 And I'm live. Yay. So Among the sillier things I seen trending yesterday that made me Giggle a bit and they referred to it as the millennial pause the uh Is this thing on and I don't know maybe I shouldn't do that But I still admit it made me chuckle because I identified with it. It was relatable going. Yes I uh, I certainly click live. I wait to see the live wait to see the number go to at least one And I think it's more not because of a millennial pause. I think it has more to do with Sometimes it doesn't go live and you don't know when so That's the thing Oh, let's see What do we got here we got baltimore And health sinky I don't think we seen a house sinky last time so that's uh That could be wrong But I'm actually and I mentioned this last week and my goal Is always to become more organized And let me go ahead and you know, I think I can share this. Let's see if this works Can I share this as a window? Oh, that's cool Look at that magic All right gracing How you doing? Hello. You are now com to your sysa plus certified as of tuesday. Congratulations. That is awesome I don't even studying for that for a while. So that is great to hear that you are now certified So that is that is amazing Congratulations on the hard work. It takes for that and thank you very much for the donation there. So Good job on getting that certification sysa cyber security analyst awesome So we got johannesburg We got more people wishing uh Gracing luck with his new degree that he's got and congratulations for getting it. So that are certification I said the grade did not mean to say that certification Hmm, but I'm actually uh, can I make this bigger? Oh, look at that Look at that. I'm actually working on this whole agenda idea of organizing things a little bit when I come and do this so Oh, let's see Currently starting at a c company appreciate content awesome portland Pretoria where I'm gonna have to google that one Here is Pretoria Pretoria is a south africa capital of cities. Okay, so that's from always way um I see someone making claim Uh, let's see allegedly Last passes in the news. Well I don't see Anything in the news about uh, the alleged Someone claiming that last pass had some type of an incident. I don't see any news about it So, uh tweet an article at me because you can't post links inside the chat. So nonetheless Also renewed your com to a a plus network plus the security plus you got quite the On there. So that's awesome. Have you run crosses your next cloud talk lost connections signaling server trying to reconnect? Uh, I haven't used the next cloud talk. So I don't know But we'll start with a little bit of the agenda and things I wanted to get out of the way Uh, I want to start with the where's and when's and I think this is something that you know People ask these questions and where are you going to be tom or when they see me? I didn't know you're going to be here. So I'm going to keep doing these each thursday of my Within the next couple months things in place as you can find me So, uh, daddo con september 11 through 13th gher con october 13th and 14th Ohio linux fest. I haven't bought tickets to it yet, but i'm pretty confident. I'll be at ohio linux fest december second and third and I can add uh 2022 um, those are the events i'm going to uh, be at that are pretty confirm Well, I've bought tickets to them. So I imagine I'll be there. So There's a blog post on last pass's website The last pass blog doesn't even Let's see That's a weird one. Why is it in spanish? Why want to switch from spanish? The last pass blog is in spanish Why is it? Oh stop Well for reasons I can't explain last pass insists on being in spanish. Let me open it in firefox It I switch it to english it goes back to spanish That's funny Well, it doesn't want to put me in spanish for uh Notice of recent incident Importions the last pass. Well, let's share this we'll read it together as it's breaking news posted today So we'll go ahead and switch what i'm sharing here because I got this part of the way of The part I wanted to share with where I'll be so let's go ahead and Share Screen Share firefox We'll read this together real quick. No, I don't need a newsletter for this Share last pass business going two weeks go detected unusual activity and portions the last pass environment Uh compromise develop our account took portion of source code from prior to your last pass taking information Our product services out normally in response. So they came in and took some source code. That's a security incident Um, you know who that's you know who else had all of their source code stolen bit warden It's all someone took it all Uh, let's see Should I use google translate no Bit warden they had their security completely Not compromised, but they did have all their source code stolen just like last pass now So last pass had an open source incident an incident of open sourcing Um, yeah, this is not Yeah, it doesn't We never store and this is the important part and this is not just them We never store your master password. That's the important part that matters. Um So that's a thing now plex. Yes plex is a good security disclosure They did have an incident that uh people got some data compromised. So yes change your password and plex Definitely, um Do that So that parts that parts happen. So You also downloaded the bit warden source code. Yes. See last pass had an accidental open sourcing An unintended open sourcing of our software. I don't I mean I feel last pass does a good. I don't use last pass. I still think they do a good job on security I haven't heard I have not heard otherwise And uh, you know, they were first in the game doing this they're pretty big company. So You know, I I don't I'm not too worried but you know people get in people take source code But this is why password managers. This is the very important aspect of password managers. They don't have your passwords. That is the uh master password Pull this up for people because this is a video I did a while ago in its, um Just as relevant today. I'm gonna throw a link over here for anyone who wants to see it Um, and we'll pull it back up over here Which it will probably let's see is it take a second to load but um This is a video I have that says how your master password is being sent to your password manager and I walk you through How that data is uh being handled? This is how you can go through and understand Whether or not your passwords even being sent and it's not so um I cover I think last pass and bit warden or maybe I just cover a bit warden But I know last pass and bit warden handle it that way I can't say all password managers, but I know a lot of other ones do as well So the the way they do it is they never send your password to them They do it all inside the browser. They just handle the encrypted blob. This is how You can use them with confidence that you don't have to worry about them compromising your password or You know a lot of someone were to get in there They would have the encrypted blob, but the encrypted blob is not the same as having the passwords So hopefully that makes sense on that. Um, Yeah, someone got source code the last pass. So that's It's on their blog posts, but for some reason in chrome it keeps going to spanish for me So I I got that's just weird. I don't I don't ever I don't speak spanish. So I don't ever choose spanish on there Um, things are in testing, you know, me and jay just did on learnlinux Jay from learnlinux tv make sure i'm clear who jay is Uh, for those of you don't know, but we did our homelab show the other day and we talked about different Editing tools, but the one I've kind of settled on for a local application For managing documents and that's what I was sharing at the beginning here and it's this, uh Tool that I really like called mark text. It's Really some makeshift, uh, let's do this We'll just go ahead and pull up their github And share it out on the screen here, but uh, it's just I I love the simplicity of it and if I'm not mistaken, it's all cross platform So you can You look at the downloads here. It's on github and we'll throw a link over here And I'm gonna drop these links over in the description of the video so people can find them But if you look for mark text, you'll find it Uh, let's see you go into downloads. Is it cross platform? Yeah Windows Mac and linux So I'm obviously using on linux, but it looks the same on any of them I'll probably can throw some money at them Be a sponsor or a patreon make a donation But it's a simple editor And I like it it's uh one of those things like I like sometimes that simplicity and cleanness to be able to quit Quickly make things in a markdown. Uh, and then you know, there's there's the temporary storage I have which there's always a lot of it and it starts as how I do my projects where everything's kind of a mess And a lot of things I'm making a lot of notes. I'm trying a lot of commands What worked what didn't work to get something done or notes as I progress through things And then as I know what works and what doesn't that's how I turned it into a project or a video So that's uh, hopefully Kind of a brief overview of why even use something local But I have next cloud on my list of things I use because I'm starting to use a little more I'm it's just my personal life. My business is still going to be in google as it always is Uh, because that's the best scalable secure solution that I can use for managing my business managing all the uh relationships with inside and outside vendors or inside employees outside vendors To do things but you know, I want to de google find my life a little bit It's been a goal for a long time to get better synchronization just of all the personal notes and I actually refer to them all as my brain doodles whenever I have different thoughts and quotes or something I hear in a podcast I jot it down and maybe expand some thoughts on there. So yeah, it's just yeah And we are perfectly signed staying with google from a business standpoint. It's um, it's a solid platform We really like the g-suite platform. It works really well It's great for collaboration and sharing as travis will attest to as one of the latest members at warrant systems to join us You know, he's obviously I at least I believe he has not complained about google. So I'll I'll go with he's a google fan uh that It leads me to one of the amusing statements made by one of our Clients who when they switched to a g-suite and got rid of outlook because they didn't like outlook that much anymore They uh, the one of the employees was really complaining about Okay, cool. He did confirm. He does like he does like the g-suite google workspace as they call it now, but And but uh, I just laugh when when the owner of the company said this someone was complaining like, oh I don't want to stop using outlook. Uh, I don't really want to use g-suite. He says, oh no problem You can use outlook at the next job you have that has a place that use outlook But here we're using g-suite and I was like, yeah Yeah, so Linus has some thoughts on g-suite well Linus has all kinds of opinions on things so I don't I don't even know I don't follow Linus much. So I don't know what his thoughts are particularly on g-suite. I know he tried to upload too much stuff to it He tested their unlimited and got throttled like of their unlimited uploads or something like that Um, I wasn't surprised by that. I mean that's kind of a thing that happens when you uh, I mean, it's unlimited, but the bandwidth isn't so they figure out a way to You know, it's kind of like how they have the unlimited with your cell phone You get the unlimited data, but we're gonna throttle it at a certain point. So yeah Is what it is, um But like I said, I'm gonna de google and part of the reason I'm doing it is to make a better video about next cloud Jay has a full detailed one about next cloud I'll be talking about next cloud and probably the churnass context of it because I'm using it churnass because it's simple and it's easy Um The couple videos I'm working on one I've got a video that I'll be releasing probably tomorrow about some vendors that have been behaving badly Um and some security vulnerabilities around it. So uh, kind of messed there Ah And uh, me and jason slagle will be talking about that. Uh If you follow jason slagle, I mentioned him before And we pull up on linkedin Where did it go? Where did it go? We'll pull it out. There we go Put it in the window to talk. It's gonna be context what i'm talking about But it's vendors that make claims And make them badly And it's this right here That we stop We stop all malware basically and it's just an Infecting uh, blah blah It's exciting. I don't know how to say this company zero breach stops all mayware including all infected files from Uh, infecting your customers that they made this statement They may have actually since taken it down and that's that's the action and outcome that we were wanting Was them to remove this but it's basically security companies that overstate um what they do or what they're capable of doing and uh If it isn't really a slap in the face First they make the claim and then one of their other adjacent projects ityrian has uh security flaws in it So they have security flaws in their own stack While they are claiming they can stop all breaches and all unknown and yeah It's just bad marketing from these companies and the goal isn't just to shame them just for the Laws it's really so we could educate the community make sure you understand what to look for don't make these claims to your clients And then also think about vendors uh that you choose and don't choose vendors But just really you know lousy marketing practices Um that you really can't be backed up very well either. So yeah, it's definitely It's a messy situation, but there's a crn article as well talking about it and uh all the call outs on it So for those of you that do want to read the drama, I'll drop a link on for that as well because Yeah, that's a thing So drop a link to that All right Now on to the other topics I have in here. Um, I actually Had kind of an anti sales call the other day and it's this self host self or cloud hosted And it's easy answer for a homelab people hosting yourself. That's how you learn, you know, that's really a simple metric you want to learn about things go ahead and uh Dive in learn about them self host it great for businesses You've got to think about who's going to maintain and update that infrastructure And people reach out to us going it can be you tom it can be your company that maintains and updates infrastructure I'm like, well if we start running a math on that it may cost you Four or five hundred dollars a month and they're like but the service is ten dollars a month for them to host it I'm like, yeah But if you want me to one off go in and manage your docker containers or whatever it is you got Some stack that doesn't auto update it needs manual intervention When it's self hosted then well, yeah paying an external person may not be The most cost-effective solution and the problem I run into and I was just Helping out assisted men who took over reached out to me talked about some unify stuff and uh, they were on Such an old version of unify and this was allegedly a managed network But um, no one had been updating any of the unify controllers. They were still vulnerable to log for j The good news is it wasn't publicly exposed. So at least that wasn't publicly exposed It was just used internally but man so many people want to host things internally And they never think about the processed update them If you don't have a process in place to manage things and even homeland people if you're going to make anything public facing Um, it's dangerous enough having an internal facing because if someone gets on your network There's you know, and you're going well. I'm a few versions behind but it's internal Well, it's internal until someone internally gets on your network, which is a risk and something to take into consideration But if a business especially You don't have a plan to maintain it. I'm sorry. You should probably stick it in the cloud and put a plan to maintain it on that It's it's not like everything needs to be internal And it's kind of a betting game of whether or not the cloud companies or internally will do it better But boy, we run into so many times because we do co-managed it We work with internal it departments and you know when they start reaching out to us Because they often inherited some type of mess because of an incident We start going through and going. Yeah, you have everything out of date You're you're you're vulnerable to log for j because no one's updated sends version five of your unify controller. So it's just There's a lot to consider before you decide that you should self host something That really has to be put in place on there Uh morning, tom, how does it chili sauce that chili sauce is wonderful? Um, that is the coconut chili sauce I think I talked about it a couple weeks ago It's really tasty though. We definitely like it How do you find ninja one compares to enable we're with enable currently due for renewal had a ninja one demo now and Two minds what to do? I think enables a good product It didn't do well for our use case, which is co-managed msp As in the internal it people that we are co-managing with would like a dashboard with features And that is just missing uh from enable. They don't have good granular permissions to be able to handle that but if that's not your use case then Yeah, it's a less reason for you to switch. Um, they're both good products enabled is a nice job of gluing everything together Because you can buy everything through enable It's one of the reasons I like them so much because you know things like now. Well Backups are separate. So are well If you're not using the ninja backup But some of the things like the security selling and a few features now are separate As opposed to being just integrated as part of the enable package. So that's something to consider on there Yeah, we're with ninja one works very well and Yeah, like he said, it's uh, it's a nice system. I'm happy with the ninja one system. I really do like it but yes, that's um If if that's the you gotta think about the reasons you want to switch because of the pain of switching and And reloading lots of endpoints and things like that. Um, it's not an absolute pain-free process There's always going to be a few hiccups here and error of Doing it plus the learning curve of learning a new platform, but it's not bad though Speaking of data my knowledge and asses are all running dsm 6a. You should update them all Don't forget to like the stream. Yeah, smash that like button however many likes we have right now 26 likes And 111 people on the stream. So Ninja one backup still lacks a lot of stuff. So otherwise works Try it do we do a lot of dr testing a full image dr testing That's where we notice it has the most hiccups not in the file restore process, but in the full uh dr Reloading process. That's where we kept finding more hiccups in it. There's ways around it We found mitigations for all of them, but they were tedious and slow and that was where the problem was Been working on custom free-doll stuff for work. It's a lot of fun. A lot of systems. Uh And i'm currently making a DOS installer who Uh, we you know what I gotta reach out to um To put together a uh I want to get some information. We're gonna put together a homelab Show episode about retro homelabs. It's not my to-do list. We're gonna find guests for that though External facing with windows is exposure world. Ooh That's bad Oh, if the one of my previous MSP five years managed two hp servers apc sand Looked at ilog they never had logged in since it's all no updates. Uh, but every month. Yeah That's Every month they sent the bill. Yep Um, yes, I did get the hot sauce. It's one we've had before. So yes, we like it I like the extra hot hot habanero one too. Um I can't remember the name of them right now. So they're they're at my office and i'm not at my office right now And commander on youtube would be good for retro homelab Uh, I'm reaching out first to see if uh, veronica explains has it because I I already have she's part of a youtube group I belong to um, but yeah, nonetheless, I may do if it's popular enough We may do more than one because there's gonna be there's a lot to talk about on there. So Recently I discovered ubiquity uses almost the same cli commands like sysco uh Yeah, there's um Here's what's kind of weird It's not all the switches some of them have more information you can do for some of the ports and some don't I think they've eliminated certain features and There's not a matrix of which switches have it and which switches don't so Yes, there are some command line options But some switches don't have the same level of functionality as others And because they're expecting you to manage them all through the unify interface It's not as well documented like which one's which which one has Different cli options which cli options are available. So yes Yeah, veronica explains is interesting. She's quite into as a hobbyist a lot of the retro stuff She by trade is a is a cobalt programmer. So Um, she lives the retro. I mean programming cobalt really it's 2022, but uh, it's it is an in demand thing. So The us and us w 48 Yeah, there's um There's some weird discrepancies in and how that works. Uh, it's just strange it's I I don't know. I they need better documentation of it. Uh, I don't think that is It's not well documented either like all the different commands. You can find them You can go through and find a lot of stuff on there, but yes What's up with the cheeto mac and cheese, I don't know I was wondering the same thing I I did not purchase it because I was like, this just sounds gross. Um, I grabbed it I was at the store and I took a picture like and I asked I'd send it to a friend. I'm like, should I buy this and They're like that's some of my friend tried it says pretty gross and I I used to like flame and hot stuff a little more. I just don't think it tastes as good. So Uh, if you must expose some service to book, do you use a that depends on the service? It's not like a web application firewall is a great, but it's not for everybody And some services may have problems with a web application firewall Um, and seeing as we're talking about it, you know the the nvr space Um, what about you know exposing your unify nvr to have publicly accessible? Well, I'm not going to put a WAF. I mean you could but it's not likely for clients that we're going to put a WAF in front of their Synology box to do their nvr. It's not necessary a lot of the small businesses we install it at we put it on a separate network It's got limited privilege. So we can't move laterally Amongst the other devices on the network if there was an incident if something were to happen um, but You know, that's uh, you could put an extra proxy in front of it I don't feel it's necessary. Uh, Synology does a good job on security. They keep up with things So, you know, that's it comes down to each situation Managed to get one of those neck gates sg 2100s running pf sense plus Uh, to have a current pat day turns out a known bug in 225 version according to neck gates for interesting How's WAF working in pf sense? It's not really a web application firewall. There's just ha proxy They don't have a WAF in pf sense though. Not it's not technically a web application firewall. It's just a reverse proxy It was the biggest deployment of Synology surveillance you did. I'm looking at a system that should hold 35 40 cameras two years onsite and offsite as well I'm trying to think We got a couple big ones. I think it's 50 plus cameras on one of them but You're going to spend a fortune depending on data retention, but uh keeping a few years of data surveillance. That's where the money's going to be That's uh, it's the storage that Will get you On buying that so two years of onsite and off-site storage by the way And it depends on your recording settings. Do you have to store 4k 1080 720 etc? That's that's the expensive part of that Best thing with sysco is it's easy to win businesses will unify both price and availability. Yeah availability's garbage on sysco right now what's the biggest uh actually Travis, what is the largest one you've worked on you can throw that in the comments here too? What I don't understand is how they do not notice bad actors in their network unless it's an inside job It takes time to work through a network and get into a database. Uh It's actually challenging sometimes because especially bad actors who do a lot of live off the land look at the sysco incident uh recently and Sysco had full logging to be able to do all that but yeah, it's uh Sometimes it's not as easy as people think it is To identify user behavior versus threat actor behavior Unless there's telltale signs like hey, this person never runs power shell and they just triggered a power shell script All right now. We know uh someone did that so it kind of depends on who the user is If the user is a developer and they're using all the developer tools Well, how do you know when the bad actor? Is using developer tools versus developer themselves, then it gets a little bit more confusing 400 terabytes on site. Yeah, that's um That seems low, but I could be wrong I kind of really well seems low, but it depends on uh, what kind of cameras and what rates you're recording at That's really what it comes down to. What are you storing? Are you storing motion only or whatever? 40 cameras set up with astrology however It was 60 days of video retention as Tom said It's the initial investment storage on site is the biggest part of the bill. Yeah, it just you got to buy a lot of drives for it And uh, that's the big chart. That's the big problem Yes signal noise ratio becomes a problem. You may detect a threat actor But if there's also a thousand pulse files, it's hard to investigate and yes Yes, that is uh One of the problems is you you tighten everything up till you Becomes like a really strict environment But then you get alert fatigue because it constantly is alerting at everything So then you either a ignore the alerts b dial it back and possibly miss something it's It's not a perfect world and the threat actors are always upping their game upping the invasions techniques and living off the land to be able to You know Get in there further and stay and stay in or stay unnoticed So yeah, that's a big one there Synology only allows up to 200 terabytes of storage and they'll want almost 12 k per year Yeah There's some you at the look there's some limitations on there And we have a school district we do and this is one of the reasons like they they have such a massive system They're using exact vision This is why you may go with some of those other options like exact vision out there There's just limitations you may run into. Synology is a solid small business choice It may even be a solid good size business choice, but there sometimes you have Requirements that may exceed the ability for Synology to handle and you kind of have to look at some of the other solutions out there for them That storage requirement may be problematic with Synology I'd have to dig into it myself to look at what their upper limitations are I know we don't have any clients that have a 400 terabyte storage need with Synology so Honeypots help. Yes, honeypots and canary tokens Uh, I definitely recommend both of those things on your network setting up Things like that. It's canary There is Is it canary tokens that work? Yes, there we go. I did a video on this with runemere And uh, these are ways you can build different tokens for places. One of my favorite ones he has I like these got a wire guard token But you know, you can do things of setting these things up These are free by the way. This is different than the actual um, canary token devices that they have But you can set things up to look like something that's vulnerable and when someone tries to open it or Walks your dns or whatever. Um, you have it in here. Is there aws one gone? It's an SQL server custom binary slow redirect custom image QR code windows folder Oh, there it is aws. This is my favorite one is to generate these So, uh, generate aws keys and leave them on your servers. Um, Because they won't know which ones are real aws keys Which ones are not if you're gonna learn on an aws key that you had set up as a token Yeah, that's gonna cause the problem, but I have a whole video. I did if you look up canary tokens I did a video on this so Um, maybe some understanding vid about os pf bgp, you don't really need bgp for isp failover. Um Maybe that's the understanding video I need to make is do the way and failover and say look I did this without using bgp Or is it that you're asking how to use it in a data center where bgp they have some bgp videos? um That pf sense has on on the topic and it got right up on it. So maybe one day I'll do a video on it, but it's kind of low on my list It's kind of for a niche audience Honeypots are great vpn goes a long way to helping all the remote staff use vpn If an external ip logs into a not internet facing service, good chance someone should not be there um The other thing to do is look at stuff like I did the tail scale video recently with pf sense I really love the fact that that all works together now. So bgp pf set well It's it's not always a pf sense. It's everything else around with bgp That is where people may run into some of the problems. So because to say bgp is easy bgp is easy to screw up at a at a Uh isp level for sure because they have there's occasionally uh mistakes that have been made But I did my video too and a few people had questions about this Well, not too many I'll I'll say not too many people but a few people had questions Uh the Synology Surveillance Station And the deep video analytics Um, I didn't have the problems that people had mentioned. Let me see Is there more people in here? Oh, yeah more people Oh, these are the same because I think I got it stopped. Oh, actually someone new was on my porch today Uh Is it's not bad for the angle that it's at of being able to figure out who's on my porch These are people that are fine on there. So, um, I don't know. I don't I see some people saying it works good Some people said there's too many false positives. This is the thing It's facial recognition if you don't have the camera in absolutely ideal position Like I really think it's funny that I was recognized. Let me double check. Is this because me and my wife are on there? So why did it think me today? There we go. Why did it think me today was uh Look, it I'll admit it does get it wrong sometimes recognizes cast. No, but then again, this is not the best picture ever either So I think that's a part of the problem She's at an angle when I'm at an angle for some reason with the hair it thinks that we're the same person So yeah, definitely it, um It'll occasionally get things wrong. I should put my son in there. He's always making faces But nonetheless the overall with the astrology dva system is the video breaks down everything. Um The facial recognition it all stays inside the device So it's pretty good for the price point you're at on there It's not outlandishly expensive to get some of these features to put them in your home But just the object recognition that seems to work really well of like is it a person? and it helps a lot with the motion detection stuff, but Uh, my feelings are still really positive on this analogy for simple deployment good for the home good system to Set up and easily to manage Oh onto this topic. Yes Uh cloud player definitely killed bgp on more than one occasion verizon Uh did it biggest isp candidate it? Um Didn't face before it wasn't bgp. It was something else with them. Yeah So definitely a lot there Do you think in order to view video basic network security info or homelab small business meaning business when hosting web services? it's the problem is There's not really a Basic line of security patch and update, you know, look at the services patch and update patch and update have a plan to patch and update Um, I can probably just repeat that a lot in a video because That's I don't know I have my video on already on how to set up Rules for a small business how to set up rules for your home. I did that one this year So it's a recent video latest version of pf sense So I've got those kind of covered. Maybe i'm not understanding or posted my forums under suggested videos Like what are the things that you don't understand that you would like to understand about it? And maybe that would help me understand what needs to be made in terms of a video on that topic Oh, yeah, just got on occasion the last past day as security incident Yeah, their their internal source code accidentally became internal source code is kind of the gist of what I read from the incident Uh Yeah, like uh, cody says here surprised how good the price was for the two bay Yeah, I mean someone said it's too expensive But i'm like, I don't know look look around for these now Also, you still can get and I've talked about this with the amcrest cameras and I got that video linked in my I got a analogy video on advanced motion detection with the amcrest Then I got the analogy dva video and I also reference that you can still use it with the amcrest cameras to do advanced motion detection those are really great things to do to be able to Filter out the noise because that's one of the problems with nbr's is I want to know everything that's happening in my yard And then squirrels start running around your nair yard and then you're like, well, okay I guess I don't want to know everything that's happening because now the alerts go off so much And just like cyber security alerts you get alert fatigue Then you just tell the phone to quit bothering you with all the alerts because you don't got time to look at them Hello from germany So yeah, my forums is a great place to throw some questions in there if there's like a specific question you have Because sometimes that's the part i'm always like Maybe I skip over something because I didn't understand it's where someone's knowledge gaps were But this is why I love to spend time interacting with comments interacting with people in my forums By the way, I've got like over 7 000 people registering my forums So it's you know pretty interactive and busy place, but I read all the posts in there well 99 of them and Even if I don't reply I've usually read it or Engaged at least a little bit with it You know Clicked some of them like some of the posts in there because there's a lot of the community that already reply But this is helps me always understand what the audience is looking for or what gaps I should try to cover to make sure people have a good understanding of things so uh If you would make a video on No, I doubt I would make a video on that So I've already done a video on their switches. I'm probably not going to spend time covering the acl rules for them It would be very very low on my priority list of things to do Some food for law we use locks of keys for our main security for homes to work yet We know that people can pick the locks to accept the risk and I tease the same sale art You secure to your risk tolerance and I don't I don't think anyone should be saying things like, you know 100 security because we install locks on our houses as mentioned here But we don't expect that to be a hundred percent secure solution. We know it's a mitigation We know someone and the lock picking lawyer. Oh, man. I've watched a lot of those videos It will break your confidence in any lock just by watching the lock picking lawyer for Oh, I don't know. Just watch a handful of episodes and you're like, yeah, locks are Uh locks are pickable very very pickable. They they keep out the Uh the basics who just come and try the doorknob and go well That's it. Um, they do not keep out the Um lock picking lawyer Uh, did you show you a portmaster advanced firewall for Linux windows? Uh, no, I've never seen that It looked interesting, but not enough for me to engage with it. Um, So, yeah, maybe one day I'll look at it As a developer on a sim solution false pauses on our build reports. He shows our biggest pain Oh, yeah, that's you know, someone People have asked me like about running things like suricata. I'm like, go ahead and run it They're like, well, I spent a lot of time tuning it. I'm like, welcome to what the network operation center does So this is a big problem they have constantly Um, you are always filtering through things. I had a meme I shared out the other day Let's see If I could find a meme I'll pull it up real quick But I sent it to my friends that manage those teams So let me find it real quick here because you guys will get a kick out of it I maybe post too much sometimes. How where did it go? There we go The sock team trying to find red teamers that use custom tooling. Um, this is the other side of it and It's if they Are looking for knowns. They can find them. They're looking for c2 servers based on cobalt strike, right? Um But that's the challenge when they're using unknowns if you don't have a baseline It just looks like any other data So one thing is false positives things that trigger too much and make noise You're dealing with that the other side is in the solar winds Orion incident is in a really solid example of that All these major companies using it all these companies have a full network operation centers and simtools monitoring it And none of them seen it because they didn't know what they were looking for. It's really challenging Uh, hello from holland. Thanks for your content. You can make another look at true day scale in combination with proper gpu maybe um Wendell did a video ranting about how broken that is And I got to try the latest version to see if it's less broken Uh, I want to I I actually tried switching mine to it and I had to switch back because it's just well broken People who are scared of smart locks, but the smart part of every name and Brands run like way more secure than insert physical key to use. Uh, yeah, probably All right. Really, we'll see videos about vti and ospf topics. I bb6 I bb6 is the lowest on my priority. Um I don't think there's a demand for I know there's like a couple people who want to watch ospf videos, but I don't know that's um It's I try to gauge like, you know, is there where's enough value in it? Um to take the time to produce it takes a lot of effort and time to produce a video Um, how many people will be educated by it? Is it the right video for that? It me and david bombill had a conversation like this too because someone wanted to dive deep on some esoteric topic and he's like that's probably great for 30 people that would be interested in it. Um, but yeah, I don't know. Maybe I'm wrong. I'll think about it Commercial solutions regarding ipsd of sim are so expensive false pauses are handled by them most of it. Yeah, exactly Hello from france. Have a quick question about true nas. I have a pretty solid build super micro x10 i3 Um, 32 gigs at ecc ram as a boot drive. Okay. I don't see the question That's Quick question. I uh, I'm not sure what you're asking Bit selfish plug just released of snare central our sim appliance was equivalent 20 years ago labor across seemed to get it done Glad it's out. Hey, cool That felt broken to me when I tried gpu and true nas. Yeah solar winds Makes lazy tech city start out t learn how to do everything manually and how it works tools to make your job easier quicker Don't be a script kitty Solar winds, uh, depending on which product you're talking about, uh, like the enable product It helps you do things at scale. Um now solar winds are ryan I mean Yeah, there's some open source tooling out there that will do something similar The problem is That your time is finite and the number of bodies you can throw at a project is finite And uh, that is the challenge you get when you work in enterprise at it's uh, very few companies have uh unlimited budget 840 pro. I have five reads e but the landmark speeds were on 65 megs a second That's um I don't know. I have to think about the math on it pose true nas has a forums Uh, which is probably a better place to get a more detailed answer on there Unify, uh, I had last time problem remove all the port fords and firewall rules my dmp and all ports open it's put Remove all port fords and firewall rules from my dream machine pro and all ports are always open I don't know why I don't do I don't do much with the unified dream machines. I'm not really sure there for all my at&t brethren Oh, finally bypassing. Oh, okay Getting bypassing at&t. I I feel bad for people to have to use at&t. They're just They're always problematic Yeah, I'm not clear on the question, but I also don't know a lot about unified dream machines I'm not an expert on them. I don't I mean my my staff more so than me Certainly consult on them But we don't really deploy them and I don't interactively deal with them a lot So I have the demo machine I play with from time to time. It works I looked at the omata offerings. Um Not impressed with the other problem. The omata is Like they're not as on top of security like when log for j came out they didn't have the updates out as fast and I still don't think and maybe I'm wrong their documentation was bad and they don't have They have any end-of-life listings This is one of those confusing points with them and a few people have commented on this And it's not easy to maybe I can look it up. See if they have updated documentation at the time I did it their documentation was really bad on like How long they're going to support a product for and that's something that becomes really challenging if there's not long-term support for the product and security updates for it then It's hard to recommend a product that that only costs slightly less than unify But doesn't have the same level of um life support uh Sox service res semis you have any open source versus proprietary tools that you build for this um If you're looking for open source security onion is probably your best security tool that's free and out there. It's great works well Um as far as closed source ones, uh bloom era is is a good product Have you looked at comment backup? I looked at it. It's okay Um, there was some notes. Maybe I'll get around to putting a video together on of what we'd like or didn't like about it But overall it's a pretty common. It's not a bad product It didn't integrate or have this nice of an integration as we wanted, which is why we went back to using msp 360 Tools get through the volume of work. My view is level of support texts use there have a better understanding of how things worked And what the tools did well, yeah You have a service provider monopoly there that makes it easier. Well, I don't know as long as they're well run You know that if if you have a monopoly, but that monopoly is in a regulated Environment that is well run. It's not necessarily That terrible, you know, because in some ways you look at electricity that way or you look at water that way There's only one water supplier That's from the city and the water works consistently in the toilets flush. They they seem to do a good job I'm I'm happy with the city and their ability to run it so far Uh outside of what I do so I do not have a guide on it, but I'm I'm positive There are plenty of videos on the topic I think John Hammond probably has some do I use wazoo? Um, I looked at it a while ago. I haven't looked at it recently. It looks pretty neat It's not a bad tool from what I What I remember I just remember it requiring a lot of manual intervention and not it didn't have quite the automation Uh, it was tedious, uh, but maybe they've improved that aspect of it We were gonna go with unable backup. But comment is uh, better I don't know the enable backup is really solid and the enable they get it's got a new name I think it's called cove or something like that, but the enable backup product is really good Uh, I think the msp 360 had better integration for our deployments because we automate a lot of the deployments Just because the volume of machines we have We don't have time to log in every machine. We deploy everything with scripts show it up in a dashboard Uh push policies and groups to different companies. Um, when you're trying to do things across I think there's 73 businesses that we manage. You have to think about how does it scale 20 times 73 businesses? Um, whatever that number is right now, I can look that up because uh, we Brad has done a wonderful job and he keeps onboarding new people and as we keep getting new businesses Um, you got to have automation to manage all of that or you can hire thousands of people But then you wouldn't have an affordable, uh offering for people there's a couple, um there's a couple, uh Yeah, I just say Kind of lost my train here because I seen Comcast been on Comcast all my life new to AT&T cliff notes. I might dislike them Uh AT&T just often has these proprietary ways they do things um And they're not known Comcast of course isn't known either for quality service when it comes to residential. So yeah Uh Proxmox nope look go to learn linux tv for proxmox and use um Their video he has video j for more like cv has videos on proxmox. I use xcp and g uh can Acronis backup Acronis backup's not bad Um, they they make a pretty good product. Uh, we didn't like their dashboard as much We did review them and the backup from restore worked So I don't think we like the integration in the dashboard quite as much though You have monopoly in canada. We all saw how it turned out when rogers went down for a few days. Yeah That's the thing Oh, let's see Canada canada Uh, let's see Acronis works Yeah, cronis does work with ninja. They I believe they do have an integration there Uh, can speak for the business class internet from Comcast. I personally in my house They have very good luck when compared to the consumer internet. Yeah A lot of people seem to like beam. I haven't I don't use beam, but um But it's a popular one I don't think there's anything wrong with it comes down sometimes what your workflow and what your integrations are Uh to put these in so that's definitely a factor when you're uh looking at all these all right, uh I'll throw a couple more amusing things out there because this is the End of it all so speaking and this one's a big one here. By the way, um Go and listen to The risky business podcast if you're interested it's from takes on error. Patrick gray puts on a great podcast It's one of my favorites. Um, but this is obviously A big problem over at twitter is mud's just dropping out there that yeah They're not handling security as good as possible. So this is just something else to consider And think about a few things that are topical in the news right now. Um, is that one? And we'll Go over here Because there's another thing I wanted to show because i'm gonna wind this down But I like to leave people with some humor and I thought about doing Um, there we go. This one here I and these are just me being on twitter, but who wore it better. I mean, who's a star trek fan? Uh and specifically ds9 fan to have this make any sense to them This certainly triggered my geek humor seeing this So nonetheless, I'll give this a few more minutes because I got a few other projects I want to do so if you want to throw some final questions at me while I uh, randomly pull up stupid things that I've been tweeting But yeah, I have a few projects I want to get to one of those project is figuring out Um, my I got a few just things I got to fix my bicycle go for a bicycle ride. I got to cut the grass So, you know like yard work things and stuff like that How about full disc image versus file folder? Marking reflect full disc image family help get them back asian Yeah, I haven't used the mark them reflect tool in years, but it's it's been around Noctua. Yes Yeah, definitely I think the noctua fan. I mean my friends, you know, I have a bunch of Trekkie fan friends and Including like, you know, jeff from craft computing and uh several local ones So we we all share these star trek memes amongst each other all the time ah Yet today I have to my next project that I said cut the grass and I got to fix my bicycle I uh, I wore the chain out on it I didn't do any I my motorcycle. I'm waiting on parts for and I'm like I'm gonna go get some exercise and bicycle ride and then the chain broke so because I wore it out. I guess Any more final questions here before we wind this down a couple more minutes And I gotta start answering a few uh, I gotta answer a few emails Do the sponsor thing that's coming good? Uh, so I will probably I think next week. I'll have my first sponsored video posted. So I'll make sure Um, you know, that'll be clearly done and I got to do some updates on my website to how we do all of that But I will also be doing the other things of my to-do list that I said Unify and pf sense for msp's. I'll be talking about each one individually There's a lot of questions people have around how you deploy Unify as an msp how you might want to manage it. So Uh, yes, jeff did that's been a while since his basement flooded But yeah, he finished everything in there as far as I know So he's got that fixed. He had that pump failure that he talked about on there So, yeah, that's always a worry when you're in a basement. Um, I still haven't installed. I need to install a second pump I have I'm in a basement now too. So My sysco review It's right here. I'm kind of chain I've been trying to decide how I want to do it. There we go Headed upside down. Um, I think jeff. I'll think jeff from craft computing completely for this Uh, he suggested I titled a video sysco sent me a broken product And I kind of feel that way like this mesh extender doesn't like some of the laptops And they want logs of me to go back and forth and I'm late. I'm lazy. It's not the right word I'm busy and I I feel like a product that sysco has been selling for a year with multiple firmware updates Shouldn't be this buggy. And so I thought why am I sending them logs? And why not just do the review and tell people and I'll I'll say that sysco said they're willing to help me I just My interest level and this is where I want to do a good review but I also I also Don't want to spend a lot of time trying to review this and also Is sysco helping me because I'm me will they help you the same way? Will they give you the same level of support? I don't want it to be an unfair review Where well tom got to talk to one of the engineers because he was able to talk to one of the people I'm not able to get to an engineer when I bought the product and I don't know why you would need to talk to an engineer to have things at default settings now What surprised me is first they want logs, but they didn't have an immediate response of try this They're just like we'll send us logs for things. I'm like, I guess Um, I but there's very few settings. That's my problem And it just gives off errors. So it's not like there's a lot in the logs It just fails to authenticate The way you get it to authenticate is you unplug it and it goes back to the main access point and works fine Uh, same thing with wp3 Wp3 it's not that it doesn't work. It doesn't like my pixel phones So pixel phones won't connect on wp3, but I think the Motorola ones would I I mean it's a it's a pixel six It's not an old phone. So I don't understand why they won't connect These are some some of the annoyances I've run into with it So it's it's made the video harder to view because I don't want to be unfair to the vendor I also want to be honest with the audience and if there was a simple solution That would both benefit the vendor and the audience of hey, don't use the default settings Check this box magic and all these errors will go away But I haven't found out what box to check which means I probably do have to send them logs So they can look at it and maybe tell me what box to check. So that's actually that's why it's on my desk again I started I plugged it all in I had to unplug it because my phone wouldn't connect to it no more. So Yes, the cisco video is coming now you understand the behind the scenes of what goes on when I'm thinking about building these videos out Yeah, um Actually, that's the interesting thing is you don't have to Cisco and this is where I have a list of like the pros and cons This is all not behind a paywall. You can get the firmware updates You can get the software all of it not behind a soft wall or paywall It's all publicly accessible and downloadable. So I put that on as a big plus um That to me is a great thing that they made all this firmware accessible matter of fact, they made an ability to update the firmware from within the uh interface without having to go externally on it So all those things mark as a hey, this is great. Um, what's not great is yeah it's just Not to be controversial, but uh work with cisco for five years now support has slowly degraded tac Uh, don't care anymore seems used to be amazing and licensing has worn me down Licensing is um worn all of us down with cisco Uh, well at least you're not get fired for buying cisco. Look, I'm telling you right now If someone were to buy this and start deploying it I would I would not I would not want to be them So that's the thing so that's definitely a I don't know. I I don't know why Something as simple as that should work. Like my my wife's my wife two Lenovo laptops one connects and one doesn't they're different models But to me, that's weird. They don't like connecting to the extenders either But some do I I I don't know so lots of uh confusion on it from a product standpoint and then the virtual machine story Of downloading an ova to manage it because they don't have a proper deployment One it's a dumb way to do service delivery of a product to it doesn't work It gives java errors and they want me to send the logs from their ova file and i'm like, okay That's I guess it's your app. I don't you guys download it and look at the logs Like it doesn't start and it's it's a virtual box file. I mean it starts It's just the services on it. It's a linux environment It does boot but the services within it just give java errors and in in var log The it's some cisco service that tries to start can't java this error that error and i'm like, well, why am I trouble shooting that? um I don't know by the way. I don't even if that did work Uh, it's what they're trying to do is build a controller similar to the way unify does where you can manage multiple devices But all the license fees they have attached to it. It I I don't get it like Why would you go with cisco that I can clearly define all these problems with when unify has a complete working thing that you could just download and deploy set up and run and it just works like It should be like if you're making your product that much harder to deploy than the existing product You're trying to compete with what are you doing? That's kind of how I feel about cisco like It's almost like they put the least amount of effort to try to capture this market, but it also Uh, isn't 100 free when it comes to running it. It's only free for so many devices And once you add a handful of devices in there, they have a license fee that gets attached to it so yes Oh, the other thing too is going to be like their ssh is uh The phone not mistaken. They still had the old versions of ssh in there to get into it there's just another Roadblock because if you're using the latest version of linux, it deprecates as it should Old versions and old ciphers, but here's cisco in 2022 with old ciphers on their new equipment and Because they want to I don't know why they do it. I don't even want to speculate someone who works for cisco can speculate on that so Yeah Or the joys of having uh, all the old tls and ssl ciphers to make java work. Yeah Yeah It's just it's messy. It's silly. It's I don't know what they're thinking so And with muraki um, that's why I don't understand I I don't understand why they're trying to almost compete in the dumbest way with their own product Um, I don't know. Is this supposed to be a replacement for muraki with less licensing fees? I'm I don't know where it fits in our lineup So I have a ton of thoughts. I actually wrote a whole thing up on this I usually don't script out a video, but I had so many Pop-up thoughts on all the silliness of it. I'm like, let me document this because there's a lot to do Now the good news is I might just do a separate video on the wi-fi versus the switches Because the switches are nice and they work. Um, they're they're simple. I might just do a quick review of them Uh, I like the fact that the switches have a vlan wizard Yay vlan wizard. It's easy to set them up easy to configure. Um But yeah Have you worked on hot sauce a day merch? You know, I need to I I I don't know. I need to hire someone I think Because I just don't have time to do all the things and my employees are very busy doing Business things. Um, I kind of need to hire someone even as part time or whatever I don't know what the job description would look like but you know some social media posts Some hot sauce shirts like what what is the title of a person who would uh grab and post random things on my social media for my collection of I don't know random things around me. I could take pictures of Um post some social media posts Uh tweet a few things. I don't know let them be twitter as me and Also run a shirt store run a merch store and put that together. I who does that? I don't know. I don't know what that Um What the job title is for that but if someone knows reach out to me DM me on twitter Let me know if that's something you think you can handle. Um I don't know what the salary would be for that either It's it's a difficult one to to put there because it's not like a normal position I'm positive like social media manager is a title, but do I need an entire manager? So I don't know social media director Uh, the bigger problem is like I have a friend. I know that does it and I did Ask him about doing some of it and I realized that he also makes over six figures doing it. So I was like, oh, okay. I I don't I can't pay you over a hundred thousand dollars a year to do it So I guess I need to find someone It's just not there's not that much to do and I don't I maybe find someone do it part time I don't know. This is me thinking out loud. This is the decisions you have to make Bunker branding for merch. Well, the problem isn't So let me look them up bunker Like are these the people who come up with The the ideas I need someone to do it to come up with the ideas and put it together So I don't know who this is um But it's it comes down to finding someone who can do The work put this in hey make a shirt with this on or make a shirt there Oh, that's the demo ranch branding company. Okay Maraki switches work. I've let you know, you can't make any changes to the ports Yeah, they turn into a pumpkin at midnight Okay Fair enough. All right. Well, they're not the people I wanted to talk to then because I need someone who would create different content and things like that so nonetheless, uh I'll let that stew around. Maybe I'll take the time to write up a job description on it Uh, because I think there's opportunity there for it I would even let someone help run my merch store for a cut of the merch or something Maybe there's an opportunity like that for someone to do it sound like it's a full-time job or maybe I'm wrong and it is Um, because I don't know what else to post. That's my problem I don't have enough details other than hey, I'd like to have some shirts I'd like to have you know, someone create a few different funny things I don't I don't have a lot of other work because I don't I don't need an editor yet for my main channel and I don't need um Well, maybe I do I need to find the right person who's a technical editor because I do tutorials I need it to be technically accurate to make sure all the words mesh. So yeah, it's a lot lots to do Crowd source it. Yeah Maybe maybe soon. Well, I'm gonna wind this down. Thank you everyone for joining. It was awesome 148 people here Hopefully while you were here you hit that like button because I only see oh 71 likes it's going up I see the numbers getting bigger yeah Yeah, someone could make um ticktocks for me. So that's the thing too Uh, it was the other one re There's also this and I thought about using this a few people told me this works really well But now I need someone to set it up and start repurposing it. This is repurpose.io. They do um repurposing your content. So Repurpose it for all your different platforms. So this is on my to do this to poke at this I apparently a lot of people there's some automation tools out there But now it becomes a project of setting up the automation tools and everything else. So Yes and youtube shorts tick tock Well, look me and travis are both too old for tick tock. I'm just gonna throw that out there But there's there's our audiences that will still watch us on tick tock. So I still may put tick tock videos on there and youtube shorts so But do do I really consume tick tock myself? No, I don't it's not really my thing I'm it's not not where I want to be but anyways, thanks for joining. Thanks for liking and seeing the forums Like and subscribe all those fun things and see you next time