!sysadmin@kbin.social
A community dedicated to the profession of IT Systems Administration.
!sysadmin
@kbin.socialhttps://www.bleepingcomputer.com/news/security/chinese-hackers-hid-in-us-infrastructure-network-for-5-years/
The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies.
Please let me know if there is a better community to post to. This one seems like a good place to start.
I have a very short character ICU domain registered and it was working for months. Without changes to DNS or anything else, it suddenly stopped working. I found out that no DNS records were resolved anymore. It is not that they are invalid. They are non-existant on any DNS servers. According to dnschecker.org's DNS lookup for ALL records, there no records at all. Same with using dig
, which just shows an A record with no value.
I use my own nameservers and all of my other domains work fine. I have not changed anything on my end either. Still, I switched to Namecheap's default name servers to see if that would resolve the issue. No change.
I contacted Namecheap few about a month ago. They opened a ticket for me with a High priority. They just a couple times now, saying they are still monitoring the issue but don't have an answer yet.
Is anyone else experiencing something similar? Any ideas what may be going on?
https://www.thestack.technology/broadcom-is-killing-off-vmware-perpetual-licences-sns/
Starting when? Starting now. Kiss goodbye to support and subscriptions (SnS) on-premises users, too.
https://thedfirreport.com/2023/12/04/sql-brute-force-leads-to-bluesky-ransomware/
In December 2022, we observed an intrusion on a public-facing MSSQL Server, which resulted in BlueSky ransomware. First discovered in June 2022, BlueSky ransomware has code links to Conti and … Read More
https://lwn.net/Articles/953226/
Hey everyone. This magazine was on the abandoned list, so I put in to take over ownership, and here we are! I'd like to revive the sysadmin community here on kbin, and create a solid resource for all of us admins here on the fediverse.
For now, until the board becomes more active again, I'm going to moderate it myself, however if you'd like to help out please DM me here or over on Mastodon and we can hash out the details.
I'll be getting some basic board rules together soon, and will try to post as much useful and relevant information as I can. In the meantime, I hope to see everyone around, and feel free to post away, fellow admins!
Somebody I’m helping has an ancient, and i mean ancient (like 3 major versions before latest or so) install of Rundeck doing stuff for them. Might help them upgrade it to the latest (more like reinstall and configure from scratch, it was built years ago with assumptions no longer true), but before i commit I’d like to know if there’s decent replacements/alternatives for it these days.
In case you don’t know Rundeck, it allows you to set it up so that a number of users, with various privilege levels, are allowed to execute scripts on remote machines, with whatever privileges the given script needs, giving them parameters from an allowed set you configure. That’s all, no more, no less.
Sounds like something that should be common, but when you look for alternatives it gives you everything that’s ever been touched by the word DevOps, from Ansible and every “configuration engine” software ever made, to automation libraries and the like. I just want something that does this and no more, let people run scripts while preventing them to break stuff. If it’s something commandline friendly (Rundeck wasn’t as far as i can see) much better, and doubly so if it’s user friendly (have tried AWX and feels like it wants to be able to run the whole of Google from a browser window, dislike it in general, far too convoluted, and not user friendly at all for the not very techie office workers that use Rundeck today).
Six or more day old accounts are currently serving dodgy links, under different subjects from your instance. Could someone look into this?
I have always configured a web server to default to a certain domain that I'm pointing to it. I just setup a web server with a few domains on it and realized I should be using a default
sites-available config... I think.
Is there a best practice for setting up a web server with multiple domains? Right now, I have a self signed cert for the default config, in case someone points to my server for some reason OR if there is something done outside the configs for each domain. Since the default
config has no domain associated to it, I had to use a self signed cert. Also, right now, I just have default
return a 404.
If it makes a difference, I'm running nginx.
Is there some docs out there on what is best to do here? Thanks for any input.
Hello m/sysadmin, and welcome to this month's the first monthly Patch Megathread!
This is the place to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the community, and provide a singular resource to read.
While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.
Remember the rules of safe patching: