Depending on the size of the organization: CxO's view is abstracted to only focus on the business side of things. Core concepts and paradigms that match expected work-flow and ROI. It's truly the the layers below that actually choose the tools (technology) and implement them. In some cases the CIO will choose the tool (being clueless and going on buzzwords features alone), but really it's the IT Director that does the implementation to make all that magic work.
CIO: I want product X because it does ZY. Make it happen #1 (IT Dir)! IT Dir: Ok, but here are the prerequisites and expected time to completion. I have the OK? Good *cracks whip*. IT staff, start working on this new project. That include Network, Workstation, and Server group.
Does Samsung not offer an on-line TRIM utility app that is available for Windows? Annoying that it's not automated, but I could live with performing a manual TRIM operation while I'm out on lunch break or whathaveyou once a week.
Turn off the driver signing requirement in Yosemite, problem solved, your hack still works and you're in the same condition you were in Mavericks.
Right up until you install a minor release update (service pack); which no doubt will have turned driver signing back on rendering your machine un-bootable upon next restart. This assuming it doesn't also replace the hacked driver simultaneously. Same thing happened with all other version of OS X updates, you had to re-apply the hack command from a terminal session. But unlike Yosemite, prior version of OS X booted just fine with TRIM disabled again.
Fortunately you can get get the machine booting again with Yosemite, but takes some hoops of fire to go through first. I'm not sure if this will work if the drive is encrypted with File Vault however. I honestly haven't checked. Read link below on how-to recover from a boot stop sign.
No. My problem is that SORBS and certain blacklists like it provide very little recourse (if any at all) to the end-user of the IP. But beyond that, I'm shooting admins that use SORBS; so both take a hit from me.
I'm all about providing an equal opportunity if only to make the point. People will often spout "don't hate the player; hate the game!" How about not playing the fucking game in the first place?! And both SORBS and admins that use SORBS play it dirty!
Of course, the downside is the infrastructure. Four copies of Exchange, Active Directory, a good firewall that supports DMZs, and the utilities it takes to back up mailboxes. However, this makes eDiscovery and other regulation compliance quite easy to deal with.
Not that I'm looking to defang anyone from hosting their own e-mail, but when you factor in the cost of the above and amortize it for its expected usage life, it's possibly way cheaper to just go with Office365 hosted Exchange. They take the bandwidth hit on all the filtering, and you have lots of back end bandwidth for syncing all devices. They also have plans that make eDiscovery and online archiving possible. It starts out at $4 a month per user. So say you have 10 employees and need service for 5 years, that's a cost of $2400. Not too shabby!
I agree, if only to diagnose the original problem. But regardless, outbound port 25 should be restricted in the LAN with the exception of your e-mail server. That way, if a machine is infected, it can't blow SPAM out and sully the reputation of your public IP.
And no matter how much he denies it, it's ALSO possible that his server really HAS been flooding spam and he just hasn't figured out how to detect it yet.
THAT is entirely possible! It happened to us about six years ago. I'll keep this short. Basically, we had a Plesk server that hosted both e-mail and websites in a multi-client setting (multiple domains). Basically a WAMP box that ran MailEnable. There were only a few ports open to the box; 25, 80, 110, and 443. For whatever reason, we had an older version that allowed for SQL injection and ASP exploits. For a few weeks, we noticed that our IP to the server was constantly being flagged on Spamhaus every day. We scanned for malware and checked all SMTP logs; nothing unusual found. Eventually, we noticed that the server was under heavy CPU and bandwidth usage during the period of 7pm to 6am (central standard time) and 24 hours on Saturday - Sunday. Further investigation led to a bogus website hosted on our box with code to perform the exploit. Access logs indicated the remote execution to generate the SPAM was happening in Italy. The bastard rightfully guessed we were an 8am - 5pm shop and proceeded to go to town on the server when we weren't actively looking. Played us and the server like a stradivarius. I gained some relief by null-routing his IP, but he just proceeded from another source days later when he figured out the server was live all along. Eventually, we were forced to renew our Plesk subscription and upgrade the box.
A few lessons learned from this:
1. Never lag behind updates and product versions on a production hosted server. If it cost money, factor that in or it simply isn't economically viable. 2. Never host web content on the same server as your e-mail. Just don't. That web exploit to use the MailEnable program off the C drive was proof of this (path found in his exploit code).
Yeah, blacklisting via reputation has been expanded beyond the scope of just email, and been used to include the IPs of known sources of botnets and other bad-nasty traffic. Most likely you got flagged and put on their RBL or XBL list.
Aside from keeping all clients up to date with OS updates and antivirus, get a business class firewall to block malware at the WAN (ISP) side as another later of defense. Also, restrict outbound SMTP (port 25) traffic to only your mail server; all other internal devices denied. That way if you do get an infected machine, it can't blow out SPAM and kill the reputation of your static IP.
I don't work for myself, I work for others. That is to say, when I'm having to administer over 100+TB of data on 50+ servers, I won't be rolling my own software-based solution. I'm not saying it can't be done, but there's just too many variable and permutations to deal with; more so when an update rolls around and potentially throws a wrinkle in the mix. And to be perfectly honest, going with Dell or HP provides next-day warranty replacement of drives. That, and the level of R&D put into a hardware based solution is backed up by a solid reputation of the aforementioned companies. And just so you know, if one of these fail, I've got my ass covered. I refused to go before the CEO or owner and say "Yeah, in theory my cobbled solution should work...in theory. And in theory you shouldn't HAVE LOST YOUR DATA!!" Yeah, no problem.
Life's too short. Enjoy being the brilliant hero that you are. I know nothing you're on top of things. You're just too fucking smart man!
SORBS will tell you if your behind a DUHL. They by default blacklist dynamic IP pools (residential). Performing a reverse DNS lookup will reveal this often. However, you have to call your ISP to create a PTR (reverse DNS record) for the domain of your sending e-mail server. Though having a valid PTR is extremely important, SORBS still will blacklist you baed on the netblock range.
www.mxtoolbox.com is your friend. Run SMTP tests, and check your static IP against a huge list of known black lists.
I ran into a similar issue with one of my clients behind an rural business-class DSL connection. They were only black listed from SORBS because their netblock range was dynamic (DUHL). Technically, this was true because their "static IP" was really a sticky IP via DHCP with an indefinite lease. But SORBS doesn't give a shit. You're on the DUHL, you're fucked. Only their ISP can talk to SORBS, not the end-user as I understand it. In the end, the client had to subscribe to a Smart Host to get around this.
With regards to SORBS; admins don't let admins reference SORBS. Fuck them, and their shitty pompous policies!
If you're running RAID 1, 5, 6, 10, etc, it's a moot point as data will be rebuilt from remaining parity information. Secondly, if a drive drops out of an array from an extended error recovery timeout, chances are you can't trust the reliability of the drive anyways. That's regardless if it trips SMART or not.
My point to you is this: why do you go through convoluted motions to micromanage your hardware when this is a solved problem. Solutions exist! Run the cost/risk aassessment and apply accordingly. Unless your time (and sanity) is worth so little compared to the hardware you administer?!
You shouldn't have to script any of this if your using drives that support error recovery. Western Digital desktop drives do not have TLER. As such, the slightest hesitation can kick a drive out of an RAID array. Sucks balls, but don't use generic desktop drives (or any drive for that matter) that doesn't support this in hardware.
No! No they're not! It's all a bunch a lip service and stupid pie in the sky cloud seeding solutions. Their environmental problems is systemic to the corrupt nature of an authoritarian regime. Everything from subpar civil engineering specs, to the change in materials. It's all from corruption executed with incompetence. Oh, but we haven't even talked about Chinese Ghost Cities; the biggest abject waste in resources in human history. The only thing worse is machines and munitions in war. But because people are generally assholes, we have to blow money on that. It's a wasteful requirement!
Correct. The SMART status in BIOS is for whether or not the HDD SMART status get reported at POST. For example on Dell systems, it will warn the user with an option to press the space bar to continue booting into the OS (assuming the drive is still functional). With it turned off in BIOS, you can still poll SMART status with any number of HDD utilities available to whatever OS you're running.
Newer drives will relocate bad sectors to free reserved space they keep for that purpose. As long as you don't run out of free spare space, IMHO, it is worth a try.
HDDs don't rely on user addressable free space to remap LBAs; they now have their own non-user accessible spare space that gets allocated for the remapping purpose automatically. Effectively, it happens on-the-fly at the hardware layer. It's why you rarely, if ever, will have bad clusters at the file system level; it's oblivious to what's really going on.
Beyond that. Of all the "pollutants" is low priority. If you can do all at once, fine. But fund allocation should first be directed at cleaning up and preventing excess of heavy metals, PCBs, and other toxins that effect both the quality of life, life span, and reduce birth defects. The case for the importance of CO2 as "pollution" is tenuous at best. We know for a fact with the former example do to the human body!
As someone whom visits the mainland during the past 10 years, I can assure you that I speak with experience.
-I've seen motor oil poured down the sewer in the city. -I've seen all major rivers and streams with plastic refuse caking up on the shoreline (the Mississippi has nothing on this level) -I've seen "sunset" hues and dimming at 12pm from all the pollution blotting out the sky in Beijing and Shanghai. It's not water vapor based overcast! -I've seen armies of cheap laborers jackhammer entire sidewalks without any eye protection, what-so-ever.
In short, the Chinese predominately (both rural and urban) don't give a shit; with the except of the less than 1% more affluent whom would be the most vocal in both the western media and online. They're fucking ignorant to know they're killing themselves. And if the fact pre-teens chain-smoke on the bus doesn't clue you in, yeah, you shouldn't be talking about a topic you clearly know nothing about!!!
Oh horse shit!! While China may be improving their environmental problems now, they're no where near the level of zeal the US has with the EPA focusing in on cleaning up that last 1%.
Slashdot Mirror
Only if we could keep hydrogen liquid at room temperature by combining it with... carbon......
Depending on the size of the organization: CxO's view is abstracted to only focus on the business side of things. Core concepts and paradigms that match expected work-flow and ROI. It's truly the the layers below that actually choose the tools (technology) and implement them. In some cases the CIO will choose the tool (being clueless and going on buzzwords features alone), but really it's the IT Director that does the implementation to make all that magic work.
CIO: I want product X because it does ZY. Make it happen #1 (IT Dir)!
IT Dir: Ok, but here are the prerequisites and expected time to completion. I have the OK? Good *cracks whip*. IT staff, start working on this new project. That include Network, Workstation, and Server group.
Honestly, the certification should back up field experience, not the other way around.
Been working IT since 1996. MCITP, MCDST, MCTS, MSCE (2000).
Honestly, I wasn't aware that this was set in nvram. Good to know.
Does Samsung not offer an on-line TRIM utility app that is available for Windows? Annoying that it's not automated, but I could live with performing a manual TRIM operation while I'm out on lunch break or whathaveyou once a week.
Right up until you install a minor release update (service pack); which no doubt will have turned driver signing back on rendering your machine un-bootable upon next restart. This assuming it doesn't also replace the hacked driver simultaneously. Same thing happened with all other version of OS X updates, you had to re-apply the hack command from a terminal session. But unlike Yosemite, prior version of OS X booted just fine with TRIM disabled again.
Fortunately you can get get the machine booting again with Yosemite, but takes some hoops of fire to go through first. I'm not sure if this will work if the drive is encrypted with File Vault however. I honestly haven't checked. Read link below on how-to recover from a boot stop sign.
http://www.cindori.org/trim-en...
No. My problem is that SORBS and certain blacklists like it provide very little recourse (if any at all) to the end-user of the IP. But beyond that, I'm shooting admins that use SORBS; so both take a hit from me.
I'm all about providing an equal opportunity if only to make the point. People will often spout "don't hate the player; hate the game!" How about not playing the fucking game in the first place?! And both SORBS and admins that use SORBS play it dirty!
Not that I'm looking to defang anyone from hosting their own e-mail, but when you factor in the cost of the above and amortize it for its expected usage life, it's possibly way cheaper to just go with Office365 hosted Exchange. They take the bandwidth hit on all the filtering, and you have lots of back end bandwidth for syncing all devices. They also have plans that make eDiscovery and online archiving possible. It starts out at $4 a month per user. So say you have 10 employees and need service for 5 years, that's a cost of $2400. Not too shabby!
I agree, if only to diagnose the original problem. But regardless, outbound port 25 should be restricted in the LAN with the exception of your e-mail server. That way, if a machine is infected, it can't blow SPAM out and sully the reputation of your public IP.
THAT is entirely possible! It happened to us about six years ago. I'll keep this short. Basically, we had a Plesk server that hosted both e-mail and websites in a multi-client setting (multiple domains). Basically a WAMP box that ran MailEnable. There were only a few ports open to the box; 25, 80, 110, and 443. For whatever reason, we had an older version that allowed for SQL injection and ASP exploits. For a few weeks, we noticed that our IP to the server was constantly being flagged on Spamhaus every day. We scanned for malware and checked all SMTP logs; nothing unusual found. Eventually, we noticed that the server was under heavy CPU and bandwidth usage during the period of 7pm to 6am (central standard time) and 24 hours on Saturday - Sunday. Further investigation led to a bogus website hosted on our box with code to perform the exploit. Access logs indicated the remote execution to generate the SPAM was happening in Italy. The bastard rightfully guessed we were an 8am - 5pm shop and proceeded to go to town on the server when we weren't actively looking. Played us and the server like a stradivarius. I gained some relief by null-routing his IP, but he just proceeded from another source days later when he figured out the server was live all along. Eventually, we were forced to renew our Plesk subscription and upgrade the box.
A few lessons learned from this:
1. Never lag behind updates and product versions on a production hosted server. If it cost money, factor that in or it simply isn't economically viable.
2. Never host web content on the same server as your e-mail. Just don't. That web exploit to use the MailEnable program off the C drive was proof of this (path found in his exploit code).
Yeah, blacklisting via reputation has been expanded beyond the scope of just email, and been used to include the IPs of known sources of botnets and other bad-nasty traffic. Most likely you got flagged and put on their RBL or XBL list.
Aside from keeping all clients up to date with OS updates and antivirus, get a business class firewall to block malware at the WAN (ISP) side as another later of defense. Also, restrict outbound SMTP (port 25) traffic to only your mail server; all other internal devices denied. That way if you do get an infected machine, it can't blow out SPAM and kill the reputation of your static IP.
https://ers.trendmicro.com/rep...
It's not on any known blacklists, but it's a major one that many use.
I don't work for myself, I work for others. That is to say, when I'm having to administer over 100+TB of data on 50+ servers, I won't be rolling my own software-based solution. I'm not saying it can't be done, but there's just too many variable and permutations to deal with; more so when an update rolls around and potentially throws a wrinkle in the mix. And to be perfectly honest, going with Dell or HP provides next-day warranty replacement of drives. That, and the level of R&D put into a hardware based solution is backed up by a solid reputation of the aforementioned companies. And just so you know, if one of these fail, I've got my ass covered. I refused to go before the CEO or owner and say "Yeah, in theory my cobbled solution should work...in theory. And in theory you shouldn't HAVE LOST YOUR DATA!!" Yeah, no problem.
Life's too short. Enjoy being the brilliant hero that you are. I know nothing you're on top of things. You're just too fucking smart man!
Wow, just wow. Some people....
SORBS will tell you if your behind a DUHL. They by default blacklist dynamic IP pools (residential). Performing a reverse DNS lookup will reveal this often. However, you have to call your ISP to create a PTR (reverse DNS record) for the domain of your sending e-mail server. Though having a valid PTR is extremely important, SORBS still will blacklist you baed on the netblock range.
www.mxtoolbox.com is your friend. Run SMTP tests, and check your static IP against a huge list of known black lists.
I ran into a similar issue with one of my clients behind an rural business-class DSL connection. They were only black listed from SORBS because their netblock range was dynamic (DUHL). Technically, this was true because their "static IP" was really a sticky IP via DHCP with an indefinite lease. But SORBS doesn't give a shit. You're on the DUHL, you're fucked. Only their ISP can talk to SORBS, not the end-user as I understand it. In the end, the client had to subscribe to a Smart Host to get around this.
With regards to SORBS; admins don't let admins reference SORBS. Fuck them, and their shitty pompous policies!
Damn your full of yourself!
If you're running RAID 1, 5, 6, 10, etc, it's a moot point as data will be rebuilt from remaining parity information. Secondly, if a drive drops out of an array from an extended error recovery timeout, chances are you can't trust the reliability of the drive anyways. That's regardless if it trips SMART or not.
My point to you is this: why do you go through convoluted motions to micromanage your hardware when this is a solved problem. Solutions exist! Run the cost/risk aassessment and apply accordingly. Unless your time (and sanity) is worth so little compared to the hardware you administer?!
Error recovery control. Also known as TLER, ERC, or CCTL.
You shouldn't have to script any of this if your using drives that support error recovery. Western Digital desktop drives do not have TLER. As such, the slightest hesitation can kick a drive out of an RAID array. Sucks balls, but don't use generic desktop drives (or any drive for that matter) that doesn't support this in hardware.
The Chinese government is taking it seriously
No! No they're not! It's all a bunch a lip service and stupid pie in the sky cloud seeding solutions. Their environmental problems is systemic to the corrupt nature of an authoritarian regime. Everything from subpar civil engineering specs, to the change in materials. It's all from corruption executed with incompetence. Oh, but we haven't even talked about Chinese Ghost Cities; the biggest abject waste in resources in human history. The only thing worse is machines and munitions in war. But because people are generally assholes, we have to blow money on that. It's a wasteful requirement!
Correct. The SMART status in BIOS is for whether or not the HDD SMART status get reported at POST. For example on Dell systems, it will warn the user with an option to press the space bar to continue booting into the OS (assuming the drive is still functional). With it turned off in BIOS, you can still poll SMART status with any number of HDD utilities available to whatever OS you're running.
HDDs don't rely on user addressable free space to remap LBAs; they now have their own non-user accessible spare space that gets allocated for the remapping purpose automatically. Effectively, it happens on-the-fly at the hardware layer. It's why you rarely, if ever, will have bad clusters at the file system level; it's oblivious to what's really going on.
Beyond that. Of all the "pollutants" is low priority. If you can do all at once, fine. But fund allocation should first be directed at cleaning up and preventing excess of heavy metals, PCBs, and other toxins that effect both the quality of life, life span, and reduce birth defects. The case for the importance of CO2 as "pollution" is tenuous at best. We know for a fact with the former example do to the human body!
As someone whom visits the mainland during the past 10 years, I can assure you that I speak with experience.
-I've seen motor oil poured down the sewer in the city.
-I've seen all major rivers and streams with plastic refuse caking up on the shoreline (the Mississippi has nothing on this level)
-I've seen "sunset" hues and dimming at 12pm from all the pollution blotting out the sky in Beijing and Shanghai. It's not water vapor based overcast!
-I've seen armies of cheap laborers jackhammer entire sidewalks without any eye protection, what-so-ever.
In short, the Chinese predominately (both rural and urban) don't give a shit; with the except of the less than 1% more affluent whom would be the most vocal in both the western media and online. They're fucking ignorant to know they're killing themselves. And if the fact pre-teens chain-smoke on the bus doesn't clue you in, yeah, you shouldn't be talking about a topic you clearly know nothing about!!!
In other words, it's seppuku. Restoring a shred of honor back at the cost of your life? Fuck no! Just don't cheat to begin with.
Oh horse shit!! While China may be improving their environmental problems now, they're no where near the level of zeal the US has with the EPA focusing in on cleaning up that last 1%.
Laws of diminishing returns. Look it up.
With all that solar energy in Germany, wouldn't electricity be real cheap?