2.5 Admins 206: CrowdStruck

How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

A closer look at what caused the CrowdStrike Windows crashes

Ransomware gangs are loving this dumb but deadly ESXi flaw

Jake Williams on Twitter

 

Free Consulting

We were asked about using SAS drives with a PCIe card.

 

 

 

 

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 205: Dogs Hate BTC

How a Bitcoin mine made life in a Texas town absolutely miserable, why paying for extended support for end of life Windows versions is just doubling down on technical debt, and the best way to manage router redundancy.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Inside the ‘Nightmare’ Health Crisis of a Texas Bitcoin Town

Enterprises urged to think carefully about Windows 10 extended support options

 

Free Consulting

We were asked about managing router redundancy.

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 204: Maybe Don’t 5

A widely-used login system is still using MD5 which is bad news, miscreants took over some domains when they moved from Google to Squarespace, Linksys’ sloppy app isn’t a huge problem but is a bad sign, and why backing up an Android phone in one go is pretty much impossible without root.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere

Squarespace migration linked to DNS hijacking, claims report

Linksys Velop routers send Wi-Fi passwords in plaintext to US servers

 

Free Consulting

We were asked about backing up Android phones.

 

 

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 203: Yet more free consulting

We didn’t get to all of your questions for our Episode 200 free consulting special so here is another full episode of your questions and our answers. Our thoughts on a new UK smart devices law, backing up 30TB off-site, how to learn ZFS, SMB vs other ways to share files, and backing up secrets.

 

Smart devices: new law helps citizens to choose secure products

FreeBSD Mastery: ZFS

FreeBSD Mastery: Advanced ZFS

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 202: Microsoft’s Underwater Again

Why we didn’t mention pocket fluff when we talked about USB-C charging issues, Microsoft abandons its promising underwater data center experiment and didn’t monitor it’s SSL certs, why you should be careful which WordPress plugins and themes you install,an Australian ISP’s tech debt comes due, and remoting into desktop Linux.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

 

News

Microsoft ends Project Natick underwater data center experiment despite success

Microsoft declares its underwater data center test was a success

Shouting in the Datacenter

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

Coding error in forgotten API blamed for massive data breach

Microsoft hits snooze again on security certificate renewal

 

 

Free Consulting

We were asked about remoting into desktop Linux.

NoMachine

 

 

 

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 201: CVEs everywhere

Vulnerabilities in Asus hardware make us think there should be some regulations about what can be sold as a router, a VPN feature that we hadn’t heard of is removed from Windows, and why we don’t believe that Microsoft will ever take security as seriously as they claim.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

High-severity vulnerabilities affect a wide range of Asus router models

Dear Asus router user: You’ve been pwned, thanks to easily exploited flaw

Microsoft to remove DirectAccess from Windows, recommends switching to Always On VPN

Microsoft fixes hack-me-via-Wi-Fi Windows security hole

CVE-2024-30078

Microsoft in damage-control mode, says it will prioritize security over AI

Pluralistic: Microsoft pinky swears that THIS TIME they’ll make security a priority

 

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 200: Even more free consulting

It’s our episode 200 free consulting special. Jim and Allan answer your questions about hard drive availability, USB-C robustness, ZFS performance on a VPS, cold storage with a 2.5″ form factor, how we gained our level of knowledge, disk enclosure issues, and monitoring Windows servers.

 

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 199: Rest In Parity

How to prepare for your loved ones to have the access they need if the worst unexpectedly happens, Joe’s weird issues with wireless access points, and dealing with email accounts that shouldn’t exist.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

After you die, your Steam games will be stuck in legal limbo

EAP225 AC1350 wireless access point

 

Free Consulting

We were asked about dealing with email accounts that shouldn’t exist.

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 198: SMB Pulse

Microsoft is tightening up SMB security in Windows which might break access to your old NAS, a Cogent root-server mysteriously goes out of sync without them spotting it, and protecting hard drives from electromagnetic pulses.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

Installing Windows 11 24H2 might mean binning that old NAS

A root-server at the Internet’s core lost touch with its peers. We still don’t know why

 

Free Consulting

We were asked about protecting hard drives from electromagnetic pulses.

 

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.

 

 

 

 

 

 

See our contact page for ways to get in touch.

 

2.5 Admins 197: Exchange Money

Linux kernel developers were infected with malware for 2 years, another nail in the coffin of proper federated email as Exchange Server moves to a subscription model, followup on zfsbootmenu and IPv6, and learning unfamiliar topics.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

Exchange Server SE to debut just before 2019 support ends

Newbie struggling with zfsbootmenu

 

Free Consulting

We were asked about learning unfamiliar topics.

 

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.

 

 

 

 

 

 

See our contact page for ways to get in touch.