NTP66's thread of IT

[NTP66]

NTP66 or anyone... I want to change the anti-virus program on our Windows 10 PC. HitmanPro to Bitdefender. Does one remove the current av first and will the onboard Windows security suite need to be disabled/removed or will Bitdefender do that? windows security always ran concurrentlt hmp.alert...apparently bitdefender won't

Bitdefender is a terrific product, but for home use I don’t think it’s necessary. The built in Defender does a really solid job. That said, I’d first remove HitmanPro (which sounds like malware itself), and then install Bitdefender. It should take over AV controls from Defender automatically like most other AV products would.

If you receive alerts on those sites in Defender, you’re likely to also receive them on Bitdefender. If you trust them, you can always add an exception for them, but that’s risky.

[crusherstasiak]

NTP66 or anyone... I want to change the anti-virus program on our Windows 10 PC. HitmanPro to Bitdefender. Does one remove the current av first and will the onboard Windows security suite need to be disabled/removed or will Bitdefender do that? windows security always ran concurrentlt hmp.alert...apparently bitdefender won't

Bitdefender is a terrific product, but for home use I don’t think it’s necessary. The built in Defender does a really solid job. That said, I’d first remove HitmanPro (which sounds like malware itself), and then install Bitdefender. It should take over AV controls from Defender automatically like most other AV products would.

If you receive alerts on those sites in Defender, you’re likely to also receive them on Bitdefender. If you trust them, you can always add an exception for them, but that’s risky.

I appreciate the detailed reply. Thank you. But i'm a bit confused by your last sentence. There are two sites we use to watch hockey...both are well known in this community. By 'alerts' do you mean the red line through the 'lock' in the browse searchbar? Because that's the only 'alert' I get.

[NTP66]

NTP66 or anyone... I want to change the anti-virus program on our Windows 10 PC. HitmanPro to Bitdefender. Does one remove the current av first and will the onboard Windows security suite need to be disabled/removed or will Bitdefender do that? windows security always ran concurrentlt hmp.alert...apparently bitdefender won't

Bitdefender is a terrific product, but for home use I don’t think it’s necessary. The built in Defender does a really solid job. That said, I’d first remove HitmanPro (which sounds like malware itself), and then install Bitdefender. It should take over AV controls from Defender automatically like most other AV products would.

If you receive alerts on those sites in Defender, you’re likely to also receive them on Bitdefender. If you trust them, you can always add an exception for them, but that’s risky.

I appreciate the detailed reply. Thank you. But i'm a bit confused by your last sentence. There are two sites we use to watch hockey...both are well known in this community. By 'alerts' do you mean the red line through the 'lock' in the browse searchbar? Because that's the only 'alert' I get.

No, sorry, I thought you meant you were getting bad site warnings in your AV product. The red line/lock you describe is just showing that the site is not secured by an SSL certificate.

[crusherstasiak]

No, sorry, I thought you meant you were getting bad site warnings in your AV product. The red line/lock you describe is just showing that the site is not secured by an SSL certificate.

[faftorial]

Windows Security is good enough you shouldn't need a third party anti-virus program. Of course, don't click on strange links or open random files without knowing the source.

AV programs just eat up system resources esp on older computers.

[mikey]

Scenario: Document management web-based software. Basically, a file cabinet designed to keep you compliant by having documents on hand that are routinely audited.

Issue: There are multiple ways to upload documents. But we don't know which ways our users use the most.

Solution: ??? Is this just a "attach google analytics" to the links and track their behavior (I don't have any experience with this, but at a glance, it looks fairly straightforward)...

[tifosi77]

A buddy of mine is an attorney in private practice. Owns his own firm; he's the only lawyer, and he has a couple administrative people that work part-time for him, plus contracted IT support. Yesterday he got hit by a ransomware attack. As of 8 pm last night he did not yet know the actual financial demands, but every device that has ever been connected to his firm's network (except his personal cell phone) has been encrypted and a snarky Dennis Nedry-style taunt lives on the home screens (no animation, I gather it is just a big red screen with text). The attack hit early-ish in the day yesterday, but when we spoke last night he still had not yet notified law enforcement, and he had no plan in place to let all of his clients know that their personally identifiable information had been hacked and potentially compromised. He had no policy in place for such an event (I'm not sure many such small businesses do), and he was in full panic mode.

The kicker here is that for the last six months or so he has been shopping his firm with an eye towards retirement.

[NTP66]

Scenario: Document management web-based software. Basically, a file cabinet designed to keep you compliant by having documents on hand that are routinely audited.

Issue: There are multiple ways to upload documents. But we don't know which ways our users use the most.

Solution: ??? Is this just a "attach google analytics" to the links and track their behavior (I don't have any experience with this, but at a glance, it looks fairly straightforward)...

When you say multiple ways, can you describe them? If there are multiple ways that are all via web servers, assuming logging is enabled, you should be able to parse logs for the upload page and separate based on IP to get unique hits. That's basic built-in functionality on any MS IIS server.

[faftorial]

People still run web servers on Windows?

[NTP66]

Most do, yes.

[faftorial]

Most do, yes.

Some of both:

According to Netcraft, IIS is the market leader in terms of the market share of all sites. In that league, IIS has 40.65% of the market, while Apache has 20.28%. In terms of market share of domains, Apache is the leader with 33.99% of the market while IIS has 26.36%.

[dodint]

That old machine I was trying to do WinXP stuff with has a SSD with a Windows 10 installation on it. But it's Bitlocker protected (no idea why, I don't use it on personal machines) and the Recovery Key isn't tied to my MS account. Cool. It was registered in March of 2017. Guess that's destined for reformatting.

[dodint]

Didn't we just have a router discussion? I can't find it here or in the HT thread. I want to ditch the Xfinity router I'm renting. We've probably paid $400 for it by now at $15/mo.

I may want to use VPN eventually which is why I was looking in the HT thread.

[NTP66]

Didn't we just have a router discussion? I can't find it here or in the HT thread. I want to ditch the Xfinity router I'm renting. We've probably paid $400 for it by now at $15/mo.

I may want to use VPN eventually which is why I was looking in the HT thread.

We've had it in multiple threads, IIRC. I've only ever used Surfboards for my cable modems when I had Comcast, and installed an ARRIS SB8200 at my parents house long ago that has worked well for them. It supports nearly a full GB internet connection:

As for routers, I won't recommend anything other than ASUS.

Cheaper option: RT-AX68U

Platinum option: RT-AX86U

I have the AX86U and have nothing but good things to say about it. Handles literally dozens of high bandwidth connections in the house, provides insane coverage, and the GUI is second to none. You'll get that last part with any ASUS router, too. You can also use Merlin's ASUS firmware on most newer models. I have run his firmware for years, and it's solid as hell. He customizes the GUI a little, and adds options that aren't standard that some may enjoy. You can also use a lot of VPN technologies at the router level itself, so all devices on your network go through that connection.

Some of that hardware is a little pricey, but I still recommend going for a refurb option if possible. I know I saw both the cable modem and one of those routers on Amazon Warehouse for considerably cheaper.

[dodint]

Thanks, I'll read through these.

I did find the original discussion, Faftorial cross posted it out of mikeys thread of penguin randomness.

[dodint]

Work has pissed me off by handing me so many lemons trying to get a Windows 2019 server going that I'm going to go back to Linux after having not touched a Linux machine in about nine years. I think I'm just mad enough to make it work, though.

[faftorial]

Work has pissed me off by handing me so many lemons trying to get a Windows 2019 server going that I'm going to go back to Linux after having not touched a Linux machine in about nine years. I think I'm just mad enough to make it work, though.

Linux installs are really easy these days.

[faftorial]

My first attempt at Linux install was from Caldera Linux (https://en.wikipedia.org/wiki/Caldera_OpenLinux) that a friend sent me in 1998. I never did get it to work.

[dodint]

Mandrake was my first. Then Ubuntu. The last was Kali. You could include Solaris I guess.

RHEL 7 does look pretty easy so far. Getting up and running is not my concern. It's how to scale later. Kubernetes, etc. All out of my current skillset.

[NTP66]

Dafuq are you doing that S19 is causing you trouble?

[dodint]

It's not Server 2019s fault. I'd love to be using Server 2019. It's our organization's fault. One of the few times I've been caught up in government red tape to the point that a project is failing. I've been working since January 10th to get just the operating system established, not even the program itself.

We're a global organization. I work for the main enterprise, but we have offshoots around the world that manage their own networks. One of those sites deployed a government-developed (free) program that conducts audits on machines. We want to use it, in fact, my leadership is really eager to get it up and running.

The program deploys in Containers. Containers are technically a virtual environment. Our main enterprise prohibits 'nested' virtualization**. So the Server 2019 VMs they gave us to do this are not allowed to run the Hyper-v role that is required to unpack the containers. So using a VM is out; this is how the remote site deployed theirs.

So we found a bare metal server. The intent being if it's bare metal we can run our own hyper-v services. I put in a ticket (the server itself is in Mississippi) to have Server 2019 installed with our requested configuration loaded. Nine days later they come back and tell us that the Dell R820 is too old and cannot run Win2019. Those 9 days are on me because I should have caught that when they gave us the server, but still, another door slams shut.

Concurrent with all of this my project is forked, we're developing the bare metal server but also looking at standing up an Azure environment to emulate the Win2019 requirements that we have. But our PaaS requisition process is not documented and is unclear, so I expect that to take 1-2 quarters to get rolling, if we can even afford it. The bare metal solution is free.

So I threw my hissy fit last night and requested RHEL 7 be placed on that server so we can deploy it that way. It's not our optimal configuration for a couple of reasons but it should get us up and running so my team can actually work on the gear.

**When we requested this configuration it was denied because they didn't want to risk our project taking down the physical host and losing all the services in the cluster. What came out in discussions was that our enterprise server team plans, as part of our general cloud initiative, to enable nested VM later this year. So it looks like we beat them to the party by about 8 months and they're denying the request because it will take away from their reveal later on. The remote site I mentioned earlier is running in the nested VM configuration with no stability problems, but they control their own hardware and do not have to answer to this team. It's extremely frustrating.

[dodint]

Work has pissed me off by handing me so many lemons trying to get a Windows 2019 server going that I'm going to go back to Linux after having not touched a Linux machine in about nine years. I think I'm just mad enough to make it work, though.

Linux installs are really easy these days.

Yeah, they are. But we eventually have to migrate this to our cloud services and it would be easier if it was stood up in Win2019. I'm not too worried about working in RHEL. Just thinking about future considerations. I think we'll end up building it twice. Which is fine.

[NTP66]

Jeez, that just sounds like a cluster (ha!).

[mikey]

Scenario: Document management web-based software. Basically, a file cabinet designed to keep you compliant by having documents on hand that are routinely audited.

Issue: There are multiple ways to upload documents. But we don't know which ways our users use the most.

Solution: ??? Is this just a "attach google analytics" to the links and track their behavior (I don't have any experience with this, but at a glance, it looks fairly straightforward)...

When you say multiple ways, can you describe them? If there are multiple ways that are all via web servers, assuming logging is enabled, you should be able to parse logs for the upload page and separate based on IP to get unique hits. That's basic built-in functionality on any MS IIS server.

It's nginx...but these different ways could all be calling the same URL...which might make it a little bit difficult. But I have no idea. I'm also imagining that Google Analytics is going to prompt our a cookie preferences piece...which in a platform dealing with a lot of PII, might make some people suddenly upset...

[dodint]

My project also includes a nginx component. It's our go-between for logging into our application using a CAC card.