azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from GURU-5070 at 2026-06-10 12:22:23

Browse Source 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-10 12:22:23
This commit is contained in:
Mike Swanson
2026-06-10 12:22:34 -07:00
parent f7a1c2ecdc
commit 35847895ae
2 changed files with 88 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wiki/clients/lonestar-electrical.md
View File

@@ -72,6 +72,13 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
- **Windows Defender:** active and real-time protection enabled on both as of 2026-06-02.
- **Current location (2026-06-02):** both desktops are physically at the **Computer Guru office** for repair (hence they appear on the ACG `172.16.0.0/22` network). To be taken back **onsite to Norris and reconnected the week of 2026-06-08**.
### Virtual Machine — LONESTAR-VM
- **Host:** `LONESTAR-VM` — Windows VM at the Warren site. **GuruRMM-managed** (agent `a4d39a9d-2210-483c-9b1e-6348efdba627`, v0.6.54, online as of 2026-06-10). Discovered via the GuruRMM fleet on 2026-06-10 (was not previously documented). Also reachable via ScreenConnect.
- **IP:** `192.168.120.197/24` (interface "Ethernet 2"), gateway `192.168.120.1`. **Warren-site LAN is `192.168.120.0/24`** — the live production subnet, distinct from the `172.16.x` ACG-office addresses LS-1 / LS-2 / Tower carried while they were in the shop for repair.
- **Network profile:** Private.
- **RDP:** Enabled. Windows Defender Firewall "Remote Desktop" rules (TCP/UDP 3389 + Shadow) are Enabled and scoped **Domain + Private** — tightened off the `Any`/Public profile on 2026-06-10. RDP listening is on (`fDenyTSConnections=0`). Reachable on the Warren LAN / site VPN, not over a Public network.
### Unraid Server
- **Status:** Running Unraid **7.1.4** as of 2026-06-02 (migrated to new USB flash drive). **GuruRMM agent enrolled 2026-06-03.**
@@ -165,6 +172,7 @@ No open Syncro tickets as of 2026-06-02.
| 2026-06-02 | Sophos removal COMPLETED on LS-1 and LS-2 — offline tamper-disable (SED Start=4 + SEDEnabled=0) + SophosZap two-pass via GuruRMM; LS-2 hit Automatic Repair after boot-critical SophosEL.sys was renamed (recovered by restoring the file from PE, then relying on already-correct offline edits + SophosZap to remove it safely); Windows Defender active on both |
| 2026-06-02 | Syncro #32347 (Sophos removal, 2.0h in-shop) and #32372 (Unraid USB replacement, 1.5h in-shop) created, billed, and closed against prepaid block — 17.0 -> 13.5 hrs remaining |
| 2026-06-02 | Old failed Unraid USB stick retired (new one registered/stable). Remaining Unraid items (root pw vault, server docs, array verify, LimeTech/Unraid API skill) handed to Mike (todo `de75eec6`), deferred until he posts a note. LS-1/LS-2 are at the ACG office for repair; returning onsite week of 2026-06-08 |
| 2026-06-10 | LONESTAR-VM (Windows VM, Warren site, GuruRMM agent) RDP enabled in firewall via GuruRMM: Remote Desktop rules confirmed enabled and tightened from `Any` to Domain+Private (removed Public exposure); active net Private, RDP listening already on. VM documented for the first time — IP 192.168.120.197/24, Warren LAN 192.168.120.0/24. |
---