hate these ads?, log in or register to hide them
Page 395 of 406 FirstFirst ... 295345385392393394395396397398405 ... LastLast
Results 7,881 to 7,900 of 8120

Thread: I don't need sanity, work in IT (thread) every day

  1. #7881

    Join Date
    November 4, 2012
    Posts
    330
    Thought you guys might find this interesting if you're not drowning in trying to sort it out! It's an analysis of what we know so far about Wannacrypt.

    https://www.theregister.co.uk/2017/0...nsomware_worm/

  2. #7882
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    8,278
    Quote Originally Posted by Aranial View Post
    Thought you guys might find this interesting if you're not drowning in trying to sort it out! It's an analysis of what we know so far about Wannacrypt.

    https://www.theregister.co.uk/2017/0...nsomware_worm/
    The software nasty has today ransacked the UK's national healthcare service, forcing hospitals to shut down to non-emergency patients; torn through Spanish telco Telefónica; and many other organizations. In what is looking like one of the biggest malware attacks in recent memory, the bulk of the infections are in Russia – including the state's interior ministry; the virus has claimed high-profile targets around the world.

    Ha!
    We're told 16 NHS health trusts in the UK were taken out by the malware. Prime Minister Theresa May said the code "has crippled" Brit hospitals, and that Blighty's surveillance nerve center GCHQ is looking into the outbreak. The NHS is thought to have been particularly hard hit because of the antiquated nature of its IT infrastructure. A large part of the organization's systems are still using Windows XP, which is no longer supported by Microsoft, and Health Secretary Jeremy Hunt cancelled a pricey support package in 2015 as a cost-saving measure.
    BOO!
    Last edited by Nordstern; May 13 2017 at 03:00:24 PM.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  3. #7883
    Donor
    Join Date
    April 9, 2011
    Posts
    1,306
    Quote Originally Posted by Nordstern View Post
    We're told 16 NHS health trusts in the UK were taken out by the malware. Prime Minister Theresa May said the code "has crippled" Brit hospitals, and that Blighty's surveillance nerve center GCHQ is looking into the outbreak. The NHS is thought to have been particularly hard hit because of the antiquated nature of its IT infrastructure. A large part of the organization's systems are still using Windows XP, which is no longer supported by Microsoft, and Health Secretary Jeremy Hunt cancelled a pricey support package in 2015 as a cost-saving measure.
    BOO!
    In this case the cancelled contract for XP support wouldn't have saved them as MS didn't patch the SMB vulnerability out of XP until after the ransomeware attacks.

  4. #7884

    Join Date
    November 4, 2012
    Posts
    330
    Quote Originally Posted by Bombcrater View Post
    Quote Originally Posted by Nordstern View Post
    We're told 16 NHS health trusts in the UK were taken out by the malware. Prime Minister Theresa May said the code "has crippled" Brit hospitals, and that Blighty's surveillance nerve center GCHQ is looking into the outbreak. The NHS is thought to have been particularly hard hit because of the antiquated nature of its IT infrastructure. A large part of the organization's systems are still using Windows XP, which is no longer supported by Microsoft, and Health Secretary Jeremy Hunt cancelled a pricey support package in 2015 as a cost-saving measure.
    BOO!
    In this case the cancelled contract for XP support wouldn't have saved them as MS didn't patch the SMB vulnerability out of XP until after the ransomeware attacks.
    You got any link to prove that? I'm pretty sure they just made it free to all XP users now in response to the attack. I imagine that they would have been given out to the ones that pay for XP support back in March. Lots of supposition from both of us . But it is rather telling that it took them less than a day to release it for XP quite possibly suggesting it had been already tested and used 'in the wild'.

    Sent from my SM-N915FY using Tapatalk

  5. #7885
    Banned
    Join Date
    April 18, 2011
    Location
    Only one here to predict a win for God Emperor
    Posts
    12,463
    It is almost as if I read articles about this going to happen as XP got EOL'ed.
    Are you an engineer? -- Quack

  6. #7886
    Donor
    Join Date
    April 9, 2011
    Posts
    1,306
    Quote Originally Posted by Aranial View Post
    You got any link to prove that? I'm pretty sure they just made it free to all XP users now in response to the attack. I imagine that they would have been given out to the ones that pay for XP support back in March. Lots of supposition from both of us . But it is rather telling that it took them less than a day to release it for XP quite possibly suggesting it had been already tested and used 'in the wild'.
    At work we have a client who pays for XP extended support and they didn't get the patch in advance, their XP machines still had the EternalBlue hole. The vulnerability is in the SMBv1 code, which has barely changed at all in later versions of Windows as it's only present for backward compatibility, so MS knew exactly what to fix and how to do it. They could have done the patch in a few hours, no problem.

  7. #7887

    Join Date
    November 4, 2012
    Posts
    330
    Quote Originally Posted by Bombcrater View Post
    Quote Originally Posted by Aranial View Post
    You got any link to prove that? I'm pretty sure they just made it free to all XP users now in response to the attack. I imagine that they would have been given out to the ones that pay for XP support back in March. Lots of supposition from both of us . But it is rather telling that it took them less than a day to release it for XP quite possibly suggesting it had been already tested and used 'in the wild'.
    At work we have a client who pays for XP extended support and they didn't get the patch in advance, their XP machines still had the EternalBlue hole. The vulnerability is in the SMBv1 code, which has barely changed at all in later versions of Windows as it's only present for backward compatibility, so MS knew exactly what to fix and how to do it. They could have done the patch in a few hours, no problem.
    Ahhhh fair enough . There was a guide on the register a few months back about how to disable smb1 but doesn't seem many people used it :S.

    Sent from my SM-N915FY using Tapatalk

  8. #7888
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Returned to work after a month off. Nothing has changed. There are still jobs open and not touched from before I left.. The office365 project has finished in the same state of was in when I left (so broken with only about 20% of users migrated). The Windows 10 project progressed to about 50 desktops before they found out a bunch of stuff didn't work..

    Didn't really miss any of this. Would be nice to have some working systems..
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  9. #7889
    Sp4m's Avatar
    Join Date
    August 5, 2013
    Posts
    5,919
    Quote Originally Posted by Lana Torrin View Post
    Returned to work after a month off. Nothing has changed. There are still jobs open and not touched from before I left.. The office365 project has finished in the same state of was in when I left (so broken with only about 20% of users migrated). The Windows 10 project progressed to about 50 desktops before they found out a bunch of stuff didn't work..

    Didn't really miss any of this. Would be nice to have some working systems..

    Holy fuck do you have 0 budget or just no planning there?


    Sent from my iPhone using Tapatalk

  10. #7890
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Quote Originally Posted by Sp4m View Post
    Quote Originally Posted by Lana Torrin View Post
    Returned to work after a month off. Nothing has changed. There are still jobs open and not touched from before I left.. The office365 project has finished in the same state of was in when I left (so broken with only about 20% of users migrated). The Windows 10 project progressed to about 50 desktops before they found out a bunch of stuff didn't work..

    Didn't really miss any of this. Would be nice to have some working systems..

    Holy fuck do you have 0 budget or just no planning there?


    Sent from my iPhone using Tapatalk
    All of this going no where reportedly cost about AU$2M.. So there was budget.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  11. #7891
    Mallet Head Donor 56k Lagman's Avatar
    Join Date
    May 5, 2011
    Location
    Vancouver, BC
    Posts
    4,261
    Field tech: "hmm the AD replication and RODC roles on this server aren't working"

    *Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*

    Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this

    Quote Originally Posted by Duckslayer View Post
    I should be home.now but I keep stopping to post. I'm in need of a mega poo. so much so that I'm tempted to leave slurry across one of these gardens and deal with the wiping later. gonna toss a coin

    phoneposting

  12. #7892
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Quote Originally Posted by 56k Lagman View Post
    Field tech: "hmm the AD replication and RODC roles on this server aren't working"

    *Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*

    Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this
    Ok there has to be more to it than that.. You dont just delete an RODC because its stopped working..
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  13. #7893
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Today in our 'new' office365 hybrid install we have discovered there are a number of people that have their mailbox both on-prem AND in 365.. According to Microsoft this is not supposed to be possible. We literally have the best setup ever. (So glad I didn't do it)
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  14. #7894
    Shaikar's Avatar
    Join Date
    April 9, 2011
    Location
    Kador
    Posts
    1,770
    Quote Originally Posted by Lana Torrin View Post
    Quote Originally Posted by Sp4m View Post
    Quote Originally Posted by Lana Torrin View Post
    Returned to work after a month off. Nothing has changed. There are still jobs open and not touched from before I left.. The office365 project has finished in the same state of was in when I left (so broken with only about 20% of users migrated). The Windows 10 project progressed to about 50 desktops before they found out a bunch of stuff didn't work..

    Didn't really miss any of this. Would be nice to have some working systems..

    Holy fuck do you have 0 budget or just no planning there?


    Sent from my iPhone using Tapatalk
    All of this going no where reportedly cost about AU$2M.. So there was budget.
    I think you'll find that's the managerial golfing fund.

  15. #7895
    Mallet Head Donor 56k Lagman's Avatar
    Join Date
    May 5, 2011
    Location
    Vancouver, BC
    Posts
    4,261
    Quote Originally Posted by Lana Torrin View Post
    Quote Originally Posted by 56k Lagman View Post
    Field tech: "hmm the AD replication and RODC roles on this server aren't working"

    *Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*

    Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this
    Ok there has to be more to it than that.. You dont just delete an RODC because its stopped working..
    ikr. Flattened the whole thing and we're still trying to find out why he did it. Let alone why he did it on a Monday evening

    Quote Originally Posted by Duckslayer View Post
    I should be home.now but I keep stopping to post. I'm in need of a mega poo. so much so that I'm tempted to leave slurry across one of these gardens and deal with the wiping later. gonna toss a coin

    phoneposting

  16. #7896
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    8,278
    Quote Originally Posted by Lana Torrin View Post
    According to Microsoft this is not supposed to be possible.
    Technology, uh, finds a way.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  17. #7897
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Quote Originally Posted by Nordstern View Post
    Quote Originally Posted by Lana Torrin View Post
    According to Microsoft this is not supposed to be possible.
    Technology, uh, finds a way.
    Been doing some research.. Its possible with a hybrid 2010/365 environment because 2010 is dumb/doesnt expect 365 to be a thing. Exchange 2013 and 2016 "cant" do it.. 2010 can if you follow some quite specific timing.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  18. #7898
    Liare's Avatar
    Join Date
    April 9, 2011
    Location
    Denmark
    Posts
    10,893
    any bets on that surviving a upgrade from 2010 to 2016?

    because, assuming you dont fuck with it, i'd wager it does.
    Viking, n.:
    1. Daring Scandinavian seafarers, explorers, adventurers, entrepreneurs world-famous for their aggressive, nautical import business, highly leveraged takeovers and blue eyes.
    2. Bloodthirsty sea pirates who ravaged northern Europe beginning in the 9th century.

    Hagar's note: The first definition is much preferred; the second is used only by malcontents, the envious, and disgruntled owners of waterfront property.

  19. #7899

    Join Date
    May 31, 2011
    Posts
    3,239
    Quote Originally Posted by 56k Lagman View Post
    Quote Originally Posted by Lana Torrin View Post
    Quote Originally Posted by 56k Lagman View Post
    Field tech: "hmm the AD replication and RODC roles on this server aren't working"

    *Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*

    Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this
    Ok there has to be more to it than that.. You dont just delete an RODC because its stopped working..
    ikr. Flattened the whole thing and we're still trying to find out why he did it. Let alone why he did it on a Monday evening
    He surely made an image of the machine before dumping it ...

  20. #7900
    Mallet Head Donor 56k Lagman's Avatar
    Join Date
    May 5, 2011
    Location
    Vancouver, BC
    Posts
    4,261
    Quote Originally Posted by Hel OWeen View Post
    Quote Originally Posted by 56k Lagman View Post
    Quote Originally Posted by Lana Torrin View Post
    Quote Originally Posted by 56k Lagman View Post
    Field tech: "hmm the AD replication and RODC roles on this server aren't working"

    *Field tech then proceeds to reformat the DC along with the RDS VM apparently without backing anything up*

    Now I'm getting calls from users about literally everything being broke, folder redirection is broke which is probably for the best because if it was working people would realise all of their shit is gone. DNS server is gone, there's a new one but it's on a new IP address which wasn't updated in anything. How are people so fucking bad at this
    Ok there has to be more to it than that.. You dont just delete an RODC because its stopped working..
    ikr. Flattened the whole thing and we're still trying to find out why he did it. Let alone why he did it on a Monday evening
    He surely made an image of the machine before dumping it ...
    I'm going to look into it this morning as part of the clean up operation but I have a bad feeling that not only did they not back up the old server vhd files but actually reinstalled windows server IN the old vhds thus completely scrubbing any chance of recovering data


    Quote Originally Posted by Liare View Post
    any bets on that surviving a upgrade from 2010 to 2016?

    because, assuming you dont fuck with it, i'd wager it does.
    AFAIK MS doesn't really recommend them but I'm yet to hear of one that failed catastrophically
    Last edited by 56k Lagman; May 18 2017 at 05:27:50 PM.

    Quote Originally Posted by Duckslayer View Post
    I should be home.now but I keep stopping to post. I'm in need of a mega poo. so much so that I'm tempted to leave slurry across one of these gardens and deal with the wiping later. gonna toss a coin

    phoneposting

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •