Recent Posts

926

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on March 13, 2015, 06:50 AM »

^That'll make a fine companion product for the WankBank - Coming Soon to adult electronics shops everywhere!

927

Living Room / Re: Interested in doing my own car maintenance.. Advice?

« Last post by Stoic Joker on March 11, 2015, 06:44 PM »

I'm pretty paranoid about safety things, so I won't be doing anything reckless.

-mouser (March 11, 2015, 05:29 PM)

That's the "beauty" of this type occurrence ... You never realize that it was reckless, until after it's wrecked.

928

General Software Discussion / Re: Moving Server 2008R2 to new hardware while keeping the current configuration

« Last post by Stoic Joker on March 11, 2015, 12:57 PM »

FOR THE LOVE OF GOD MAN HAVE YOU LOST YOUR MIND?!?!?

Just Kidding - Yes I've done this type of thing before.

I used Windows Backup to do a Bare Metal Restore backup, then booted to the Windows install disk to do the recovery. In my case The disk configuration was changing because we were taking their single disk (single) domain controller and moving it to a RAID array. So some finagling had to be done with the boot configuration.

If you have boot issues after doing the restore, the below is from my notes on what was required to get the above box running. Not all of it is required in every situation, but much of it is documented (online) incorrectly.

MS Boot Configuration Data Editor (option 1)
For When Boot Fails Because the OS is Missing!
The following procedure is used to completely rebuild the Windows Vista, 7, 2008 boot configuration when it has either been badly damaged, or when restoring the OS to different hardware with a different disk/partition configuration.
1.   Boot from appropriate OS media.
2.   Select the current Windows installation if available.
3.   Choose Command Prompt and run the below commands (some may be optional):
bootrec.exe /fixmbr
bootrec.exe /fixboot
bootsect.exe /nt60 all /force
attrib -s -h -r C:\boot\BDC
del C:\boot\BCD
bootrec.exe /RebuildBcd
bcdboot.exe C:\Windows /S C: /L en-us

(this is worth checking)
Diskpart can also be used to mark a partition as active from the Windows RE.
Diskpart
LIST DISK
SELECT DISK (followed by the number of the disk – most likely 0)
LIST PARTITION
SELECT PARTITION (followed by the partition number – most likely 0)
ACTIVE
EXIT
                         Windows startup recovery should now work (option 2).
x:\sources\recovery\StartRep.exe

929

Living Room / Re: Interested in doing my own car maintenance.. Advice?

« Last post by Stoic Joker on March 11, 2015, 06:50 AM »

^This - All it takes is one stubborn part, that requires just a bit more force...and an improperly secured vehicle can end up on top of you. Like using jackstands in the dirt without putting a board under them so they don't sink in while you're focused on the removal of a particularly feisty idler arm. Fortunately a friend was there at the time...or I wouldn't be now.

Sure finding the source of a leak requires getting under the vehicle. But finding out that something is leaking only requires paying attention to maintenance routines (e.g. checking fluid levels), and paying attention to any spots/puddles that appear under the car. Lift the hood once in awhile and look around so you know what it's supposed to look like, and if any odd (leak indication) deposits are starting to form.

930

Living Room / Re: Interested in doing my own car maintenance.. Advice?

« Last post by Stoic Joker on March 10, 2015, 04:55 PM »

I haven't had time to comment on this, but for simplicity sake I'd like to +1 everything MilesAhead has said, Safety is key and mistakes tend to be painful.

One odd habit I have, that I acquired from my father...is to always keep a shop rag handy (they're cheap as hell at any auto parts store). Regardless of what I'm working on I will always be wiping the majority of the oil/grease grime off my hands to ensure that anything I pickup will not get dropped. This is partially because - as my father said - cleanliness is critical to proper assembly. And because the parts frequently tend to be sharp...so if your hands are oily enough to make your hands slip you can get cut badly rather quickly. Plus dropped parts get and/or cause damage, and dropped fasteners (or small parts) can go places - like the intake - that can get expensive almost immediately. Not to mention the Murphy's Law that any tool dropped will automatically roll to the exact mathematical center of the vehicle (making it a bitch to retrieve).

931

Living Room / Re: Use a unique password for this site

« Last post by Stoic Joker on March 07, 2015, 10:06 PM »

But security isn't about 'criminals', it's about online safety and privacy, especially for those who live in countries where their political affiliation this year could cost them their life the next.

-db90h (March 07, 2015, 05:00 PM)

...And that's my point. If you can't keep the alphabet soup crowd out - and you can't - then the entire exorcise becomes pointless.

932

Living Room / Re: Use a unique password for this site

« Last post by Stoic Joker on March 07, 2015, 04:55 PM »

The entirety of web traffic will be encrypted in time, whether it be via HTTP 5 or simple prudence.

-db90h (March 07, 2015, 11:37 AM)

Why? It's a total waste processor time and effort, because privacy - as it is commonly understood - is currently and for the foreseeable future a complete myth. Sure as mouser stated above for banking and finance it is best to keep up the ruse and try to limit the number of bad people that wish to nose around in the affairs of others. But if the encryption that is to be used is not capable of keeping out all of the "bad people"...then it's really just a silly waste of time.

933

General Software Discussion / Re: Microsoft reveals Windows vulnerable to FREAK SSL flaw

« Last post by Stoic Joker on March 07, 2015, 06:26 AM »

In other news, it appears that if one was staying up-to-date on any of the other myriad of SSL flaws over the past several years, then you're safe from this on too...when using IE.

This is the same bugg I mentioned in passing here. I did the testing on it then, and all systems passed. I just did the testing at the ZDNet links...and all systems still passed (with IE11).

Since this thing was apparently gestated back in the 90s, shouldn't they be calling it the asleep-at-the-wheel bugg..?

934

General Software Discussion / Re: Need SSL Certificate Recomendations

« Last post by Stoic Joker on March 05, 2015, 06:53 AM »

SS is not an option as this is for public facing production systems. If it was for the internal systems I wouldn't even bother with the annoying theatrical nonsense. It just baffles me beyond reason why everything to do with SSL has to be so god damn complicated. If the point of the certificate is to validate me...then it should trust the me it is validating to renew the silly thing without having to go through a bunch of horse shit to yet again confirm that I am indeed still the me that I was when I was being me last time.

I mean FFS if they can't even trust the validity of their own certificate to ensure that the me that is posing as I is truly the as to be certified me ... Then what good is the damn thing!

935

Living Room / Re: Is anyone doing this Bing Rewards thing?

« Last post by Stoic Joker on March 04, 2015, 11:20 AM »

I'm just wondering if it's even worth setting Bing as default search engine.

-MilesAhead (March 04, 2015, 09:17 AM)

I've been using Bing as my default search engine for the last 6 months or so and have been quite happy with it.

I'm just curious if anyone really actively participates in this promotion because I'm trying it.

-MilesAhead (March 04, 2015, 09:17 AM)

This I decided was not going to be worth the effort. I did not try it...I just read through the spiel and decided not to.

936

General Software Discussion / Re: Need SSL Certificate Recomendations

« Last post by Stoic Joker on March 04, 2015, 10:58 AM »

Shit. I was hoping you guys had a viable alternative. I just don't know what kind of crazy assed hoops the next guy is going to want to put me through. So with my luck -(with SSL)- the odds of going from the frying pan to the fire are ~50/50. I'd love to find one that would issue a 20 year certificate...so I never ever have to suffer through this inane nonsense ever again.

Christ, every time you turn around there is yet another huge gaping assed hole in the damn thing (like the latest Apple/Google 'FREAK' Attack Security Vulnerability). And even on the rare good days the NSA (et al.) has turned it into nothing more than a sad joke anyway.

937

General Software Discussion / Re: Twitter is less anonymous for TOR users

« Last post by Stoic Joker on March 03, 2015, 04:59 PM »

Is there any reason why they couldn't just use a burner phone for the account signup and then toss it? If the phone isn't required for subsequent logins then it really isn't accomplishing anything ... It's just security theater.

938

General Software Discussion / Need SSL Certificate Recomendations

« Last post by Stoic Joker on March 03, 2015, 01:48 PM »

Greetings
   I've been using a Start.com/Start SSL for our Exchange server, but the renewal process is a nightmare. I really don't have time to waste gathering up and submitting a bunch of prove it's me/us documentation every time the cert expires. Is suffering through these types of shenanigans "normal" for SSL cert renewal?? Or is there some place that I can just pay a renewal fee and get the damn thing extended.

   Why does everything to do with SSL have to suck so ridiculously hard?? I swear they had to have been created by the DMV!

939

Living Room / Re: Super Annoying Freezing Mouse (and Keyboard) - can ANYONE help, PLEASE!?

« Last post by Stoic Joker on March 03, 2015, 12:54 PM »

I ran into exactly that last week on a brand new fresh from the box Dell server running Windows Server 2012 R2 Standard. Both the keyboard and mouse stopped responding at the console, but if I logged into it via Remote Desktop to worked fine.

I didn't have time to fiddle with the damn thing (server...), so I just replaced both (keyboard and mouse) and it has worked fine ever since.

Probably not what you want to hear...but might be worth considering. Maybe borrow a friends for testing purposes if no spare is available.

940

Living Room / Re: wireless networking and wifi printer help

« Last post by Stoic Joker on March 03, 2015, 07:04 AM »

The Mac is reliant on the rather loquacious Bonjour protocol, which frequently needs to be disabled on Windows networks because it quite consistently screws up name resolution.

The much more sedate windows name resolution (NetBIOS) frequently suffers at the hands of overzealous security software blocking the name broadcasts causing them to not resolve. Typically this is mitigated by using a static address for the printer, and pointing the print driver's port at the static address.

Other possibility is the very not ready for prime time WSD port technology that causes a 20-45 second lag in the print jobs...or just fails causing much anguish for all. We -(or more specifically I)- do not allow printer installs to be left with (the sadly now default) WSD ports because of the almost 100% failure rate of the technology.

Note: Failure rate above is based on the number of time something either didn't connect frequently, or just started lagging bad enough to piss people off, within a month of the initial install. Most people snap in the 10-15 second range.

941

General Software Discussion / Re: Best program for filtering access to website by IP address

« Last post by Stoic Joker on March 02, 2015, 05:15 PM »

https://www.malwareb...usiness/antimalware/

I guess this is a new product maybe?  Anyway it said it was to be used as I am using it.

-questorfla (March 02, 2015, 10:58 AM)

That's still a strictly client side filter. It is not designed to be filtering traffic that is going to a server. It has a server component...yes ... But that is only for the centralized management of the client machines, and their client side traffic. If anything it may be getting confused by site requests flipping between internal and external IP addresses...causing it to FP.

942

General Software Discussion / Re: Best program for filtering access to website by IP address

« Last post by Stoic Joker on March 02, 2015, 06:57 AM »

I just wanted to see if "I" could block the IP address myself without depending on MBAM to do it.
on OUR web server we used to have a program called IP-BAN that would let you specific whole groups of IP's to simply deny access to to avoid DOS attacks

We are not having issues it just annoys me to see the MBAM waring popup

-questorfla (March 02, 2015, 02:22 AM)

Okay... O_o How is MBAM responding to activity that is happening on the web (which is now sort of an FTP) server?? Are you running MBAM on the server itself? Because it's really not for that - unless you're talking about an entirely different MBAM than I'm thinking of.

943

General Software Discussion / Re: finding all the sites pinterest uses

« Last post by Stoic Joker on March 01, 2015, 10:39 AM »

I've got much the same problem in reverse trying to help a local school admin block YouTube on their network. I really think these "Social" Networks pull this kind of shit intentionally just to make filtering it more (and completely unnecessarily) difficult - Can U say 'Scattered to the four winds"?:

C:\Users\Stoic Joker>nslookup
Default Server:  DNS.stoicjoker.mine
Address:  127.0.0.1

> set type=any
> pinterest.com
Server:  DNS.stoicjoker.mine
Address:  127.0.0.1

Non-authoritative answer:
pinterest.com   internet address = 50.19.81.129
pinterest.com   nameserver = ns-1226.awsdns-25.org
pinterest.com   nameserver = ns-1826.awsdns-36.co.uk
pinterest.com   nameserver = ns-465.awsdns-58.com
pinterest.com   nameserver = ns-577.awsdns-08.net
pinterest.com
        primary name server = ns-465.awsdns-58.com
        responsible mail addr = awsdns-hostmaster.amazon.com
        serial  = 1
        refresh = 7200 (2 hours)
        retry   = 900 (15 mins)
        expire  = 1209600 (14 days)
        default TTL = 86400 (1 day)
pinterest.com   MX preference = 10, mail exchanger = aspmx.l.google.com
pinterest.com   MX preference = 20, mail exchanger = alt1.aspmx.l.google.com
pinterest.com   MX preference = 30, mail exchanger = alt2.aspmx.l.google.com
pinterest.com   MX preference = 40, mail exchanger = aspmx2.googlemail.com
pinterest.com   MX preference = 40, mail exchanger = aspmx3.googlemail.com
pinterest.com   text =

        "477878324-2628235"
pinterest.com   text =

        "google-site-verification=NPHzwvZzIsB67_A-7kJnVhkWlN75NOeM6ZHoiVj7TfI"
pinterest.com   text =

        "v=spf1 include:sendgrid.net include:_spf.google.com include:_spf.greenhouse.io -all"
pinterest.com   text =

        "yandex-verification: 53d2ef2f4387c122"
pinterest.com   ??? unknown type 99 ???
pinterest.com   ??? unknown type 99 ???
pinterest.com   ??? unknown type 99 ???

ns-1226.awsdns-25.org   internet address = 205.251.196.202
ns-465.awsdns-58.com    internet address = 205.251.193.209
>

944

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by Stoic Joker on February 28, 2015, 01:53 PM »

Speaking as a Floridian since 1967... ^That is NOT an exaggeration.

The Florida DMV's motto is: "God cares, so we don't have to".

 

945

General Software Discussion / Re: Best program for filtering access to website by IP address

« Last post by Stoic Joker on February 28, 2015, 11:49 AM »

Um...

Tghis is a small website that is only up for the people who work here to use.

-questorfla (February 26, 2015, 02:30 PM)

So now we go from singular...

That seems like kind of an odd thing to need for a web server ... How much unwanted traffic are you getting??

Chances are if it's that high, there is a reason for it that needs to be solved...not filtered.

-Stoic Joker (February 26, 2015, 06:15 PM)

not so much but it is annoying to see malwarebytes blocking a single ip as Malicious when it hits the sites over and over.
there are 100 sites total on one server

-questorfla (February 27, 2015, 10:31 PM)

...To incredibly not singular.

Which compels me to re-stress the initial question ... What problem are we trying to solve??

I can't fathom that you have 100 sites for employee use only. So I'm guessing that you have a single site on a shared host for the staff to use. And under the as described circumstances...that's very (very...) bad...for your companies domain name.

Here's why: Some Email black lists - most actually - work off the IP address given in the MX records only. However others - and by that I mean just enough to really screw you royally - work off of the IP address of the root domain name. So, if MBAM - a strictly client side filter - is flagging your employee site domain name, then Your Mail Server IS Black Listed by those filters that block based on the reputation of the root domain name.

I'm currently going through this with one of our clients. Their Email - which is hosted by MS Exchange Online (e.g. Microsoft itself) - has a completely flawless reputation. Yet they consistently get blacklist rejections from certain domains that use the root domain based filtering, because their website is currently hosted on a shared host that has a hacked website that got the IP address they are all behind blacklisted. You don't need an IP filter...you need a new host.

946

Living Room / Re: Pick a number between 1 and 10

« Last post by Stoic Joker on February 27, 2015, 02:31 PM »

In our normal base 10, we have a protocol for SPEAKING large numbers, so 154 is "one hundred and fifty four".

-mouser (February 27, 2015, 12:46 PM)

IIRC you aren't supposed to say and when speaking numbers...did that change?

947

Living Room / Re: Pick a number between 1 and 10

« Last post by Stoic Joker on February 27, 2015, 12:09 PM »

A key part of the bit is that you're only allowed to ask one question.

948

Living Room / Re: Pick a number between 1 and 10

« Last post by Stoic Joker on February 27, 2015, 06:49 AM »

IIRC who you ask is irrelevant, you ask one guard what the other would say and then do the opposite. Because the liar would give the wrong answer (by nature), and the truth teller would give the liars lie.

949

Living Room / Re: Destroying your hard drive is the only way to stop this super-advanced malware

« Last post by Stoic Joker on February 26, 2015, 06:18 PM »

A hardware jumper to enable any firmware flashing seems like a great idea for all devices.

-mouser (February 26, 2015, 12:57 PM)

hey!  I like that!

-superboyac (February 26, 2015, 05:01 PM)

I did too initially, but I don't think it will scale well for data centers that have (SAN) racks full of drives that would then need to be physically touched.

950

General Software Discussion / Re: Best program for filtering access to website by IP address

« Last post by Stoic Joker on February 26, 2015, 06:15 PM »

That seems like kind of an odd thing to need for a web server ... How much unwanted traffic are you getting??

Chances are if it's that high, there is a reason for it that needs to be solved...not filtered.