SysAdmin Weekly

Andy Syrewicze and Eric Siron

Welcome to the SysAdmin Weekly Podcast, your go-to source for IT-related content tailored to busy system administrators in the trenches. Hosted by longtime sysadmins and Microsoft MVPs Andy Syrewicze and Eric Siron, this show dives deep into the challenges and solutions that matter most to sysadmins on any given day. From technical know-how to real-world insights, SysAdmin Weekly is dedicated to those tireless professionals who keep our digital world running. Tune in for relevant topics, expert advice, and engaging discussions to make your busy schedule a little bit easier.

  1. 3d ago

    052 - Why is Homelab Hardware So Expensive in 2026 (and When Will It Get Cheaper)?

    Somewhere between a $305 Raspberry Pi board and a used NVMe listing on eBay, the homelab hobby quietly stopped making financial sense. Andy and co-host Eric Siron dig into why memory, NAND, and storage prices went vertical in 2026, who is actually eating the supply, and what practitioners should do about it. They cover the AI buildout swallowing the manufacturing capacity, why prices probably never return to pre-shortage levels, and the return of a skill the industry let atrophy: right-sizing hardware to the workload instead of throwing spec at it. ## Chapters: 00:00:00 - The Hardware Market Is Fire and Brimstone 00:01:18 - Welcome and Intros 00:04:33 - News React: The First Fully AI-Run Ransomware (JadePuffer) 00:08:16 - News React: AI Job-Blame and the Unix Lawsuit That Won't Die 00:13:32 - Nerd Hour: Thunderbird Finally Speaks Exchange Online 00:18:47 - Nerd Hour: Hugo, AI, and the 80% Problem 00:23:13 - Show Plugs 00:24:09 - Why Homelab Hardware Broke Me: The eBay Moment 00:41:44 - Why This Is Happening: AI Is Eating the Supply Chain 00:46:43 - Local Models and the Willingness-to-Pay Problem 00:52:41 - The New Normal: Prices Aren't Coming Back 00:59:05 - Right-Size the Hardware to the Problem 01:06:02 - Could China Break the Bottleneck? 01:09:29 - One More Casualty, and Wrap-Up ## Resources / Show Notes - BleepingComputer, JadePuffer AI-run ransomware: https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/ - Thunderbird Blog, native Microsoft Exchange (EWS) support in 145: https://blog.thunderbird.net/2025/11/thunderbird-adds-native-microsoft-exchange-email-support/ - Raspberry Pi Foundation, memory-driven price rises: https://www.raspberrypi.com/news/more-memory-driven-price-rises/ - GamersNexus, SSDs WTF (NAND makers sold out for 2026): https://gamersnexus.net/features/ssds-wtf - Gartner, surging memory costs (125% DRAM / 234% NAND surge): https://www.gartner.com/en/newsroom/press-releases/2026-02-26-gartner-says-surging-memory-costs-will-reduce-global-pc-and-smartphone-shipments-in-2026 - TechPowerUp, Samsung and SK Hynix $870B capacity plan and fab timelines: https://www.techpowerup.com/350478/samsung-and-sk-hynix-to-expand-semiconductor-capacity-with-usd-870-billion-plan - BBC, Samsung's memory-driven profit surge: https://www.bbc.com/news/articles/c1kyy8yrpxdo - IDC, why the memory market stays tight and makers aren't rushing capacity: https://www.idc.com/resource-center/blog/why-the-memory-market-is-still-tight-what-comes-next/ - Tom's Hardware, SK Group chairman says the shortage runs until 2030: https://www.tomshardware.com/pc-components/dram/sk-group-chairman-says-memory-chip-shortage-will-last-until-2030 - SemiAnalysis, China's CXMT challenging DRAM incumbents: https://newsletter.semianalysis.com/p/chinas-cxmt-is-set-to-challenge-dram - Tom's Hardware, China's YMTC and homegrown NAND tooling: https://www.tomshardware.com/pc-components/ssds/chinas-ymtc-moves-to-break-free-of-u-s-sanctions-by-building-production-line-with-homegrown-tools-aims-to-capture-15-percent-of-nand-market-by-late-2026 - TrendForce, China's GPU makers scaling as enterprise accelerators: https://www.trendforce.com/news/2025/10/07/news-chinas-gpu-trio-rise-as-nvidia-retreats-decoding-moore-threads-metax-and-cambricon/ - CSIS, China and global cyber supply chain risk: https://www.csis.org/blogs/strategic-technologies-blog/chinas-weaponization-global-cyber-supply-chains - AndyOnTech, Andy's hub for all his output: https://www.andyontech.com - Project Runspace, the organization behind the show: https://www.projectrunspace.org - SysAdmin Weekly GitHub Discussions, share your hardware battle stories: https://github.com/ProjectRunspace/sysadmin-weekly/discussions

    1h 12m
  2. Jul 3

    051 - What's Actually in Our Homelabs (and Why)

    The hardest part of running a home lab in 2026 is not building it up; it is being honest about what earns its place. Andy is joined by returning guest and member of the SysAdmin Weekly community, Clay Tamam, a working SysAdmin over in the Netherlands, for a real tour of what is actually sitting in their labs: the hardware, the hypervisors, the services they use every day, and the reasoning behind each choice. Andy explains why he tore a four-node Kubernetes cluster down to five VMs on a single Debian box, Clay walks through building a rack from scratch on a practical budget, and both of them dig into what current memory and hardware prices are doing to the hobby. It closes with the Graveyard: the gear and services that got powered off, and why pruning is an important part of the discipline. ## Chapters 00:00:00 - Welcome and a Returning Guest: Clay from the Netherlands 00:07:20 - News React: A US Firm's Bid for the Dutch DigiD Infrastructure 00:15:21 - News React: An AI-Assisted Hack Hits US Festival Ticketing 00:18:11 - Nerd Hour: Scoping AI Agents and Building a Lab From Scratch 00:24:29 - Main Topic: What Is Actually in Our Home Labs 00:25:15 - The Hardware: Andy's Pared-Down Single-Box Lab 00:31:25 - The Hardware: Clay's From-Scratch Rack Build 00:45:52 - The Foundation: KVM vs. Proxmox 00:56:33 - The Services That Earn Their Keep 01:02:37 - Self-Hosting, the Plex Price Hike, and Leaving Discord 01:13:57 - Learning Goals and the Graveyard 01:24:19 - Local Inference and the Urge to Panic-Buy 01:25:49 - Wrap-Up ## Resources / Show Notes - Wired - Researcher used Claude to break Front Gate Tickets: https://www.wired.com/story/claude-helped-a-hacker-find-a-way-to-issue-tickets-to-almost-every-us-music-festival/ - NL Times - Netherlands blocks the US takeover of DigiD operator Solvinity: https://nltimes.nl/2026/05/26/netherlands-blocks-us-takeover-digid-operator-solvinity-security-concerns - Security Now with Steve Gibson: https://www.grc.com/securitynow.htm - Proxmox Virtual Environment and Backup Server: https://www.proxmox.com - Forgejo, the self-hosted Git forge (Gitea fork): https://forgejo.org - Tailscale, the overlay mesh VPN: https://tailscale.com - Foundry Virtual Tabletop: https://foundryvtt.com - Plex - New Lifetime Plex Pass pricing: https://www.plex.tv/blog/new-lifetime-plex-pass-pricing/ - Jellyfin, the free software media system: https://jellyfin.org - Vaultwarden, a self-hosted Bitwarden-compatible server: https://github.com/dani-garcia/vaultwarden - Framework Desktop: https://frame.work/desktop - Connect with Clay on LinkedIn: https://www.linkedin.com/in/clay-tamam-00b6441b3/ - AndyOnTech: https://www.andyontech.com

    1h 28m
  3. Jun 26

    050 - How Do You Run a Blameless Incident Postmortem?

    A postmortem that ends with a name instead of a root cause wasted everyone's time in the room. Andy and Eric Siron pull from a combined several-decades of incident reviews to break down what a postmortem actually is, what kind of outage earns one, and who really needs to be at the table. The throughline: keep it blameless without making it unaccountable, separate root cause from contributing factors, and remember that the follow-through is the entire point. Whether your postmortem is sixty people in a war room or just you writing a summary for one nervous boss, the discipline scales. ## CHAPTERS 00:00:00 - Why Postmortems Matter 00:01:31 - Welcome and Show Plugs 00:04:29 - News React: AI Job Hype Walkbacks, Teams Pain, Oracle Layoffs, AMD Trust 00:17:42 - News React: Ubiquiti UniFi OS Max-Severity RCE CVEs 00:19:41 - Nerd Hour: Claude Code, Hugo, and Pandoc 00:23:36 - The Incident Postmortem Process 00:26:40 - What Actually Earns a Postmortem 00:29:22 - Who Needs To Be In the Room 00:38:49 - Blameless, Not Unaccountable 00:46:50 - What Information To Gather 00:50:33 - Running the Review 00:55:15 - Follow Through Is the Whole Point ## RESOURCES / SHOW NOTES - SysAdmin Weekly home and show links: https://www.sysadminweekly.com - SysAdmin Weekly companion newsletter: https://newsletter.sysadminweekly.com - AndyOnTech: https://www.andyontech.com - Project Runspace: https://www.projectrunspace.org - BleepingComputer - Ubiquiti patches three max-severity UniFi OS RCE flaws (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910): https://www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/ - Postmortem markdown template (free, CC BY 4.0, version-tracked in the show repo): https://github.com/ProjectRunspace/sysadmin-weekly/blob/main/resources/postmortem_markdown_process_template.md - Pandoc, universal document converter (Markdown to docx): https://pandoc.org - Hugo, the Markdown-driven static site generator: https://gohugo.io

    1h 2m
  4. Jun 19

    049 - How Do Attackers Use Local LLMs to Phish At Scale?

    Ask Claude or ChatGPT to write a phishing email and it politely refuses; pull the right open-weight model onto your own laptop and that refusal layer simply does not exist in many cases. Andy brings his InfoSecurity Europe session to the show, and Eric Siron joins to walk through how threat actors run local LLMs on their own hardware to generate targeted spear phishing at scale, in any language, with no internet connection and no guardrails. The guys break down what the attack workflow actually looks like, why these capabilities never disappear once a model is downloaded, and where the real defensive line sits. Spoiler: "spot the typo" awareness training is dead, and verification culture plus strong email authentication is what carries the load now. ## Chapters: 00:00:00 - Cold Open: Local LLMs and Phishing at Scale 00:01:37 - Welcome Back and InfoSecurity Europe 00:03:55 - News React: Washington Pumps the Brakes on Fable 00:06:46 - News React: NY Ghost Gun Printing Law and Google AI Liability 00:12:07 - Nerd Hour: Camera Gear and Mac Studio Dreams 00:13:27 - Nerd Hour: Building the InfoSec Demo 00:15:55 - Show Plugs and Community Links 00:17:00 - Main Topic: What Local LLMs Actually Are 00:21:23 - The Guardrail Gap: Cloud Refuses, Local Complies 00:26:55 - The Demo: 15 Tailored Spear Phishing Lures in 90 Seconds 00:30:04 - Why These Capabilities Never Go Away 00:32:59 - AI on the Defensive Side 00:39:01 - Voice Cloning, Deepfakes, and SPF for Phones 00:46:20 - The Low-Tech Deepfake Defense 00:47:26 - Why Spot-the-Typo Training Is Dead 00:50:09 - Verification Culture and Email Authentication 00:54:32 - Common Questions: Legality, Detection, and Adoption 01:00:18 - Wrap Up: Stay Safe Out There ## Resources / Show Notes: - Ollama, the easiest way to run open models locally: https://ollama.com - Hugging Face, open repository of machine learning models: https://huggingface.co - OpenCode, terminal coding agent that runs against local models: https://opencode.ai - Evilginx, reverse-proxy phishing framework referenced in the demo: https://github.com/kgretzky/evilginx2 - SysAdmin Weekly Episode 024 - On-Prem AI with Ollama (Spotify): https://open.spotify.com/episode/1Huz7fy7axxOqjXei1HLI0 - SysAdmin Weekly - all show links in one place: https://www.sysadminweekly.com - SysAdmin Weekly Newsletter: https://newsletter.sysadminweekly.com - SysAdmin Weekly GitHub Discussions: https://github.com/ProjectRunspace/sysadmin-weekly/discussions - Project Runspace: https://www.projectrunspace.org - AndyOnTech: https://www.andyontech.com

    1h 2m
  5. Jun 14

    048 - The AI Doom Narrative vs the Data: Layoffs, Energy, and Jobs in 2026

    The AI doom headlines do not line up with what the actual data says, and that gap is doing real damage. Andy and Eric Siron take a practitioner read on the fear stories: the layoff narrative, the data center energy and water panic, and the executive predictions that office workers are gone in 18 months. They put the WEF Future of Jobs numbers, the hyperscaler nuclear and cooling commitments, and the post-COVID overhiring correction next to the headlines, and walk through what AI looks like at a SysAdmin's keyboard versus what the press would have you believe. Also in this one: Elon Musk's OpenAI lawsuit, Linus Torvalds on AI-generated bug reports clogging the kernel security list, Edge storing passwords in clear text, Eric on the Samsung browser on Windows, and Andy's Forgejo and Restic lab cleanup. Plus listener comments on broken IT job postings and the SCVMM question for Hyper-V shops. --- ## Chapters 00:00 - Introduction to SysAdmin Weekly 04:39 - AI Doom and Gloom Narrative 07:36 - News React: Elon Musk vs OpenAI 10:18 - News React: Linus Torvalds on AI Bug Reports 13:36 - Nerd Hour: Exploring New Browsers 16:30 - Microsoft Edge Password Concerns 19:28 - AI's Impact on Jobs 22:20 - The Reality of AI in the Workplace 25:39 - AI's Role in Documentation 28:28 - Critique of AI Predictions 31:41 - Conclusion and Future Outlook 34:12 - The Responsibility of Executives in AI Predictions 38:16 - The Impact of AI on Job Markets 41:42 - Understanding Layoffs in the Tech Industry 49:56 - The Future of Jobs in the Age of AI 56:00 - Energy and Water Concerns in Data Centers 01:00:48 - The Shift in Carbon Neutral Promises 01:03:37 - Concerns Over Water and Energy Resources 01:05:32 - The Debate on Nuclear Power Safety 01:08:40 - Real-World Applications of AI in Sysadmin 01:11:12 - The Importance of Honest Communication in Tech 01:13:44 - Job Market Realities for IT Professionals --- ## Resources / Show Notes - The Register - Linus Torvalds on AI-powered bug hunters: https://www.theregister.com/security/2026/05/18/linus-torvalds-says-ai-powered-bug-hunters-have-made-linux-security-mailing-list-almost-entirely-unmanageable/5241633 - TechCrunch - A comprehensive archive of 2023 tech layoffs: https://techcrunch.com/2024/05/01/a-comprehensive-archive-of-2023-tech-layoffs/ - Crunchbase News - Tech Layoffs Tracker: https://news.crunchbase.com/startups/tech-layoffs/ - WEF - Future of Jobs Report 2025, 78 Million New Job Opportunities by 2030: https://www.weforum.org/press/2025/01/future-of-jobs-report-2025-78-million-new-job-opportunities-by-2030-but-urgent-upskilling-needed-to-prepare-workforces/ - NPR - Three Mile Island will reopen to power Microsoft data centers: https://www.npr.org/2024/09/20/nx-s1-5120581/three-mile-island-nuclear-power-plant-microsoft-ai - Data Center Dynamics - Google signs nuclear SMR deal with Kairos: https://www.datacenterdynamics.com/en/news/google-signs-nuclear-smr-deal-with-kairos-for-data-center-power/ - X-energy - Amazon invests in X-energy to support advanced SMRs: https://x-energy.com/news/amazon-invests-in-x-energy-to-support-advanced-small-modular-nuclear-reactors-and-expand-carbon-free-power/ - Microsoft Cloud Blog - Sustainable by design, next-generation datacenters consume zero water for cooling: https://www.microsoft.com/en-us/microsoft-cloud/blog/2024/12/09/sustainable-by-design-next-generation-datacenters-consume-zero-water-for-cooling/ - Consumer Reports - AI Data Centers, Big Tech's Impact on Electric Bills, Water, and More: https://www.consumerreports.org/data-centers/ai-data-centers-impact-on-electric-bills-water-and-more-a1040338678/ - Forgejo, the self-hosted lightweight software forge: https://forgejo.org/ - Restic, fast, secure, efficient backup program: https://restic.net/ - SysAdmin Weekly - past episodes referenced are at https://www.sysadminweekly.com

    1h 24m
  6. Jun 1

    047 - Is DNS Over HTTPS Actually Private? What ECH Fixes That DoH Doesn't

    Turning on DNS over HTTPS does not make your browsing private. The hostname you are trying to reach still leaks in the TLS handshake through the Server Name Indication field, and that is the part most coverage of DoH quietly skips. Andy and Eric pick up where the DNS deep dive in episode 045 left off, this time focused on the privacy half of the problem. The episode walks through why DoH on its own only solves part of the equation, what Encrypted Client Hello (ECH) is doing to close the SNI gap, and which browsers actually support it today. Andy also unpacks Cloudflare's quiet deprecation of cloudflared's proxy-dns feature, what that means for every Pi-hole plus cloudflared setup still in the wild, and the Quad9 plus UDM Pro stack he landed on instead. Also in this one: California's age verification law and the operating system level approach the state landed on, Microsoft Edge keeping decrypted passwords in memory at all times (and Microsoft initially calling it "working as intended"), the Humble Bundle SysAdmin and Linux book bundle that is live right now, and Andy retiring his last Windows machine in favor of Debian. ## Resources - SysAdmin Weekly Episode 045 - Why Is It Always DNS? (the prior DNS deep dive referenced throughout this episode): https://open.spotify.com/episode/2oAh0KzE7J2o7NQFJK8Mza?si=D0OO9XwkRb2GQ-hxM9duUA - Cloudflare announcement on the deprecation of cloudflared's proxy-dns feature (November 2025): https://developers.cloudflare.com/changelog/post/2025-11-11-cloudflared-proxy-dns/ - Pi-hole, network-wide ad blocking and DNS sinkhole: https://pi-hole.net - cloudflared, the Cloudflare Tunnel client referenced in the proxy-dns discussion: https://github.com/cloudflare/cloudflared - Quad9, the Swiss-based privacy-focused DNS resolver Andy migrated to: https://www.quad9.net - Ubiquiti UDM Pro, which Andy moved his DNS forwarding onto: https://techspecs.ui.com/unifi/cloud-gateways/udm-pro - Microsoft Edge password manager vulnerability, security researcher disclosure from May 4 showing credentials decrypted and held in memory: https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-to-stop-loading-cleartext-passwords-in-memory-on-startup/ - Humble Bundle's SysAdmin and Linux book bundle from Packt (live for ~20 days from the recording date): https://www.humblebundle.com/books/ultimate-linux-sysadmin-bundle-books - Andy's prior AndyOnTech post on the state of web browsers, referenced for the Safari and Brave standardization context: https://www.andyontech.com/posts/there_are_no_good_web_browsers_left_and_thats_a_problem/ - Encrypted Client Hello, Cloudflare's reference write-up on how ECH works alongside DoH: https://blog.cloudflare.com/announcing-encrypted-client-hello - Apple iCloud Private Relay, referenced as Apple's likely answer to the SNI privacy problem in lieu of shipping ECH in Safari: https://support.apple.com/en-us/102602 - California's age verification law and the operating system level approach: https://www.theregister.com/software/2026/03/06/us-state-laws-push-age-checks-into-the-operating-system/4750249 - SysAdmin Weekly main site, all episode links and platforms: https://www.sysadminweekly.com - SysAdmin Weekly newsletter, the companion weekly newsletter: https://newsletter.sysadminweekly.com - Contact the show: contact@sysadminweekly.com ## Chapters 02:29 - Exploring Secure DNS Lookups 04:17 - Tech News Reactions 08:25 - Microsoft Edge Security Concerns 14:58 - Humble Bundle Book Recommendations 20:05 - Nerd Hour: Home Lab Updates 26:23 - Understanding DNS Over HTTPS and Its Importance 30:11 - The Role of Encrypted Client Hello (ECH) 36:13 - Rebuilding the DNS Stack: A Personal Journey 42:06 - Cloudflare's Changes and Privacy Concerns 47:11 - The Future of Privacy and Quantum Cryptography

    56 min
  7. May 15

    046 - Can Claude Code Help SysAdmins? Scripting, Log Analysis, and the Claude.md workflow

    The skepticism is earned. Most AI demos are built for developers. Most AI hype is vendor noise. And most SysAdmins have better things to do than adopt another tool that solves a problem they may or may not have. That said: this is Andy putting the grumpy SysAdmin argument aside for an hour to make the honest case for Claude Code in SysAdmin workflows. With caveats. With the parts that still fall short. With a clear line between where it helps and where you should keep your hands on the wheel. The episode also covers a rough few weeks for the Linux kernel: three local privilege escalation vulnerabilities publicly disclosed in quick succession. All local, not remote. Still worth knowing about before your next patch cycle. In this episode: - A rundown of the three recent Linux kernel LPE vulnerabilities (Fragnesia, DirtyFrag, and CopyFail) and what they mean for SysAdmins running Linux in their environments - Nerd Hour: Restic offsite backups via Hetzner storage, Beszel and Uptime Kuma monitoring running on K3S - What Claude Code actually is, and why the CLI-based workflow changes the value proposition compared to chatbot-style AI use - The CLAUDE.md file: the single biggest thing most SysAdmins are missing when they try AI tools. What it is, how to build one, and how it turns Claude into something that actually knows your environment - Practical use cases: script generation with real AD and environment context, incident triage as a thinking partner, log analysis, documentation from terminal history, run book drafting, and YAML/Kubernetes help - Where to stay skeptical: sensitive data, the "do whatever you want" permission mode, and always reviewing AI-generated scripts before running them anywhere near production The tool amplifies competence. It doesn't substitute it. That framing is the whole episode. --- ## Resources and Show Notes ### Linux Vulnerabilities: - Fragnesia (CVE-2026-46300): https://www.helpnetsecurity.com/2026/05/14/fragnesia-cve-2026-46300-linux-lpe-vulnerability/ - DirtyFrag (CVE-2026-43284 + CVE-2026-43500): https://www.helpnetsecurity.com/2026/05/08/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500/ - CopyFail (CVE-2026-31431): https://www.helpnetsecurity.com/2026/04/30/copyfail-linux-lpe-vulnerability-cve-2026-31431/ ### Claude Code: - Claude Code Security Documentation: https://code.claude.com/docs/en/security - Claude Code Permissions Documentation: https://code.claude.com/docs/en/permissions ### Tools Mentioned: - Restic Backup: https://restic.net - Beszel Monitoring: https://beszel.dev - Uptime Kuma: https://github.com/louislam/uptime-kuma - Hetzner Object Storage: https://docs.hetzner.com/storage/object-storage/ - Hetzner Object Storage + Restic Setup Guide: https://docs.hetzner.com/storage/object-storage/howto-backups/restic/ ### Community: - Friends and Family IT Support Stories on GitHub Discussions: https://github.com/ProjectRunspace/sysadmin-weekly/discussions - Andy's Music TUI Terminal Apple Music Controller: https://github.com/asyrewicze/music_tui ### Previous Related Episodes: - SysAdmin Weekly 008 - Getting Started with GitHub Copilot: https://open.spotify.com/episode/2eTtoAgeKEikKeLzYExfOY?si=ySl9Ho7mQ861mHAKiTAQ5w - SysAdmin Weekly 016 - AI Agents for IT Admins episodes featuring Mike Nelson: https://open.spotify.com/episode/7u5T3Tp04EEP0hZRst3KPZ?si=zTpzVTXZR42vle4Gk0-tow ## Chapters 04:32 - Community Comments and News React 07:16 - Linux Vulnerabilities Overview 10:08 - Nerd Hour: Personal Projects and Backups 13:21 - Exploring Claude Code for Sysadmins 16:09 - The Grumpy Sysadmin and AI Adoption 19:24 - Understanding Claude Code's Functionality 22:35 - Use Cases for Claude Code 30:01 - The Importance of Documentation in Sysadmin Work 32:52 - Leveraging Claude.md for Enhanced Context 37:27 - Practical Applications of Cloud Code in Sysadmin Tasks 42:11 - Challenges and Limitations of Cloud Code 53:54 - Future of Cloud Code and Its Value in Sysadmin Work

    59 min
  8. May 8

    045 - Why is It ALWAYS DNS?!?

    It's always DNS. Every SysAdmin has said it, usually at the worst possible moment. This episode is the explanation for why that joke is only half a joke. Andy and Eric walk through how DNS actually works from first request to final answer: recursive resolvers, root servers, authoritative name servers, TTLs, and caching. From there they get into Windows Server and Active Directory DNS integration, covering SRV records, dynamic registration, and scavenging. The back half covers DNS security: DNSSEC, DNS over HTTPS, Encrypted Client Hello, DNS-based content filtering, and how attackers use DNS for C2 traffic and exfiltration. Throughout, the guys pull from real war stories, including a ticketing system that silently failed every few weeks because one of four DNS servers had a stale record, and a BIND config that refused to load because of a trailing space. --- ## Show Notes and Resources ### News React - Cloudflare DNS filtering tiers: https://blog.cloudflare.com/introducing-1-1-1-1-for-families/ - AI token costs exceeding replacement labor costs: https://fortune.com/2026/04/28/nvidia-executive-cost-of-ai-is-greater-than-cost-of-employees/ - Claude deleting company data and backups: https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue - Backyard RAM manufacturing: https://www.theregister.com/2026/04/23/youtuber_builds_working_dram/ ### Nerd Hour - Andy's PomoCLI app: https://github.com/asyrewicze/pomocli ### Main Segment Resources - Cloudflare: What is DNS?: https://www.cloudflare.com/learning/dns/what-is-dns/ - MXToolbox: https://mxtoolbox.com - DNS over TLS vs. DNS over HTTPS - Cloudflare Learning: https://www.cloudflare.com/learning/dns/dns-over-tls/ - Encrypted Client Hello - the last puzzle piece to privacy: https://blog.cloudflare.com/announcing-encrypted-client-hello/ ### Community - GitHub Discussions: Friends and family IT support stories: https://github.com/ProjectRunspace/sysadmin-weekly/discussions/15. ## Chapters 12:45 - Understanding DNS: The Final Boss 25:49 - The DNS Resolution Process 38:43 - Exploring DNS Services and Tools 39:45 - Managing DNS: Windows vs. BIND 43:36 - Active Directory and DNS Integration 48:38 - Dynamic Registration and Scavenging in DNS 52:42 - Understanding DNS Record Types 54:44 - Common DNS Tools and Their Uses 59:28 - DNS Security: Threats and Protections 01:06:27 - DNS Filtering and Content Control 01:12:36 - Should You Run Your Own DNS?

    1h 16m

Ratings & Reviews

5
out of 5
4 Ratings

About

Welcome to the SysAdmin Weekly Podcast, your go-to source for IT-related content tailored to busy system administrators in the trenches. Hosted by longtime sysadmins and Microsoft MVPs Andy Syrewicze and Eric Siron, this show dives deep into the challenges and solutions that matter most to sysadmins on any given day. From technical know-how to real-world insights, SysAdmin Weekly is dedicated to those tireless professionals who keep our digital world running. Tune in for relevant topics, expert advice, and engaging discussions to make your busy schedule a little bit easier.

You Might Also Like