sysadmin
- i need help with a windows audit lab
i need help, i am taking a summer college class for a comptia security+ exam. Does anyone know how to set up group audit policy in windows. i need to do this for a lab. i have attached a image of what i need to do.
- Executing Cron Scripts Reliably At Scale - Slack Engineeringslack.engineering Executing Cron Scripts Reliably At Scale - Slack Engineering
Cron scripts are responsible for critical Slack functionality. They ensure reminders execute on time, email notifications are sent, and databases are cleaned up, among other things. Over the years, both the number of cron scripts and the amount of data these scripts process have increased. While gen...
I wonder if this new system is why I can't make slack remind me at weird times...
- Lessons From Our 8 Years Of Kubernetes In Production — Two Major Cluster Crashes, Ditching Self…medium.com Lessons From Our 8 Years Of Kubernetes In Production — Two Major Cluster Crashes, Ditching Self…
Cluster Crashes, Battling Complexity, Scaling, Power Of Helm, Tracing & Observability, From Self-Managed On AWS To Managed On AKS, And More
It is always interesting to read about other people's experiences with k8s.
Archive Mirror for those that hate medium: https://archive.is/sQcHH
Off topic: The amount of 'please login to read the rest of the article' popup blocks is insane now. They must be really trying to make money...
- Mass Owning of Seedboxes - A Live Hacking Exhibition (DEF CON 31) - InfoconDBinfocondb.org Mass Owning of Seedboxes - A Live Hacking Exhibition (DEF CON 31) - InfoconDB
"No one hacks at DEFCON any more." is what I've heard. That is, until now. Seedboxes/seedhosts are used by thousands of pirates to download and distribute Movies/TV/Music via USENET and Torrents. The thing is, these systems are horribly insecure. Like, they are wide open. In this talk, I am going to...
- Downfall Attacks
Looks like another Intel specific CPU issue. Be on the lookout for the new microcode updates
- Unpacking Google’s new “dangerous” Web-Environment-Integrity specificationvivaldi.com Unpacking Google’s new “dangerous” Web-Environment-Integrity specification
Why Vivaldi browser thinks Google’s new proposal, the Web-Environment-Integrity spec, is a major threat to the open web and should be pushed back.
- Looks like my Samsung smart TV is probing my home network
i was setting up postmaster on Linux Mint, and i saw that a lot of UDP requests were blocked from one local IP address. I found out the IP belonged to my parents Samsung smart TV. i loaded up wireshark and found out it is sending UDP requests with different port numbers per request. any ideas what is going on, and how i can stop it.
- Hunting for Nginx Alias Traversals in the wild and leaking bitwarden's vaultlabs.hakaioffsec.com Hunting for Nginx Alias Traversals in the wild
Nginx, a versatile web server pivotal to numerous internet infrastructures, has held a dominant market share since its inception in 2004, with widespread adoption across websites and Docker containers. This article delves into the intricacies of Nginx, focusing on the location and alias directives t...
I guess it could be worse...
- What Intrusion Detection Systems are you using?
Hey Sysadmin,
I need some ideas around "IDS/IPS".
- What are people using for passing security audits?
- What about for AWS / Azure?
- Can they cover devices on/off prem (work from home, etc)
- What is a figure that your management team actually approved?
- Any good books on networking?
Everytime I have to do something with a dns, subnet, general networking shenanigans. I get really lost. Are there any good books for self learning that won't put me to sleep?
- Dear Red Hat: Are you dumb? | Jeff Geerling
Grabbing a new coffee and enjoying some drama that has absolutely no affect on me what so ever....
- Azure AD 'Log in With Microsoft' Authentication Bypass Affects Thousandswww.darkreading.com Azure AD 'Log in With Microsoft' Authentication Bypass Affects Thousands
The "nOAuth" attack allows cross-platform spoofing and full account takeovers, and enterprises need to remediate the issue immediately, researchers warn.
cross-posted from: https://reddthat.com/post/138527
> Wow Microsoft. You actually suck.
- The Importance of “Effective” Threat Intelligenceblog.unit221b.com The Importance of “Effective” Threat Intelligence
Threat intelligence is a crucial aspect of cybersecurity and, in recent years, chat forums such as Discord have become a significant source of threat data. Unit 221B’s Chief Legal Officer, Mark Rasch, outlines how to effectively leverage threat intelligence from chat forums in this blog post.
- DevOps is Bullshitblog.massdriver.cloud DevOps is Bullshit
DevOps is Bullshit. A Critique of How We've Fooled Ourselves for Years.
- The Perils of Stardom: Supreme Court to Address Online Threats Facing Celebrities and Legal Challenges in Responseblog.unit221b.com The Perils of Stardom: Supreme Court to Address Online Threats Facing Celebrities and Legal Challenges in Response
This blog post discusses the dangers of celebrity status in the digital age. Online harassment, cyberbullying, impersonation, revenge porn, doxxing, deepfakes, and account takeovers are just some of the threats that plague individuals with a big online presence and they're up against many legal chal...
- Guidance for Scaling - Reversible vs. Irreversible Decisionswww.craigkerstiens.com Guidance for Scaling - Reversible vs. Irreversible Decisions
Was having a conversation with a founder earlier today and the topic of hiring functional leaders came up. I offered one of my common pieces of advice which was don’t hold the reins too tightly once you hire them. It’s something I see happen over and over to first time founders. You hire a new VP of...
- I booted Linux 292,612 timesrwmj.wordpress.com I booted Linux 292,612 times
And it only took 21 hours. Linux 6.4 has a bug where it hangs on boot, but probably only 1 in 1000 boots (and rarer if using Intel hardware for some reason). It’s surprising to me that no one…
- NSFW sysadmin
It'd be great if this could be a community for sysadmins of NSFW sites.
- Critical FortiGate SSL VPN Vulnerabilitywww.securityweek.com Fortinet Patches Critical FortiGate SSL VPN Vulnerability
Fortinet has patched CVE-2023-27997, a critical FortiGate SSL VPN vulnerability that can be exploited for unauthenticated remote code execution.
- GitHub - LemmyNet/lemmy-ansible: A docker deploy for ansiblegithub.com GitHub - LemmyNet/lemmy-ansible: A docker deploy for ansible
A docker deploy for ansible. Contribute to LemmyNet/lemmy-ansible development by creating an account on GitHub.
So you want to know how we host lemmy?
I bought a server for 12 months, cloned this repository, edited the smtp details, modified the host vars, and ran the deploy!
The lemmy stack uses nginx, docker, and certbot. Inside docker it runs, lemmy, lemmy-ui, pictrs, postgresql, and postfix.
For our CDN we are using the "dreaded" cloudflare for caching. Here's a pretty picture of our analytics for the past 7 days (the whole life time of reddthat.com): !Screenshot of cloudflare analytics Incase you hate me for using cloudflare, don't worry I don't like using it either, but it's free for the time being. We are planning to move to BunnyCDN once we become funded. We've enabled Strict SSL to ensure all communications are secure. We also allow Tor users to access the site, and have our cloudflare "security" setting to minimal.
We are using UptimeRobot for our status page; status.reddthat.com.
Emails are hosted via my Mailcow instance.
The git repo linked here has been forked to a git repo and I'll be looking at making some changes in the coming days. Mainly to add the nginx configuration to be part of the code as well. It will then be completely under code, not just partly under code as it is now. This is a gitea instance utilising gitea_runners, so once I get that done, I'll be creating gitea actions for:
- Adding renovate to automatically check for new versions of the docker files and notify of passing tests
- Once the PR is merged, automatically deploy it.
& that's about it.
Tiff
