Binrev Financier
  • Content count

  • Joined

  • Last visited

  • Days Won


Posts posted by tekio

  1. EDIT: to further elaborate in computer science terms: let's pretend we work for a law-firm needing to search contents of PDF files. They have thousands. We index PDF files on Micoshift. Then all of a sudden notice nobody can login into the domain. Since everything is centralized authentication and it costs an average of 5000.00 per server in licensing the these files were put onto a Domain controller. We are finally able to get in and see the Windows Search Service is taking 100% resources indexing PDF files. This is fine for three hours or more, But these PDF files are edited daily and tie up our Domain Controller all day long


    Like most MCSE Microshift experts, we ignored best practice of leaving Domain Controllers to handle AD only. Besides, we already have separate licenses for SQL Server and Exchange running on two separate Windows Server Virtual Hosts with client access licenses for 500 users (5 grand or more each). So with our Domain Controller acting as a file-sever, nobody can login? Our slow searching, but easy to find file-system for end-users is needing to index all day long.  


    So now we have a huge task: meeting to secure another 5000 in IT resources. Moving Terabytes of files to something with a more efficient file system in the sort-term (like a 500 dollar NAS running what kernel? (either BSD or Linux). As well as the immediate problem that Windows does not control tasks like Linux. So before we can even troubleshoot, more than likely we need to reboot the Winshaft server for any Admin access.. The admin could an extra CPU socket to try and pick up the slack, but that involves an upgrade path to Server Enterprise with new CALs.


    That is a scenario I've dealt with before. Linux? Much for efficient and  a shell script can written to find whatever some CEO who cannot name files needs.




  2. Quote

    In the real world, file.txt, File.txt, FILE.TXT, FiLe.TxT etc. are all the same single file in a directory. There is only one file in any given directory with that file name and that's that. When somebody calls you on the fone and tells you "send me file.txt" and you see several different files withthat same name, only different capitalization, which one are you going to send them? "file.txt" which contains your personal E-mail cache or "File.Txt" which contains the details for the Hoigy & Spymler Amalgamated Widgets account?

    They need to be more specific, re-write the application outputting file names, or learn to name files better


    "Hoigy & Spymler"

    You would run a case insensitive search with built-in logic "WHERE company_name is LIKE Hoi% OR company_name LIKE hoi%" 

    That will be handled at the application layer, not the file-system level.  Issues are in procedure if you're not storing this in a database. Even though case-sensitive provides both faster search and sorting with extensive searches at the file-system level (looking at bits) we have been using databases for optimizing searches like this since the 1960's.


    In your case when storing client files as text you'd need to fully use find, grep, egrep or awk with RegEx. With much power comes responsibility. So like I stated, if you're a computer science person you want case-sensitive - if you just need to find file names and not be worried about optimization Fat-32 or NTFS is fine and dandy. 




    It all comes down-computer science: there are 100 ways to do anything. But only a few to do it right, MS chose something more user friendly. 





  3. May I please handle this? Thank you!



    I'm enslaved to Microsoft because I have a living. And many of the Linux apps do not play well in the Microsoft world. Open Office/Libre Office is a joke if you have to send a multi hundred page RFP to an enterprise that reads things off MS Office for an example. 


    We are mostly Developers, System Administrators, and Analysts. Linux can send a 3000 page Office Document like a champ. Bits are transparent moving across the physical wire. I'd wager one year's professional salary Linux boxes move more Word Documents than Windows platforms. 



    I'm enslaved to Microsoft because I have a living.

    Are you Recptionist? My GF is and can use Word and Excel like a pro. She is actually certified in Excel and Power Point, the certs hang above her cubical.



    I know most BinRev users are not in professional work environment, but you're talking to one, so I have to defend Microsoft over my dead body. 

    When a Windows System Admin, I ran my Win10 Pro workstation in a VM (level2 hypervisor) on Linux. I could backup snapshots and have an IT workstation in case the worst happened and some CEO infected the entire Domain with some CIA Bitlocker MS-0Day variant. Simply boot Linux, put virtualized nodes on HA, and then run automated re-installs.


    I could also do simple but professional level I.T. things without needing a CAL for every other connection.




    When Linux can start using vanity names instead of the raw app/process name to describe them and actually lay off case sensitive file systems

    but capitols are different letters. should ms revert to case insensative passwords? Really, this shows a serious lack of Computer Science knowledge.  :-)




  4. Unsure if this counts.


    I made an online digital footprint for a fictitious person. Subscribed to a bunch of random stuff online, submitted information with a the fictitious address, browsing history with Google, etc... etc... etc..  USPS still delivers mail to this person about once every few weeks. They have a Facebook, twitter, etc..... where posts and comments were made to put them in a specific demographic class.


    Every few days there will be mail for this person on the top off the mailboxes where I live because the postperson cannot find unit #1337.   Buhahaha!



  5. What are some Linux desktop application you cannot live without?

    I am really amazed at how Linux has come over the past few years as a desktop operating system! No more than 5 years ago I had to run OSX to get the best of both worlds: a decent core computing platform with good productivity tools.  However, in the last few years it is now a reality: Linux easily can match MacOS as a productive desktop platform.

    So apps making this possible for me:

    - LibreOffice or OpenOffice
    - Google Keep (Chrome App)
    - Simple Note
    - Makagiga (todo manager a little more robust than what Google Keep can offer)
    - Draw.io (chrome app) pretty polished, robust and free diagramming app
    - Journey (Chrome App)  Journal app that is pretty polished
    - Caret polished cross-platform markup editor (simplenote just too many features for professional use)
    - Dropbox is cross-platform and the free storage plan is good enough to sync important files across systems

    - JetBrains IDE's PHPStorm, WebStorm, and Pycharm (community)
    - Komodo Edit - offers a code runner, RegEx Toolkit and HTTP Debugger. Pricey but every few years it will go on sale for about 99 us
    - SublimeText - worth 75 bones for me. Atom just takes too long to load. 
    - RazorSQL - about $99 for a cross-platform SQL swiss-army knife.
    - MySQL WorkBench
    - Virtual Box
    - VMWare Workstation (this supports level-1 nested hypervisors better for learning Hyper-V and vSphere)
    - CMD tools of course is where Linux is a powerhouse: phpbrew, Python, GIT (dropbox works well for small repositories :-)  ), Vagrant, PHP, MySQL, etc...
    - Leptop code snippet manager

    Web / Internet / Networking
    - Chrome
    - Firefox for its dev extensions
    - HexChat
    - FileZilla
    - WireShark (duh)
    - nLoad
    - nTop

    - VideoStream (Chrome Plugin for streaming to Chromecast)
    - Gimp
    - VLC
    - Pix image viewer


  6. Once they come up try re-scanning, then re-adding into your ARP Poisoning list. Perhaps they were not responding to Mac Address probes. Are they on the same broadcast domain as APR? Could the switch these hosts are on be preventing ARP Poison Routing?


    If I remember, a host may not be found for some reason when ARP scanning (like just came up or didn't respond ton MAC Scans). Then when ARP Poisoning it can be detected. However may not have been assigned in the ARP Poisoning Dialog where hosts are assigned to be "spoofies" of the "spoofed" They may be receiving Poisoned ARP requests/replies but not in Caine's table to route.  


    Test this in a lab. It has been a while since I've played with C&A.


    Also, there are lots of other networking scenarios. What operating system are they? Windows sometimes would still allow ARP poisoning with static ARP entries, but Linux and BSD would not. Unsure if Windows has changed.  It could be the TCP/IP stack getting confused and then sending traffic to the real gateway based on a host IPS.  So many possibilities.


    But make sure these are being assigned after your MAC Address Scan. Then look for a host-based contingency, finally check network traffic in Wireshark to see what is happening on the LAN.


  7. On 9/16/2017 at 9:16 PM, scratchytcarrier said:

    Ahh AOHell Those were the good old days. Not hacking but just stupid harmless phun.

    (misty-eyed with nostalgia)

    I actually worked in tech support for AOL back in those days. At 19-20 something was the best job ever. Not only did I get free "all you can eat" Internet back in the early 90's; but they paid me overtime to browse the web all day/night long while helping people put a CD in a computer and configure a modem.


    There really was no downside until they finally went out of business. 


  8. I have been working on Facebook password, online generator. It makes a unique password that is hard to guess but easy to remember by permutating part the user's full email address and phone number. The funny thing is, people would actually use this with their Facebook email address. haha


  9. On 7/2/2017 at 3:08 AM, Kulverstukas said:

    I just googled that and guess what: https://int3.cc/products/usbcondoms haha

    It doesn't say in the description that it prevents your phone from frying, but logically that's the first device to fry...

    Haha! Hardware and software condoms! If I am not mistaken, there is a pretty serious security issue with the way USB works. The firmware pretty much needs to be signed or read-only and signed.


    Not that I could exploit it. But underestimating cyber-criminals is how Admins get burnt, usually. :-(


    EDIT: apologies to BinRev for misuse of the term "hacker" on here.




  10. 14 hours ago, Kulverstukas said:

    I'm talking about those storage media embedded into an object (most commonly a wall) - https://deaddrops.com/

    Some art-related dude came up with an idea to place flash drives into walls and register them as deaddrops. People then could come up to it and connect their devices and do some shit.

    Honestly this is a fun idea, but I don't see how could this catch on. It only exists in a very small circle of people...


    I have found that there is one deaddrop registered in 2011 in my city, so I might go and try to find it, see if it still works :P

    As a trial, I thought to step it up a bit and hide a hard drive somewhere by placing it in a sealed container... because I have a few 2.5" drives (with few bad sectors, but I won't put good drives into a wall) laying around, so why the hell not :D


    Also PirateBoxes (https://en.wikipedia.org/wiki/PirateBox) seem to be the same thing, just with wifi. I also have a few old Android devices laying around, might try to convert one :D



    Seriously, sounds like a fun. But would need some kind of USB Condom. This is why Admins need to be a hardass with USB drives and personal computing devices plugged into a corporate LAN. :-P


  11. 14 hours ago, Kulverstukas said:

    @tekio: it sounds like you had some really strict rules :P didn't people bust your balls for that? because you know... inconvenience?


    No. Before my tenure the entire company was down for 48 hours due to cryptolocker from a ThumbDrive. That was inconvenient for the owner who lost 48 hours worth of business. Of course Managers, Owners, IT people, and senior sales staff received training from IT and were in allowed security groups.


    Honestly, it worked out great for end users and IT. They had reliable systems for work  and IT was able to provide better IT services w/o needing to worry every time Randsomeware was headlined.




  12. Mainly for booting Linux and repair utilities. Never bring them to work anymore unless they are property of my employer. Too much crossing lines with corporate computing policy. 


    For moving stuff around between computers, an Android phone with a web-based file browser is the way to go at work, IMO. Never need to plug into a computer and is ok by most any corporate computing policy with employee wifi

    My last job as a sys admin, actually locked USB Storage in Group Policy for all but two or three privileged security-groups. Too much can go wrong, and if I saw someone who was not authorized plugging in a thumb drive, it was mine to interrogate for security including: virus, illegal downloads, or any other illegal activity or violating policy defined by corporate computing policy. Event Viewer would tell me who and where these were being denied by GPO as well.


    For personal use. I do always have a low-profile 32GB thumb drive plugged into my laptop, though. Gives another 32GB of storage that can be faster via sneaker-net than most crappy WiFi networks.

    Agree 100% with glitch on using non-trusted computers. Also, bonus points if those are 5" floppy disks. 


  13. On 3/24/2017 at 11:54 PM, scratchytcarrier said:

    84 or so, I don't know its exact origin but I think so

    Marijuana, Marijuana, LSD, LSD

    Mrs. Johnson makes it... all the teachers take it.

    Why can't we? Why can't we?


    If you're looking for the Principal, he's hanging on the flag pole.

    With a ruler through his head, filled with dirty pencil lead.


    EDIT: almost forgot The Stoner's Cheer 1995ish:

    Party hardy, sex and rock & roll.

    Drink a 1/5th then smoke a bowl

    We are stoners, we got class.

    Fuck with us, we'll kick your ass.


    In middle school, every kid with long hair had that on his Pee-Chee or Trapper Keeper. LoL


  14. Walking through Office with dick in hand..

    We call Willy C. Trailer Park Man...

    Peeks in a stall? What did he see? 

    Monica and Gennifer trying to take a pee......

    Media started to talk, each intern described the same cock...

    The Clintons' career got impeached from the Pennsylvania block....



    Early 80's something:

    Old Mother Hubbard went to the cupboard to give her poor dog a bone.

    When Mother bent over, Rover took over and her a bone of his own.



    1st Grade Reading Class:

    "Say <person's sister's name> may I", then spell cup.



    Most I will not post in respect to current racial tensions in the USA. 



  15. Haha. I cannot post that online for security reasons.  Where I live for POTS, Clink is pretty much the only game in town. So perhaps that is why have things like that. 


     It is pretty ridiculous for a Telco to charge a new customer money for gracing their service offerings. I guess it makes sense if someone leaves in a few days after running copper.


    I'd ask them for a discount on services over a few months to counter cost in setup and running copper. You're wanting to be a customer to a dying service they provide. Ask to speak with manager, tell 'em you're looking for better POTS service. Then follow up with, "I cannot see it being better? If I need to pay for being a customer? Can you a least knock off $10.00 per month over 12 months? To cover the setup fees?" "OK, no then? What makes your service so much better than the others?  Do you not want someone who has a need for an analog line long term? To me, that sounds like a great customer for you? What am I missing? By the looks of Clink stock, you guys can use all the money you can get over the next two years? Who do I elevate my concerns to?" .



    The areas I've lived in Clink pretty much has all the copper infrastructure. But think they need allow 3rd parties access to aggregate service on their copper.  All the copper was operated by Pacific Bell. When the bell companies broke up, it basically changed to U.S. West. It was still the same except long distance could be changed to MCI, Sprint, AT&T, etc... Then US West changed to Qwest and 3rd parties started coming (About the mid to late 1990's) and aggregating service of copper infrastructure and C/O equipment that was originally Pacific Bell and later US West -> Qwest -> Clink.


    So. Windstream could come in and say, "we meet the requirements to offer service in your area. We have these numbers and you need to provide us with access to your copper for our customers (probably at a fee)." Maybe not 100% but something like that. Never been around back east but always thought Nynex and all the others were similar. 



  16. We use Clink POTS lines at work for FAX machines and a few other things (also DSL on POTS for our backup Internet connection). But actually found a local 3rd party that resells Clink POTS offering the same service for about $10.00 per month less with WAY better customer service. They have already bought a huge pool of numbers routed them to Clink, then resell through Clink.


    Clink POTS lines, depending on where you live, should be the most ubiquitous as they (indirectly) inherited a lot of infrastructure in the west from the Ma-Bell divestiture. Guessing your home must have been built in the last 20 years if there is no POTS easily accessible or at one time was not hooked up to Clink or US West.