 Welcome to the wrongly branded. Hey, there we fix it. I still had the homelab show logo at the top there blog there's a number of 369 bit locker bypass bit warden pass keys Some news home lab tech and live Q&A This is a little bit shorter because I have a lot going on which is why I did this earlier But hey, let me catch up with the comments real quick. Good morning, Tom You and Jason organized the naming scheme for your clients. Oh I will be talking about both of these things soon Well, not the naming scheme I should say the naming scheme is if we have the option to we name things for clients You know, I go with very practical names The problem is a lot of people do not I this comes up way too much name things what they are You're trying to come up with like let's use planets and let's use star systems Let's use all the ships from the different Star Trek series I like or Star Wars series you like and that just becomes Convoluted very quickly name things based on what they are is the best naming scheme But maybe that is worthy of a video because the question does come up a lot But yes net data offering a homelab is awesome. Oh Look that thumbnail photo of the TPM sniffer tool. I guess you watched the video to always use bit locker plus plan Yeah, we're gonna talk about that just a moment here. Hello from many places Spain, Ireland, Arizona Hi all from Sweden. Awesome. I figured this will give me some people in the European areas because you know The whole discussion the time zone thing but this right here bit locker bypass is pure fun Yes, you know, I seen it going around and I figured this is a great place to start I put it at the front because I just wanted to address it. I don't know that it needs a Counter video. Maybe it does. I don't know Here's the thing the bit warden a bit locker not bit warden the bypass is really interesting because it was so well presented like it's a good understanding of how TPM works, I think that's important. I think they did a great job presenting this information but let's dive into my response I did on it and Few thing the images from this video. This is my LinkedIn post I didn't pull I shared this to people on Twitter, but Twitter's I don't know hit and miss on If you have a good video that Walks through will just give people who don't know what's going on in the context here They're talking about the ability to grab this data that is flowing and hey This is solid engineering of how to get to the chip So to say they can break it in this incredible, you know, amount of time Means all the prep work was done and they know where the pins are for this laptop So yes, this attack works very fast with a device for this model laptop for this model that's an important thing I want to highlight here and This is good engineering how to Sync this without a clock chip how you can pull all the data out figure this all out like I love the Presentation, this is really good. This is a good Learning experience to understand how this works and this person made a Raspberry Pi Pico device that can pull this data off the pins all of that is actually really good solid research But it's also not groundbreaking. It's well presented and let me present you with this a hijackers guide To communication interfaces on trusted platforms published all the way back in 2013 March of 2013 so we've known about this method for 10 years The reason why this is so exciting is because the video is popular and well presented And that's all I had posted on LinkedIn was going, you know, this is not a new attack This is a well presented attack because I mean granted this has some really nice pretty write-ups You can get a PDF of it and I'll give people a link to this if they wanted it's right here So I mean it's cool and it walks you through all the things this person did so the researchers is out there But this is why we suggest if this is in your threat model. This is the important part. Should everybody do this? What's in your threat model? That's the important thing if your threat model is I'm really worried about a Sophisticated person not just some average thief taking my laptop and pulling all of the data off of my laptop I should probably not just rely on BitLocker But also rely on some type of BitLocker plus pin if this is in your threat model It's not in everybody's threat model So it's not like I'm telling everyone to go do it But if this is the concern these are the steps you can do to mitigate this so we know how to mitigate this It's less groundbreaking. It is interesting. I think it's a good learning So I actually would recommend people watch the video check it out It's not a bad video at all and I will share my LinkedIn post for anyone It wants it that's dropped in here, too You can actually read my right up on LinkedIn where I just reiterated all the things I just said to you here in the video But it does have the link to the video in a link to this document as well If you want to read through all the details good security research from 2013 good presentation and security research Here in 2024 so I got no complaints about it in terms of an educational opportunity, but the sky isn't falling someone didn't come up with a Tool that you walk up and magically wave over a system it still requires physical access to the system So nonetheless, I think it's really novel. Yeah It's nice maybe I thought about here's a question for my audience leave this in the comments down below or here in the Livestream should I have done a video on this should I have done a five? I've done you about doing some of these five minute explainer videos So like let's cut through the BS that the news That's hoping to get clicks for or am I now part of the problem? I'm trying to get clicks for it But then again, I'm not trying to get clicks I'm just trying to tell you the truth and that you shouldn't be too worried about this and I don't know so Maybe I should do a video on it I don't know I thought about doing not a short video, but just a short video Maybe a couple minutes long where I do this so it's it's novel so people say I should do it Yeah, okay Because I mean not everyone's gonna this livestream is gonna go longer than it already has gone longer than that whole video would be so I have kind of like a note list of like doing some of those things and I don't know. It's some ideas. Now on to the next topic. Oh All right, we'll side we'll sidestep to this topic. Have you have you read the DDoS BS on the toothbrushes? Yes, I have Let's read it so let's share it I Did share it and I didn't read it because I thought it was funny I just wanted to make puns finding out it was fake. I get to make more puns So I got double use out of this if you want to know what this image is it says it's a toothbrush and says I want to believe obviously a play on the You know people doing it so if you don't follow me on Twitter or I Try to post on Massen and I broke I had a synchronization between Twitter mastered on that broke somewhere along the lines But anyways after brushing up on the facts it turned out the story about smart toothbrushes being used indeed I also talked was floss Philosophied information you like that the root of the problem is the story was just too plausible Not to share. So yes, that is what happened people who are sharing this I'll share a link to my tweet for any of you. They want to enjoy the puns While I was brushing up on the facts. Yeah, it's absolutely people get excited about it I actually almost almost think this still could happen. I'm not gonna lie It this seems like the most dumb but properly dumb thing that could happen in infosec So there you have it folks. I post this on LinkedIn as well I probably post a lot more on LinkedIn than Twitter for anyone that wants to follow me on LinkedIn Nonetheless oh If only they had used floss software nailed it. I love that. I mean this is Thank you very much. I owe you for that one. What but was it built on floss? You know, that's the real question we have about a toothbrush any proper toothbrush should really be based on floss All right now let's jump right over to the other answer here other topic not answer I guess it's an answer to the topic and I'm gonna do a video on this. It's rolling out. I am Definitely Mixed on how I feel about past keys. I think they're a good step forward I don't think they're the end-all solution to all of your problems. That's my feeling on it I don't like when people overhype a technology as if it's the Solution the end of passwords I've seen the marketing people wearing me out on this one of are you still archaic and using our password for something? Yeah, I am because One of the problems with storing past keys is you change the attack surface now. I'm a big fan and let me Pull this up real quick Pull I'm gonna pull it out. Whoops almost dropped it. Look. I have a A Yubi key. These are fun. I've done videos on these. I think these are great. I have it stuck Where it's very accessible and I like things stored in my Yubi key because it requires if you want to Use something I've stored in my Yubi key It requires you to have that Yubi key and that Yubi key is not the only factor of authentication It is a secondary factor of authentication and I think that's great because I do have my TOTP on my phone. So, you know, right here the TOTP of my phone is great I don't have bit warden on my phone purposely because if my TOTP is stored here. I don't want my passwords here I always keep my passwords separate from my TOTP. Maybe I'm a little bit extreme, but you know nature of what I do I Have to secure companies and I don't want me to ever be the reason they're not secure So I sacrifice some of my convenience for this. This is trade-offs I have that being said my TOTP is on my phone the passwords are in bit warden But I can also now store pass keys in bit warden and I think this is cool I think this is great for average people. This is where I kind of fall on the whole pass key things I don't think they're the ultimate cybersecurity solution for you know Everything but that being said the pass keys being able to not only store in bit warden But then sync between your bit warden instances is nice It is definitely a convenience But those companies that would implement pass keys as your one-click login I'm kind of mixed on I don't know that anything that is high security should be one-click login with a pass key And the reason why is because it is synchronized in my bit warden So if you get access to my bit warden You're not using two-factor if you somehow Some way get access to it and obviously this is where the threat actors as we level up the security We move where that target is the target now would be a password manager So if that password manager is the target that the threat actors are after where the information is stored If they get into your bit warden Well, now they have that same one-click level access because the past keys are stored in your bit warden I don't think it's bad that they're stored in bit warden kind of convenient and matter of fact I've done a video before talking about the threat modeling of What do I store or when do I store my t o t p my second factor of authentication in my bit warden And some people are going to go on the talk of never and I just kind of talked about being secure. There is a Time when I do store things in there I have occasionally I have a handful of forums or is the easy example not my forums because I have to be the admin on those forums For forums, I'm not an admin on forums that it's just me posting some questions, you know Any random personal forum, especially They all have two factor on them many of them do which is great And I don't feel like setting up a two factor for every forum So I store those in my bit warden that does put me at risk that a motorcycle forum that I belong to Where I have my two factors stored within bit warden if someone gets in my bit warden They could possibly get into my motorcycle forum and pretend to be me It's low risk It's worth it to keep it in bit warden And I'm fine with that as an answer and if someone gets in my bit warden My worries are not about my motorcycle personal forums that I belong to therefore. I think it's like It's a good upgrade now pass key is not the same as your standard toot p Um Yeah pass pass keys is a better password, but should never replace a second factor This is the important thing on there that yes pass keys because they're based on the Standards of fido and because of the way they're encrypted the way they're stored. They are great There's no time syncing issues like you have with toot p. So I think they're great I think they're a good second factor of storage and they're going to be superior than toot p but Storing them inside your bit warden where your username and password for that same website is stored doesn't really seem I mean It's better, but it's not You know just something to think about here. I still prefer because my username and password is sort of in bit warden I still prefer my Fido stuff to be stored on a physical hardware key Because I anytime I can use the hardware key. I love it because I keep I actually have more than one of them and a good A good website a well done website. This is actually Something that I remember going to and reading as I was reading I was reading through the fido standard Uh at a talk at one of the fidos. I think it was the rsa talk. They gave Um, I thought something was interesting on there One of the regrets they had from the design standard was not now. They gave the option but did not Require this you can store multiple Of these hardware token keys in a web store awesome But very few companies seem to implement this now the advantage of doing it, of course is I can have more than one Key, maybe I have one key and one computer another key and another computer and I think that's great. Um It's just being being able to register more than one key makes sense to me But some of these places are like no, we're only going to give you a slot for one key and I'm like why they're from a Compute cost standpoint or a storage standpoint. There's not much it takes to Store the extra keys and I kind of like being able to have a backup key to be able to get into things But nonetheless, I'm glad bit warden's rolling it out. I'm glad it synchronizes between devices. One thing is uh worth noting and Let me whoop throw the share back up as of right now This is down at the bottom Will pass keys be included with a clone of your vault item No bit warden would not copy a pass key when doing a clone action our Stored pass keys included bit warden imports experts pass keys imports experts will be included in a future release um I thought that was kind of interesting that currently you can't import them and export them Uh pass key support for mobile application is planned in the future really so there's still a couple features not ready yet And you know, that's interesting. But yeah Why do websites with the pass key authentication still keep the regular password login? Uh really simple and the reality is bit warden For example, how they said they can't import and export this This is one of the challenges you're going to run into if it can't be imported or exported How do I if I decided I don't want to use bit warden anymore. How do I get the pass keys out? Well, now, that's kind of a tedious thing So I kind of need to have a fallback also pass keys should be the second factor not the primary factor authentication That's my opinion. Um So that kind of creates a challenge another one is a lot of these companies You know are pushing pass keys with your phone. Cool. How do you synchronize them with your google account with your apple account? What if you didn't want to have a google or apple account? Now you need some other way to synchronize that data So I get it that they kind of have a fallback But I gotta admit on the other side the convenience of pass keys and because Pass keys are much harder. You can't just intercept them. There's not as easy as a way Not saying there's not a way. There's a much more challenging way I don't like when people call them unsniffable. Yeah, they're challenge response based on cryptography, but It just requires a different methodology in order to get the pass keys to work Um The it proxying the website is the only real way to do it and there's not an easy way to do that It actually is good for spoofing But so is bit warden at that and what I mean by good for getting away from spoofing Is bit warden will only fill in a site That matches so if someone sets up a fake login page for Another site that looks like the other site the url won't match at the top now They may be typo squatting instead of you know paypal.com. It's uh some other letter that looks like paypal.com You know a lot of typo squatting on websites get people to put their username and password in But your password managers won't fill in the wrong website. So that becomes very challenging The other attack it does help prevent is when someone tries to maybe embed a site within a site That's not something that pass keys to my knowledge. There's any way to do so there there are some definite advantages of Having that which I think is good. I mean those are those are still important factors on there Ah What else there was someone else had a key about uh firewalls. That's all that I rant about pass keys and that I don't have a ton of times. I have another meeting coming up in a little bit today The time is my next meeting Make sure I got everything timed properly. Yes Oh Hey, my meeting cancelled that's interesting. Well good beating. Well, I don't know good It was someone who wanted to talk to me. Um, I guess they can't the such time they cancelled the meeting But someone had a question. I don't understand and I don't know if anyone answered three f a is the future Uh, check out my studio tour all the details of the lenses and stuff is in there Or if you actually if you click the links, um Here I'll throw this in the chat if you go to kit.co slash laurance systems You can find all the things I'm using Yeah, so kit.co kit.co slash laurance systems and uh, I have like all the different things for a lot of the builds I have are all in here for anyone's interesting random stuff the laurance system studio parts list Oh, I got to change this. Hey, this reminds me. I got to change it to the 2024 edition So add video from youtube We'll do that you guys can watch me do this in real time Let's fix it When we're what is my studio tour? There we go paste add There we go. There's now it says 2020 I kept I actually kept the thumbnail the same I figure it's two years old. Who cares if I reuse the thumbnail? There we go. Uh, nope. I have not switched to keya dhcp Um, it just it it's missing features and so I didn't switch to it This was a discussion in my forums just the other day Someone's like, well, how do you solve this problem? I'm like, I didn't switch to it. They're like, oh I'm like, you don't have to uh I I tested it and I happen to need the features that are in the current one So I'm gonna have to wait till they add those features back. Um, it had a problem with the ntp uh servers and Without being able to use the ntp servers. I can't use it. So that's it. Um I don't know if it's in there So it looks like uh open sense. I know it's in pf sense. But I just looked yes, it appears They're bundling it in both open sense ampere. I use pf sense, but it looks like it's bundled in open sense as well Thoughts and unify versus uh, omata. No unify is definitely far superior to omata. You know nothing really The problem with lab, let's just say at that We've started doing we did some consulting and it's I feel like any of the omata stuff was just way bugger Um, we had some weird buggy problems. I need to make a list of all that We don't have that many consulting jobs. We did with it We did enough of them though that my technicians are like, yeah, this omata stuff is buggy. Is it cheap? Yeah, does it work once you get it? Unbugged. Yes. Do I trust omata security? Not at all. Um, Basically, omata just copied unify as best they can Which is fine Gets the job done. They made it a little bit cheaper awesome for people who are looking for a little bit cheaper But I don't think they copied the quality of unify and there's already people who Um are going to be laughing that I said quality of unify because people are like, oh, unify's got bugs and it's You know, no solution is perfect. Clearly you haven't spent time in the sysco and 40 net worlds, but nonetheless, um omata is definitely Cheaper knockoff. It's cheaper and I don't know. I tested it in my house I didn't have a problem with it, but I have no faith in their long-term outlooks for security I'm planning a small unified deployment with 10 to 15 cameras about six other land ports on your point In splitting switching capability between two switches not with that few cameras You can run a whole lot of cameras on one gig. You you got to get up there probably in the You know, even depends on, you know, how high of a stream you're doing No, you don't need to split that between them. That's not with that few of cameras Uh, did you have issues with the web ui into your nascale mine seems to be having some issues press f5 rather frequently Otherwise ui won't load properly. No, and are you using a proxy in front of it? Um, I never have a problem the ui works great. I I I can say confidently. I have no issues with the uh ui itself matter of fact while while we're here, we can just log in real quick because you know Here's the here's the ui on it and it Uh, I got it zoomed in a little bit. I mean zoom it out, but it works fine every time I have several. I also have numerous of these and all of them work fine. I'm excited. There's a new update that'll be here soon Because the uh, I can join the beta I might join the beta on one of my other ones But yes, it's soon we will have that I've been having issues with my unify ap. It's about half the line speed Even when I plug straight into the poe ethon adapter or turn the channel all the way up and ap. It's better uh You know, that's why I don't do a bunch of wi-fi testing There's so many factors in wi-fi testing if you want speed don't use wi-fi is always my answer You always end up with a lot of problems matter of fact one of the issues I've run into and this is when I was testing um The cisco equipment I never really finished a video on the cisco wi-fi because the cisco devices died Which I thought was funny and I just didn't care they have a warranty and I don't care to replace them Um, I just thought they were the worst experience. I did the review of the cisco switches. Anyway, so the cisco inexpensive wi-fi The number of problems I had from one laptop model to another drove me crazy um Cisco was not much help other than some firmware updates that allegedly patched it but didn't Uh, you couldn't believe the speed variation I think chris has talked about this before on cross talk solutions when he does his wi-fi speed testing One handset to the other It's like oh the iphone worked really good with this model over here, but it didn't work with this model, but the Android phone is exactly the opposite you get a better speed out of the android phone But then you try a samsung phone and it works okay, but only on this model and that model There's You get variations a lot between devices that's wi-fi might be a standard, but it's not standardized. I guess you Uh, do you know of a linux firewall that supports rules with dns names instead of ip's? No Not that I could think of I mean There might be some hacky way to do it inside of pf sense, but I don't I don't know I I've not had anyone request that I don't think that's a very requested feature Which is probably oh, I know no one's really working on it most always we do the rules by ip I know it can be done probably, but I don't know why I would want to do it The only problem with your nas is how eager it is to log out Yes If we will just leave this up while I talk and any moment it will have the would you like to extend your session? Actually, I should I do need to do some updates. I know there's a new version of net data Ooh sync thing in that data That's uh Do it live or just gonna upgrade these I Prefer I don't use open media vault. I don't plan to use it. It doesn't have the same feature support that sure nas has so I'm gonna go with my preferences for true nas, but maybe you like there's people who like unraid I don't use unraid and don't plan to use it. I really like true nas. I like zfs. So it works great. I'm happy with it um Yeah, I bailed on windows for good awesome. Congratulations. Uh dbkd is running all my home computers and servers. I even have uh And even having db and my eyes are open. Congratulations My pf since uh land port seemed to keep losing its ip address Like it doesn't send it requests to renews address, but a simple unplug and replic cable cause requests Hmm. I'll assume you're not running the net gate hardware. You mean you talked before About this and you were definitely having some issues. Uh, I think you were getting some packet loss I mean you were Me and the bearded it data personal friends. So we were Discussing this offline, but yeah You gotta reach out to me. We'll do we'll do a session together and try and sort it out But I think you're having some hardware problems. Um I don't know what message me and I'll pick some hardware. I think I even have I might even have an extra Well, no you wanted something that's um I don't know if I have an extra one that's got two and a half gig Is it wrong to turn up the channel width? Uh, no not But there's sacrifices made you you widen the channel you get less distance because more things can do it More things can interfere with it Last wi-fi deployment did a bunch of u6 pros the client gets 500 500 your phone entire building, which is, uh The entire uplink awesome Since the takeover view or a barcom are we In our company currently considering whether these proxmox or xcbg personally belong to xcbg trying to cope with it And i'm getting along pretty well so far of a passive Limitation apparently the problem with the german keyboard layout alt gr Probably has something to do with no vnc as their solution Honestly because I only use um the us keyboard layout. I really don't know I would post in their forums Uh, and they probably have a solution because uh, they're a french company and they do Um, obviously work with the french layouts. I don't even know how much different those layouts are so that might be a good forum post I just don't have an experience working with Um different keyboard, uh different language layouts for that, but i'm definitely team xcp and g myself Uh, why doesn't chrome edge identify the proxmox? You're nice password autofill only firefox says that's a good question I don't know Wait, um It actually i'm gonna Say it does i'm using bit warden So let me log out And i'm using bit warden here. Whoops Somehow I locked that Mine autofills fine with bit warden. This is chrome by the way, uh, so it autofills for me So I don't know the answer to that Uh, would you be interested in sharing comparison between web ui on net data parent and net data cloud? uh I mean just sign up for the net data cloud, but I mean Uh, how I can log into my cloud as well I mean, this is the net data cloud Do you know which has the most active installs to your next core scale? I don't know and I don't know if there's a way to know because people don't always Register them so I don't know that there's any telemetry data, uh for how many there's millions of both But I don't know where that cut is um Any news I need my express order my place, uh up north so waiting internet install gets first Patiently awaiting excel store from vates Yeah, I'm using bit warden, but you know, it should work with keypass as well to get that log into work Uh, never had time to catch you live. Thanks for taking the time. Good videos trust awesome How much resources to commit to bit warden vm? um, not a lot Um, it has eight cores and four gigs, but it's barely using any of that I mean, it's using it because it's there, but it doesn't need that much so it's Absolutely fast doing it like this Back to the net data topic. Where did I lose that? Um The cloud one just lets me concentrate all these right here Versus, you know, this is the cloud version of it. So, uh, I don't even think I have All of mine in there. Here's my gray log server Oh There's my website It's a real-time net data website, you know, all it does is make them all right here, but if you If you want to see what it looks like Here This is what net data looks like without the cloud So I just did that update. This is on the true NASA system. I did the update. So there's a gap in it right here This is where it was restarting to run the latest version. But yeah They don't look that much different. They just aggregate the cloud a little different Do you have any recommendations for a super tiny four by two and a half inch nas system hoping an SSD nas Brian Moses look up. He's got a good write-up on a budget nas Brian Moses I've shared it before but I should have brian. I've chatted. I think I've tweeted back and forth to brian, but Um, I'll throw a link in there. He's always got write-ups on true nas stuff If you had a bigger hardware key for a company, why use any specific brand to buy and avoid uh for non-technical staff? I think the ube keys are just a solid standard One of my friends is deploying like I don't know. It's like 500 of them at his company. They work really well It's a lot of course for something static like bit warden. Um, well, we have what we had we moved to It's not actually hosted there anymore. It's having we had all of our employees using it So but it never really used any power. It never was slow. So it wasn't a big deal Uh, my company's losing a decided on a logging system. We have a custom api as you're looking at splunk Anything else to check out? There's another company that eludes me at the moment. Um, I mean, I like gray log So that's what if it's just logging. I think gray log is great. That's probably the most popular one There's probably a couple others, but gray log is definitely um one of them I like and They didn't pay me to say it, but I will disclose. They sent me a fancy cup. I got a fancy, um reusable coffee cup from gray log. So yes Now that I'm there I got the lid on right so I do like I I've been using gray log for a while and I think they make a great product They're open source as well From what I read web UI net data parent Uh, we display data from all children, but I haven't got around to saying enough check out similar to cloud. Yes Uh, what do you think should 4dji's homelab project be at the hl 15? I don't know. Um, I think it's a good project I don't know anything. I don't know what other homelab project there is. I think that's their niche is that hl 15 I don't think they have to make a big variety of them. Um Because the the hl 15 has options to be able to convert it to using like more flash storage So I don't think there's any problem with it What happens if a yubi-ki gets lost or broken? How do you back them up? You don't back up yubi-kis That's you replace them if they die, but you do not back them up Um, so you have to have more than one Tom yes, I can be bought with a uh fancy cup. I like logoed stuff Gray log sent this to me for doing a video. So the video was not sponsored I said it's an option. I'm doing the video and if you want you got my address I saved a video. I'm very clear on that. Uh, so yes, they did they sent me a cup that says gray log I just it feels really I just like this cup It's I've only used it for water, but I still like it. I should use it. I can use it for my morning coffee Does it log the coffee machine? Yes Yeah, having more than one yubi-ki is kind of the answer. Um There's also where are they at here? I have bought a few of these I'll throw a link out there for you. Um I like these devices Which are the Fido u2f uh, pasky. These are another company. They're a little bit cheaper. These are like 16 bucks right now. Um These work fine. I've bought these for people. I think they work. Well, I haven't had any problems with it And it's part the company that makes this is part of the fido alliance. This is not some random company Uh, because there's probably cheaper ones you could find by some random company, but these devices Are uh, what's the company that makes them trustky This is right in front of me. I wasn't seeing it. Anyways, these are by trust key. I think these are not a bad solution either so Well, I agree with you completely. Why do people say passwordless fido 2 is more secure than password plus u2f? Seems that you're losing a factor. Welcome to my world of not understanding how I just how it gets sold Uh, my problem with gray log is a lack of windows ingestion um What do you mean lack of windows? I literally have a video talking about how to pull windows data in So you are incorrect about its lack of windows ingestion. I I have a video on that as a topic Uh, let me pull up that video as I did the video think last week It because I know a lot of people were asking about it. So it is Let me share it in here It doesn't the problem with windows log ingestion is first Windows logs are hot garbage And this is why I made a video on this as a topic. It doesn't do it natively is my complaint not that it doesn't do it Um, it doesn't do it natively This is the problem because windows doesn't have a log export tool. That is the problem So you can't just plug it in You have to configure and set up windows to do that That's where the problem is It's not that it can't do it It's that it doesn't have native support because windows it's the windows doesn't have native support not gray log gray log actually Is easy to set up all the work in this video has nothing to do with gray log and everything to do with windows And this is what makes this a much more complicated topic I did that video on purpose Because I couldn't do that video I I didn't want to release this video until Kind of an ordering of things I wanted to make sure you knew how to do it But then I made I made mention of the fact that when you do it The tuning you have to do and then I have this video released So I timed it releasing I actually recorded this one first Which is a whole video on how to configure sysmon. This is an hour long video where me and amanda berlin Dive into getting the most out of sysmon So this is why this is a complicated topic. I recorded this video and after I edited it I said boy people are going to know how to send us a gray log So I made the gray log import video and then immediately after release the video on getting the most out of sysmon because While the tools are easy to do Actually getting actionable data is way more complicated. So me and amanda dove into threat hunting for an hour I know not everyone wants to watch an hour long video So I gave you the basics pulled from the talk me and amanda gave Then you can get it set up. You can get it ingesting logs my my getting started with gray log video is actually pretty short to get the logs out there, but the Longer video on how to tune everything. Well, that's a whole different topic and that's why I wanted them to be separate videos You have several z-wave items in your kit any concerns that we will just continue replaced by matter. Um Maybe in five to ten years it will be I don't think there's any concern that it's going to happen fast. I think it's going to happen Really long over time So maybe it will but not today And not tomorrow and as long as these cheap z-wave devices are floating around out there and there's a As long as your demand for them people are going to keep making them. So I don't really see this as a big issue so not not really a Um a big problem for me In remodeling my house for a network closet should I go for a single drop with all the cables and solve play for each drop? Uh, or is that just personal preference single drop? All the cables install play for each drop I would definitely put them on a plate. It just looks nicer. Don't just pull the wire through the wall if that's the question you're asking So a single plate per drop It's greatly more convenient. Uh, it's also easier because then you can just plug things into the wall. So yes Or unless you're a question is should you run too? I see a lot of people say you should run more than one network cable If you can afford it, it's definitely an advantage should do both of them. Uh, but that's still come down to personal preference I Did not run two network cables to every spot in my house I didn't run that many network cables at all through my house. It doesn't I don't my computers are connected. Um, but my laptops are wi-fi and I just wander around and speed is never an issue with the Uh, I I don't need the downloads to go faster I need to be able to watch youtube because most of the time I watch youtube in case you watch Some other movie, but mostly i'm watching youtube or something streaming I don't require even the full wi-fi speed for that. So wi-fi works fine I did see someone complaining on one of my videos that kind of made me laugh. Um They thought it was such a waste that people use patch panels I've seen people really hate on patch panels. Like why would you waste time with patch panels? Just run a wire to each switch and i'm like, I don't get it like that's We don't do those because we're bored and things like that so All right Closing all the things I have open too many things open Hey, look my home assistant Actually, I just noticed something that may have broke. So let me find out This isn't good Sync thing didn't update. It seems to be broken Oh So this is kind of funny sync things working So sync thing works But True nas doesn't think it's working. It thinks it's stuck in deploying. Let me try reloading the page Oh, okay. Hey, someone talked about ui problems. There there was a weird ui issue I had to refresh the page to get it to change from deploying to running. So that's strange I run xo container on my Synology. Uh, is this a bottleneck from on a backup? I've seen me at home that um Yeah, the data passes through the xo for backups. So you're going to be limited to whatever speed that is Any difference between punchdown using a coupler on a panel feeling too lazy to punch down Uh, punchdowns are generally going to be possibly a little better But for the most part no the the quality at which these connectors are made is pretty good So I don't really think and someone's going to be angry. Um, I've seen I've seen completely working for years Double patched because people didn't have enough cable and they moved something and they double patched And it still doesn't have any problems Plug it in and test it But anytime you add more connections, you have the potential for more problem not necessarily a guaranteed problem I do recommend yeah Two wires is for in the attic because you do not want to have to double run them when you're running security cameras You don't have to go any attic a second time. You are absolutely right about that Yeah, patch panels are smarter. I agree with you completely I can't imagine world without patch panels. I have seen the world without patch panels I lived in that world. I started this career a long time ago. I'm happy That they have them now Our rmm has its own password solution doesn't see any aggression would love to get to use bit warden I recommend bit warden. I still really like it. I don't do roller coasters Um, so even though cedar point is relatively close to me. I'm not a big roller coaster person Oldest computer I have running doing something. I don't know. I most of my stuff's actually pretty new I get rid of old stuff So I don't really I mean I have a raspberry pi 3. Is that count? I don't know that's really an old computer. It works If use a coupler, do you have to terminate the plug instead of using the punchdown? That is such a big difference um If use a coupler, then you have to terminate the plug I mean they make the plugs that are pass through so I've seen a lot of people use those I like it better. I will always go for the punchdown myself But if you're tedious like me and don't feel like punching them down, it's probably not that big of a deal There's technically more electrical loss for the coupler versus punchdown. That's the part I'm talking about technically They're the the wires don't connect in the same way It is a more secure connection to use the punch I don't know we should probably do an amperage test But the reality is now we're doing a test that's not even related just to prove that there could be a difference I don't think it's the end of the world there Um, it's kind of personal preference. I like the idea of self-hosting bit warden But you have to then add that to your things you have to maintain list I've had no problems maintaining bit warden self-hosted. I think it's easy, but Is it easy for you? I don't know the biggest problem I have was when everyone just tries to go fully self-hosted is they do so At the idea that they want to save money But then that savings they're not calculating the fact that you have to keep these things up to date The number of companies we did we we dealt with a company that went through a hell of a security breach They self-hosted everything and updated nothing and it was part of the problem So you got to really make sure there's a plan for that if you can't put a plan together And assign people to update the infrastructure. It's better to have someone else host the infrastructure Why would you need to write a it's kind of how I feel I don't really like Um roller coasters. I don't know they make it's been a long time But they used to make me nauseous. So I'm I'm all for motorcycles The best place to find a used rack size doesn't really matter as long as cheap craigslist Facebook Look for local recycling companies Keystones are way easier, especially with the new tools like the eye punch from vertical cable. Yes Thank you. Cody from mctailcom networks and he is absolutely right about that take it from a guy who punches him down Way more than tom does I don't punch down many of these You have I I have a patch panel in my house as well Self-hosting I feel it's more about owning and controlling your data than cost savings. Yes. Um Absolutely, and this is the problem the people like I said the people who come at it with I just look over the cheapest way to do this Are usually not accounting for the fact that they have to maintain the infrastructure Hello from new york standing waves and other Signaling issues at high data rates as possible with more breaks connections plus number of other unknowns These are just avoid support. So plural. That's a hard word for me. Say It's just easier to avoid to prolifice I'll someone else can see it connections Um, you're not wrong. You're not wrong at all. I like I said from a professional standpoint We're always going to run them right? We're going to run them with the proper punch down That's how we're going to do it what people do in their home lab because they don't want to tediously Or they're not good at punching down cables Then that's different You don't always have access to a bunch of people who are good at punching down cables like I do That you know, you don't have an employee people who are good at punching down cables that will come over your house and help you punch down cables I do I get not everyone does Super flu us Super. I guess it's soup lure suit. I'm yeah Well, that's a tongue twister for me for no particular reason I'll work on that later I use keystones when are possible to hate fighting with rg 45s, especially If it's thick shielded cable, I'll leave that to the robots cost benefit. It equals out super flu us This is fun Well, if I you know when I'm putting together videos in case you didn't know if I can't say a word I just avoid it. I sometimes will have the word written down and I realize I can't say the word verbally So I just changed the word Unless it's a word I have to use and then I'll work on it There's Back end secrets of being a youtube creator. Tom just doesn't say words He doesn't know how to say well and sometimes I still don't know how to say the ones I use well. So Have you seen issues with a u6 pro going offline and showing fail to adopt when no adoption should be happening swap dot u6 Are some no issue. Maybe you have a bad firmware. Maybe you have a bad unit. I'm not I don't know I don't think I run into that personally Each room in the house gets telecom closet punchdowns and go to main telecom rack and basically which is another punchdown But I have bad ocd and all the punchdowns There's people who really like doing it the people we employ Like what they do and they are they want to be cable people which is fine. Awesome. And we give them lots of work Oh greetings from south gate. So uh, you do that as well when you See where it's when you can't spell correctly. Yeah I'm amazed at how bad my spelling is with chat gtp and it always figures it out Because I my wife was watching me use chat gpt. She's like you didn't type anything right And I'm like I didn't have to it's now made me even lazier It's it's the laziest version of spell check Also for the os the other don't know I am located in south gate michigan. That's where our office is So greetings from south gate. I'm assuming you mean south gate michigan Good cabling is an art for itself. Yes Uh, do your clients use cell posts of it or in our clouds? Sometimes you don't forget to put the customer URL is an automatic way all of our clients that are using bitwarden are not self-hosted They're all using the bitwarden cloud Um, how often should unify access points be update or rebooted, you know, I don't have any scheduled reboots for them What's I was looking and I'm trying to see if I have like my house ones real quick that I'll pull up I don't know the last time they were you know what there was a firmware update recently Or another firmware update. I look more firmware updates But yeah, they generally stay running for a long time. How many days of uptime do I have right now? Tell me up link down the experience Oh, here we go So currently I'm at 52 days of uptime on mine. Um That works fine. No issues here. So where's that at? Yeah, 52 days of uptime That was the last time there's a firmware update for this one The only time they ever seem to get rebooted is when there's firmware updates Hello, Tom and everyone else appreciate being able to watch the vlog Thursday live from Sweden. Hey, welcome. I see a lot. I think there's a lot of europe people uh, europe people in here Greetings from india How far down in my country is in the viewership demographics? Um, I don't know but I know it's It's it's all I'm only 38 percent in the us So it is scattered quite a bit. Um less than half of the people that watch my channel in the united states Uh, what do I mean by missing features? You're Gonna look if you look I think there's a list of uh missing features on pf sensors website But ntp was one of them. That's missing How are you securing bit warden stuff also? Assume you don't make it public or vpn if you made it public, how would you secure it? Um, I wouldn't make it public That's if you're gonna make it public you may as well let bit warden deal with it if you're gonna self host it Put it behind a vpn Got an old consumer motherboard with a super micro hb card for true nas on reboot card hangs and unplug things post uh recommends for actual nas motherboards That brian moses i mentioned earlier, uh, he's got some good listings on there, but the Honestly the cards you get the different options are um Let me think of them Let's jump into the name of there's if you go and go to the true nas forums You can get a better card that doesn't have problems if you go there's a whole section of the true nas forums called will it true nas? And it's hardware recommendations Any usage of ruckus here? I don't use them Uh, some ruckus and they're killer compared to unify kit. I I don't really have an interest ruckus has a very confusing website And more confusing licensing So I don't really bother with them Every time I looked them up. I always found some of their pricing confusing their pricing was pricey Their licenses were confusing I have two in my house and for some reason the clients couldn't connect until I rebooted it, but thanks for respond Yeah, I I we have a lot of unify we deploy and we don't really have problems with them Have set up wire guard remote proceed only connects if I ping something on my network from it Does this need to be a permanent connection auto start with system d works? Yeah, there's a way you can tell uh You can set a keep alive up to to have it working So you can look up like how to set keep alive in wire guard and it might solve your problem Our aruba instant on still relevant. Well, they're still alive But they haven't really changed much since I reviewed them like four five years ago now Uh, I still have a few people using them. They function. They work Um, I don't think they're anything amazing. They're just kind of a good basic wi-fi their dashboard is What it is it's they I remember they promised me like when I first started reviewing them Oh, we're gonna have so many dashboard features. We're gonna get all this set up and They never did How do you deal with new clients enough from your hardware? Uh may be a client maker chick, but no one has any experience with it. Uh for us We are good at figuring it out. That's the best way I can describe it You know me and me and jason slago talked about this and I don't know Um, I don't know the answer Why some people are good at figuring it out and other people absolutely struggle and we talk about it from that perspective because we employ A bunch of people at c and w are some of them Understand things better than others just the nature of it. It's not a dig at any of those people But some people get it fluently and some people don't we have enough of those people and me and jason are definitely among Those people who don't have a problem grabbing some random piece of technology and figuring it out Uh, so that's my solution if you can't do that If it's not saying this is bad But if you do not have a skill set that lets you figure things out, you should not take on those clients Don't take on things you can't support. Uh, I highly recommend if you try to learn them first If you can't learn them then do it. Um, then go. Okay. I understand. I'm willing to take on this product That is unfortunate. I I hate those Stupid bs posters to say an entrepreneur says yes and figures it out. That is dumb That is often how security disasters happen I think that's actually the root of many of the security disaster problems of a lot of people said I'll just figure it out as I go How bad could this end up being and then we end up with a lot of bad software Or bad supported software or misconfigured software Uh, any plans that can cover g and s3 or e of n g no interest in it I do everything in the physical layer and there's plenty. There's so many other channels covering it I don't think I would add any value and I don't have an interest in doing it either I do everything like with real hardware. So I don't really need to set it up that way HP has no idea how to market Yeah There HP I know HP separate than HP, but I think the stink of HP rubs off on HP enterprise Any thoughts on the unified product support plan 200 a month sounds like a lot I don't we charge $200 an hour for unified support. So I don't know Um, we have a lot of bookings a lot of people contract us But I mean if you set it up right it doesn't need a lot of support People who can self-crain use it your time figure it out hardware if you're book smart then you tend to struggle with it. Yeah I Please fake it to you make it drives me nuts in the tech world Um, I don't I mean yeah granted There's some people get imposter syndrome and they actually know how to do it and they have they struggle with that I I'm completely empathized with that um, but The people the some people who are just I've met plenty of these people in my 25 year career Or more than that I started in 1995. So I'm gonna actually I'm scared to say it, but I'm pushing 30 years in the career. Anyways um There's some people who are overly confident and just we and we still to this day are cleaning up disasters We take over a client. We're like who set this up and they're like, oh the other IT person I'm like, they had no idea what they were doing. Um, we have dealt with breaches and security problems And sometimes the root cause of it. They just didn't know how to set any of this up properly and it scares It's kind of scary. It's definitely where a lot of these problems are Then he comes down to uh, how you build your knowledge Some people can memorize how to operate the system and device and you operate and that's enough for them Oh, yeah, there's a lot of people who You know, they put the blinders on that says they're not as passionate about tech. It's a job They like it enough to work in the industry Um, but they learn what boxes to check but never why to check them They're like when I set this device up, I check the third box down the fourth box down I put this digit in here. I put this digit in this box and I click save Why'd you put those digits here? I have no idea, but I know it works when I do it and that's fine You know, there's There's different facets of the tech world depending on where you want to be So yeah, there's it takes all kinds. Uh, I got no I got no hate for anyone who doesn't want to do any of that Matter of fact, sometimes tech is a means like understanding networking people don't want to really learn networking They sometimes just want networking to work so they can work on the thing they want to work on Uh, so there's a lot of that that goes on which is fine You know, some people go I just need to get this part sorted out because my real passion is writing software And spending all day playing with network switches and vlands Is uninteresting to those who may want to write software. Maybe it is maybe it isn't you kind of got to decide Where you want to go with it? I don't like writing software. Um, I like using software, but I'm not a big coder myself So I'm on the opposite end of that which of course people who write software all day, but tom You're not writing things in assembly language. I mean come on playing with things at the register level is so much more fun than than plugging networks in You had a video a long time ago about installing a udm in your daughter's place. I think or for someone. Yes, it was I'm finding Wifi not to be that great. Did you get any complaints? No, she's still using the original dream machine The dream tube the cylinder one my daughter still has that It was installed in her apartment and now it is installed in her house I think dad should probably upgrade it because that thing is old She plays video games all day. She has no complaints at all Yeah, she bought her first house two years ago now I think she's lived there two years. Uh, but she doesn't have any wi-fi complaints Yes under promise over deliver is a good mantra for technical jobs. Yes, definitely where we are We we take every job on with caution. We have a solutions design meeting We make sure we can do the thing we do we we our salespeople are forced to bring solutions to our technical people to make Sure, there's an alignment. We have a process that process does take a little bit more time But we give you really good solutions that way as opposed to half baked ideas. There's an important cadence to the process If I come up against something we never worked with I spent a couple nights reading the manual before I have I have front. Yep. Always try to understand underlying principles behind stuff. Absolutely I'm still dragging my udm along Uh, but I have two and a half gigs service now. So I think it's time to make a change Yeah, I mean Honestly, it's been a pretty trouble-free device. Uh, it still works. My daughter doesn't have any extra wi-fi I think it's because she only uses it. She's got a gaming room at her house And in her living room. So she is tv in her living room She uses wi-fi and the gaming room and I think those are the only two rooms that they care about the wi-fi And the wi-fi is in the gaming room. So There's that um I am winding this down But I do have trying to see if I thought I had a picture of that Well, maybe not Oh, there we go I will I can share this the uh because I was just over there and um The cats don't mind the wi-fi at all. That's in case anyone's wondering There's me and my daughter and she got a new kitty. So I just I just felt like sharing a cat because the internet loves cats um, so Uh, she was when I was over there just the other day I took a picture and I asked her about her wi-fi. It is working fine. So I may do an updated video on it because I think it's we're saying like five years of working and it You know, I think it was 2019 when I installed the wi-fi for So it's now moved from her apartment to there and it still works And her and her new cat is really cute Oh, let's see Four raspberry pi four sitting here not in use other than password management. Uh, any fun ideas Well learn go over your curiosity takes you build a cluster of something play with kubernetes Might be kind of a fun thing to play with a bunch of raspberry pies Yeah, they have a new one called the swiss army knife ultra. I haven't kept up with all the latest models I need to kind of look into them a little bit more Ah The wi-fi works so well over cat one. Yes I'm just laughing because my daughter put the cat in a sweater. I mean The cat likes to sweater. So there's that Fun times fun times. All right. Well, I'm gonna wind this down. Thank you everyone for joining I you know, you know my meeting canceled, but which allowed me to go all the way till now Um, I still have a few things I gotta do today I have some videos I want to work on and all that fun stuff. So thank you everyone for joining Leave some comments leave some, uh, you know, whatever you want on here Well, not whatever you want leave things are tech relevant join my forum sign up for my newsletter all those fun things That is definitely, uh Been going well with the newsletter. I got a lot of you signed up. I imagine a lot of you are on there I've been taking feedback on the newsletter of what you'd like to see more over less of Someone actually suggested. I don't think it's a bad idea to put the videos in there at the bottom and the news articles I share at the top, but hey, um, hit me up. Let me know forums.laurancesystems.com is a great place to connect with me Uh laurancesystems.com you'll find links to all the socials wherever you want to find me and thanks