|
Feels like this has a lot of crossover with our homelab thread https://forums.somethingawful.com/showthread.php?threadid=3945277
|
# ¿ Dec 9, 2021 01:28 |
|
|
# ¿ May 14, 2024 00:16 |
|
So I posted my 'Self-Hoting' in the Homlab thread, but I'm on the opposite side of the spectrum: I run a Dell M1000e Bladecenter and two M915 bladeservers that host all my VMs, they are segmented off by virtual switches and firewalls for the Homelab, Production, and Lab environments. I'm running OpenVPN and WireGuard, the OpenVPN is for classes so I can manage connections for students to the Evil Corp lab environment. All this stuff lives on a TrueNAS instance that provides the storage via bargain SSDs and some spinning rust in ZFS arrays shared via iSCSI and NFS. The XCP-Ng Hypervisor that hosts the vms has auto failover between the two servers.
|
# ¿ Dec 9, 2021 18:07 |
|
CopperHound posted:Hot new zero day exploit dropped. If you're running anything Java based, check out if you are vulnerable. https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ For minecraft the fix is simple: add '-dlog4j2.formatmsgnolookups=true' to your java runtime args.
|
# ¿ Dec 12, 2021 21:56 |
|
Matt Zerella posted:For the record, this is a mitigation not a fix. Its worth noting this is what log4j 2.15.0 is doing, it just makes it default. https://issues.apache.org/jira/browse/LOG4J2-3198
|
# ¿ Dec 13, 2021 01:01 |
|
BlankSystemDaemon posted:Mitigations exist so that you can, quite literally, mitigate an issue on a running production system, until you can schedule a maintenance window to let you patch things properly. The problem is: Not every system is going to be patched. We like to think that there's a patch of everything. There's not, especially for in house designed stuff that is likely legacy but still generating business value.
|
# ¿ Dec 13, 2021 13:39 |
|
BlankSystemDaemon posted:Sure, you're absolutely right, there are cases where mitigations are the only option - but that's usually a sign that stuff is going to break not just sooner or later, but soon, period. Agreed. Part of that is setting deadlines for the business to retire legacy products or refactor them to keep them relevant.
|
# ¿ Dec 13, 2021 14:17 |
|
Asking my neighbors if I can use their basement as DR site
|
# ¿ Jan 26, 2022 19:21 |
|
Darwin_ posted:Honeypots work Honeypots are most certainly not security through obscurity. In fact they are pivotal now to identifying attackers inside a network now as canaries.
|
# ¿ Jun 10, 2022 22:19 |
|
NihilCredo posted:I believe that this is one reason why Wireguard tunneling is pretty much recommended over SSH tunneling nowadays? Besides the (arguably) easier configuration, you can set a keepalive which helps when your home connection goes up and down. OPNSense is really good as well.
|
# ¿ Aug 31, 2022 16:31 |
|
I have a friend that runs a small VoiP phone service provider, mostly targets small/medium businesses because yeah, nobody uses desk phones anymore outside of an office setting.
|
# ¿ Nov 22, 2022 19:48 |
|
Always follow principle of least privilege wherever possible.
|
# ¿ Mar 2, 2023 21:44 |
|
Heck Yes! Loam! posted:This is why nothing ever gets exposed to the internet. My favorite fantasy world!
|
# ¿ Apr 24, 2023 15:37 |
|
Who cares if its low-powered or obscure, all hosts are acceptable hosts.
|
# ¿ Jan 15, 2024 01:05 |
|
Nitrousoxide posted:The short story is that Tachyoma got a takedown notice from a Korean manwha publisher despite essentially just being a browser and not hosting any of that content. They took the requested extensions down (which included Mangadex, so it really crippled the app's use case), then they took down their entire extension repo except for the handful of self-hosted extensions like komga. The extension repo (predictably) got forked and the commits removing the extensions reverted by other people who then continued to support the extensions, but then Tachi and all its forks needed to be updated to allow for 3rd party repos. This won't backfire on the publisher at all, never has. /s
|
# ¿ Jan 17, 2024 18:46 |
|
I run Unifi as well and will never go back. My only irritation is their lack of 2.5/5/10GB networking gear for their low-mid level routers and switches, outside their Aggregation switches. I really want a Unifi Router with at least 1-2 10GB SFPs that isn't crazy expensive. CommieGIR fucked around with this message at 16:05 on Feb 2, 2024 |
# ¿ Feb 2, 2024 15:58 |
|
Hey has anyone setup their Jellyfin server to transcode mkv? I really don't want to use their client apps versus the website.
|
# ¿ Apr 16, 2024 15:20 |
|
|
# ¿ May 14, 2024 00:16 |
|
So I retired my HP C3000 and brought the Dell VRTX online to replace it and already happier with power consumption, even with running a PCIe GPU passthrough. I'm running Proxmox on the M630 blade to host VMs/Containers. Still running a seperate R730 + Netapp DS6600 SAS DAS with TrueNAS for storage/mounts Still fighting Jellyfin on mkv transcoding for the web client. CommieGIR fucked around with this message at 13:56 on Apr 17, 2024 |
# ¿ Apr 17, 2024 13:54 |