!shittyadmin@lemmy.zip

This is a Chinese attack that targets Azure

Tick tick

Anyone here have any experience with a Datto Backup Appliance?

I have just been told that they've never run a full restoration in the six years that it's been in service, deployed for the backup of four mission critical virtual Windows Servers, four Windows Workstation and a (physical?) Linux PABX server.

The actual appliance is apparently a "Datto S3-2000 BCDR"

Edit: The anal retentive in me is going WTF in a tight loop. The industry professional with 40 years experience in the field is going, different day, same old...

I realised that I didn't actually ask the pertinent question, the hamster wheel was running full tilt, but is this normal, or is this WTF, or somewhere in-between?

As you all might be aware VMware is hiking prices again. (Surprise to no one)

Right now Hyper-V seems to be the most popular choice and Proxmox appears to be the runner up. Hyper-V is probably the best for Windows shops but my concern is that it will just become Azure tied at some point. I could be wrong but somehow I don't trust Microsoft to not screw everyone over. They already deprecated WSUS which is a pretty popular tool for Windows environments.

Proxmox seems to be a great alternative that many people are jumping on. It is still missing some bigger features but things like the data center manager are in the pipeline. However, I think many people (especially VMware admins) are fundamentally misunderstanding it.

Proxmox is not that unique and is built on Foss. You could probably put together a Proxmox like system without completely being over your head. It is just KVM libvirt/qemu and corosync along with some other stuff like ZFS.

What Proxmox does provide is convenience and reliability. It takes time to make a system and you are responsible when things go wrong. Doing the DIY method is a good exercise but not something you want to run in prod unless you have the proper staff and skillset.

And there is where the problem lies. There are companies are coming from a Windows/point in click background who don't have staff that understand Linux. Proxmox is just Debian under the hood so it is vulnerable to all the same issues. You can install updates with the GUI but if you don't understand how Linux packaging works you may end up with a situation where you blow off your own foot. Same goes for networking and filesystems. To effectively maintain a Proxmox environment you need expertise. Proxmox makes it very easy to switch to cowboy mode and break the system. It is very flexible but you must be very wary of making changes to the hypervisor as that's the foundation for everything else.

I personally wish Proxmox would serious consider a immutable architecture. TrueNAS already does this and it would be nice to have a solid update system. They would do a stand alone OS image or they could use something based on OStree. Maybe even build in a update manager that can update each node and check the health.

Just my thoughts

What is this thing?

That's sounds strange to say but hear me out. Before ransomeware there was no economic incentive for companies to worry about security. There was a strong "why would you hack us" vibe that made it hard to talk management into doing anything basic like locking down ports.

Nowadays everyone and there mom is worried about getting compromised. I've seen companies who historically didn't care at all about IT suddenly invest heavily in security. We are now much more secure than we were previously as everyone has suddenly realized that the internet had a huge risk. I doubt we will see any of the old style worms we had back in the day that would infect millions of machines.

I haven't seen it yet, and this one is near and dear to my heart.

Update your stuff -- this one's been affecting Enterprise Linux for maybe 12 years, versions the distros have long since grown bored of supporting, so essentially every EL install out there. So great.

What's the best way to monitor and log which processes are responsible for high system load throughout the day? Tools like top and htop only provide immediate values, but I'm looking for a solution that offers historical data to identify the main culprits over time.

@sysadmin

#sysadmin #linux #server

Discussion question: Are we to centralized? (I know Lemmy isn't unbiased)

So using qemu with hyper-V acceleration is something that is not well documented. Historically, you would setup HAXM but that has been discontinued and deprecated.

To use qemu on WIndows with hardware acceleration you first start by enabling Hyper-V if it isn't enabled already. Next, run qemu with the following additional option:

--accel whpx,kernel-irqchip=off

In qtemu on Windows there is a GUI option to do this. I like qemu because it cleaner than pure Hyper-V and doesn't have the licensing issues that Virtualbox does. I also like that Linux guests have native support for virtual devices.

https://www.qemu.org/docs/master/system/qemu-manpage.html

For those who want a alternative to Adobe without using Edge

So we run VMware, and this morning I go and check a thing, and Firefox gives me an error.. connection insecure cert is invalid

No I don’t have the exact verbiage

But Edge and Chrome opened it just fine. Whisky Tango?

It was a rekeyed , and re installed the cert for an easy ish fix.

But I’m far more weirded out that FF slapped it down ; and the other two were like; Ja sure no problem…

??

Maybe should x post to c/firefox as well

Took me a few hours to figure this out, figured I'd pass it along. Forgive formatting, I'm on mobile.

How to Bypass Bitlocker for Crowdstrike BSoD

Only use this if the Bitlocker key is lost.

 From the Bitlocker screen, select Skip This Drive. A command prompt will appear.

Type bcdedit /set {default} safeboot network and press Enter.

Type Exit to exit the command prompt, then select Shut Down

Hardwire the device to the network

Login as an admin account

Navigate to C:\Windows\System32\Drivers\Crowdstrike and delete C:\windows\system32\drivers\crowdstrike\c-00000291-*.sys

Win+R to open the Run menu, then type msconfig and press Enter

Go to Boot

Uncheck the box for SafeBoot

You will receive a warning about Bitlocker. Proceed.

Click OK and you will be prompted to restart. Do so.

Have the user login

Test their access to files

cross-posted from: https://sh.itjust.works/post/22460079

Today I'm grateful I'm using Linux - Global IT issues caused by Crowdstrike update causes BSOD on Windows

This isn't a gloat post. In fact, I was completely oblivious to this massive outage until I tried to check my bank balance and it wouldn't log in.

Apparently Visa Paywave, banks, some TV networks, EFTPOS, etc. have gone down. Flights have had to be cancelled as some airlines systems have also gone down. Gas stations and public transport systems inoperable. As well as numerous Windows systems and Microsoft services affected. (At least according to one of my local MSMs.)

Seems insane to me that one company's messed up update could cause so much global disruption and so many systems gone down :/ This is exactly why centralisation of services and large corporations gobbling up smaller companies and becoming behemoth services is so dangerous.

cross-posted from: https://lemmy.ml/post/18154572

All our servers and company laptops went down at pretty much the same time. Laptops have been bootlooping to blue screen of death. It's all very exciting, personally, as someone not responsible for fixing it.

Apparently caused by a bad CrowdStrike update.

It keeps showing Internal server error and has been for over 2 hours now. I tested from different locations (China, US, EU) and same errors everywhere. Yet I don't see any news or posts about this anywhere. I have an exchange server that needs installing today and I can't download the prerequisites to even launch the install. Sigh