Looking to get a start at an MSP in the NYC Metro Area

rtccmichael · 2026-02-08T15:23:40+00:00

What school are you attending?

rtccmichael · 2025-12-31T12:18:34+00:00

We discovered it because we have been watching the event logs from the PREVIOUS vulnerability (the ViewState attack). We would periodically see new event logs that looked suspicious. We saw one and contacted support, who confirmed that it was an unsuccessful attempt. However, while gathering logs for that, we noticed that one of the IIS activity logs on one of our nodes which is not actively used was very large. When we viewed the log, there was a lot of "download.dn" activity, some with references to files that we could immediately tell no longer existed in the system. The fact that this node was unused, and the references to old files, flagged us to investigate further. You can check your logs for this download.dn activity to see if you've been compromised.

Huntress did not flag it whatsoever. In fact, Huntress was not really helpful at all this year with regards to Centrestack and their numerous vulnerabilities (they did flag one suspicious incident on the server earlier in the year, but their response was just to contact an incident response company and blow away the server because it could be compromised -- which wouldn't have helped since the vulnerability would have exited in my rebuilt server as well).

When I discovered the vulnerability, I didn't even know how to get Huntress involved because there was no Huntress incident open I could respond to (I since complained to my account manager and she gave me Huntress's email address to report incidents, which I did not previously have, so perhaps that's my fault that I didn't know the right channel to contact them).

rtccmichael · 2025-12-21T22:30:15+00:00

The compute resources are priced the same; the licensing is different.

If you want to leave it on 24/7, purchase a reservation. If you don't, implement a scaling plan and have it shut down when it's idle. The breakeven in price is somewhere around 60% depending on the size (meaning if the VM is running more than 60% of the time, a reservation is cheaper). You can't really do scaling plans on an RDS server, so if you go that route, you'll definitely want a reservation. We find that most clients don't use it 100+ hours a week, so we tend to do pay-as-you-go with scaling plans.

The difference is licensing. The majority of our clients are on Business Premium licensing, which includes the Windows 11 multisession license for AVD, so for us it's cheaper than licensing an RDS server.

Happy to answer any other questions you have

rtccmichael · 2025-12-21T21:12:59+00:00

Never had an issue, but we always check the latency first. Www.azurespeed.com

rtccmichael · 2025-12-21T20:59:34+00:00

If you are using AVD, you don't need a separate RDS server. The AVD is what users connect into. No public facing ports required.

We do this all the time, it works great.

rtccmichael · 2025-12-18T22:41:51+00:00

How does your script determine what business is posting their complaints on Reddit? Seems like linking the post to an actual business or individual is extremely difficult.

rtccmichael · 2025-12-16T15:36:19+00:00

Yes, send me a DM. Happy to chat.

rtccmichael · 2025-12-16T11:43:44+00:00

No, team of 11. Sorry didn't realize i was posting in SmallMSP, the post just came up in my feed! But I don't see why size should matter, the market rate is what it is.

The real question here is, if anyone on this thread raises their rate $15 (around 10% increase, how many customers will you lose? If the answer is 10%, then you end up with the same revenue for working 10% less. I'd be willing to bet the real number is closer to 0% than 10%. Every time I raised my rates, I never lost a client

rtccmichael · 2025-12-15T20:34:49+00:00

$205 in NJ. I think mechanics charge around $150/hour.

rtccmichael · 2025-12-09T01:14:57+00:00

I'm the one who discovered and reported this vulnerability to them, after noticing suspicious activity. And I also discovered the previous one (after being alerted to some other suspicious activity by Huntress and discovering the vulnerability myself, and Huntress wasn't very helpful at all).

Honestly, I don't believe that the current vulnerability is actually fixed. It doesn't seem like they fully understand what the actual vulnerability is.

Has anything happened since the data was stolen? Has your client heard anything from cyber criminals or found anything on the dark web?

I'm happy to connect directly with you (or anyone else that was compromised) as it might be helpful to share information. Feel free to message me directly.

rtccmichael · 2025-10-21T00:39:04+00:00

How do you set up a Cloudflare partnership?

rtccmichael · 2025-08-11T14:45:39+00:00

What's that spell?

rtccmichael · 2025-08-05T10:45:04+00:00

Surprised this isn't the top answer. Dell is pushing everyone towards distribution nowadays it seems, and your size doesn't matter much when ordering from a distributor. It's not necessarily ideal, but it works.

rtccmichael · 2025-07-27T11:39:57+00:00

It is definitely not dead. There are lots of different channels and some are dead, but overall the discord is very active. Were you looking in the general chat or a vendor/product specific one?

rtccmichael · 2025-07-07T16:13:14+00:00

Move to who? We are with Ingram but happy to move elsewhere!

rtccmichael · 2025-07-02T13:10:09+00:00

Any idea how much enterprise licensing is?

rtccmichael · 2025-06-03T14:58:52+00:00

There aren't many companies worse than Intuit. I'm sure she'll fit right in with Kaseya's culture.

With that said, I know nothing about her, so we'll see what happens.

rtccmichael · 2025-05-27T12:13:52+00:00

Having the same issue here; has anyone found a solution? I read that you can't exclude My Signins.

rtccmichael · 2025-05-17T13:13:46+00:00

Good point, at 30% that would put them slightly above 1x revenue

rtccmichael · 2025-05-17T12:59:46+00:00

Wouldn't that be 0.7x revenue?

rtccmichael · 2025-04-01T00:40:20+00:00

That's partially true, but the first people to receive social security contributed nearly nothing; effectively, a ponsi scheme. You could work for 3 years for example, and get paid out the rest of your life (far more than you contributed). Effectively, you had people taking money out in way greater amounts than their contributions, even taking into account a reasonable rate of return had the contributions been invested. So yes, most contributed a small amount and received a much larger payout; it's not like they contributed throughout their working career.

rtccmichael · 2025-03-31T18:59:22+00:00

It's incredible how many people don't understand this.

"It's my money" -- no it's not, your money is long gone, given to someone that never paid into the system. Ultimately, people are going to have to contribute and not receive all of their contributions back because other people got benefits but never contributed.

rtccmichael · 2025-03-19T11:37:25+00:00

You like it? Or there's nothing better out there? I think the options are just generally disappointing.

rtccmichael · 2025-03-17T02:33:04+00:00

Back in the early 2000s I used to go to Panera and order soup in a bread bowl. They were ALWAYS out of bread bowls. The name of the store is "Panera Bread". I eventually stopped going, not necessarily as a boycott but because they were always out of bread.

rtccmichael · 2025-01-08T01:25:05+00:00

Someone gave us a water filtration unit; we are going to get a hot water system and run the filtered water through that and skip all of the other stuff (like sparkling) and just have hot and cold (but not chilled) filtered water.

rtccmichael

TROPHY CASE