a bunch of additional certs and stuff over the past year like ISO etc

  • Inquisitor77Inquisitor77 2 x Penny Arcade Fight Club Champion A fixed point in space and timeRegistered User regular
    Speaking of which, Microsoft's accessibility initiative is both laudable and infuriating.

  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    schuss wrote: »
    Darkewolfe wrote: »
    Microsoft won the Jedi contract to do all DoD cloud work for several years, to the tune of ten billion. I'm honestly surprised.

    I'm not. Part of gov contracts is knowing how tick boxes. Azure has gotten a bunch of additional certs and stuff over the past year like ISO etc

    Or to have Trump tell the Pentagon to screw Amazon.

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • wunderbarwunderbar What Have I Done? Registered User regular
    Yeah, until someone provides iron clad documentation that Microsoft won on merit over Amazon, I'm going to assume political interference here. Trump hates Amazon that much.

    Not a slight on Microsoft/Azure, I actually really like the stack, but just a reality of the current political landscape in the US.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • SeidkonaSeidkona Had an upgrade Registered User regular
    I have a hard time believing that Azure's current uptime is good enough, tbh.

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • That_GuyThat_Guy I don't wanna be that guy Registered User regular
    This video got popular today. A Youtuber explains why VPN adverts are misleading and why VPNs aren't as secure as people think they are.

    https://www.youtube.com/watch?v=WVDQEoe6ZWY

  • AthenorAthenor Battle Hardened Optimist The Skies of HiigaraRegistered User regular
    I wanted to give a shoutout to a guy who lives in the same town as me that I've never met (to my knowledge) and has done far more for the world than I ever have.

    https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

    He/Him | "A boat is always safest in the harbor, but that’s not why we build boats." | "If you run, you gain one. If you move forward, you gain two." - Suletta Mercury, G-Witch
  • FeldornFeldorn Mediocre Registered User regular
    Athenor wrote: »
    I wanted to give a shoutout to a guy who lives in the same town as me that I've never met (to my knowledge) and has done far more for the world than I ever have.

    https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

    You know what’s amazing about that story? His employer won’t pay him enough to cover his bills.

    Yet the article quotes a security researcher who is worried about law enforcement taking advantage of him.

  • mcpmcp Registered User regular
    I geoblock everything from outside the United States.

    For some reason Google is getting caught up in that today.

  • AthenorAthenor Battle Hardened Optimist The Skies of HiigaraRegistered User regular
    Feldorn wrote: »
    Athenor wrote: »
    I wanted to give a shoutout to a guy who lives in the same town as me that I've never met (to my knowledge) and has done far more for the world than I ever have.

    https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinois

    You know what’s amazing about that story? His employer won’t pay him enough to cover his bills.

    Yet the article quotes a security researcher who is worried about law enforcement taking advantage of him.

    ...

    You know what? You're absolutely right, I hadn't even considered that angle! The article was just heaping praise on the guy, who seems to be one of the company's best workers, and yet he's basically working poor. And I should've noticed, because I worked in a very similar position for a local MSP, being paid 1/3 what I am now.

    Huh. and here I was, bringing this up to all sorts of friends and connected folks in town, including spreading the story at work, and feeling like I should try to help him out.. when the real answer would be for his employer to pay more based off the publicity this article generates for them.

    He/Him | "A boat is always safest in the harbor, but that’s not why we build boats." | "If you run, you gain one. If you move forward, you gain two." - Suletta Mercury, G-Witch
This discussion has been closed.