I like computers
Earth
Joined October 2009
- Tweets 1,692
- Following 67
- Followers 74
- Likes 204
Just got around to implementing AD accountExpures checks in the few places where it's ignored.
Sad to see "There is no plan today to sync password expiration state (or disabled or lockout state, for that matter) from on premises AD to AAD" when finding out what others do
That's why all my certificates are valid for 100 years. /s
Can you not change the date on the devices?
Isn't that wh CISP hosted by @NCSC is supposed to be, although I do find it rather lackluster
So I get you're supposed to put Packetbeat on application servers but it turns out it works just as well on your routers, just deployed it to all of our routers :) #elasticsearch
Monday off to a good start, some light code review when...
Why pay for not 1 (Jira) but 2 (Gitlab) bits of project management software to track software issues when you can use EXCEL AND STORE THE SPREADSHEET IN THE GIT
Why are people like this?
1
Twitter mangled my tweet, look at cdn-aws.deb.debian.org/debia… and stick a 's' in the right place!
1
1
The way the mirrors work mean all the mirrors running behind it would need a trusted certificate for security.debian.org
However, do try deb.debian.org as that works differently, "deb deb.debian.org/debian-securi… stable/updates main contrib non-free"
2
We'll agree to disagree on the definition then :)
You're not the first person from @Elastic to tell me my clusters not orthodox.
Thanks for reaching out though, I tweeted a faceless corporation, didn't expect someone to try and help!
1
WRT sizing; seems to be fine so far, this cluster has been production for several years now, started out at ES 1.4 I think? We just have a huge volume of data being dumped into it.
Rollover is something I have thought about in the past however, ain't broke don't fix?
1
Our definitions of hard and soft obviously vary, if something stops your from going over a limit in my book it's a hard limit. Soft would just throw loads of warnings at you. Thankfully you guys are very helpful on the forums and I stumbled across discuss.elastic.co/t/number-…
Just dragged our ELK stack up to 7.0 from 6.5 and I'm unimpressed with @elastic cluster.max_shards_per_node being set to 1000, we generate about 1000 shards per month and on our 4 node cluster that works really well for us.
1
Encrypted SNI and DNS over HTTPS are a dangerous combination.
Great tools for consumers and personal devices but horrible obstacles in the enterprise
1
Just had an email land in my inbox that contained the following:
"1) Are you able to patch these vulnerabilities in the software?
OR
2) Would you be able to put the software into a Docker?"
Where has this attitude/belief come from?
It's too early in my morn... life for this
Well we can now store public SSH keys in AD, and make them machine specific as well.
SSH also prompts for a MFA token that validates against our generic 2FA server that currently is setup for YubiKeys or TOTP.
Leaving me with triple authentication: key -> password -> MFA