Jul 27, 2018

The Microsoft License Verification Process Scam

Oh man, oh man do I hate Microsoft! Not the software so much, I mean they do actually put out really good products. What I hate is their licensing rules, and how they make it so damned convoluted and confusing! On top of that, right after you've worked with your Microsoft Licensing re-seller to button up your licenses, you may periodically get contacted to participate in the Microsoft License Verification Process! Weeeeee!

I'm not sure what happened, but about two years ago was my first experience with this. We complied, and Microsoft came back and said we were out of compliance based on random changes they had made to their licensing since our last true-up with our re-seller, and we had to fork over about $30,000 that we didn't budget for to become compliant again.

To be fair, our previous re-sellers did give us some bad information about licenses, so after that audit we switched re-sellers.

Well, I just got picked again this year. In the 13 years I've worked in Information Technology, these last two years were the first time I'd ever seen this... And now I think I know why. It's basically a shady marketing tool!

I reached out to our new re-seller about this so called audit, and here is what they said:
We’ve run into this a lot recently and over the years. Their wording seems to hide the fact that you don’t have to do this. 
The emails starting with “v-“ are not Microsoft and they are not audits. They are voluntary, but the results are shared with Microsoft at which point you would be required to reconcile anything they find.  
If you want to do an engagement like this to assess your licensing, we can do it for you. We don’t share the results with Microsoft and just deliver them to you.
In their frequently asked questions, the people contacting me about this Microsoft Verification Process say this:

I asked my rep about that too and they said:
Man I don’t like that wording. “us” 
That v- in the email means that person doesn’t work for Microsoft, but is contracted. Microsoft allows this to happen, but it’s not really their employees. I see these all the time and we just ignore them unless you would like to do an engagement. 
Microsoft does audit occasionally, but this email is pretty threatening. Microsoft audits don’t come in email form, I’m 99% sure.
So long story short, if you are contacted about participating in a Microsoft License Verification and the people contacting you have a "v-" before their email address, you should ignore them and reach out to your re-seller instead. It's really just a ploy so Microsoft can increase their bottom line before your annual true-up!

Have you experienced one of these? Did you comply? Is my rep wrong? Let us know your story in the comments!

Jun 29, 2018

I've switched to Let's Encrypt for TLS encryption on my personal email server

Years ago I started using iRedmail for my personal email. I love it, and it's super easy to setup. Way back then I purchased a three year Comodo SSL certificate for it. Well that certificate expired, and it looks like none of the affordable SSL companies are offering three year certificates anymore... Bummer.

Oh, well. I figured why waste the money anyway when I could just get a free certificate from Let's Encrypt! The only issue I have with Let's Encrypt is that they only issue three month certificates. Apparently they think it's more secure that way. Here are the reasons they give from their blog:

  • They limit damage from key compromise and mis-issuance. Stolen keys and mis-issued certificates are valid for a shorter period of time.
  • They encourage automation, which is absolutely essential for ease-of-use. If we’re going to move the entire Web to HTTPS, we can’t continue to expect system administrators to manually handle renewals. Once issuance and renewal are automated, shorter lifetimes won’t be any less convenient than longer ones.

Well, they are right about one thing, the automated renewal process is pretty convenient. The only issue I had with it was that they recommend using Certbot for Linux based servers. When I followed this post (How To Secure Nginx with Let's Encrypt on Ubuntu 16.04) on how to install it, I got a bunch of errors and jacked up my Ubuntu based iRedmail server... (Thank God for backups!)

Anyway, there are much easier scripts and utilities around that can basically do the same thing. I opted for acme.sh! From their page:
  • An ACME protocol client written purely in Shell (Unix shell) language.
  • Full ACME protocol implementation.
  • Support ACME v1 and ACME v2
  • Support ACME v2 wildcard certs
  • Simple, powerful and very easy to use. You only need 3 minutes to learn it.
  • Bash, dash and sh compatible.
  • Simplest shell script for Let's Encrypt free certificate client.
  • Purely written in Shell with no dependencies on python or the official Let's Encrypt client.
  • Just one script to issue, renew and install your certificates automatically.
  • DOES NOT require root/sudoer access.
  • Docker friendly
  • IPv6 support
  • It's probably the easiest & smartest shell script to automatically issue & renew the free certificates from Let's Encrypt.
Installation was easy, and so was requesting my first certificate. A part of the install process is that it creates a cron job to automatically renew your certificates. The one modification I had to do was to create a script with the following to copy the new certs from the default location in the installer user's home directory to the directory where I keep my certificates and keys:

 cd ~/.acme.sh/domainname.com/  
 yes | cp -rf *.cer /pathto/ssl/certs/  
 yes | cp -rf *.key /pathto/ssl/private/  
 service apache2 restart  
 service dovecot restart  
 service postfix restart  

After that, I created a cron job to run that script nightly since their renewal script runs twice a day. Boom, done! Now I shouldn't have to worry about SSL certificates on this server for a very long time, or until I built my next one.

Do you use Let's Encrypt on your servers? Do you like it? Why or why not? Let us know in the comments!

Jun 14, 2018

Script To Configure Your Azure Application Gateway For TLS 1.2 Only

If you are just reading this post, you are cutting things pretty close with PCI/DSS compliance! After all, you have until the end of the month to remove older versions of TLS to remain PCI compliant.

Well, if you are using Application Gateways in Azure to secure your web servers, you're in luck, because setting a custom SSL policy is pretty easy. You just have to do it via PowerShell.

Now, this script assumes you've already created your Application Gateway. If you are trying to configure one from scratch, you'll have to keep Googling my friend... Sorry.

Before you can run your script, you must first connect to Azure via PowerShell, and select your subscription.

  • Connect-AzureRmAccount
  • Select-AzureRmsubscription -SubscriptionName "<Subscription name>"

After that, you can copy and paste the below script to set your custom SSL policy. Be sure to replace the Application Gateway Name and the Resource Group Name to match your environment.

Here's the script:

 # get an application gateway resource  
 $gw= Get-AzureRmApplicationGateway -Name <Application Gateway Name> -ResourceGroup <Resource Group Name>  
 # set the SSL policy on the application gateway  
 Set-AzureRmApplicationGatewaySslPolicy -ApplicationGateway $gw -PolicyType Custom -MinProtocolVersion TLSv1_2 -CipherSuite "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256"  
 # validate the SSL policy locally  
 Get-AzureRmApplicationGatewaySslPolicy -ApplicationGateway $gw  
 # update the gateway with validated SSL policy  
 Set-AzureRmApplicationGateway -ApplicationGateway $gw  

After that, your Application Gateway will only support TLS 1.2, and will use the following ciphers in order:
Pretty easy right? Did this help you out? Let us know in the comments!

May 24, 2018

A faster and easier way to make LUN files for your SCST SAN

I've been writing a lot lately about SCST iSCSI SANs again. It's been a few years since I've had a chance to configure one of these from scratch, and a lot has changed since 2012 when I first started using these.

In the past I've always used dd to create LUN files for use with SCST. For thin provisioned LUNs I would run something like the following:
sudo dd if=/dev/zero of=lun1 bs=1 count=0 seek=1T
For thick provisioned LUNs I would run this instead:
 sudo sudo dd if=/dev/zero of=lun1 bs=1024 count=1T seek=1T
Well, I found two utilities that do the same thing, but they are way faster and the syntax is way easier! One is called fallocate and the other is called truncate!

To create a thick provisioned LUN, you would use fallocate to create your file by running:
sudo fallocate -l 1T lun1
To create a thin provisioned LUN, you would use truncate to create your file by running:
truncate -s 1T lun1
So simple right? Why am I just learning about this now!?

May 23, 2018

How to specify a thin provisioned LUN in SCST

The other day I wrote about how to install SCST 3.4.0 on Ubuntu 18.04. If you are not familiar with SCST, it is basically a SAN target software that you can run on Linux so you can build your own low cost SAN storage. I've been using it for years, and just recently I've started to learn a few new things about it.

For instance, I used to think that for thin provisioning, all you had to do was to create a thin provisioned disk file to present as a LUN. To do that you just run the following:
sudo dd if=/dev/zero of=lun1 bs=1 count=0 seek=1T
The above creates a thinly provisioned 1TB LUN file called lun1. Simple right?

Well, this is great and all, but if you want to use features like TRIM or UNMAP to reclaim disk space, you also need to tell SCST that this LUN file is a thin provisioned LUN. To do that, you need to add the thin_provisioned parameter to the device section of your /etc/scst.conf file. See below for an example:

 HANDLER vdisk_fileio {  
     DEVICE lun1 {  
         filename /data/lun1  
         nv_cache 1  
         thin_provisioned 1  
 TARGET_DRIVER iscsi {  
     enabled 1  
     TARGET iqn.2018-05.bauer-power.net:iscsi.lun1 {  
         enabled 1  
         rel_tgt_id 1  
         GROUP VMWARE {  
             LUN 0 lun1  
             INITIATOR iqn.2018-05.com.vmware1:8bfdfcd0  

After making this change, you can either restart the scst daemon, or reboot your SAN. If you can't reboot the SAN you will have to actually remove the LUN on the fly to make this change. To do that you have to do the following:
  • sudo scstadmin -rem_lun 0 -driver iscsi -target iqn.2018-05.bauer-power.net:iscsi.lun1 -group VMWARE
  • sudo scstadmin -close_dev lun1 -handler vdisk_fileio
  • sudo scstadmin -open_dev lun1 -handler vdisk_fileio -attributes filename=/data/lun1 thin_provisioned=1 
  • sudo scstadmin -add_lun 0 -driver iscsi -target iqn.2018-05.bauer-power.net:iscsi.lun1 -group VMWARE -device lun1
Obviously, you need to change the lun names, file names and target names to match your environment. Special thanks to Gilbert Standen from the Scst-devel mailing list for the above steps on making this change on the fly! Check out his blog here: (brandydandyoracle)

There are a lot of parameters you can add to your config file as well. Here's a list from SCST's Source Forge page:

  - filename - contains path and file name of the backend file.  
  - blocksize - contains block size used by this virtual device.  
  - write_through - contains status of write back caching of this virtual  
  - read_only - contains read only status of this virtual device.  
  - o_direct - contains O_DIRECT status of this virtual device.  
  - nv_cache - contains NV_CACHE status of this virtual device.  
  - thin_provisioned - contains thin provisioning status of this virtual  
  - removable - contains removable status of this virtual device.  
  - rotational - contains rotational status of this virtual device.  
  - size_mb - contains size of this virtual device in MB.  
  - t10_dev_id - contains and allows to set T10 vendor specific  
   identifier for Device Identification VPD page (0x83) of INQUIRY data.  
   By default VDISK handler always generates t10_dev_id for every new  
   created device at creation time based on the device name and  
   scst_vdisk_ID scst_vdisk.ko module parameter (see below).  
  - usn - contains the virtual device's serial number of INQUIRY data. It  
   is created at the device creation time based on the device name and  
   scst_vdisk_ID scst_vdisk.ko module parameter (see below).  
  - type - contains SCSI type of this virtual device.  
  - resync_size - write only attribute, which makes vdisk_fileio to  
   rescan size of the backend file. It is useful if you changed it, for  
   instance, if you resized it.  

Pretty cool right? Let us know what you think in the comments!

May 18, 2018

How to install SCST 3.4.0 in Ubuntu 18.04

Well crap. The other day I talked about how I re-configured one of my Bauer-Power iSCSI SANs using tgt. It was an easy setup, but once I started using it I noticed that tgt performed like shit. CPU's were spiking like crazy on the SAN itself, and when I was backing stuff up I couldn't access the drive on the backup server. It would get completely unresponsive!

I decided I had to go back to SCST. Luckily installing it is way easier than it used to be. To install version 3.4.0 now just do the following:
  • Create an empty working directory
 rm -rf ~/scst-build  
 mkdir ~/scst-build  
 cd ~/scst-build  
  • Install dependencies
 sudo apt install git devscripts equivs dkms 
 git clone -b ubuntu-3.4.x https://github.com/ubuntu-pkg/scst.git  
 cd scst  
 sudo mk-build-deps -i -r  
  • Build the package
 dpkg-buildpackage -b -uc  
  • Pre-install, create two directories (For some reason the deb packages don't do it...)
 sudo mkdir -p /var/lib/scst/pr  
 sudo mkdir -p /var/lib/scst/vdev_mode_pages  
  • Install
 sudo dpkg -i ../scst-dkms_*deb  
 sudo dpkg -i ../iscsi-scst_*.deb  
 sudo dpkg -i ../scstadmin_*deb  

Now you just have to configure your LUN using the instructions in my tgt post, and configure your /etc/scst.conf file using my old SCST post. Once those are done restart the scst service.

 sudo service scst restart  

Of course, if you don't want to mess with all of the above stuff, you could just download my pre-packaged scst 3.4.0 deb files for Ubuntu 18.04 and run my install script...

 cd ~  
 wget https://mail.bauer-power.net/drop/scst/scst-3.4.0-Ubuntu.tgz  
 tar -xzvf scst-3.4.0-Ubuntu.tgz  
 cd scst*  
 sudo chmod +x install.sh  
 sudo ./install.sh  

Boom! Now just setup your LUN and your /etc/scst.conf file and you're off to the races!

May 17, 2018

How to Re-IP An OSSEC Agent

At my day job we use OSSEC for host based intrusion detection. It works great! It does all sorts of things from verifying registry integrity, checking files for changes, reading security logs etc., and sends email alerts for anything out of the ordinary.

Well, we're in the process of migrating servers from on-premise to Azure, so that means that some of our servers are getting new IP addresses. Googling around, I didn't find a good way to re-IP the agents except to remove them, and re-add them. I didn't want to do that.

It turns out, there is an easier way. All you have to do is edit /var/ossec/etc/client.keys with your favorite text editor and modify the IP address of the client you want to change. If you don't want to deal with this in the future, you can replace the IP address with 'any' so that OSSEC will accept connections from that client as long as the hostname and the client key match.

After you make your change, restart the OSSEC daemon on your OSSEC server:
sudo service ossec restart
Re-run /var/ossec/bin/manage_agents and extract the key again for the agent you want to update. Then on the client, open OSSEC Agent Manager as an administrator, click Manage > Stop OSSEC, re-paste the key, click Save, then restart OSSEC by clicking Manage > Start OSSEC.

Boom! Done! You should now be able to connect using the new IP address or 'any'.

May 16, 2018

Bauer-Power SAN 3.0

NOTE: Please read my post about installing SCST on Ubuntu 18.04 first...

Many moons ago I wrote about how to configure an Ubuntu Linux based iSCSI SAN. The first iteration used iSCSITarget as the iSCSI solution. The problem with that is that it didn't support SCSI-3 Persistent Reservations. That means it wouldn't work for Windows failover clustering, and you would probably see issues if you were trying to use it in VMWare, XenServer or Hyper-V.

The second iteration used SCST as the iSCSI solution, and that did work pretty well, but you had to compile it from source and the config file was kind of a pain in the ass. Still though, it did support SCSI-3 Persistent Reservations, and was VMWare ready. It's the solution I've been using sing 2012 and it's worked out pretty well.

Well the other day I decided to rebuild one of the original units I setup from scratch. The first two units I did this setup on were SuperMicro SC826TQ's with 4 NICs, 2 quad core CPUs and 4GB of RAM, 3Ware 9750-4i RAID Controller, and twelve 2TB SATA Drives. This sucker gave me about 18TB of usable backup storage after I configured the 12 disks in RAID 6.

This time I used Ubuntu 18.04 server because unlike the first time I did this, the latest versions of Ubuntu have native drivers for 3Ware controllers. On top of that, the latest versions of Ubuntu have the iSCSI software I wanted to use in the repositories... More on that later.

I partitioned my disk as follows:

Device Mount Point Format Size
/dev/sda1 N/A bios/boot 1MB
/dev/sda2 / ext4 10GB
/dev/sda3 N/A swap 4GB
/dev/sda4 /data xfs 18TB

After Ubuntu was installed I needed to setup my network team. Ubuntu 18.04 uses Netplan for network configuration now, which means that NIC bonding or teaming is built in. In order to setup bonding or teaming you just need to modify your /etc/netplan/50-cloud-init.yaml file. Here is an example of how I setup my file to team the four NICs I had, as well as use MTU 9000 for jumbo frames:

    version: 2
            dhcp4: no
            dhcp6: no
            mtu: 9000
            dhcp4: no
            dhcp6: no
            mtu: 9000
            dhcp4: no
            dhcp6: no
            mtu: 9000
            dhcp4: no
            dhcp6: no
            mtu: 9000
            interfaces: [enp6s0, enp7s0, enp1s0f0, enp1s0f1]
            mtu: 9000
            addresses: []
                mode: balance-rr
                addresses: [,]

It's important to note that Netplan is picky about indentation. You must have everything properly indented or you will get errors. If you copy the above config, and modify it for your server, you should be fine though.

After setting up my bonded network, I installed my software. I opted to use tgt this time. If you are unfamiliar with it, it's apparently a re-write of iscsitarget, but it supports SCSI-3 Persistent Reservations. I tested it myself using a Windows Failover Cluster Validation test:

Boom! We're in business!

To install tgt simply run the following:
sudo apt-get install tgt
 After installing you will want to create a LUN file in /data. To create a thin provisioned disk run the following:
sudo dd if=/dev/zero of=/data/lun1 bs=1 count=0 seek=1T
This creates a 1TB thinly provisioned file in /data called lun1 that you can present to iSCSI initiators as a disk. If you want to create a thick provisioned disk simply run:
sudo dd if=/dev/zero of=/data/lun1 bs=1024 count=1T seek=1T
Once you have your LUN file, you will want to create a config file for your LUN. You can create separate config files for each LUN you want to make in /etc/tgt/conf.d. Just append .conf at the end of the file name and tgt will see it when the service restarts. For our purposes, I created one called lun1.conf and added the following:

<target iqn.2018-05.bauer-power.net:iscsi.lun1>
        backing-store /data/lun1
        write-cache off
        vendor_id www.Bauer-Power.net

The above creates an iSCSI target and restricts access to it to only You can also use initiator-name to restrict access to particular iSCSI initiators, or you can use incominguser to specify chap authentication. You can also use a combination of all three if you want. Restricting by IP works for me though.

I also opted to disable write-cache because with it enabled I noticed that tgt was pegging my RAM. On top of that, my RAID controller handles write-cache on it's own, so it actually helped my performance to disable it.

All of this being said, you can find lots of configuration options here: (tgt Config Options)

After you have your file created, all you have to do is restart the tgt daemon and you're ready to serve up your iSCSI LUN!
sudo service tgt restart
After you restart, you can see your active LUNs by running:
sudo tgtadm --op show --mode target
You can also create LUNs on the fly without restarting tgt. This is handy if you need to add a LUN and you don't want to mess up connections to LUNs you've already created. To do that, create your LUN file like you did before. Obviously, name it something new like lun2.

Next,make sure to note what LUNs you already have running by running this command:
sudo tgtadm --op show --mode target
Target 1 = tid 1, Target 2 = tid 2 and so on and so forth. If you only have one target, then your next target will be tid 2. Assuming that, and assuming your new LUN file is called lun2 you would run:

sudo tgtadm --lld iscsi --op new --mode target --tid 2 -T iqn.2018-05.bauer-power.net:iscsi.lun2
sudo tgtadm --lld iscsi --op new --mode logicalunit --tid 2 --lun 1 -b /data/lun2
sudo tgtadm --lld iscsi --op bind --mode target --tid 2 --initiator-address

This will create a target, and will be available only to If you wanted to allow other IP's re-run that last line for each IP address you want to allow.

Now if you want to have this LUN persist after a reboot, you can either manually create a conf file in /etc/tgt/conf.d/ or you can run the following to automatically create one for you:
tgt-admin --dump | sudo tee /etc/tgt/conf.d/lun2.conf
The only issue with the above is that it dumps all running target information in you new file. You will have to go in there and remove the other targets. In this case, it's just better to manually create the config file... but that's just me. Also, that is not a typo... tgt-admin is a different tool than tgtadm... Weird right?

Anyway, this setup is way easier than SCST ever was. I'm looking forward to replacing all of my SCST SANs with tgt in the upcoming months.

It's important to note that using the above hardware is not going to give you high performance. It's suitable for backup storage, and that's about it. If you want to run VMs or databases, I'd recommend getting 10GBe switches for use in iSCSI. You can get one fairly cheap here (10GBe switches). If you get 10GB switches, you will need a 10GB NIC as well. You can get one here (10GB NICs). Finally you will need faster disks. You can get 15K RPM SAS disks here (15K RPM SAS).

What do you think about this setup? Are you going to try it out? Let us know in the comments!

May 10, 2018

Script to Clone Azure Network Security Groups (NSGs) in PowerShell

This script is a life saver! I am working on a big project to migrate to Azure, and one of the tedious parts of the project is setting up Network Security Groups, or NSGs. My company uses many granular rules, so setting these up the first time is time consuming. The idea of manually setting them up in other regions is down right daunting!

Well, not anymore! I found this series of commands from Virtual Geek that lets you do it easily in PowerShell!

First, you need the Azure PowerShell module if you don't already have it. After that, run the following:
$TemplateNSGRules =  Get-AzureRmNetworkSecurityGroup -Name '<Original NSG>' -ResourceGroupName '<Resource Group of Original NSG>' | Get-AzureRmNetworkSecurityRuleConfig
This creates a variable called TemplateNSGRules that we will use in step three. Next create your new NSG by running the following:

$NSG = New-AzureRmNetworkSecurityGroup -ResourceGroupName '<Destination Resource Group>' -Location '<Region Where You Want The New NSG>' -Name '<Name of New NSG>'
If you have already created an NSG in the portal, you would use this instead:

 $NSG = Get-AzureRmNetworkSecurityGroup -Name '<Name of New NSG>' -ResourceGroupName '<Destination Resource Group>'
Once you have executed one of the previous two commands, you will have a new variable called NSG that we will run a foreach loop on to import our rules from the original NSG:

 foreach ($rule in $TemplateNSGRules) {
    $NSG | Add-AzureRmNetworkSecurityRuleConfig -Name $rule.Name -Direction $rule.Direction -Priority $rule.Priority -Access $rule.Access -SourceAddressPrefix $rule.SourceAddressPrefix -SourcePortRange $rule.SourcePortRange -DestinationAddressPrefix $rule.DestinationAddressPrefix -DestinationPortRange $rule.DestinationPortRange -Protocol $rule.Protocol # -Description $rule.Description
    $NSG | Set-AzureRmNetworkSecurityGroup
Boom! That's it! Now you have an exact clone of your original NSG in just a few minutes! Make sure you replace the items I used in < > to fit your environment!

Did this help you out? Let us know in the comments!

May 7, 2018

Like apt-get for Windows! Meet Chocolatey!

I'm surprised I haven't written about this already. I've known about it for several years now, so I thought I would have wrote about it before now... I guess I was wrong.

Anyway, I started thinking about Chocolatey again today when I was asked to come up with a way to easily handle third party application patches. There are tools out there that do it, but Chocolatey is free and it works pretty much the same way that apt-get does in Ubuntu. That means, you can script it and automate it!

If you are unfamiliar with Chocolatey, this is a description from their page:
Chocolatey is a package manager for Windows (like apt-get or yum but for Windows). It was designed to be a decentralized framework for quickly installing applications and tools that you need. It is built on the NuGet infrastructure currently using PowerShell as its focus for delivering packages from the distros to your door, err computer. 
Chocolatey is a single, unified interface designed to easily work with all aspects of managing Windows software (installers, zip archives, runtime binaries, internal and 3rd party software) using a packaging framework that understands both versioning and dependency requirements. Chocolatey packages encapsulate everything required to manage a particular piece of software into one deployment artifact by wrapping installers, executables, zips, and scripts into a compiled package file. Chocolatey packages can be used independently, but also integrate with configuration managers like SCCM, Puppet, and Chef. Chocolatey is trusted by businesses all over the world to manage their software deployments on Windows. You’ve never had so much fun managing software!
If you want to use it for 3rd party software updates, you can install Chocolatey, then just run a scheduled task that runs the following command:
C:\choco update all -y
It's important to note that Chocolatey will only update software that you've installed with Chocolatey. So if you already have Adobe Reader, Java, Flash etc. You will first need to run the install commands for these applications with Chocolatey before you can start getting updates. You don't have to uninstall and re-install though which is nice.

For instance, I already had 7zip installed, but now I want to make sure I get updates for it with Chocolatey, so I ran the following to install the latest version of 7zip:
C:\choco install 7zip -y
You can find a full list of their packages here:  https://chocolatey.org/packages

What do you use to keep your third party software up to date? Let us know in the comments!

May 4, 2018

STOP: 0x0000007B BSOD After Restoring UrBackup Image to XenServer VM

Sorry I haven't been writing very much lately. I've been completely slammed at my day job. I'm juggling many different projects, trying to chase down consultants, putting out fires, training new hires and guys who just got promoted, etc etc.

One of the projects I'm working on is setting up UrBackup for full image backups as well as file level backups. We've been using CrashPlan for years, but that only really give us file level backup capabilities. The other day we had a backplane on one of our SAN units take a shit, and we lost connection to our storage for a bit. Luckily everything came back up fine, but I got to thinking what an epic pain it would be to rebuild some of our servers with just the file backups.

So after originally dismissing UrBackup a little while back, I decided to take another look at it. It turns out it is pretty bad ass! I was able to take an image backup of one of our VMWare VMs and restore it to a blank VM in about 20 minutes!

So it obviously worked great with a VMWare VM, but we also use XenServer pretty heavily in our environment. I wanted to test a restore on that as well. That didn't go so well.

You see I was backing up a Windows 2008 R2 VM, and when I went to restore it to a blank Windows 2008 R2 VM in XenServer I got this blue screen of death message!

STOP: 0x0000007B

Oh hell, what is that about?

Anyway, Googling it I found some forums where people say to run the following command in the XenServer terminal:

xe vm-param-set uuid=<UUID of the VM> platform:device_id=0001

Pro tip, that is bullshit. It didn't work at all.

You know what did work? Creating the blank VM using the Windows XP SP3 (32-bit) template!

Once I did that, and ran the restore again, the VM booted up just fine!

I don't know what is up with that template, but it's the one size fits all, never fails template. Plus, it doesn't matter if you are running a 64 bit OS or not!

I once wrote about issues with Ubunu in XenServer and the fix for that was to use a Windows XP template too!

Anyway, if you run into this issue. Try giving the Windows XP template a shot. You can thank me later!

If you need more than 4GB of RAM for your VM, you could also try the Windows 2003 64 bit template. It should work too.

Apr 25, 2018

Verge And PornHub MAKE HISTORY!

It finally happened. Verge talked a big game, claiming to announce the biggest partnership in the history of cryptocurrency. A lot of the haters and doubters scoffed, but XVG truly meant business. Now that this crypto is joining forces with PornHub, they are truly an unstoppable force, inevitably poised to surpass even Bitcoin. What a time to be alive.

Apr 24, 2018

How Can Blockchain Prevent Fraud in Payment-Processing Services?

What Is Payment Fraud?

With the growing popularity of online marketing and business, we are unfortunately facing new types of fraud. Fraud in payment-processing services is one of the most significant threats to all e-commerce markets, as its main working principles are based upon online transactions. It involves identity and private property theft, or illegal takeover of an individual’s payment information to make purchases or remove funds. To eliminate it, companies are setting up fraud detection using blockchain technologies.

In 2017, the global fraud detection prevention market was valued at $16.8 billion U.S. Areas in which fraud detection and prevention are applied include insurance claims, money laundering, electronic payments, and banking transactions, both online and offline.

When discussing deceitful schemes in payment processing, we should stress that the most common type of scam involves credit cards. As stated above, criminals use a stolen card or card details to commit illegal purchases or transfer money. The customer whose data is stolen may file a report, and, after numerous transactions, receive the money back. In the case of an illegal purchase, a retailer or business is penalized, and loses its money. Therefore, it is crucial to take action to protect your commerce from these types of losses.

Use Blockchain to Prevent and Detect Fraud

The principles of blockchain technology allow people to keep an open, transparent, cryptographically encrypted record of all kinds of transactions committed between two pseudo-anonymous parties. As this record is maintained in an absolutely decentralized manner, it is independent of local authorities and banks. Therefore, it is difficult to tamper with. Actions like double spending, a common problem in digital money transactions, are difficult to commit due to a consensus protocol that provides trust. Because the permanency of blockchain technology stores information privately between parties, it provides better security. And in case you need better security for your company, the Applicature team of experts can help you set up blockchain technology for fraud detection.

Blockchain offers a wide range of opportunities, and a great number of companies use it to gain financial security. According to Statista surveys, 23% of companies are using this technology to prevent scams, and for security clearance. This percentage comes in second to those who use it for international money transfers.

Advantages of Blockchain Technology in the Prevention of Payment Fraud

It is possible to detect and prevent illegal activities in payment processing without people’s involvement by using the following features that stop fraud with blockchain:

  • Permanence. It is impossible to disable the system, as it functions on various devices worldwide at the same time. All of the gadgets storing the complete history of transactions cannot be hacked at once. 
  • Transparency. As a chain with distinct blocks, the system keeps a record of all transactions in each of these blocks. If any corrections or additions occur in these records, they are to be verified and checked in the whole system of block validators, which are machines with strict rules that must be complied with. Any illegal interference will be noticed promptly, and the involved parties will be disabled from making such transactions. 
  • Immutability. Blockchain provides significant benefits for fraud detection. As soon as a record is entered into the system, it cannot be deleted or forged. 
  • Cryptography. Blockchain technology employs widely-adopted cryptography protocols that protect users’ identity. Validation and confirmation are possible only with unique digital signatures. This information cannot be tampered with or recreated by anyone due to the random nature of its creation. 
  • Postponed payments and multisignatures. If you need to pay for a certain product but do not trust the seller, Blockchain allows you to use multi-signature transactions for postponed payments. In this case, the seller receives money only when the buyer gets his goods. Delivery service (or any other trusted party) can act as an additional level of arbitration that assures the buyer has the funds and the seller sends the goods.

Though blockchain technology provides better security, it cannot protect against hacking into your digital wallet or identity theft on its own. It should be stressed that in order to increase protection, blockchains use the additional help of machine-learning capabilities. This technology works like an additional layer, analyzing the algorithms and models of users’ behaviour. For instance, personal data might be stolen or used, but no one can copy someone’s personal behaviour pattern fraudulently, as it is absolutely unique.

Blockchain fraud detection uses startups like Feedzai to provide safety solutions in the cryptocurrency community. Feedzai uses machine-learning technologies and information science to keep commerce safe.

So, if you want to secure your digital identity and prevent it from being tampered with, blockchain technology will protect against fraud cases like these. To sum up, your personal information should be placed in a blockchain framework accessed only by authorized participants who can verify and ensure its validity. Though thefts in payment processing still occur, it is very important to use special blockchains designed for businesses and users working with machine-learning software. Such technologies are designed to be resistant to vulnerabilities, and grant you greater security.

Apr 23, 2018

How to transfer files faster than 10Mbps in Windows

At my day job we have a disaster recovery (DR) site a few thousand miles away. Between our main data center and our DR site, we have a 100Mbps dedicated transport link. It's used to transfer files, and be the path for database mirroring etc.

One problem that we noticed was that when we needed to copy large files, it would take forever. We would use your typical SMB/CIFS share and copy files. What we noticed was that although the transport link was 100Mbps, our NICs were 1Gbps and our local switches are 1Gbps switches, we would still only see file transfers at around 10Mbps.

That's just not good enough. Especially when you have a lot of large files you need to copy relatively quickly. I'm talking hours not days here anyway.

Well to solve this problem, I remembered the good old fashioned Robocopy! In fact, the latest versions of Robocopy, that now comes pre-installed in Windows servers by the way, has a multi-thread feature!

To max out our 100Mbps transport link, I set the threads with my Robocopy to 20 and BAM! We were sending files at close to 100Mbps!

The command I ran was:

robocopy "C:\Source" "\\DestinationServer\Destination" /mt:20 /E /V /ETA /R:2 /W:5 /R:10

Pretty simple right? The /mt switch is where you can adjust the threads used.

I've seen lots of forums and posts with people talking about copying over Windows shares being limited to 10Mbps. Using Robocopy is certainly one effective workaround!

Do you know of a different way to maximize throughput when copying files in Windows? Let us know in the comments!

Apr 18, 2018

6 Ways How Business Can Use a Live Video Streaming App

Video is the content people are ready to consume for hours and hours. You and your business can definitely benefit from it, and in this article we will tell you, what you can use video for.

Already, big social networks and video services acknowledged its power. Netflix shows the extreme boost, and social networks get their users addicted to live streaming apps. Facebook, Instagram and other have also successfully onboarded this wave by opening their own streaming capabilities to the world, and saw the rapid growth immediately.

Some businesses create a video streaming app and use it as a marketing tool. 

Here are some numbers:

  • The views of branded content has increased 99% on YouTube… And 258% on Facebook! 
  • By 2019 80% of all internet traffic will be associated with videos.

As you see, promotion with the help of videos is very effective and will make your current and potential customers care for what you have to offer. However, in this article we will talk specifically about live video streaming. Why?

The main reason is that live streaming is even more effective. According to Tubular Insights, people spend 8 times more on live streams than on regular on-demand videos.

You may wonder, why is it so? From the first sight, it may seem that on-demand videos must be more popular, as people can see them whenever they have time. Live streams, on the other hand, are available only when they are being recorded, and some life issues can come in way.

However, live streams are really more engaging, because they are exclusive and they allow to talk with the viewers in real time via comments.

Here we’ll talk about the ways you can use live streaming for your business, and the best practices of connecting to your customers via broadcasting.

1. Host Webinars

Webinars are always popular. Share your knowledge with people and thus prove yourself an expert, and make your customers more loyal to what you do. Webinars can be either paid or free. The best practice is to host free ones, if your business hasn’t gained fame and reputation yet: this way you’ll be able to get more customers to watch you.

Paid webinars are a great option for companies that are already rather famous in their sphere, and customers already know something about them.

2. Host Q&A Sessions

Q&A sessions are the best way to add some personal touch to your business, to show that behind your logo and a website there are humans that are ready to help. Q&A sessions are great to reply to some concerns your clients might have, to educate them and to show how you work.

You can prepare to such session and gather all frequently asked questions. Another way to do it is to answer questions from comments or tweets with a hashtag in real time.

3. Stream Live Events

A conference or some other important events in your company are a great reason to take your smartphone and launch a live streaming app. Go ahead and show your customers how your company evolves and how your employees gain new experience. 

Live events are a great reason to stream them, whether it’s a presentation of a new products somewhere at the conference or a meeting with celebrities. Make your viewers feel like they are present there, don’t forget to react to their comments and show the best moments of the event.

4. Host an Interview

Interviews with experts and influencers are the best way to get viewer attention, as they will enjoy seeing someone they already know. The main thing when you host an interview is to make it lively and interesting. You really need to work on those questions you’re going to ask, and switch between topics frequently enough to avoid boredom and repetitiveness.

5. Show what’s behind the curtains

Don’t let your customers see only what you would normally show. It is important that you keep your broadcasts informal. Show how your business works on the inside, let customers meet those people who work for them every day to deliver the best service.

You can also show some details of your product creation process. People may enjoy what they get, but what really makes you unique in their heads, is your story. Make your brand personal and alive, and people will appreciate it.

6. Share Important News

Today people will prefer to watch a branded video or enjoy a live stream from a company than read a text, so the best way to tell your customers about any changes or new products in your company is to host a live broadcast and then make it available for later.

These are six ways you can make your business more memorable for customers with the help of live streaming.

Final Thoughts

The greatest thing about using live video streaming app for business is that you don’t need a production team and a big marketing budget to broadcast - just grab your Android or iOS device and think about things you’re going to share. Live streaming doesn’t have to be official or perfect - the most important thing about it is your open attitude and a genuine wish to share something awesome.

You can use any platform or social media on your phone to share live streams, but if you already have your own mobile app, you can add live streaming functionality to it. A mobile development company like Mobindustry can help you with that.

If it corresponds to your business model, you can also create an additional source of income by providing paid webinars with useful information that will educate the viewers.

Find your own creative ways to benefit from live broadcasting: it is definitely worth a shot!

Apr 17, 2018

Learning computer coding opens up 'endless world' for these kids

In this episode of PBS News Hour a nationwide computer science immersion program sets up shop at a couple Virginia elementary schools. The program is called Code To The Future.

Apr 16, 2018

Ransomware Detection Methods

Ransomware is undoubtedly the biggest threat among modern day malware. Since the advent of CyrptoLocker in 2013, the number of yearly attacks has been constantly on the rise. The first quarter of the previous year has seen two biggest ransomware attacks ever in the face of WannaCry and NotPetya.

According to data, presented by eSecurity Planet, the number of ransomware attacks for the first quarter of 2017 has increased on 62% as compared to 2016. The number of detected ransomware has increased on 2000% in 2017, as compared to 2015.

According to Barkly, roughly 60% of all malicious payloads detected in the first quarter of 2017 have been ransomware.

The number of mobile ransomware has also increased dramatically over the past year. According to Kaspersky, in the Q1 of 2017 218,265 new types of mobile ransomware have been discovered. Ransomware have also been exploding on the dark web, with new strains constantly being created for sale. The new model, called ransomware-as-a-service has become popular, where all you need to do is simply pay, and you will get a ready-to-use ransomware that you can start distributing via a botnet in a couple of clicks.

Ransomware has also been increasingly targeting more and more businesses as of late as opposed to individuals. The question then is what can be done about it? When ransomware initially appeared, there was no good way to combat it. CryptoLocker public-key encryption was basically impossible to break, and beyond just regular backups there was little you could do. But even if infection meant that operations within your company were halted only for a couple of hours, it still could mean huge lost profits. Ideal scenario – is to detect ransomware attack early and stop it completely

What is ransomware

Ransomware is generally defined as malicious software, designed to extract ransom from users based on restricting their access to their own data. The most popular way to restrict access to user data is to encrypt it, and thus, ransomware that uses encryption techniques is called Crypto ransomware. Such ransomware usually employs sophisticated public-key cryptography that is impossible to crack and goes for certain types of files that is supposed to be the most valuable to the user, such as text documents, images and specialized formats.

However, encryption-based ransomware is not the only type of ransomware there is. Other types also exist, called:

  • Locker ransomware – this type is designed to block user’s access to the system or certain specific applications. Ransomware like that either replaces the desktop with a custom one, making it unavailable, or targets popular apps like browsers by modifying certain files.
  • Scareware – ransomware that uses scare tactics in order to force users into paying ransom. Often uses social engineering and other similar tactics in order to make users pay. One of the most common tactics is to display a message from supposedly law enforcement that includes personal information such as location and name of the ISP provider, making the message more believable. The message will demand a “fine” for certain made-up offense, such as copyright infringement or watching child pornography, and threatens user that if they refuse to pay they will be jailed.
  • Fake ransomware – many modern ransomware strains don’t even bother encrypting user’s data. Instead, they just delete it right away, creating a bunch of dummy files in order to fool the user into thinking that their data is still recoverable. Since it is impossible to distinguish fake and paid ransomware, it is always best to never pay ransom, unless the situation is actually critical.

How ransomware works

There are several ways that ransomware uses to get into your system. The most popular one is using infected spam emails, that are usually distributed by vast networks of botnets. Such an email will usually contain a message that uses social engineering techniques in order to prompt the user to click on an infected link or download the malicious attachment.

Another similar method of spreading ransomware is infected adverts on the net. Once the user clicks on the advert, a malicious JawaScripts starts running, downloading a payload on the user’s PC. Beyond that, ransomware can also be spread on removable drives, or self-propagate via a network by searching for open ports and unprotected connections.

Perpetrators will also use exploit kits in order to leverage known vulnerabilities and get ransomware into your system. Once there, it will phone back (usually, without encrypting network traffic), and then start looking for certain types of data to encrypt. After the data has been encrypted, a ransom note is displayed.

Ransomware uses various techniques in order to protect yourself from being detected or analyzed, including obfuscation and system mapping, designed to distinguish between real system and a honeypot.

How to detect ransomware

While there are ways to mitigate or even prevent some ransomware infection (making regular backups and keeping your system updated), it is always best to have capabilities to detect infection as it happens and be able to prevent any damage.

Traditional malware detection methods rely on known signatures, proving extremely effective against known malware, but almost completely useless against unknown strains. Considering the number of ransomware variants that pop up every day, it becomes clear that signature-based detection is not enough to establish reliable protecting.

Thus, behavior-based detection is often used, aimed at detecting not the malicious file itself, but rather certain attributes and behavioral indicators, that can point to a specific file as being malicious. Such behavior-based detection is supported by advanced data mining and analysis technologies, including machine learning algorithms able to go through large quantities of data and detect anomalies in real time.

When it comes to ransomware, key behavioral indicators include:

  • Encryption API – the majority of ransomware skips reinventing the wheel and just uses already available encryption APIs for encrypting user data. Often times, standard Windows functions, such as CryptEncrypt are used. And while the use of said function can’t reliably point to a ransomware by itself, it can be combined with other indicators to make detection more reliable
  • File type change detection – data within each file can be described via a specific signature. Mass changes in file signatures can be used to detect mass file type changes, which can be taken as an indicator of malicious mass file encryption.  
  • Comparing similarities between different versions of the file – another indicator of the file being encrypted is when there are significant differences between the new and old version of the file. If significant differences in hash functions of many files have been detected over a short period of time, they can indicate ransomware infection.
  • Moving, renaming or deleting files – monitoring changes to Master File Table can lead to the discovery of ransomware. When encrypting files, ransomware often changes the flag of the original file in the table, thus deleting it and overwriting with the encrypted version. Mass changes to the status of many files on the table can be indicative of ransomware infection.
  • System mapping activity – ransomware will check certain system parameters in order to make sure that the targeted endpoint is valid. It can be something as simple as checking a location and language settings and searching for certain file types, or full system mapping. Any such activity can serve as an indication of ransomware.

These are only some indicators that can be used in ransomware detection. Depending on the ransomware type, you may need to detect system locking activity, such as creating a new persistent desktop, rather than any file operations. Also, ransomware files can be scanned for things like ransom note text, while network communications can be checked for an attempt of ransomware to connect to the server.

However, it is worth remembering that any single one indicator cannot be reliably used for detecting ransomware. It’s only when several indicators are detected together that the behavior analysis system can reliably pinpoint malware.

Behavior analysis systems like this have become the backbone of next-generation anti-viruses and other anti-malware systems, aimed at catching not only ransomware but also other elusive threats, such as compromised accounts, fileless malware, insider threats and fraudulent activity, etc.

Protecting yourself from ransomware

Ransomware protection is not something that you can set and forget. Instead, it’s a layered, continuous process, that involves multiple different types of controls. Having a reliable detection tool is great, but it can only get you so far. Beyond that, you also need to make sure that your software is always up to date and that you always have backups ready in case attack wasn’t caught early.

Filter network traffic, block ads in corporate browsers, and prohibit email attachments in order to minimize the possibility of getting infected. Also, you should make sure that your employees are educated on the dangers of spam emails, social engineering, and compromised accounts, and that they thoroughly follow all security policies that are enacted in your company.

Remember, while combating ransomware initially looks hard, it will allow you to strengthen your general security posture, and it will immensely help you when it counts the most – when your data is under threat.

Apr 13, 2018

How to brute force RDP, FTP, Telnet and HTTP With Hydra

In the above video (Sorry, it's one of those annoying ones with no commentary or sound) we see how someone could use the THC-Hydra utility built into Kali Linux to brute force RDP, FTP, Telnet and HTTP. The truth is, you can actually brute force all sorts of protocols with it, including SMTP.

Apr 12, 2018

How To Use Rufus To Create A Bootable USB Drive

Rufus is an "online" tool used on Windows systems to help create bootable USB drives.

The system has been created to give people the opportunity to put pre-compiled images (ISO files) onto a USB drive, making it bootable. Freely distributed, it's mostly used to put systems into USB format, including the likes of Windows 10 and various Linux variants.

The point of the system revolves around the bootable feature. Bootable USB drives require an EFI "partition" to be created on the drive in order for the "boot" to be recognized by Windows. Simply copy/pasting the ISO file's contents onto the drive will not do this. This has made the use of a tool such as Rufus is often regarded as essential in the modern computing landscape.

The way the system works is by combining two important elements - the ability to write / copy the contents of ISO files onto a USB, and the ability to format the drive to suit. The formatting part is vital because it means that you're able to essentially put any type of data onto it (regardless of the source); the ability to write/copy files is important because it allows you to add files from any location.

When you load up Rufus, you have a number of options. The most important is that you're able to select an ISO (or some other content) that you wish to put onto the drive. The most important thing to realize with this is that there are a number of "pre baked" solutions you can use, one of which being "FreeDOS".

FreeDOS is essentially a clone of MSDOS that was distributed for free. In the absence of any bootable media for you to put onto a USB, you can use FreeDOS to perform disk utilities (such as fdisk) - a good set of computing utilities that not many people are familiar with. On top of this, you're able to specify which file system the drive uses as well as whether it uses "quick" formatting or not etc.

The reason this is important is because it gives you the ability to manage the various underlying ways in which you're able to manage different hardware components a system may have. This also means that you're able to identify any potential issues that could be preventing a system from booting.

I most recently downloaded a version of Windows 10 (1709) as an ISO. This was around 4GB, which was too big for any DVD's - meaning I had to put it onto a USB drive that had the required capacity. Without any native support for this in the Windows I was using, I had to turn to Rufus - and it worked extremely well.

Apr 11, 2018

Comparision of SAAS, PAAS & IAAS

There are usually three concepts of cloud service, Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Whether it is IaaS, SaaS, and PaaS, each has its own intricacies, but today we're going to help you to differentiate SaaS, PaaS, and IaaS.

SaaS - Software-as-a-Service is generally charged depending upon the number of users and charges are recurring monthly or yearly. Companies have the choices to add or remove users at any time without additional costs. Some of the most well known SaaS solutions are Microsoft office365, SalesForce, Google Apps. It is a responsibility of SaaS provides to manage Server, Network, and Security related threat intern it supports organization to reduce the cost of software ownership by removing the need for technical staff to manage install, manage, and upgrade software, as well as reduce the cost of licensing software.

PaaS - Platform-as-a-Service, A cloud service, typically providing a platform on which software can be developed and deployed in short it provides a platform to the software developer.

PaaS decreases the amount of coding required, automates company policy and aids the migration of apps to hybrid clouds. With PaaS, users can better manage servers, storage, networking and operating systems in general. All apps built using PaaS include characteristics of the cloud, such as scalability, availability, and multi-tenancy. In addition, it is quicker and cheapens the process of creating, testing and launching apps.

PaaS is utilizing the infrastructure services and add software platform services to it. The basic idea is to help the application developer to his core strength and relive him from dealing with the application hosting platform. PaaS providers are more responsible for dealing with servers and their major role is to provide clients an environment in which the operating system and server software, as well as the server hardware and network infrastructure, are taken care of. This helps users to focus on the business side of scalability, and the application development of their product or service.

IaaS - Infrastructure-as-a-Service - A cloud service that enables users to get access to their own infrastructure - computers, networking resources, storage. These can be typically virtual resources but could be real, physical resources as well.

This is the most basic of the service offerings. The service provider has to take care of these devices or virtual machines including all their services they depend on, e.g. networking, hardware or operating system patches. This basic service is interesting for a number of uses especially for highly customized software which cannot work on PaaS or even cannot be fulfilled by SaaS. The disadvantage is that for this service the user must have appropriate experts for all lower level technologies like operating system and more. This kind of service offers a greater flexibility for any online software but also demands deeper a higher amount of technical skills in the different area.

Many IaaS providers now offer databases, messaging queues, and other services above the virtualization layer as well. Users get benefited with IaaS as they get bare metal infrastructure on top of which they can install any required platform.

With this article, we hope to outline what is Cloud computing, how we use it and how it can help our clients to get benefited from it.

Apr 10, 2018

Free Cloud Based WAF Up To 4GB Of Bandwidth

The other day I was looking at potential alternatives to Incapsula. I've been using them for quite some time, but I've had plenty of issues with them over the years. On top of that, they pretty much charge an arm and a leg if you are hosting multiple websites.

Well, I may have found a decent alternative. It's called CloudBric! Here is what they are offering per their feature page:
Web Application Firewall:  
Cloudbric blocks all kinds of web attacks accurately and quickly with the industry-leading logic based analysis detection technology, powered by Penta Security Systems. 
DDoS Protection: 
Cloudbric mitigates and blocks DDoS attacks which attempt to exhaust resources and make websites inaccessible. 
SSL Certificate: 
Besides detecting and blocking malicious traffic, Cloudbric also provides free SSL certificates that encrypt communication between all visitors and the web server.
They also recently announced a console upgrade that allows cloud load balancing. One thing that I don't see that they offer though is CDN/Caching abilities. If that's not important to you then I think it's worth checking out.

The best part is that it is free for up to 4GB of bandwidth per month. Over that, and here are the prices:

If you are struggling with DDoS issues, but are constrained by budget, I certainly think CloudBric is worth looking into.

Apr 9, 2018

What it’s like to be a network engineer, translated into normal people speak

My friend Brendan sent this to me the other day on Facebook Messenger and I thought it was so hilarious and true that I had to share it here on Bauer-Power. I'm not sure who originally wrote this, but after having worked in IT for the last 13 years, I can say that without a doubt it is very accurate! Sadly, the accuracy is what makes this so funny and... well, sad at the same time!

Check it out:

  • User: I think we are having a major road issue.
  • Me: What? No, I just checked, the roads are fine. I was actually just on the roads.
  • User: No I’m pretty sure the roads are down because I’m not getting Pizzas.
  • Me: Everything else on the roads is fine. What do you mean you aren’t getting Pizzas.
  • User: I used to get Pizzas when I ordered them, now I’m not getting them. It has to be a road issue.
  • Me: As I said, the roads are fine. Where are you getting pizzas from?
  • User:…I’m not really sure. Can you check all places that deliver pizzas?
  • Me: No I’m not even sure all the places that deliver pizza. You need to narrow it down.
  • User: I think it’s Subway.
  • Me: Ok I’ll check…No I just looked and Subway doesn't deliver pizzas.
  • User: I’m pretty sure it is Subway. Can you just allow all food from Subway and we can see if Pizza shows up?
  • Me: Sigh, fine I’ve allowed all food from Subway, but I don’t think that is the issue.
  • User: Yeah I’m still not getting pizza. Can you check the roads?
  • Me: It’s not the roads, the roads are fine. I’m pretty sure Subway isn’t the place.
  • User: Ok I found it, its Papa Johns.
  • Me: Ok I looked and Papa Johns does deliver pizza. Is it the local papa johns or one in a different town?
  • User: I don’t know. Can you allow pizza from all Papa Johns to me?
  • Me: No I can’t do that. Can you get me an address for Papa Johns?
  • User: No, I only know it as Papa Johns. Can you get me all the addresses of all Papa Johns and I’ll tell you if one of them is correct?
  • Me: No I don’t have time for that. Ok I looked at the local one and it looks like they have sent you pizza in the past and they are currently allowed to send you pizzas. Try ordering a pizza while I watch.
  • User: Yeah still no pizza. I’m guessing they are getting blocked at the freeway. Can you check the freeway to make sure they can get through?
  • Me: NO this is a local delivery. They aren't even using the freeway.
  • User: Ok, well then it has to be a road issue.
  • Me: NO the roads are fine. OK I just drove from the papa johns to the address they have on file for you and there is nothing there.
  • User: Hmm, wait we did move recently.
  • Me: Did you give your new address to Papa johns?
  • User: no, I just thought they would be able to look me up by name.
  • Me: No they need your new address. What’s your new address?
  • User: I’m not really sure. Can you look it up?
  • Me: sigh, give me a second…Ok I found your address and gave it to Papa Johns. Try ordering a pizza now.
  • Me: Ok, good.
  • User to everyone else they know: I apologize for the delay in the pizza but there was a major road issue that was preventing the pizza from getting to me. The network engineer has fixed the roads and we are able to get pizza again.
  • Me: but it wasn’t the roads…whatever.
  • User: oh can you also check on an issue where Chinese food isn’t getting to me? I think it may be a road issue.
What do you think about this? Accurate or what? Let us know in the comments!

Twitter Delicious Facebook Digg Stumbleupon Favorites More