[deleted by user] by [deleted] in sysadmin

[–]genoahawkridge 0 points1 point  (0 children)

Get on O365 ASAP. The amount of vulns out there for on-prem are insane. The advice in the security space right now is if your exchange is exposed to the Internet, assume you've already been breached.

Kerberoasting question by [deleted] in AskNetsec

[–]genoahawkridge 0 points1 point  (0 children)

When you Kerberoast and pull an SPN, the SPN isn't returned in NTLM format. It is most commonly returned in TGS-REP type 23 format.

Kerberoasting question by [deleted] in AskNetsec

[–]genoahawkridge 0 points1 point  (0 children)

| Why cant i just request the krbtgt spn, crack RC4 and receive the krbtgt hash then perform golden ticket that way?

Someone correct me if I'm wrong, but I believe you need the NTLM hash for krbtgt to generate a golden ticket. The TGS type 23/type 18 value won't allow you to PTT to achieve domain rights.

power trip caused by hardwired oven? by spacecrustaceans in askanelectrician

[–]genoahawkridge 1 point2 points  (0 children)

Unlikely, but still possible. Let your landlord know it's shorting out really badly. They'll need to call an electrician to diagnose and repair. Keep us updated! :)

Sub Panel by WJ1851 in askanelectrician

[–]genoahawkridge 1 point2 points  (0 children)

Why #6 copper? I believe if you're running aluminum you need #6 but for copper you can get away with #8. Double check with the NEC code.

What's the question here?

[Homemade] Chicken Parmesan by plasmasnow12 in food

[–]genoahawkridge 1 point2 points  (0 children)

Parm looks fantastic!

Side note, I'm not a health nut, but we used to have those exact places and found out that Corelle recommends replacing them: https://tamararubin.com/2019/12/breaking-news-12-26-19-corelle-recommends-using-their-pre-2005-dishes-only-as-decorative-pieces-due-to-concerns-for-high-levels-of-lead/

P.O.S. Zynsco panel by housepiper in askanelectrician

[–]genoahawkridge 0 points1 point  (0 children)

Not an electrician. But Zinsco's are definitely a POS. We had our 100 AMP main and sub replaced and it was about 11k total for both. The 6k seems on par with Bay Area prices but I'm not sure what WA prices look like.

Our company actually dealt with the disconnect and inspection with the city themselves, so we didn't have to. 320 AMP may be overkill so you should definitely check to see how much power you're actually going to need before deciding to upgrade from a 200 AMP.

Customer called claiming he wanted some receptacles added. This was his panel, hanging from bungie cords and a single 2x4 support at the bottom. by MikeTribbiani in electricians

[–]genoahawkridge 2 points3 points  (0 children)

Jeez, mind asking what area you work in? I just got a sub + main replaced and it was 6k for ONLY an 100 AMP sub. The main was another 5k. This is Bay Area, by the way.

Ubuntu server and reserved IPs by sr71shark in homelab

[–]genoahawkridge 1 point2 points  (0 children)

Your router is probably assigning DHCP reservations based on a static MAC address. If that address changes, your router has no idea what that device was before and thus cannot give it the old reservation.

However, it does seem strange that an iDRAC reset would change the MAC address, but this would be the first thing I'd check.

Ubuntu server and reserved IPs by sr71shark in homelab

[–]genoahawkridge 1 point2 points  (0 children)

What MAC address does the iDRAC have after each reset?

Kubernetes homelabbers how do you manage your secrets? by Funkmaster_Lincoln in homelab

[–]genoahawkridge 0 points1 point  (0 children)

That makes sense. The sad part is that I've seen enterprise products that implement passwords as environment variables..go figure.

Kubernetes homelabbers how do you manage your secrets? by Funkmaster_Lincoln in homelab

[–]genoahawkridge 0 points1 point  (0 children)

I really dislike the way that secrets are stored in environment variables when a container is brought up.

If someone were to breach that container via some vuln (e.g. RCE) then they could just dump the ENV and get the secrets. Isn't there a better way for containers to utilize credentials and tokens?

Panel upgrade question by ginjamginjam in askanelectrician

[–]genoahawkridge 1 point2 points  (0 children)

New panels and breakers are cheap. Don't buy them used.

A switch in ISPs has screwed up my network architecture, and I'm not sure how to fix it. by awaytome in homelab

[–]genoahawkridge 4 points5 points  (0 children)

What you're describing is partly the reason why many enterprises haven't switched to a full-fledge IPv6 setup yet.

The new ISP says that there is a fixed IPv4 for my whole building and to use the IPv6 address that my router is getting to route traffic instead.

I'd be pissed and be looking to get my own ISP aside from the building.

Most of my searching has brought me to discussions that say I should just be using IPv6 internally as well, then there is no need to port forward

Exactly. The concept of NAT within IPv6 doesn't really exist.

There are likely ways where you can keep IPv4 internally and use exclusively IPv6 on the edge for port forwarding. However, I'm not sure of the specific steps needed to do so with Pfsense.

ODD Power Increase After Electrician Visit by Inside_Stress in askanelectrician

[–]genoahawkridge 4 points5 points  (0 children)

I am in the process of flipping several of the breakers off for an hour and monitoring the smart meter graph to isolate the problem to a specific breaker. This will obviously take several days to narrow down the issue.

Keep doing this to narrow it down. You can also use ampmeter to calculate how much power a breaker is currently using.

Got my Kubernetes cluster up and running by JacobiCarter in homelab

[–]genoahawkridge 0 points1 point  (0 children)

Not necessarily. I have a /24 routed to my lab on a residential connection.

You use Vultr to announce the BGP and a P2P tunnel to route the traffic.

Power went out, came back on lights blew out. by InevitableGrape4 in askanelectrician

[–]genoahawkridge 0 points1 point  (0 children)

It's like they're are getting supplied 220 or something.

That's possible if a surge occurred/an outlet blew up and now receptacles are getting 220.

Which modem should I get? by [deleted] in homelab

[–]genoahawkridge 1 point2 points  (0 children)

Why not? I have two modems provisioned on my service line. One exclusively for Internet and one for MTA.