I am visiting a friend at a hospital. They have top notch security to the roof and helipad.
Vegalyp
- 9 Followers
- 18 Following
- 58 Posts
Discovery 20: I don't know how I forgot about this, but we had redundant internet connections. One day our primary internet connection went down and the backup never kicked in.
My boss worked on that for a few hours and then got busy with something else once the primary connection was restored. I later realized VRRP was not actually set up. The agency had bought the connection but never actually did the work to enable the protocols for the redundancy.
I quietly fixed that one on a weekend because I couldn't believe that for 5 years (Long before I joined), the redundant connection was being paid for, but that it wouldn't actually work in the event of the primary connection dying.
As I look fondly back on some time spent at my previous job, it is time for the fourth round of Discoveries. Relevant tags include #Networking #Infosec #sysadmins
Discovery 19: When I first started, the first solo task I was told to do was configure alerts on our servers and network hardware. SNMP traps were not enabled anywhere in the domain and hardware alerts from hardware monitoring (iLO, iDRAC, etc.) were not turned on.
I turned on hardware alerts for the domain and eventually configured SNMP traps to a shitty SNMP-to-email script I wrote since I was not authorized to build a server yet.
Later on, I built LibreNMS and it was an absolute pleasure to use. And it was way better than the terrible script I wrote.
Standplaats Kraków
I don't exactly drive an old car, it's a 2003. But I don't want to drive newer cars and am slowly having to begin mourning my car as I realize it is nearing the end of its life as I just passed 230k miles.
There's something about the analog gauges and dials, lack of computerized screens and tech, and simpler controls that is lost in a lot of modern cars I have looked at as replacements.
mhoyeI think it’s important to repeat: you don't "have something to hide" when you put blinds on your windows or close the door when you're on the can or wear clothes.
Privacy isn't about having something to hide. It's not about keeping secrets. It's about you being the person who chooses what you reveal about yourself, and when, and to who, and the other word we have for that is "dignity". Your inherent dignity, as a human being.
Your privacy is the agency you have over your dignity.
PwnallthethingsLots of folks warning that overreliance on AIs can lead to bias.
But that can sound a bit abstract, so let's just leave these examples here.
Discovery 8: VOIP. We transitioned from PBX lines to VOIP right after I started at the agency. We went to Ringcentral as our VOIP provider and all in all, I didn't mind their VOIP stuff. It was usually pretty good.
What I did discover after my former boss left was that he had hired an MSP to configure our network switches to handle the VOIP traffic because it was too complicated for him to dedicate time to. Admittedly, I was still new and fresh and didn't know any better.
After the fact, I looked at the switch configs that had been backed up and realized that the MSP had just created a VOIP VLAN and then tagged all ports for that VLAN and sent that VLAN to the IP Helper-Address (Our Sonicwall NSA4600)
The bill for that came out to $15,000.
We had 2 commander switches that needed to have that created.
We paid $15,000 for maybe an hour's worth of work.
Round 2 of Discoveries:
Relevant hashtags: #Sonicwall #networking #sysadmin #office365 #ExchangeOnline #infosecurity #Linux #networkengineer #vmware
Discovery 7: When I first started, the Asset Management Inventory was a locally hosted Excel sheet on a shared/network drive.
To note, there were over 4000 manageable assets on that inventory. It was shared between all IT Staff.
I set up a Snipe-IT Instance locally hosted and never looked back. I still have nightmares about the time spent using that accursed Excel sheet.
Discovery 2: After being there close to a year, my boss finally gave me keys to the server room and was allowed to access one server: The Backup server.
My task was to verify the backups and do a test restore. There was zero documentation internally on this backup system or how to do a test restore. The backup client was an incredibly out-dated version of Vembu backup. If you've never heard of it, God bless you.
Backup email confirmations had been sent for 8 months. Not a single backup had been performed during that time frame. When I tried a restore from what was available, none of them succeeded. None of the restores succeeded or were bootable.
My boss tasked me with finding a new backup solution and implementing it. Within 2 months, we had working backups with working restores.