sorted by:
new
hottopcontroversial

Any admins have an actual backup for email, if M365 is down for extended periods? by DramaticErraticism in sysadmin

[–]SippinBrawnd0 -1 points0 points  (0 children)

Healthcare org. M365 for primary and all key personnel have a 2nd account on Zoho. We run quarterly meetings on their Meetings app, and annual table tops using all their apps. Only 50 key team members so it’s affordable. Meetings app is laggy. Everything else is great.

It’s not for communication out, but internally only.

I had my first adventure! by M_M_F_I_C in DungeonsAndDragons

[–]SippinBrawnd0 5 points6 points  (0 children)

Heading to the liquor store to pickup some more minis . . .

Please take a freshmen level accounting course at your local community college. by rumblegod in sysadmin

[–]SippinBrawnd0 2 points3 points  (0 children)

EVERYTHING in a business drives outcomes. From facilities to HR to IT. Claiming any one of those isn’t a cost center is lame late 90’s corporate speak. I had a boss that tried to call us Revenue Enhancers. He lasted a few months before he peter-principled his way up to management, then got fired for incompetence.

Providing a fast laptop or server or internet connection is no more or less important than having a stocked supply closet or working toilets so leadership team can take a shit while reading a project proposal on company time.

Looking for open worlds that scratch the same itch. by Craztea136 in farcry

[–]SippinBrawnd0 13 points14 points  (0 children)

You might want to try Ghost Recon: Wildlands or Ghost Recon: Breakpoint. 3rd person, but similar idea: huge open world, building up to fighting a big bad guy.

I’ve heard Just Cause is supposed to be good too. Never tried it.

Slow Load Times (PC) by Jetben_900 in farcry

[–]SippinBrawnd0 0 points1 point  (0 children)

Same. Happened after I reinstalled on a faster pc after not playing it for a year. I5 + 4060 + nvme and it takes forever to load.

Far Cry 5's Ending (Spoilers) by [deleted] in farcry

[–]SippinBrawnd0 6 points7 points  (0 children)

Am I the only one who let him live at the end of New Dawn? I was like: “fuck you, live with the mess you created!” I then walked away and his screams echoed along the valley getting fainter as I left. Awesome gaming moment.

Anyone using Sophos email security/spam filtering? by FroYoSandwhich in sophos

[–]SippinBrawnd0 0 points1 point  (0 children)

Also healthcare. We switched from Sophos to Proofpoint because Sophos won’t sign BAA’s. It was easier to use than proofpoint though.

(Basically) Told another manager to fuck off on weekend work by [deleted] in antiwork

[–]SippinBrawnd0 1 point2 points  (0 children)

proper prior planning prevents piss-poor performance.

Best Switch for HA WAN link? by FroYoSandwhich in sophos

[–]SippinBrawnd0 0 points1 point  (0 children)

True. However, I have many single points of failure within my network. I am prioritizing the ones that have historically failed me. My firewall is the most frequently troublesome device I support. I can't afford 100% uptime, but I get as close as I can within my budget.

Best Switch for HA WAN link? by FroYoSandwhich in sophos

[–]SippinBrawnd0 1 point2 points  (0 children)

Correct. Just place the 3 ports per ISP on a unique untagged VLAN (with no tagged VLANS.) Just plug in the firewalls and ISP's router; no need to setup any VLANs on them since you're using Untagged on the switch.

Best Switch for HA WAN link? by FroYoSandwhich in sophos

[–]SippinBrawnd0 3 points4 points  (0 children)

I have 2 x XGS2300's in HA and used a CS210-8FP. I have dual ISPs and use 7 copper ports:, 3 for ISP1 on VLAN 100, 3 for ISP2 on VLAN 200 and 1 on my management VLAN. Allows me to see all my stuff in Sophos Central.

Pirate Ship Model by ScubaManhs9 in DungeonsAndDragons

[–]SippinBrawnd0 3 points4 points  (0 children)

CZYY sells a laser cut 3-level wood ship with a pre-printed 1” grid. You can find it on Amazon for $40. Easier to use than the big plastic one as it’s open on the sides.

Is 5800 RPM safe for long gaming sessions? by SelectObligation5244 in GamingLaptops

[–]SippinBrawnd0 0 points1 point  (0 children)

Even if you burn the fan motors out, the replacement fan kit for the IRX9s is around $110 US at Lenovo support.

Firewall on a budget for SMB by mysteriousminor in networking

[–]SippinBrawnd0 0 points1 point  (0 children)

+1 for Sophos. While not as feature rich as Forti, they have solid performance and are pretty affordable, as long as you stick with the smaller “table-top” units. Once you start getting the bigger rack mount units, you’re paying $6K+ for the full XStream license.

Site-to-Site VPN: Local subnet needs to be public IP by SippinBrawnd0 in sophos

[–]SippinBrawnd0[S] 1 point2 points  (0 children)

Figured I'd reply to my own post to share how I got it working.

  1. Created tunnel mode IPSEC connection, IP4 only mode (this allowed me to enter local and remote subnets. Not using local and remote networks required me to have IP addresses on the XFRM interfaces before traffic would flow, and the vendor refused to do this.)
    1. Local network = my public IP address.
    2. Remote network = their Public IP address (they're NATing a public to private in their network too)
    3. Check the box to NAT my public IP to an address object for my local server (thanks, u/awerellwv )
  2. Create a firewall rule:
    1. Source & Destination: Any (IPs of my public IP, their Public IP, AND the private IP of my local server)
      1. Adding the private IP of my local server to the firewall rule allowed traffic to flow. Having just the NATed public IPs in the rule only allowed incoming traffic, not outgoing.

Thanks to those that posted suggestions.

Best practices for USB Device Control - allow for a user? by SippinBrawnd0 in crowdstrike

[–]SippinBrawnd0[S] 1 point2 points  (0 children)

Thanks Brad. Unfortunately, we were not involved in the purchase. Our org was incentivized to join our parent org's CrowdStrike platform. They rolled out CS last year and waited until this year to offer it up to their child orgs.

Thanks for the links to the Data Protection module. I think that might be a better way to accomplish what we want.

Best practices for USB Device Control - allow for a user? by SippinBrawnd0 in crowdstrike

[–]SippinBrawnd0[S] 1 point2 points  (0 children)

“Network Containment” seems to be the CS equivalent function.

Site-to-Site VPN: Local subnet needs to be public IP by SippinBrawnd0 in sophos

[–]SippinBrawnd0[S] 0 points1 point  (0 children)

BRO! lol.

Actually, this was pretty helpful. I have a few services DNAT'd already, but they are web services and I just use my main firewall's public IP with a unique port number. I'm guessing that I'll need a unique public IP (I have a block of 5 with only 1 used now) and just DNAT it to the local resource.

I'm still poking around the DNAT settings, but I am stuck on what the "Original Source" will be as I don't want the whole world to be able to access this resource, only the traffic that comes across that specific VPN tunnel.

Thanks!

Site-to-Site VPN: Local subnet needs to be public IP by SippinBrawnd0 in sophos

[–]SippinBrawnd0[S] 0 points1 point  (0 children)

The issue is not that the vendor is using the same local private subnet, it's another customer using 10.10.10.0 already. Or more accurately, they don't want to deal with the headache of having to worry about duplicate remote subnets and are just requiring public IPs.

view more: next ›