 All right, we are live. Welcome to vlog Thursday. Oh, what number is this again? I think it's like 261. It's been a busy day. It's been a busy day. I wanted to plan this, but the timing didn't work out as exactly how I wanted because I was trying to figure out when my new ceiling was coming in for my studio. So I had to run home, meet the people there. They were running a little bit late. So I'm like, well, then I didn't want us at a time for live stream because the timing was a little confusing. And then I had to leave to go do something else. And well, my ceiling got delivered at least. So the studio update part of this video is over. The ceiling has arrived and slowly but surely it'll be assembled. I think you're going to start assembling my new ceiling tomorrow. It's one of the final components that goes in for my new studio build. Now, unfortunately, leaving to go home meant I didn't get to edit the video I did on Sentinel one. But I think I'll talk about it because CNS is not done. That's always an opportunity to add more to the video. Excuse you. We also had some crazy Thai food today. So I got a little bit of the hiccups from having some really spicy food. But, you know, that's something that happens here at the office. We have a new staff member that started this year and he had not had the local Thai cuisine, which is specially crafted for us at a level of heat that the normal human being probably should not consume. But they know us. We've signed a waiver. And I say we signed a waiver. Actually, all we did was she recorded us on a video that saying, you're saying it's okay for me to make it this hot. And we said, yes. So yes, the local Thai place knows us so well at Lawrence Systems and the level of spice we consume. There's a video somewhere that that person has agreeing to the level of heat that we'll do. So nonetheless, let's see. High heat, so much high heat. In Travis, you're a local. So if you're, you know, in the area, it's called Top 5 Thai. It's kind of a strange name called Top 5 Thai, but it's our top Thai as far as I'm concerned. So definitely a great place. They're wonderful people. They're wonderful small business that we support by buying really, really, really hot stuff from them. All right. Let's see. I don't have a ton to talk about today, so I'm going to do a bit of Q&A because I actually have a couple of things I do have to go finish, including editing of my full video of Sentinel One. But for those of you who don't know what Sentinel One is, I threw it out here and that way I can at least get some Q&A and questions. And sometimes the live stream audience helps me figure out something that might be missing that needs to be added into the video. Yes. Yeah, my building is about 20 minutes from Travis, so we are relatively close. But nonetheless, the Sentinel One management platform that I'll see can probably, let me make sure I don't have anything I can't show. I guess I can show the whole screen. Can we show the dashboard? Yeah, actually, I have a few things not mitigated. We'll actually pull up the Sentinel and pull up, we'll pull up the incident. This is all FYI, the IP addresses you see are all stuff that's normal. I just did the Ninja One video and this is the same system I used for the Ninja One video. It's behind a VPN. And this is actually because we were detonating malware on it. This is completely just a series of IPs that are publicly available and not a big deal there. So let's see. As someone using Sentinel, I'm certainly wondering if this is going to be good or bad. Oh, good. So too long didn't watch. We like Sentinel One, we plan to continue using it. I can make it that simple of a statement for you. Let's see, does this work? I don't want to share the wrong thing. So that one's good. As a matter of fact, I'm closing this. There we go. All right. Now there's less risk of sharing anything I'm not supposed to share. There's really not much, but just on that off chance that there is one of those things. All right. There's that. There's that. And share what should be a window. Hold on. Entire screen. There we go. Screen two. That's what I was looking for. You guys can see what I see. I love when it does this. It's just entertaining to me. Anyways, this is some of the malicious. And I had to share it like this because everything you click, let's see, we can close these for investigation purposes when we click this. And then we do things like explore if we want to do some of the deep visibility. Actually, this one is a boring one. We got to find one that's more exciting than this. Was it this one here? There we go. That's a little better. Nope. That's not the one. I have the right one in the video because we've just been playing along with it. So now we've got kind of a mess of things to sort out here. Don't worry in a video, it's more concise. This is why we don't do this in a live stream. There we go. This looks like the right ransomware event. Yeah. Yeah. There we go. The APs it reaches out to. Oh, reached out to itself. That's interesting. Process execution. I covered this a little more detail in the video, but essentially this is the started, killed, quarantined, remediated, all the different steps in the process. What SettleOne can do is pretty outstanding. I think they've done a nice job of putting a system and platform together that does reasonably good at not getting too many false positives and a good job of not letting anything through. We had an incident, which I made a video on a long time ago. It also came to be a little bit of confusion about the version we used to get when we were with enable. Now we're with Ninja one and we get Sentinel one directly to PAX eight. So now that we've come full circle and done it like that. Yeah, I'm going to say it's a little bit better because now I have the full dashboard and we haven't had any incidents get through that we've had any concerns and the number of false positives has pretty much been a minimal at using it. So that's actually been pretty good too. That's an important aspect of any of these is how much extra work does it create for technicians? And that is a really hard and fuzzy thing to say. So let me try to keep up with a comment. I don't want to pop the comments out so I can pop out the chat and drag it over here. Make sure we're seeing everything you're saying. So picture and picture at its best. Yes. But nonetheless, do you push S one with a Ninja policy? Yes, you can. So with the Ninja one platform, you can push out whatever software you want, which does include things like Sentinel one. So that's easy enough to do. You just get the different things set up inside of Sentinel one like the different customers and where you want them to land with their policy. And then there's a deployment agent we use so we can push those out. So yes. And the complaint through enables figured out the direct dashboard had be easier than enables integration panel. Yeah, we just write scripts for things. That's generally what works for us. It's just easier that way. Is Sentinel one available on Linux desktop? I don't, I will, they have, I don't think I've ever used. No, I take that back. I can tell you, I've never tried Sentinel one on Linux. I know they have a Linux client. It should work on any Linux common Linux distro. So if you want to use it on your desktop versus a server, sure. I don't, we don't do this on any of the Linux systems. I do not run Sentinel one at this time on there. So mostly we focus on using it on Windows. That's, that's the primary platform. That's the primary attack platform people have when they're doing things is putting it all on the there. Nope. Sentinel one is not going to be, I see Grace asked this is a commercial product made for businesses like us to use is not something for end users. It is not self hosted is actively attached to their system. So it's not going to be, it's not open source now, and it's not going to be open source. So I don't predict that actually the only open source antivirus I've ever seen have any popularity is going to be clam AB, which is still on the list of things that you can find on virus total, which is interesting. So when you're looking at a particular threat, we go here and look at the threat and let's open it in virus total. If you go down here, I believe clam AB, clam AB is still on there and it's still up and going. I actually who even, I'm not sure who owns clam AB anymore. This is more popular one for people looking for a Linux based antivirus. You're going to look at something like clam, clam AB. It's a pretty slick system. I think they got bought by someone, but I can't remember who, but they're still around. They're still being updated and maintained. So I think that's pretty cool. If we go to the bout, maybe we'll see who owns them. Oh, Talos. So now we know who owns them. Talos as in Cisco Talos. So that's cool. I didn't know clam AB was owned by, I knew, well, I didn't know specifically who I knew clam AB. The project is still open source, but then supported by someone else. So it's supported by them. Talos security, Talos security, which is the Cisco. Yep. I see someone noticing it there too. We have setting a one on our max. Cool. We would never get Linux laptops that couldn't run endpoint protection. You know, the splash top, we have, with the Ninja RMM, we do have Ninja tied in with Ninja tied in with both screen connect and with splash top. I don't use splash top in Linux. I seen they had a Linux setup. I played with it very briefly. I put very little effort into it. I loaded it. It didn't work immediately. I didn't look at to why that's as much as I looked at how splash top could integrate with Linux. It's not something I need to do. Most of the technicians here are still running windows for other reasons. So it's something they just attached to it with the windows compare. I run windows in VM. So I've tested it works perfectly fine when I have to run it. I just pull up my windows VM and load Ninja and load splash top and away we go. So I have such an easy work around that I'm not too worried about it. And we also have screen connect, which does work perfectly fine in Linux. Matter of fact, the demo machine that we have where screen connect go. I had it. There it is. Got to drag everything over. This is screen connect running inside of a, you know, running my Linux system and then attached to the window system. That's on an isolated network where we were setting off the ransomware. So here is my ransomware, which is already deleted, by the way. But in the video, I walked through deploying ransomware by turning off Sentinel one into detect only mode. So it doesn't actively engage with the ransomware, allowing it to do bad things to the computer. And let me switch back over so I see the chat where the chat window go. There it is. So yes, I've done some of that. Just be careful with Oracle servers. This is the problem with any of the antiviruses or any of the AV systems or EDR, XDR, insert the acronym of the day. As you get into a lot of them, there's always trade offs. I mean, monitoring all the transactions means yes, you're going to have some tradeoffs and speed. So there's always certain conflicts that you may run into where the servers may not perform as expected because there's so much querying going on. And this is one thing that comes up a lot. And let me go ahead and pause my sharing. Because this is one of the things that comes up quite a bit. Is there any benefit of having AVN Linux? Are you aware of any possible threats? Here's the thing. If you are pulling from the repositories, the standard Linux ecosystem apt-get in the WN world like I use, or specifically I'm using Pop OS, no, I don't need to run an Antivirus. Are you pulling in third-party applications from questionable sources? That's a different topic than if you're pulling in a bunch of third-party apps, then you probably should consider scanning and making sure and vetting those to make sure that they are valid. So generally speaking, no on a standard Linux distribution because most all the things I want to run are available within the system itself. My exceptions are going to be like Chrome. Yes, I pull Chrome from Google. But if I can't trust Google Chrome, then I shouldn't use it. But the reality is I use Google Chrome for my business. We use G Suite. That's one of the reasons I use Chrome. People say, why are you using Chrome and not Firefox? The answer, that's really simple. Firefox is for my personal use and personal things that Tom does, not Tom at Lawrence Systems, but personal Tom. And then I use Chrome because it integrates well into all the business things. So generally speaking, I don't really think an Antivirus is needed on Linux. Most security issues can come through phishing emails. Sure, if you download attachments from emails, then you absolutely are opening yourself up to risk. Back to, are you loading extra software from outside sources? That's really the question on there. If you are not doing that, you limit your risk. And because I use specifically with G Suite, that's where my email comes from. And I know some people, like the more privacy-oriented proton mail or whatever, that's fine too. If you're using web mail, generally that helps mitigate that unless there's some flaw in the browser that allows that web mail to escape there. But as long as you're not downloading things out of your web mail that are well potentially malicious and not just a picture or some file, then you're less likely to have a problem. Now, if those files are potentially executable or if there's a media player and there's a known flaw in the media player and someone attaches a video that can exploit a known flaw in the media player, now you're looking at a possible methodology for someone to get into your system. Not a guarantee, but obviously, it takes a chain of events. It's all about mitigating risk. And then with all of that being said, because that's such an obscure thing to happen, not impossible, but more obscure thing to happen in the Linux environment, would the AV system even be clever enough to detect that type of behavior? I don't know. That becomes kind of challenging for being able to do that. So yes, let's see. Yeah, some some exploits are not really running software exploits a weakness in the OS browser PDF. That's where a lot of the attacks happen. That's almost always why there's so one of the reasons I trust Chrome is the fact that they stay extremely on top of updates. Their dwell time, if you will, from exploit found found in a wild flaw found whatever that is in the chromium engine, their dwell time from found to fixed is extremely small. They are really, really on top of it at Google. Lover hate them for privacy reasons is fine. But when it comes to security, you can definitely say Google has a strong track record of keeping things secure for all the data they gather on us. They certainly don't want it leaking out anywhere. Google's Google's actually probably got a absolutely stellar track record by comparison to Microsoft's it will fix printing nightmare after about a year of people complaining. Maybe we'll roll out some stuff that'll break some servers and then pull it back like they just did with the last patch Tuesday or in the case of exchange when Microsoft had no excuse at all other than we didn't care. They just kind of let exchange in the half me and I think it was called Microsoft had prior warning chose not to act even with active exploits going on. So the number of exchange systems that you know had got compromised because Microsoft slow acting on security was just crazy. But you know how many customers Microsoft lost from that? None. So why should they care? Honestly, the worry and perception has gone from Microsoft's, you know, perception of things going, well, what are they going to use? Not exchange? We don't have to fix that. If enough people complain, I guess we'll fix it. Why aren't they just buying our office subscription which goes up again pretty soon? You know, that's Microsoft's patches on stuff like that. Oh, nonetheless, Microsoft patching made you switch to Papa OS. Yeah, Microsoft's patching on stuff is just a disaster right now. They are just a disaster. Someone else had our question up here. I currently do not buy, through PAX 8, I think you can buy 24 seven sock. We monitor the systems for ourselves. So we don't buy, we don't buy that extra monitoring through PAX 8. All right, I'm moving away from MS domain at home. I'm just admin headache managing a domain of small home network. It's a, it's a, it's not, yeah, probably not the best thing in your small home network. Yeah, they did not lose customer today. It's got more people swiss you M 365. That's the truth about them. Yeah, print nightmare is just, ah, it took them so long to fix or to address it. It's just so broken like what? Why are they making this so hard? Also, it's just, I don't know, to a cloud print manager. Yes, completely, completely understand. Although someone may find this funny too. Let me share screen window. Let me find it real quick. I need someone to laugh with me on this. There we go. Does anyone, anyone like my naming scheme for ransom? I actually ran the ransomware twice. So the second one was called ransomware again. I got to have at least a little bit of tech humor in this. Oh, that's funny. I got the branding. I got the homelab show logo. There we go. Now it's my logo. Streamyard actually lets me change the background to different things. I can swap this around. I can, me and Jay use the same account for Streamyard. Hope Streamyard doesn't care. If you're wondering why, because I can actually put anyone's, I can put other brands in there. There's a coffee one for me and Brett. Streamyard's lots of fun. Let's me play with things. All right. Don't know if I'd rather deal with exchange or deal with running email servers. I got, I used to be a mail server admin. I did that for years and I don't know anymore. Here's the reason. It's, it's a headache. It's not worth it. It's the, the email wars are over. That's how I feel about it. I don't think they're coming back. I don't think it's going to, there's going to be this big push for self-hosted email anytime soon. It's just become too hard to say off spam list, too hard to deal with it. It's not worth the maintenance cost. And because you got two big companies doing it at scale, which is essentially G suite and Gmail, by the way, accounts for so many people's free email addresses, they have the lion share. The, the biggest part of the whole email ecosystem is actually all going through Gmail. I don't remember what the numbers were exactly, but it's, I believe it's higher than 70% of all email goes through Gmail now. And the rest, like the business world is still using office 365, of course. So that's where the next huge customer base is. And then G suite is somewhere in between. G suite's obviously not as big and G suite is still separate from Gmail, even though, yes, they use some of the same backend servers, but yeah, that's, it's interesting. Is the ad TrueNAS drive space to Proxmox video deleted? I never did a TrueNAS and Proxmox video. So I don't know who had that video, but it wasn't me. I have not taken down any of my TrueNAS videos. The only videos I, you know what, I can't really, there's almost no videos I've ever taken down. The only ones, if something becomes very irrelevant, I would take it down. An example is going to be when they released the WireGuard for PF Sense, and then they later changed it to be a plugin instead of natively integrated. I did take those videos down because they were wrong. So I do occasionally, I understood at least a few other ones where something so dramatically changed that you just drop it off my list. I usually just switch them to unlisted in case someone ever wanted to reference them again, but yeah, you're more worried about quantum computing. I would not worry about quantum computing. Have you tried configuring Synology, active backup business for your Linux laptop? No. I, well, I did try once. There was some bugs in, I think it's still beta, the Linux backup. I don't use it. I tried it, but I have no intention of planning on using it because I don't backup Linux. I backup the data I create on Linux. And I, the reason you don't really need to backup Linux is because you should have build and deploy scripts that can rebuild your servers, and then you only have to worry about backing up your data. That way you're not trying to take images of it. So Linux, because it works so much different than Microsoft, you don't need to bring the Microsoft thinking over to Linux. Now Linux servers are a little bit different, but the Linux desktop, I backup my config files, and I backup my data that I create. Other than that, I have, you know, an install script. So when I reload something, it's like, here, kick this off. Here we go. I mean, image backups are definitely convenient, but I don't really bother with them. They just don't feel as necessary to me on Linux. So your business helped me accelerate my MSP business. Awesome. On that note, I don't have it finished yet, but I am working on a second channel for business. That's all coming. And we're going to talk and just throw a lot of, I say we're, because I want to get some more people involved in it. So it's not just me. There is going to be a separate business channel. So the business content is going to, I was going to re upload stuff from this channel to that new one I created. But then I said, nah, let's finish it. But I got people working on graphics. I'm outsourcing, you know, getting the graphics done and some of that because I don't want to stop producing content for this channel. So we are doing it. So I'm super happy that this helped you with your MSP business. That's definitely exciting. And yeah, more content to come. So we always appreciate, I say I appreciate, and I know when we put together more people for the business side, we do appreciate any feedback we get on that because we, you know, want to make sure we're always being helpful. Don't worry about it from a security standpoint either. There's already, here, we'll look this up. Quant, we'll throw this out here because not everyone realizes this, but this is a thing already. I want to bring this up because it's, I used to worry about this more before I learned, not to worry about it. This is an article you guys can jump into. It is post quantum cryptography. I'll link down in there for those of you that want to follow along with it. By the way, I'm going to be stopping at five today for those wondering, but post quantum cryptography is a methodology by which we can read, this is the first part here. Quantum proof or quantum safe or quantum resistant refers to cryptographic algorithm, usually public key algorithms that are thought to be secure against crypto, crypto analytic attack by a quantum computer. The problem with currently popular algorithms or security lies on one of three hard mathematical problems and you can dive deeper into there. Yes, this is a thing. Yes, people are working on it. So no, you don't have to really worry about it. People who are way better to me at math are the ones working on it too. Ninja will support bare metal restore to a virtual server. They actually, you can do that now, not in theirs. Like if you, we've loaded, when I did the bare metal restore testing for Ninja one, I restored it to our hypervisor. So I was able to do that. Hey, David's right. 122 people walking and 36 likes. Is there even a dislike button anymore? And does that thing exist? I see lots of memes about it. People are very upset. Dude, if you think math is hard way to get into cryptography. It's like math, but even harder. And you're right though. It is, it is very hard. Do you ever push suggest use Linux when possible? Example client has a unified controller on prime MS when it could be Linux kind of? Yes, I mean, we don't really, we don't run into too many people running that themselves or asking the question. Most people, we say it's home users, most businesses, you'll find it running because someone else set it up or we're the ones setting it up. So it kind of depends. I mean, yeah, if someone were to ask us, we're going to say Linux, but when we do a lot of co-managed IT, where we work with internal IT teams, they usually know there's some exceptions, but they usually know what should be running on Linux. So we don't have to do, we've had to view very few migrations over the last years of, you know, Unix stuff installed. Most people know what server should run. What, but there's exceptions, but we don't run into too many of them. Okay. Oh, the dislike is back. Okay. So you can tell how little I pay attention to that. I just see the memes and laugh and see people mad at stuff. And I'm like, look, angry people. I don't, I choose not to engage in a lot of that because it's not, it's not very productive, but it makes me laugh. I'm at it at least. Let's talk more about zero trust identity versus device versus application versus data. I'm thinking you can convince a customer to join all four pillars together to enhance a security UX. I never, it's, it's usually the problem isn't the customer. The problem usually is trying to get all the things they do in one place. Now, new startup companies are easier. So this was a discussion I've seen happen more than once where people, and I've brought it up myself. When we work with startups or younger companies, they go right to cloud applications. They don't ever think about an on-prem server ever. And one of the reasons why is it doesn't make a lot of sense that they're going to be able to scale up a business. And then they do things like, hey, let's use G Suite. And then we're going to have everything single sign on through G Suite. And a way they go, they start building out everything tied into that. This makes your onboarding offboarding great. It's the legacy companies that are always, and this is why they're the most targeting companies, it's a bunch of disparage systems that were never connected. We've been using this product for the last 20 years. We all hate it, but no one wants to pay the training to get someone to learn it new. And it's integrated into our business and there's no migration path to the cloud or a better application. Matter of fact, we were downloading logs out of an old garbage SQL system for a client. And just a whole lot of stupid because Ledger wasn't matching after update a week later. And why isn't all this, why is a small business with only six office employees and a few dozen installers running an on-prem server? This company that they're using, it writes niche software that they've used for pushing 20 years. And it has 20 years with the data in it. And the company doesn't even offer a cloud hosted solution. And their local on-prem solution is hot garbage. But hey, it runs their business and no one wants to take 6,000, no 8,000 customers out of there with all the history of those 8,000 customers that they've done these in Solforce and migrated to a new platform because yeah, that. So, oh, let's see. Oh, the dislike button ever left. The counter for dislike is gone from the viewer site. Oh, yeah. Everyone likes to go zero trust. It's just a great buzzword. Pretty much. Pretty much on that. Are you planning on doing a video regarding routing in PF sense? What kind of routing? I've did a whole policy routing video. So I've already done quite a few. So I'm going to go with yes. So hopefully that makes sense there. What else? I miss anything else? All right. I think I've caught up on comments. Not sure time knows specifics about me, but unfortunately, you still have to run a 11 year old Java system. Yes. Yes. I've seen some of that. I know that stuff on there. Yeah. Oh, will I do an OSP FE? I don't know. I might do a BGP video because that's something that people like to talk about a lot. It's low on my party list. There's a couple of videos that the Netgate people have on the topic. It's so niche. I know people use it. I'm not saying it's not used, but it's more niche. So we don't have a ton of consulting we do on it. It's pretty minimal. So I'm not as fluid in it setting it up. Most of the things we do videos on are things we're doing more of or doing a lot of consulting work on. That's one of the reasons the videos are easier to do. But eventually I might do some BGP ones because I can do some fun explainers for how BGP works. And PF sense is the way you can do some testing on it. I think it's a good learning opportunity. Oh, can you please explain and thank you, William, very much for the donation. Can you please explain the best way to store an SSH key in a best practice for it? Context is even a log analytics box. It feels like I'm saving clear text passwords or my passwords on a local machine. For me because I'm using it from Linux, I forget where it's stored in Windows. They put it somewhere different. The keys are locked down, not part of my backup, by the way. That's an important aspect. I just don't even want my SSH keys. I keep them not backed up with my normal backup. So I store them on my computer. I also have them password protected. And good news is you don't have to regenerate the keys. You can actually use, you can add and you can Google this. I don't have a video on this topic. But when you generate SSH keys and you want to add a password to them after that's pretty easy. Just use the change password command and it will add a password to them. This way, if someone were to get your keys, there is now an additional step. And don't make it a common password, make it a separate password for your SSH keys. So yes, you can store them on the computer. Now, if you want to go a step further, you could look up how to set up a me and Jay did a talk about Bastion servers. So we have a, on our podcast, a homelab show, we talked about setting up a Bastion server. That's another way to handle some of that. And if you, you know, a jump box would be another word for it, where you may want to store different keys there, have different keys you create per client and store them on one particular lock down box. And by the way, that box doesn't have to do much for heavy lifting. Jay actually uses a Raspberry Pi because it's convenient and you can put all your stuff on something as lightweight as that, because it's just facilitating access to get over. HS, I'm assuming you mean the hashy corp vault. Maybe that's what you're referring to. That's a whole, I'm not an expert on that. So yes. But yeah, there are tools out there like hashy corp vault, not used it, can't really speak to it. Yeah, I mean, you can set up OSPF routing if you need to in your, it's something supported in PF sense. I really said, I just haven't really dove in and done a video on it. What else do we have in here? I'm trying to think how much more, I only have a little bit I was really talked about with something on one here. No one really had any, any questions that I didn't see that I, as my video is already recorded, but after I record a video, sometimes I splice extras in if I miss something when I'm doing the editing phase. So, oh, HSM hardware security module. Oh, okay. I was thinking, because a lot of people have asked me about it, I just don't use it. Hashy corp vault for storing some of that. Yeah. Yeah, I've heard of this too. I haven't used it, but oxidized. That's what that's for is managing, managing switch backups and configs. It became popular after the Solar Winds Orion incident. And that's what that allows you to do. Is it called oxidized? Oxidized figure management. I can pull it up for people. I know it's a replacement for the other tool that was popular before. So let me pull that up, share. Yeah, this is the tool. So let me drop it in here. Oxidized is a network device configuration backup. It's a rancid replacement. So that's a yes. Let's try to remember the name of this the other day. I sometimes, and maybe they're listening on here, someone, you know, DM me on Twitter, and that's fine if people want to say hi, but they were really like, Hey, Tom, you should check out this commercial paid product. Why? I don't use it. Like, but it does this thing. It'll backup. It was a switch configuration backup. I'm like, okay, but I don't use it. And I was going to reply with oxidized by forgot, but I'm just like, I don't know, call their marketing department. I don't do sponsored reviews. They have a marketing department. It's just some rando company that made a tool that backs up switch configuration. So I don't know. I prefer if I do tools, it's definitely something that I want to be accessible to the audience, something open source, if possible, when reasonable, because obviously, we use tools that are open source, because that's sometimes not within the realm of possibility, such as Sentinel one, like I've titled this video, Sentinel one, a great product. There's not really an open source replacement for it. If there was a product that was on par with Sentinel one that was open source, I would love to be using it. It doesn't exist. If someone wants to build an invented awesome. But until that happens, I jokingly call this the split brain I have of idealistic time for how I would like things in the world like to be. And that part of me understands things. But then realistic time does run a business and have employees and need to manage security for a bunch of people. And realistic time will win on certain topics like security through certain products. All right, rant over. So what do we have here? Hey, thanks for the great content. I enjoy your network sharing videos, enjoying the show while having rum and coke in the cold UK. Is it as cold in the UK right now? What is the temperature there? So give me a city in the UK. What is the temperature in UK? Where is it colder? Oh, it's only 39 in London. So that's not too cold. But anyways, we'll consider that cold. I was standing on the frozen ice the other day because it's a little colder here in Michigan. I've never been to the UK. It's somewhere I want to go, though. I think it looks like a really cool place. Thanks for the content. How do you manage patch management? Your customers open source, keep it up. Good work. I did a video just the other day on Ninja one RMM. That is how we manage patches for our clients. That video is titled Ninja one review. So you can find it on my channel. That is our methodology for doing that. York. See, there's cool names there, Leeds 15 wherever yours. Manchester. All right, gin and tonic in the south of France. So, but nonetheless, thank you very much, Simon. Just want to get that out there. Just laugh at the other ones. Thank you very much for donation. Happy you're enjoying the content. If you are interested, not my endorsement of it, but if you are looking for something in a way that is similar to Ninja RMM, but is actually open source, there is a tool out there called tactical RMM. I don't use it. It's not an endorsement of it, but it's an interesting project that's out there and available. So, let's see. What else do we have? You like the look of Ninja one? It is not a bad product. We actually like the look of it a lot better than we did with what do you call it? The enable platform. I do like the more modern look it has compared to enable. It's colder in Texas than it is 28. Central Texas. So, I'm 43 in Houston. It's in Dallas. 38 in Dallas. Okay. So, it's definitely cold there. 20 here. So, nice and cold. Did we demo anything else? I looked briefly at a few other systems, but we didn't actually take the time to demo. It kind of came down to, I talked to a few people that used Ninja at scale. They really liked it. And they're people I know and respect in the industry, but they don't reveal what software they use. So, I'm not saying their names. Nonetheless, after having some in-depth conversation with some very technical people, then talking with the internal teams, and then doing a 200-unit test and then passing and working with 200 units, we said, all right, this is the one for me. I like the way the Ninja platform works. They just have the, everything I had my experience working with Ninja was very smooth. I've actually worked a little bit with Jonathan before. We did a live stream together on some topics. So, the, I like the team over at Ninja. So, everything about it kind of felt right. The problem really comes down to like connect-wise, rule them out right away. I just don't like the way their platform is or their security posture on things. The other one, the other big one, obviously, you could say have ruled out for some real obvious reasons. The only other company out there that might have been worth looking at that people don't seem to hate is going to be Datto, but I had a mixed feelings about Datto from people. Some people liked it. Some people didn't. It just, I don't know, I just decided not to go with the Datto system. I don't really have an absolute solid reason why, but they were probably the only other ones I would have considered that seems to be at a maturity level that I would say, yes, I like it. But we really just kind of took a liking to the Ninja platform and so that's when we went with, oh, let's see. Are UB Keys safe? Recommend to use? I'm going to go with use your UB Keys. They are, they are definitely good. Focus? Well, focus? You know what? I got to do this to get focused because it sees my eyes and then usually, yeah, the camera's got an auto tracker for my eyes. But yes, I do recommend UB Keys. They're safe. They're good. I'm working on a video on it. It's been on my to-do list for too long. What else do we have? Final sentences. Yes, Sentinel-1 can restrict the USB devices. That is absolutely a feature of it. Switch to Adir, works for me as a paper technician model on that endpoint. That is a weird business model to me that they have. But, you know, honestly, a lot of what it comes down to is knowing the tool, liking the tool. I got some, I got some hate for this on someone downvoted. I think it may have been Reddit. I had said to me, you look at a couple of big RMM players, their feature sets are really close to cost of board, but those are fighting words amongst the people who love their product. People who love the product going, no, there's no way that company is anything like mine, even though all the checkboxes are the same, they're completely different. And granted, yes, they implement things in different ways and handle things differently. But all of us do the same thing. We wrestle the Microsoft Beast. We try to keep it patched and don't always succeed because Microsoft's patches are garbage sometimes. And then we roll back the patches because that's what happened last patch Tuesday because, you know, testing. Possible talk about IPv6 and PSense in future video. IPv6 knows about something missing in explanations. No, I'm not going to do any. I am making it. This is that one. I'm not the person who's going to, you know, hang up on something to say, I'll never change my mind on it. But IPv6 has become my favorite joke because I was told it was the year of IPv6. So many years ago, I didn't have gray hair when I was told it was the year of IPv6. It is 2022, still not the year of IPv6. There's a talk that was done for years by some people I know at a local Linux users group where the burning joke is every year they do a talk of it being the year of IPv6. And they have now done the talk for so many years in a row. It's kind of like the annual IPv6 talk. I don't know. I'm just not interested. Not doing it has not affected my life any when it actually causes problems for me as a technician. And I have to learn IPv6. I will start doing videos on it. I don't know when that'll be because it doesn't feel like that's going to be any time soon. So S1 can restrict USB ports. You know what? You don't have to email Eric. I can do it right here. But I actually recommend you email Eric. Just email support. They can turn on the restrictions on it. So, well, it's on or off. Talk to Eric. He'll get you the details on how to build a policy for that and what needs to be done. We have to do the building of the policies on the back end. So, it's a little bit more complicated, but reach out to the team. The Eric and the team will take care of you, Travis. I heard a few people tell me that their, what do you call it? Their patch management does not work as good. I had a couple of people mention that. The person I talked to about Ninja really thought their patch management work good, which kind of shocked me. So, yeah. Even ISPs don't want to talk about IPv6. That's kind of weird. You're not wrong. I have to grab some water. I am parched from all that stuff. So, one second, folks. I'm sorry about that, man. I was, I had something in my throat. I've been drinking it and it finally ran out. I usually have a big glass of water. Now I have a little water to get this down. Sorry about that. I hate leaving the livestream. Such is life, though. I'm sure someone will do a IPv6 video. It's probably not going to be me. Not anytime soon. How do you feel about the UI difference? I love the UI difference. As a matter of fact, that's huge. That was one of the big selling points is I like companies and Sentinel One does this too, by the way. Let me show the screen and show you. So, when you're in Sentinel One and you flip the thing, I got to do a share, screen, entire window and it'll be screen two. So, when you're opening things, I like when everything becomes these windows like this. So, I can easily pop things into a series of different windows, like when you want to do an investigation timeline, or I say overview, open and deep visibility. I like when everything does this because when you're diving into something or you want one of your other technicians to look at it, being able to just, hey, can you look at this threat with this computer? Huntress does this. So, I can actually say copy and then I can paste that link to my other technicians to show them. This is the same way it works in Ninja One. This is the same way it works in Sentinel One. This is the way it works in Huntress. This makes life easier to be able to share something this way. From an investigative standpoint, these are just like really handy features. So, I really love UIs that do this. Is this the year of IPv6? Oh, never mention IPv6 on blogs because it's one of the few, few things I have a strong opinion on that I don't feel like changing. You're probably right. Let's see. Hey, you used Eric earlier this week. We kind of job great. Eric is one of our technicians for those of you that don't know. But when you contact us for bookings, you get an Eric. So, we always, it's our internal joke was, oh, just throw an Eric at him. Eric's a very talented engineer here. So, he's broad. He was, we have the couple of things we do. Sometimes you'll get more than one person because of job shadowing we do for training. We actually kind of internally, we try to cross train everybody on each other. And it's just part of the methodology and process we do here. But Eric has become quite adept at servicing a wide variety of things. I've actually been training Eric the other day, me and him tag-teamed on a large HA system installed that was, it was kind of joking that we worked on over $200,000 with the servers. So, within that hour, just setting things up. So, yeah. Oh, what else do we have here? Do you have videos on Ninja one? You already have Ninja one video. You're in luck. So, yes. Hey, it's the true NAS open storage team. Love that they're here. I have not done a video on how to update it because I have an update on myself. It's on my to-do list. I was actually working on it today. And then I got sidetracked with 20 other things. Eventually I'll do a video maybe on the upgrade process. Yes. Oh, the cabling videos are slowly but surely coming along. PF Sense 2.6 should be out in the next few weeks. Nice. Yeah, the, PF Sense 2.6 is definitely something I'm looking forward to. You can download as a beta if you want. You can switch to it. It's in the release train right now. You go down and switch to the 2.6 beta. Christian has a video where he's talked about it. Christian McDonald, one of the developers. He actually does some YouTube videos on this. Christian's awesome. And it was key in writing the WireGuard for it. But now he actually works for Netgate doing this. So I don't have a full list of what's new in it. I wait till it's out because I don't bother doing the speculative videos because, I mean, if I was bored for content, I could just do speculative videos about what they got done so far. But I wait till it's actually hit release or at least even release candidate. So I'm like, okay, when it's something hits release candidate, they've pretty much made it feature complete and are just doing some fine tuning. Then it might be a time to talk about it. So hopefully that makes sense. You have the perfect glass for drinking beer from a keg. Yeah, it's a good solid. Gotta have a good mug. 2.6 will be, well, it won't be 22.01. It'll be 22.00 whatever the date is. I imagine it's going to be released this year. So the PF Sense Plus will be is following the year month naming scheme. They did a lot of file system work. I assume I should say that the file system work that Christian covered in his YouTube video will be done by the time it gets to 2.6. But I don't know. That's part of the problem. Like I seen what Christian was talking about doing. I don't know how much of what he talked about doing is going to land in it. So yeah, that I'm always looking forward to updates because it always gets better. That's my biggest thing. So anything like a projectile that has more than that gate 6100 layout, not that I'm aware of. I don't know. I mean, there's probably some companies, Supermicro probably makes something with some SFP ports on it. I don't think anything that Supermicro makes is going to be in the same price range as the 6100. But it could be wrong. I don't keep up with all the latest hardware research on things like that. So I don't know if that exists or not. I don't feel like googling it. But you can go look and go to Supermicro's website and look at the smaller form factor 1U systems that may have that. All right. Anything else for a windestowns? I have a few things I have to do which do include. I think I got a picture of it. We'll share. I think I don't think I have anything new. I don't even take a picture of the mess I made. I have a wire because they're putting my ceiling in. I have to go finish one wire run in my basement so they can wire everything. Yeah, these are the same pictures I had last week. So the studio picture is nothing new to share because there's nothing new done. I just ran a wire and then I got tired and did something else. Oh, there is a video coming on probably this. Let me stop. Share. Chrome tab. This was some testing we did. I want to talk about the results of this. But I don't have the results. My staff does. So my staff will talk about the results of this. This is some cable testing we're doing. So this is a long cable box that ends cramped on. And we're going to talk about how we're integrating these devices. I can review it, how we're splitting PoE power for a project and some cameras. So yeah, this is going to be interesting. It's a project we have upcoming for a client. So there's a lot of wiring stuff coming soon. It's the hardest to do the production on because it takes so much editing to get all that done. So let's see. What else do we have? Awesome. Thanks. And oh, I see this one here. Suggest. If you have an idea for the PF Sense team, they take suggestions. So reach out. I believe they use RedMind. Post-inner forums is probably the best way to do that. Ubiquity release external bridging cable links. Oh, okay. Interesting. We use the ones from, if you haven't used Kodi, the ones that are from Mikrotik. I did a review of the Mikrotik ones. I got to do a follow up review because we've used them a few times now. They're great. Look at the Mikrotik extenders. If you type in like Mikrotik, there's only a handful of Mikrotik videos on my channel. One of them is the Mikrotik range extenders. They're pretty cool. They're also like 25 bucks. So they're really cheap. G Suite Legacy will come at the end of the year. That's interesting. Yeah, the Mikrotiks are cool. They're handy little plug them in devices, get range extension. We have now used those for a few people. And the only thing that's, it's funny because I think it's almost a little bit overpriced. You buy the device for like 25 and then you'll end up paying like 20 for the container that comes with it. Either way, it's a cheap solution for the waterproofing. We still even, I think we installed one that's in a factory and we still put the little container over it. That way, I just don't want to worry about anything getting into it. But they work great. We have a long-term test back here. Pull them out. Whoops. Some dangling. This just got disconnected. I left these running with a few of them. We had a cable coiled up. So they're just kind of messy here. Anyways, that doesn't, we have two of them anyway. So we're trying to show, making a bunch of noise here. So we have two of these units and we plugged them in and I plugged the camera in and we left them running for six months. I don't know. From the time I did the video, we ordered another one. And I have that marked down somewhere because that's how we do these long-term tests. And until we did that picture of that box, that's when these got taken apart because the camera that was running on it got moved over. So these ran for months and months and months without any issue at all. So definitely, definitely these are neat devices. They're called the Mikrotik GPER for those wondering what they are. I don't know what they actually call them. So Mikrotik GPER, you find a review on my channel and of course I link to the device itself. They're a pretty novel. Run secure, Saracada, everywhere you want to learn something. That's my answer for Saracada. Everywhere you want to watch and learn something, Saracada is going to have a lot of false positives but it's going to offer you some insight. Every time you filter out a false positive, you can gather some insight as to why that ran. Yeah, Mikrotik extenders a lot. They are great for field use. I absolutely agree with you, Jared. Yeah, the voltage, that's actually what shocked me is that not only can use one, Mikrotik says you can use two. So we did and we were shocked at just how well this worked. So definitely a pretty cool system. All right, any more questions because I let it go 17 more minutes because I like talking to people. I love answering your questions. But I can't have the life should go forever because I do want to get my video edited, then I got to go home, fix the one wire, make sure that's all done, which is going to be another project and then go from there. So the one video will be out probably tomorrow as I'm not going to finish editing it tonight but I can come in and edit tomorrow on that and so that'll be released. So that's about it. Can't think of anything else. But as always, I'm easy to find in my forums. I'm easy to find on Twitter. Hit me up on LinkedIn if you want. A lot of you connected. I mentioned LinkedIn last time. Feel free to come back to me there. So hopefully this is helpful all the way. So yes, see more people. Thanks, Tom and other Joe Vlog and love this. Hey, so happy I am helping. That's honestly, one of the things I like doing is giving a lot of knowledge out there to all the people. Some of these people like Travis is already a client of ours. I see other people that have used us. Always, always fun in our engaging with the crowd and things like that. This is the reason I'm looking forward to my new studio because I'm being at home already. I'll just like hit the live stream. I actually may step it up and do maybe a live stream on Twitch or something. Once I have my studio and I'm working from home and I don't have to go home because at some point I feel like I need to leave the office, I might live stream a little bit more. So that's all on my to-do list, all on my planning list for future things. Thank you for all of you that come and hang out with me on the live stream. I appreciate all of you and see you next time or online or wherever you find me. If not just follow me on Twitter, I'm usually posting dumb things that make people laugh. If nothing else, if you follow my Twitter, you'll find there's a lack of sad things. There's always, I don't know unless you find cybersecurity sad. Mostly, I do happy things and make people laugh. That's way better goal. Always need to share a little more joy in the world. All right, thanks.