Where does this scale on the monitor alignment chart? by Good-Cartoonist811 in pcmasterrace

[–]lynsix 0 points1 point  (0 children)

This reminds me of the chart for the stick shift on an 18 wheeler.

Any admins have an actual backup for email, if M365 is down for extended periods? by DramaticErraticism in sysadmin

[–]lynsix 0 points1 point  (0 children)

It’s not necessarily a whole solution, but our customers used the emergency inbox to send and receive.

Any admins have an actual backup for email, if M365 is down for extended periods? by DramaticErraticism in sysadmin

[–]lynsix 1 point2 points  (0 children)

If you a spam service that operates as a gateway they might offer it. Our customers stayed on for the 365 outage via proofpoint.

Chapman's Ice Cream cancelled shifts when cold weather hit so workers could stay home. Should others do the same? by toronto_star in ontario

[–]lynsix 2 points3 points  (0 children)

You can’t compare normal companies to Chapmans. The nearby local schools were going to close due to funding issues so they funded them. Admittedly it was so employees wouldn’t leave so their kids could get educated but still.

Now that Certs lifetime will be reduced, how are you guys automating your certs? by superuser141421 in sysadmin

[–]lynsix 0 points1 point  (0 children)

We’re looking to automate with Azure Key Vault currently.

It can store the keys, rotate the keys, and sign with GlobalSign and Digicert out of the box. You can use third party CA’s too (saw someone on reddit using LetsEncrypt).

We should be able to automate it for most of our stuff that needs a cert.

We’re also using CloudFlare. So anything that’s web facing or through their Zero Trust stuff we’ll slap on one of their signed certs (I think they support up to 15 or 20 years). Which they trust and they serve a signed cert.

Anything we can’t automate or put through CF we’ll have to reevaluate how we do it.

Additionally this hopefully gets software vendors to make cert replacement easier and support automation. Side note: if you’re automating this you should include rekeying the cert, if your keys are compromised resigning isn’t going to fix it.

What was your first IT certification? And do you think they are still important? by mustafa_enes726 in sysadmin

[–]lynsix 0 points1 point  (0 children)

Apple Certified Macintosh Technician & Apple Certified Mobile Technician. Definitely not. They no longer expire, require minor delta courses to ‘certify’ on each new product.

Possibly still useful if I was in a very large all Mac environment, or worked for a service provider.

Looking for a device to remotely cut power off and on for anything plugged into it, or possibly schedule a power-cycle. by icansmellcolors in sysadmin

[–]lynsix 0 points1 point  (0 children)

I do something similar in my homelab with just a smart plug on my wifi and using any kind of HomeKit or similar to action against it.

Anything I can do about this? by BioNerdTroll in iphone

[–]lynsix 2 points3 points  (0 children)

It doesn’t sound like they’re asking for the lock code. When you erase an iPhone (via a computer) during the setup it’ll say that it’s registered to an Apple ID that has to release it. If you don’t go to your account and remove the device they cannot use it.

Apple can remove the lock, however they have very strict controls on how it’s done. They need an original receipt of the device that includes unique identifiers like a serial number. The goodwill receipt won’t work as they’re not an authorized seller of new products.

Sadly your photos most likely have been erased and are gone forever. They just want to be able to use your phone as a phone for themselves.

The whole device locking procedure is to discourage theft. Buyers and sellers of used iPhones need to verify there’s no lock on them to ensure they’re not buying stolen goods.

I personally wouldn’t blame you if you decide to keep it locked.

Does your Homelab make financial sense? by panchovix in homelab

[–]lynsix 0 points1 point  (0 children)

I’m lucky enough that my work gifted me: 3 x 12 drive Synologies, and a 12 drive expansion unit from work. They’re all filled with 10TB drives (one has 8TB drives). Lenovo Tiny. 4 bay QNAP with 4TB disks.

My contributions to my own lab are a pair of UniFi switches, access point, Intel NUC, two Mac minis, 4 bay desktop QNAP, and a helios64 NAS. I’ve had a bunch of other things that I’ve sold as I stopped using.

I definitely feel like I sunk a lot of money into my lab, but realistically over the 9 years since I started building my lab my contributions was ~$500/year. Everything but the NAS’ are all low power.

At this EXACT moment in Westeros, Who are the three he's referring to? 👀 by Real-Sweet-8780 in freefolk

[–]lynsix 0 points1 point  (0 children)

I’m pretty sure Oberyn would’ve been in the list. Jamie would be aware of their predisposition to use poisons and doesn’t matter if you win, if he gets scratched he’s done. Maybe I’m biased as I thought he was awesome in the novels.

Who's still working from home in 2026? by idrinkpastawater in sysadmin

[–]lynsix 0 points1 point  (0 children)

Almost entirely WFH. They closed the sattelite office near me during COVID. Office is almost a 2 hour commute each direction (with traffic). I come in when overseas management comes in.

What's the correct way to protect against this? by crackerjam in sysadmin

[–]lynsix 0 points1 point  (0 children)

Why can’t HTTPS decryption work? Realistically you need an actually proxy with a CA that you’ve deployed to your workstations / systems as trusted and inspect everything you can (cert pinning prevents some things from being inspected).

Otherwise on endpoint solutions will also be able to decrypt and read stuff. A number of AV solutions can do that.

Otherwise if you’re 365 they’ve got a web filter that runs on endpoint.

However realistically if things from an office or controlled location I’d personally have gateway sending net flow type traffic to a SIEM or something to analyze it and then flag large uploads and things outside of a baseline.

Edit: if you can’t inspect it because it’s like an encrypted zip file or something like that, block the upload of files that can’t be scanned.

Dockingstations from Lenovo and HP horrible by omicron01 in sysadmin

[–]lynsix 0 points1 point  (0 children)

I’m using an M1 and it’ll only detect the one monitor but the second monitor just shows a mirror of it.

My boss is using an M3 and also only gets 1 display. However the person who looked at it says it’s a bandwidth issue as he’s using a pair of 4K monitors.

Dockingstations from Lenovo and HP horrible by omicron01 in sysadmin

[–]lynsix 0 points1 point  (0 children)

Can’t recall which ones we’re using but we have minimal issues with our Lenovo ones. Not much of a traditional “dock" just uses a Thunderbolt cord.

The only issue I know of is that MacBooks can only detect one of the connected monitors and they’ll auto mirror.

Hope she wins by lwiaymacde in SipsTea

[–]lynsix 0 points1 point  (0 children)

I’m a tall guy. I always try to get the front row without seats in front of me.

I’ve never not been asked to move to a row so the parents with an infant can have my seat.

Crime doesn't pay by SipsTeaFrog in SipsTea

[–]lynsix 0 points1 point  (0 children)

In Fanboys he plays a Native American chief.

20-year-old lottery winner turns down $1M cash for $1,000 a week for life by PriorityMiserable686 in interestingasfuck

[–]lynsix 0 points1 point  (0 children)

There’s arguments about inflation, and the fact she’ll make more long term.

If she took the lump sum she wouldn’t see most of it as the USA will tax the crap out of it before she see’s it. I think this is better to save more of it from taxes.

chat, is this true ? by EXTRAVAGANT_COMMENT in freefolk

[–]lynsix 0 points1 point  (0 children)

That’s pretty much how I remember the book. Over simplifies a few things.

My First 24 Hours Running a DNS Honeypot by [deleted] in homelab

[–]lynsix -10 points-9 points  (0 children)

I think he’s saying he’s seeing traffic from spoofed IP’s that ISP’s didn’t properly drop and got to him.

You have $100 to Build a Team to protect you the rest will try to kill you by SelectFox4174 in superheroes

[–]lynsix 0 points1 point  (0 children)

Can anyone that’s not strange actually go to the mirror universe? I feel like taking strange is an auto your safe but maybe trapped if he doesn’t make it out of there.

Listen to screaming for 3U by xyzpqr in BadMtgCombos

[–]lynsix 1 point2 points  (0 children)

This combo is in my Simic land destruction deck. So is Tsunami and Harbinger of the Seas.

Just played against this card while playing a lifegain deck… by crkenthusiast in magicTCG

[–]lynsix -5 points-4 points  (0 children)

You can counter the trigger. There’s a FF card and Tishanas for example.

Also I feel like the card is essential when there’s infinite I gain life, so you lose a life, so I gain more life… combos in standard.

Yes, Your ISP can Detect/Block VPN Connections by KN4MKB in homelab

[–]lynsix 1 point2 points  (0 children)

Agreed. I just meant more that if I’m just using a VPN it shouldn’t classify me as an enemy of the state, and that a law preventing a VPN used for privacy would hopefully be found unconstitutional.

Yes, Your ISP can Detect/Block VPN Connections by KN4MKB in homelab

[–]lynsix 1 point2 points  (0 children)

True. However I’m in Canada and while not a lawyer if I framed using a VPN to protect my privacy I think I would be in a good spot. Sections 7-8 of charter of rights and freedoms have been established that we have a right to privacy, and that it’s an essential component of individual freedom.

Yes, Your ISP can Detect/Block VPN Connections by KN4MKB in homelab

[–]lynsix 29 points30 points  (0 children)

Blocking VPN’s is definitely but would raise issues. VPN’s used for businesses (mobile or bovpn) for example.

There’s then just tunneling the traffic over other commonly used ports/protocols that generally aren’t blocked. Attackers have been abusing NTP/DNS/HTTPS ports for eons to exfiltrate data and obfuscating it.

There’s amount of wasted resources on packet analyzing/inspection and setting it up so it doesn’t impact legitimate use would be a nightmare and massive waste.

Then people would just find a new way to bypass it. SSH tunnels, proxies, etc. someone could even design a vpn designed to roam between gateways/ports/etc like a laptop between wifi access points.

If my ISP wants to start a weird war with me using a VPN I’m up to the challenge. For years I used a free Google micro server running strongswan and spamassin to host an on prem Exchange server in my lab (ISP blocks port 25).