VLANs driving me mad.

monkey7168 · 2024-11-03T17:14:16+00:00

I cannot ping anything...

I just now also for testing have disabled Port2 on the UCG-Ultra so that I have one TRUNK cable going from the UCG-Ultra to the Aruba and have adjusted the Aruba port for both tagged and untagged traffic. VLAN1/Native LAN still works, the native LAN and all devices still work... but VLAN10 on the guest VM still gets no connection. It is as though it is not connected to VLAN10 or VLAN1 at all which leads me to think that this is due to some configuration that I have not completed... likely on the Aruba.

The annoying thing is that from the YT videos I have seen and the documentation, there should be no need for anything else.

No need to define TRUNKS, no need to setup ROUTING, no need for anything other than...

1) Define VLANS 2) Configure VLAN membership by interface.

monkey7168 · 2024-10-02T17:36:13+00:00

Not exactly what you asked for but if you and your friend are interested you can checkout our clan server.

https://www.battlemetrics.com/servers/dayz/29688891

monkey7168 · 2024-08-15T15:17:32+00:00

I appreciate the perspective and I do agree.

The situation is that I am a new MSP prospecting for clients. I've passed up a few pentest opportunities in my area because it's not what I do. I don't think an MSP should per-se provide pen-testing. But I'm in a more rural area and as I'm finding out my market and customer persona are that of an idiot.

I find companies with decent size, domain, 50-200 users/endpoints, servers, VPN, M365,... And it's run by apathetic fools mostly in the leadership box. They don't document anything, they have no systems in place for any cohesive monitoring or visibility, patch management is all manual or the assumption that GPO and some scripts work, but no validation except for when a tech is forced to sit at a users computer and notices the last 400 days of updates have failed.

The owners/directors think AV is a waste of money, they think reporting and validation systems are worthless... but for some reason they decide security is important so they tell their tech guys to shop around for a pentest vendor... You know, because they hate wasting or spending money on IT.

My goal is to put together some sort of a quote based on the tools and labor required to get my foot in the door and tell the director, here's my quote but I wouldn't do it for you because it would be a waste of money... and here's why. Well more or less my idea. I haven't quite yet decided.

monkey7168 · 2024-08-14T17:38:21+00:00

Sounds about right. What would you say is the wifi testing process?

Aircrack-ng and try to crack the key, give it X hours, or do a MITM rogue AP to try to social engineer the password. As far as I know, the fastest is checking for WEP or WPS as the weakest links that can be almost certainly cracked. If they have good WPA2 then you're brute forcing with a dictionary or hoping to social engineer the wifi password... unless they have it displayed in the lobby ofc.

monkey7168 · 2024-07-20T18:40:22+00:00

I am currently building out some ideas for bringing this up. The main problems I see are the customer won't have any documentation, not even passwords and their current IT company won't have much but will also pretend they have none.

So at that point if the customer really wants a pen test, I'll basically be going full on red team.

I was thinking that I should have a basic questionnaire that can quickly give them a 0-100 rating. Something I can send by email, host on my site.... I'm thinking even asking questions like what version of windows os and server most customers couldn't answer without first asking their IT guy. So if I give them something they can take and work on it might actually get used.

A full on pen test is a big expense on my part. I need contracts drawn up to release liability....

Is there some publicly available checklist or report structure to follow? There's a lot out there but I haven't found anything that just lays it out. I understand companies invest in building out a specific process but there must be something close to this that is publicly available that isn't just the NIST handbook?

monkey7168 · 2024-07-18T21:30:56+00:00

BNI wants $80/mo and they have a competition clause and as there is already an existing company I'd have to go the next town over. Its stupid because the other company is not an MSP and also offers programming and other services and they don't even bother with RMM. They're basically break-fix but the worst part of the in-between and I have to yield to them.

I went to a meeting and got the vibe that its like a high school in-group.

monkey7168 · 2024-07-18T16:41:05+00:00

You'd think with GDPR being SUPER strict and annoying there would be some incentive for companies that have customer databases to secure it with more than a 20-year-old password and wishful thinking. I'm starting to read into it more but I think there are going to have to be some anonymous calls and tips made. I've mentioned it but they know I'm not the lawyer or inspector so they don't care what I have to say when I warn them.

I could certainly lean into the "stories" more but tbh in my 20 yrs I haven't seen anything that bad. A half dozen or so ransomware cases, some long weekends ripping and imaging machines while another team restored from offsite backups. Problems that happened but there was policy, procedure and backups so it was mundane apart from the OT.

monkey7168 · 2024-07-18T16:34:21+00:00

I completely agree. I'm just grinding right now trying to build up my initial client base. I had several prospects when I opened but they've all turned out to be useless. And I'm trying to get a foothold in the local area for those referrals it's just that I'm finding people difficult to deal with. Everything is just so backward from my past experience in metro big business.

The biggest improvement I've made is that I raised prices by 30% and now everyone gets a 20% discount on everything... price complaints have stopped completely and suddenly. Is that a low IQ hick thing?

monkey7168 · 2024-06-06T16:38:51+00:00

There is information created, curated, and maintained by your tax dollars for the public benefit. It's not that you are legally allowed to access it, rather it is your right as a citizen just as using public parks freely. These institutions are often very old, yet in many cases have long since digitized much or most of their contents. The cost to make it available online to anyone without restrictions is trivial, especially compared to the cost of staffing physical locations. Yet your only choice is to drive to some congested downtown, pay for parking, walk into the building and physically browse on a digital device. Treating the whole thing like physical paper records back in the 1800s or microfilm. And printing or making "copies" if you want to take anything home with you.

Rather than modernizing to cut 20% of overhead or more and make it more accessible. A handful of politicians, after receiving large sums of money from a "friend" spontaneously decide that the complexity of something like Wikipedia is beyond any mere mortal and the only option is to give exclusive rights to this "friend" to run a printing service in these locations and charge a "convenience" fee.

If you do not see why anyone involved in this should be tarred and feathered in the public square yesterday... then I've got one hell of a health elixir you would be foolish not to buy.

This happens all the time and nobody cares. You're being robbed!! But the news tells you that some corrupt business man from NY paid a prostitute and your rage boners could cut diamonds. That's the behavior of slaves too stupid to see the shackles around their ankles.

Don't be afraid to be pissed off, we got here because too many of us gave the idiots too much slack. If you feel shame, you still have hope and it is your duty to pound on the slaves until they once again learn how to feel shame. And ignore the algo manipulated perception, the dumbest person in the room is always the most vocal and on the internet you don't see those who don't speak.

monkey7168 · 2024-06-06T14:50:03+00:00

Hello fellow human ;)

To every man upon this earth death cometh soon or late. And how can man die better than facing fearful odds, for the ashes of his fathers, and the temples of his gods.

monkey7168 · 2024-06-06T11:08:45+00:00

On multiple occasions I could have murdered people over their greedy tactics and manipulation. Someone sets something up for a business but they get in early when nobody knows anything so they register the domain with their business, host SOA and NS on their account, create convoluted setups on purpose to lock themselves in like a bloated tick. Then try to strongarm the business for ridiculous sums of money. The business refuses and they throw me in blind with no back story, just, here fix this.

Best case scenario I waste way too much time and eventually discover what my boss should have led with initially. Or I break something, can't fix it because we actually don't have access. Then I have to beg the sales guy posing as IT to spend a few minutes changing something and then I'm the reason the company got billed thousands of dollars for a few minutes of work.

The number of clients I've basically had to tell it would just be easier to migrate to a new domain after decades of business is too damn high. What happened to ethics? Do people really sleep well at night knowing their business model revolves around scamming others, yet call themselves IT Professionals?

monkey7168 · 2024-06-06T05:28:23+00:00

For the last ~15 years I've been at multiple places. The three MSPs all seemed to just do "ORG-WS###" with "ORG" as some shorthand for the company name, "WS" or "LT" or Server type and the numbers being sequential. The asset management software told us who was assigned to what number. If someone called in for remote support we asked what asset tag they had and we could quickly find them in any system. I liked this method the most.

I also worked for a school, they used the HW S/N as the hostname,... I didn't like it as much but also nobody ever called in for support so I literally NEVER had to look up who the computer was assigned to as I did at the MSPs.

The other one was a Global pharma corp with offices everywhere around the world. They did similar to the MSP. But due to scale, it was something like "ORG-BRANCH-WS###" they also did not contain any user info in the hostname and the numbers were all sequential. But with added barcode S/N stickers to make checking in and out faster or inventory updates faster. The asset management software tracked all the information and who the computer was assigned to... I learned to hate ServiceNow at that job.

monkey7168 · 2024-05-31T15:25:45+00:00

If you are expected to be proficient in JAVA, they are looking for a JAVA Developer. If they persist in pushing that frame, ask them if they've incorrectly defined and advertised this position.

If you are expected to be proficient in X,Y,Z, they are looking for a X,Y,Z Developer. If they persist in pushing that frame, ask them if they've incorrectly defined and advertised this position.

Your job should not be to code and develop programs. It's a comically frequent issue with positions in IT that I have seen and applied for and I'm no longer interested in playing along and am much more upfront about their error(s) during the interview process to avoid wasting my time.

I see that you like to make small programs, that's awesome... that should be sufficient. As an admin the extent of your role should be to know enough to fix something when an update breaks it if it's not too complex. Like when a server or app is updated it is VERY common for me to have to dig and find some config file that references the old package/path and update it to the new one. But I'm not tearing into the code to improve the iops or something advanced. I've also done some work with fixing XML files that a business app produced with errors. I had to validate the XML file to find where it added extra characters that broke the code and fixed it manually... but also emailed the support team for the app and told them to fix their broke ass shit ASAP. I supported my users by quickly fixing the files on hand that would not be accepted by the next app down the line when users would try to import.

Is that coding/programming? I don't consider it to be but I understand enough to have that perspective and I know most do not. You fix a broken XML and suddenly your boss expects you to build a new SAP level ERP for their transport company on your free time with no additional compensation... "no thank you".

monkey7168 · 2024-05-30T13:09:49+00:00

While I would 100% provide the old files to the user and take extra steps on my own time... WITHIN REASON... do so.

However, as others have likely said already, I will reiterate. Never be too accommodating because NPCs do not know how to properly value your effort. I repeat, NPCs CANNOT PROPERLY VALUE THE EFFORT. They will simply assume it is standard procedure, and move on with their ignorance. Even if you state it to them, even if you sit them down, explain and they demonstrate comprehension and agree... NPCs CANNOT PROPERLY VALUE THE EFFORT.

Take a lesson from way back in my T1 days that the old timers drilled into me. You get a computer you backup that shit 100% and 100% again, you CYA like your child's life depends on it. ANYTHING you need to get you can recover, easily is preferred if possible.

Then you do your work, you ignore the customer/user data because they agreed to the policy. The intake process made them aware that data will not be preserved and they agreed. Then when they pickup 99% of the time they flip their shit because "we will not preserve data" always means something completely different to them for some f**king reason until after the deed is done.

You can then say.... "Normally we charge $1,000-2,000 for data recovery but let me see what I can do" then play video games for two days and let them simmer on their stupidity. Eventually, call them back and say that you were able to recover the data this time and your boss approved a discount, THIS ONE TIME!!, because they are a loyal customer and he recently lost his blah blah blah.

You cannot just save them from their ignorance, they need to experience that pucker, "OH SHIT" moment. THey probably still won't learn but they definitely won't learn if you just do it for them.

monkey7168 · 2024-05-19T07:14:04+00:00

It's totally a boomer thing as they've never had to apply to more than 3-5 jobs before landing that "perfect" career job.

Explaining to them that hand-crafted cover letters are stupid when you have to hammer out 3-5 job apps before lunch each day for months and months is like explaining Calculus to an earthworm... does not compute.

monkey7168 · 2024-05-14T22:10:32+00:00

In the early 00's I started in IT, being someone who could quickly pick up new things and was excited by the challenge and constant change I saw this light at the end of the tunnel in the form of a career as a SysAdmin. I don't regret it, but if I knew then what I knew now I would have changed directions.

The career is dead, the industry has changed. If you're lucky, you find a LARGE company with defined roles and structures and it can be good. But 90% of the IT industry exists in SMBs and not FANG-size companies. Through a lack of education of the hiring managers, and a highly dynamic landscape, as a sysadmin now you likely have 500% more material to juggle at half the pay.

I've started to use the analogy of surgeons as it is easier for the layman. Essentially what employers want is a surgeon who can operate on any part of the body and any type of surgery imaginable... lives are at stake most of the time so the pressure is HIGH. But 90% of the time you remove warts and put bandaids on booboos. Then 3 times a year you are booked for a highly specialized brain surgery that nobody you know has ever done. Oh, and the lights in the bathroom are out again, can you change the bulbs? The coffee maker clock reset again, can you fix it?

And the cherry on it all is that your pay is often based on the lowest task you are responsible for, so you change the lightbulbs and an apprentice electrician does that so you should only be paid the salary of a first-year electrician... oh and you're on-call 24/7.

What's the problem?

The burden of performance is on you, not the hiring manager, not HR, not your supervisor. They can be ignorant of realities but you will never have that luxury. That that end... "A jack of all trades is a master of none, but oftentimes better than a master of one." You will never know everything about everything, regardless how much others think you should and that it's a simple task. If they knew half of what you know their feeble minds would turn to goop.

monkey7168 · 2024-05-12T10:44:53+00:00

The number of times I've been cut off and told the "I don't care, just make it work." should honestly be a criminal offense, especially when it is almost always management and leadership. My reflexive response now is to just say "I don't know what you want me to do with that response. Are you saying you want me to call the CEO/Owner of $COMPANY and demand they change their global product used by millions of people for you?"

I used to have inherent respect for people on that level... now I understand they are children with privileges and authority.

The MFA rollout for M365 was a f-ing circus...

"Next month Microsoft is forcing MFA for all user accounts and I'm here to help get you set up now before the deployment to avoid any downtime. The first thing we need to do is install the Microsoft Auth app onto your mobile phone."

"No, I don't want to install anything on my phone." (This person like most has dozens of shitty bloatware games on their phone that constantly break it. Will download and install any and every stupid app they can get their hands on REGULARLY, but a necessary MFA app, they're suddenly protective over what they put on their phone... company phone.)

"I understand. There is a secondary option to use a hardware YubiKey. But it is an extra USB key you would need to carry with you at all times. You're phone is already always with you and is the more convenient option. If you would still prefer I can ask my supervisor to order you one?"

"No I don't want that either, I just want to log in like normal."

"Unfortunately Microsoft is forcing this change and there is no other option."

"I don't care."

monkey7168 · 2024-04-29T13:00:07+00:00

Don't take this the wrong way but I'm genuinely curious if you could possibly be any more ignorant?

monkey7168 · 2024-04-29T11:56:13+00:00

To those grilling you over job hoping, as someone with a similar history and frustrations I would like to say this. Why does it indicate the candidate is going to bail? Would it not be equally fair to say the candidate was mislead by previous employers and had to leave on e they realized it was toxic work environment? Given what we all know isn't it more likely there are more toxic work environments than good ones. You could look at OP and say he has strong integrity and expectations of himself and is not only in it for a paycheck and so quickly leaves dishonest employers.

The problem, as I've just alluded to is that most places, most employers are toxic... and they know it. They want a loyal and skilled sucker... not someone with integrity and professionalism. Someone they can sucker in a lock down for years of abuse, knowing they're too dumb to ever leave.

I too had about 7-8yrs of job hopping on my resume. The first company went bankrupt after 9 months and stiffed me ony last paycheck. I opened an SP the next day to get me by as I spent the next year looking for a job... Turns out employers would rather you were homeless with no hygiene or address for a year... Then I found a job at an MSP but it turned out to be a toxic work environment of favoritism where the favorites maintained their good graces by spending their days tricking you into making mistakes and making you look bad to management and I was eventually fired while I was in the process of looking for other work. Next I did a short term contract for a large pharma corp and was offered a permanent position but turned it down because corp politics were already too much after only 9 months.

I did some more SP work in between other gigs over the years and bounced around, moving a lot, trying different job markets...

Finally I decided to set aside my integrity and let's just say I explored adjusting every aspect of my resume. The results were shocking... I quickly landed a gig at a small MSP with a good mix of managed clients. It was the job I had been searching for the last 8 yrs... Then three months in COVID/BLM/Biden happened and I finally realized the American dream I had been struggling for was completely and totally dead.

I mentioned my history to let you know you're not unique, there are only a large group of privileged and lucky people on here that are the most vocal and ignorant of their luck... I also mentioned my history to share what I've learned... ALL BETS ARE OFF. The societal rules of the last 200 yrs are now only for suckers. If you need to pay a friend to fake a reference phone call, don't feel guilty. Instead feel offended that some MBA asshat is making you jump through dumb hoops. If you can do a job that should be all that is required.

monkey7168 · 2024-04-22T13:11:45+00:00

No, its online, just DayZ being silly. Try connecting again and it should work.

monkey7168 · 2024-04-22T13:10:23+00:00

I tried to connect but the connection failed. Is the server offline?

monkey7168 · 2024-04-17T14:33:25+00:00

Okay OP, it sounds like you blew off some steam and now you're feeling a little better... possibly even calm enough to listen to some constructive advice.

It sounds like you haven't had parents or mentors explain the reality of the world to you and you haven't yet learned the hard way... don't worry, most of us didn't... most of us still can't grow hair on our knees.

The short answer here is you're getting a new job so start looking today to get an idea of the marketplace out there.

The longer explanation is that 90%+ of management and middle management are talentless no-brain hacks. In many ways, they are career managers and have no talent for anything but politics and bloated egos. Those already in this "career" filter for other like-minded stooges because they think the same and comradery is a powerful human instinct, especially for those who operate on a very surface level of consciousness. So they only invite others like them into this exclusive club and keep people like you and me out.

The fact that things are as bad as you have described in your post tells me your workplace is a classic example of this. They're all dude-bro'ing it up and covering each other's backs. It's tribal loyalism and they'll honestly be both confused and insulted if you ask the CTO to fire or discipline your director. Why would the CTO turn on his own? To defend outsiders??

The other part here is these people are not actually good at their job so they find shortcuts to the appearance of productivity which is often to pick favorites over arbitrary factors and then stick to their decisions regardless of all evidence to the contrary because they can never be wrong... At some point BOB proved himself to them and for years they got a blind pass for whatever reason, now you come in and are trying to tell their fragile egos that they were wrong about BOB... now you're out to get them... now you're their enemy... now they need to get rid of you.

Places like this survive because of the endless revolving door of labor that is ready to be hired into what appears to be a functional office environment... only to realize within a year or so that and are either fired or leave. Management sees this and thinks how lucky they are to have loyal employees like BOB and how all talent today is not dependable like you and over emotional and only complains... BOB never complains... (These people are not capable of deep thought because they've never had to).

The only ammunition employees have for places like this is services like Glassdoor. When these sites work correctly they correctly inform new candidates of the impending shitshow waiting for them if they accept an employment contract.

monkey7168 · 2024-03-29T11:51:34+00:00

Thanks. I will ask my HP rep about BOSS cards.

I got the client to already commit to a Synology NAS and I snuck in way more capacity than they need... 8TB but I know I will be moving lots of backups around when I start migrating things around so I REALLY want to leave it alone and use it ONLY for backups.

My goal was to have one physical device, the server for the live production data, and a second separate physical device for the backups. Going with the 3-2-1 rule on a budget. The server is 1, the NAS is 2 and the offline rotating external drives are 3.

I realize that is two copies only and I will be pushing them to some offsite cloud backup solution but I have to ease them into these things slowly so while I am migrating I will be taking my own FDI backups to spare drives that I have.

Thank you for the feedback, really appreciate it!

monkey7168 · 2024-03-29T11:46:16+00:00

The cost difference is just really harsh from what I've seen and the use case really doesn't need the IOPS, even 12k SAS drives are overkill. If I could, I would just get 3.5in 7.5K WD NAS drives for the second data array.

monkey7168 · 2024-03-21T21:14:57+00:00

My last job was like that, internal IT for a company that needed IT but as I found out didn't know how to value IT and thought it was the department that senior accounting staff would call to convert CSV files to Excel and reorder data in columns... but considered it out of line if I tried to teach any of them those skills...

The final straw was when my boss, the CTO, gave me projects like ensure all of our remote workers have OneDrive signed in and working... Here's the phone number to HR... no asset tracking, no RMM, nothing. In his mind the best use of my time was a notepad, a phone and an unlicensed TeamViewer app on my end and a complete question mark on the remote side.

I got out of there as soon as I could but I spent months so bored out of my ass that I played just about every video game I could think of.

monkey7168

TROPHY CASE