|
Kerpal posted:*opens up Domain Admins group*  Windows should have a feature where it dispatches someone to stab you if you try to do this. God drat.
|
#
?
Jan 15, 2015 01:25
|
|
|
|
| # ? Apr 20, 2024 05:28 |
|
|
***opens up domain users*** ANONYMOUS LOGON
|
|
#
?
Jan 15, 2015 01:30
|
|
|
Aunt Beth posted:Goons, help settle a useless argument with my IT-employed friends: A computer room is a room your grandmother uses to get onto AOL and possibly knit. A server room is the room the servers are in. A datacenter is a warehouse full of server rooms.
|
|
#
?
Jan 15, 2015 01:36
|
|
|
Aunt Beth posted:Goons, help settle a useless argument with my IT-employed friends: If it has both systems and an MDF, it's a data center at my place. Labs and such are usually "computer rooms". Any ancillary rooms with only servers and appliances but no distribution frames are usually called "server rooms". IDFs don't have any special name other than IDF. So, every location has at least one DC. HQ campus has multiple DCs and one big honking full floor Enterprise DC.
|
|
#
?
Jan 15, 2015 01:56
|
|
|
My self-inflicted pain of the day: I created a mail loop between Domain A Exchange On Prem, Domain A O365, and Domain B Office 365 for my primary email account. We have two separate AD and email systems and I was testing moving an account from on prem to O365 and it seemed to have worked, so I sent a test message to it from my primary email in Domain B and it created a loop that dumped about 300 bounces in about 45 minutes. As it turns out, you really need to configure those connectors and be mindful of SMTP relays that no one really talks about. it's scotch time.
|
|
#
?
Jan 15, 2015 01:57
|
|
|
Kerpal posted:I tested further and confirmed I could access administrative shares on DCs and obviously anything else I want. I immediately brought this up to my boss and he immediately went Well, your boss didn't accuse you of hacking, so he's a keeper. Now to see whether your client does.
|
|
#
?
Jan 15, 2015 02:28
|
|
|
Docjowles posted:
This actually makes perfect sense. A simple "WARNING! Adding this group will give X full access to the domain." I guess the assumption is that if you're dicking around with Active Directory Users and Computers (or Powershell if you're cool), you probably know what you're doing. incoherent posted:***opens up domain users*** Touché Che Delilas posted:Well, your boss didn't accuse you of hacking, so he's a keeper. Now to see whether your client does. Boss accuse me of hacking? Is there a story here somewhere? I doubt our clients will accuse us of anything, they're accountants. You never know though I suppose.
|
|
#
?
Jan 15, 2015 03:34
|
|
|
Kerpal posted:Boss accuse me of hacking? Is there a story here somewhere? I doubt our clients will accuse us of anything, they're accountants. You never know though I suppose. Dude doing his job: "I accessed this thing I shouldn't have been able to access using these credentials, here's how you fix it/I fixed it" Boss/client who doesn't understand what dude's job is: "WHAT WHY WERE YOU HACKING INTO OUR SYSTEM????" I was mostly making a joke about aggressive ignorance that exists all around us, I'm sure this kind of thing doesn't happen all THAT often. Che Delilas fucked around with this message at 03:58 on Jan 15, 2015 |
|
#
?
Jan 15, 2015 03:56
|
|
|
Accountants are the absolute center of an user venn diagram: They're extremely smart, wealthy, and understand technology. They'll also accept their limitations with technology, which is refreshing. It's radically different to the poo poo flinging attitudes of lawyers or doctors.
|
|
#
?
Jan 15, 2015 04:08
|
|
|
Richard Noggin posted:Which is exactly why Stuxnet was so successful. It's an enormous problem that the security community is eventually going to have to address. The embedded systems industry is very esoteric with how it operates, and oftentimes the systems engineering staff sits at the primary vendor, not the reseller and definitely not on site. 99% of network and security engineers out there aren't going to know poo poo about whatever obscure protocols run on these devices, let alone what types of vulnerabilities exist, especially among legacy systems whose original developers are getting long in the neckbeard. e: Pretty much everyone who works in IT should read Countdown to Zero Day. It does an excellent job in summarizing how hosed up the embedded systems industry is, and certain parts of the book are a very good representation of the frustrations that I've had with getting staff to give me answers about the systems they manage. psydude fucked around with this message at 04:30 on Jan 15, 2015 |
|
#
?
Jan 15, 2015 04:26
|
|
|
incoherent posted:Accountants are the absolute center of an user venn diagram: They're extremely smart, wealthy, and understand technology. They'll also accept their limitations with technology, which is refreshing. It's radically different to the poo poo flinging attitudes of lawyers or doctors. Tell that to our accountants, who grabbed monitors sitting out front in the foyer and tried to use them as second monitors. The monitors we strip of all tags because they're dead, and are sitting out in the foyer to be picked up by maintenance to get taken to the recyclers. Along with all the other dead computer equipment. No you cannot submit tickets when they don't work, they are trash.
|
|
#
?
Jan 15, 2015 04:29
|
|
|
We're doing network maintenance this Saturday, which means we're taking down the entire network for about 4 hours. We sent out emails detailing this over the past month. Today the CFO came in and said all the auditors are coming in Saturday, and does this mean they can't get email and network access???
|
|
#
?
Jan 15, 2015 04:32
|
|
|
TWBalls posted:This seems like the most appropriate of the IT threads to ask this. It seems that the Radiology director is getting a bit overwhelmed with doing his normal day to day stuff as well as being the 'PACS Admin'. I feel like my current position is pretty much a dead end, so I'm quite interested in this possible upcoming position and he knows that I'm quite capable as a PC/Server and sometimes network tech. However, I don't know much about PACS. So, I know there's more than a few other fellow healthcare IT folks here. Whats the best way to start learning PACS? More specifically, McKesson PACS (Recently upgraded to v. 12). I was a PACS/RIS admin for a few years. Learn HL7/DICOM inside/outside and you'll be golden. The PACS software itself is pretty straight forward. Interfacing with the various scanners that send to the PACS is something you hopefully have external vendor support for because every single modality is different. Your PACS servers are basically just big file servers, I've used both RedHat and Windows servers and nothing to complicated about them. Mostly you'll be dealing with doctors telling you loading 1000's of images is to slow and to make it load faster and no matter what you do it will never load fast enough for them, ever.
|
|
#
?
Jan 15, 2015 15:17
|
|
|
So my job just announced a hiring freeze until "at least" next quarter. Which means no new hires or promotions. What a loving joke. They're still opening new stores and probably will continue to hire whoever they want, just use this as an excuse to not spend money they don't want to spend
|
|
#
?
Jan 15, 2015 18:12
|
|
|
mattfl posted:I was a PACS/RIS admin for a few years. Learn HL7/DICOM inside/outside and you'll be golden quote:The PACS software itself is pretty straight forward. Interfacing with the various scanners that send to the PACS is something you hopefully have external vendor support for because every single modality is different. Your PACS servers are basically just big file servers, I've used both RedHat and Windows servers and nothing to complicated about them. Mostly you'll be dealing with doctors telling you loading 1000's of images is to slow and to make it load faster and no matter what you do it will never load fast enough for them, ever.
|
|
#
?
Jan 15, 2015 19:12
|
|
|
Just got an email from a company for a job in Columbus, OH - I live in Dayton, OH. It would be an hour-long drive, but the position looks interesting enough. But more importantly it requires a Secret security clearance to start, at which point they will upgrade it to a TS. 15 days PTO, reimbursed training and education, 401(k) (but no mention of a company match), etc. Said it might involve shift work, but hell - I already work 3rd shift so nothing new there. Definitely could be an improvement if the contract is dependable. They wanted a salary before I spoke with the on-site PM, but I replied back with "it would actually be easier if you were able to provide me your salary range. I wouldn't want to list a number that would make you think I wasn't taking this opportunity seriously, or that priced me completely out of competition for the position." Hopefully they'll respond back favorably. If not, gently caress it - not like I need a job right this moment.
|
|
#
?
Jan 15, 2015 23:50
|
|
|
Daylen Drazzi posted:But more importantly it requires a Secret security clearance to start... Then they take you out for coffee and ask you more or less the same stuff and compare. Daylen Drazzi posted:...at which point they will upgrade it to a TS. Be prepared for them to crawl up your rear end and talk to everyone you ever knew. Daylen Drazzi posted:They wanted a salary before I spoke with the on-site PM, but I replied back with "it would actually be easier if you were able to provide me your salary range. I wouldn't want to list a number that would make you think I wasn't taking this opportunity seriously, or that priced me completely out of competition for the position."
|
|
#
?
Jan 15, 2015 23:59
|
|
|
They're going to get you security clearance or you already have it? If they're getting it for you and TS then call the recruiter back and offer to watch his kids. Suck his dick. Mow his lawn whatever. Secret clearance opens up a world of government money jobs.
|
|
#
?
Jan 16, 2015 00:59
|
|
|
jaegerx posted:call the recruiter back and offer to watch his kids. Suck his dick. Mow his lawn whatever. Just a piece of advice, don't try to do all of that at the same time, even if you think you can handle it. Make a list and focus on only one of those three tasks at a time, your stress level will go way down and you'll end up doing a better job. Roargasm posted:I'm green and probably have a lighter workload than you, but I started going gray for a couple of months and was loving losing it and I read Limoncelli's Time Management for System Administrators (there's a Kindle edition). He dives right into the core concept that having to remember 500 things at once (my job, and I assume yours) ruins your alacrity on the job, even if you don't consciously realize it. I started writing down absolutely everything and only focusing on what was right in front of me. My stress level went way down, I stopped worrying about fires and focused on the work I was doing, which hopefully leads to fewer fires anyway.
|
|
#
?
Jan 16, 2015 01:02
|
|
|
I've been told the first level security clearance isn't much more than a credit check.
|
|
#
?
Jan 16, 2015 01:13
|
|
|
Tab8715 posted:I've been told the first level security clearance isn't much more than a credit check. Not anymore after Snowden and the Navy Yard. They're actually interviewing for secret clearances now, and my TS/SCI interview that I just had this morning lasted 2 hours.
|
|
#
?
Jan 16, 2015 01:14
|
|
|
What clearance did Snowden have and what would the Navy Yard have to do with it?
|
|
#
?
Jan 16, 2015 01:16
|
|
|
Tab8715 posted:What clearance did Snowden have and what would the Navy Yard have to do with it? Snowden had a TS/SCI with a polygraph and 12 people were killed at the Washington Navy Yard during a shooting rampage by a cleared contractor, Aaron Alexis, in 2013. There were concerns that Snowden and Alexis were not properly investigated. After a congressional investigation, it was found that Snowden's investigation was performed to standard; however there were questions raised that Alexis had existing mental health issues that may have been missed by the investigation. Despite the conclusions of both investigations, there's been a ratcheting down of standards for clearance investigations, and it's no longer the turnkey operation it was during the glory days of war profiteering in the mid-late 2000s. e: To give you an idea, the investigator today spent over an hour and a half just on resolving issues with the places where I've lived. I also learned that apparently being deployed to Afghanistan as a member of the military doesn't count as "official government business." That designation is reserved for civilian federal employees. psydude fucked around with this message at 01:28 on Jan 16, 2015 |
|
#
?
Jan 16, 2015 01:22
|
|
|
I'm 90% sure I just gave a walk through of our DC to yet another potential buyer. Good thing I've got an exit planned and ready. *edit* 99.99999% sure thanks to coworker.
|
|
#
?
Jan 16, 2015 01:32
|
|
|
psydude posted:Not anymore after Snowden and the Navy Yard. They're actually interviewing for secret clearances now, and my TS/SCI interview that I just had this morning lasted 2 hours. I was interviewed for mine in 2003. Maybe they got lax in that timeframe.
|
|
#
?
Jan 16, 2015 01:34
|
|
|
Tab8715 posted:I've been told the first level security clearance isn't much more than a credit check. I wish. The paperwork alone took 3 hours and overall it took three months to process. Even then I was only granted a temporary clearance until a deeper review could be conducted. That was 9 months ago and I haven't heard a thing.
|
|
#
?
Jan 16, 2015 01:35
|
|
|
jaegerx posted:They're going to get you security clearance or you already have it? If they're getting it for you and TS then call the recruiter back and offer to watch his kids. Suck his dick. Mow his lawn whatever. I currently have a Secret, so it would be an upgrade to the TS. Wouldn't be too worried about the investigation, but it's not an issue - the company got back with me and told me the pay range was $35-37k. I started laughing and told them thanks but no thanks.
|
|
#
?
Jan 16, 2015 01:45
|
|
|
Tab8715 posted:I've been told the first level security clearance isn't much more than a credit check. Yeah, that one is Public Trust level clearance, and it's just a fingerprint check, background check and they ask your neighbors if you're weird.
|
|
#
?
Jan 16, 2015 01:55
|
|
|
Sickening posted:I was interviewed for mine in 2003. Maybe they got lax in that timeframe. I got mine around the same time frame and I was interviewed and so were the "Three people who know you but are not related".
|
|
#
?
Jan 16, 2015 01:56
|
|
|
Is it really only three references? The NYPD asks for more than that on their application.
|
|
#
?
Jan 16, 2015 04:18
|
|
|
Inspector_666 posted:Is it really only three references? The NYPD asks for more than that on their application. Well, this was about 11-12 years ago. I'm sure the process has changed. Especially in light of Snowden, etc... And it's more than a reference. It's a sit down hour or so interview with each one.
|
|
#
?
Jan 16, 2015 04:45
|
|
|
flosofl posted:Well, this was about 11-12 years ago. I'm sure the process has changed. Especially in light of Snowden, etc...
|
|
#
?
Jan 16, 2015 04:48
|
|
|
myron cope posted:So my job just announced a hiring freeze until "at least" next quarter. Which means no new hires or promotions. What a loving joke. Ah, the old Dell "we have no money for pay raises or hiring...eh, this 3 billion dollars we used to buy 3 companies? This company is here to make money not raise your salary!" spiel.
|
|
#
?
Jan 16, 2015 05:06
|
|
|
TerryLennox posted:Ah, the old Dell "we have no money for pay raises or hiring...eh, this 3 billion dollars we used to buy 3 companies? This company is here to make money not raise your salary!" spiel. This, along with the poo poo I just bitched about in the 'poo poo that pisses you off' thread are the reasons I'm going to dust off the resume and start looking to 
|
|
#
?
Jan 16, 2015 05:17
|
|
|
TerryLennox posted:Ah, the old Dell "we have no money for pay raises or hiring...eh, this 3 billion dollars we used to buy 3 companies? This company is here to make money not raise your salary!" spiel. Also "We have been grossly underpaying you, so everyone gets a 25% raise to increase retention and make us a more competitive employer. By the way, this branch gets shut down in three month and you're all fired."
|
|
#
?
Jan 16, 2015 07:44
|
|
|
evobatman posted:Also "We have been grossly underpaying you, so everyone gets a 25% raise to increase retention and make us a more competitive employer.* *Offer valid for C-level employees only
|
|
#
?
Jan 16, 2015 12:39
|
|
|
flosofl posted:Well, this was about 11-12 years ago. I'm sure the process has changed. Especially in light of Snowden, etc... All told, I had to list about 25 people for mine. Question for you security dudes out there regarding full packet capture. So, right now we use a homegrown solution that makes use of R510/520s and allows analysts to pull up pcaps for an event directly from ArcSight. Our two primary datacenters and NOCs have moved to 10GB links, and our current setup can't handle it. We could buy a traffic shaper to split the traffic to 10 of our boxes; however this isn't a scalable solution. I'm sure Facebook, Google, et al have solutions for this, but they can also afford to throw millions of dollars at R&D for security, whereas we're just a systems engineer, two unix guys, and me. I'm thinking that we might be able to hack something together to run on a NetApp, especially since it's more scalable with the drive shelves.
|
|
#
?
Jan 16, 2015 13:29
|
|
|
psydude posted:All told, I had to list about 25 people for mine. Whoops, my bad. Mine was "Confidential" not Secret. That might be the discrepancy. I haven't had a job where I needed a clearance for about 5 years. Regarding your p-caps it sounds like you just want to log all packets going over your gateways? As long as you have hardware on the device you're capturing on that can handle the traffic, you can set up a pretty bare-bones system with a little scripting and tcpdump. Get a 10Gb or better network tap. NetOptics is what I'm most familiar with. Have your receiving system fed by the tap and use tcpdump into a file. Make sure to use the -w (pcap format) and -s0 (capture ALL the packets) switches. I don't know your traffic levels (but I imagine its significant with 10Gb links), but you'll probably be better off invoking this from a script at the get go. I'd recommend some sort of hierarchical filing system, say a directory each for year, month, and day. Depending on volume break the tcpdumps into discrete blocks of time (or by packet count). I'm not really a server guy, so I can't tell you specs, but I imagine memory and disk I/O will be your chokepoints here. That's really a very simple set up, but I'm sure you can use that as a starting point. Or at least get the idea and spin something up completely different.
|
|
#
?
Jan 16, 2015 14:01
|
|
|
We just got the word that our main office - around 40 people - will be moving a few floors down. The space is brand new, around 15,000 square feet. We're going to have brand new everything built up - we're wiring for CAT6 (currently we're only running 100mbps just fine, but the option wouldn't hurt), doing a custom conference room buildout with better automation, etc. My manager has asked for any ideas or input. The main office floor as it is now is open plan, basically a floor of truck brokers. Presently, our chief accountant, staff accountant, HR person, CEO, and CFO have their own offices. We in IT have two rooms - the helpdesk guy and I share an office, the boss has his. We run Xendesk VDI, no actual desktops outside of us three people in IT. We have Aerohive for our wireless and are happy with it. So, sysadmins - what has benefited you all in new builds? I'm thinking integrated cable management for desks would be a good thing - hooks or straps built in that we could undo as needed, rather than just cheap velcro bundles like we use now - but this is my first time having input into a build and would love to hear what'd be good.
|
|
#
?
Jan 16, 2015 18:48
|
|
|
|
| # ? Apr 20, 2024 05:28 |
|
|
Walls. WALLS. Open floor plans are productivity killers. But you may not be able to change that, so the next best thing is noise generators in the ceiling. It's pretty much mandatory if you want anyone to get any work done at all. Read/forward this unless you hate your co-workers: http://www.hermanmiller.com/MarketFacingTech/hmc/solution_essays/assets/se_Sound_Masking_in_the_Office.pdf As to actual hardware, it pretty much doesn't matter as long as you have enough access points to cover the space, enough electrical outlets, and two cat6 outlets (one for phone) to the desks. Velcro is fine, cable management for end-users pretty much isn't worth worrying about as long as the outlets are in sane places. You aren't going to be moving stuff around enough for it to matter. It's less about what makes your life easier, though, and more about what makes THEIR lives easier. Docking stations, for example. Bhodi fucked around with this message at 18:57 on Jan 16, 2015 |
|
#
?
Jan 16, 2015 18:52
|
|
