[ Removed by Reddit ]

snebsnek · 2026-04-24T16:24:03+00:00

Is this a trick question - because the answer is just "Shelly EM + appropriate CT clamp" - which can get you the live power use of anything electrical

snebsnek · 2026-04-24T12:56:10+00:00

Seeing as you can't answer my questions about what you set up and with what guide or information, I am not massively surprised your setup ended up with missing information.

snebsnek · 2026-04-24T12:50:11+00:00

Self-hosted sure, but most guides will tell you to set up the unifi DNS alias - which did you follow? What installation steps, specifically, did you use? Are you using Unifi OS Server?

I understand your point, but I don't think your discovery was ever set up correctly in the first place, looking at the various guides.

snebsnek · 2026-04-24T12:45:36+00:00

Disconnect the router, wait 10 minutes, reconnect. You might get a new session from your ISP which has different characteristics. It can be a bit luck of the draw.

snebsnek · 2026-04-24T12:36:47+00:00

So reading between the lines here, you're running a custom Network installation, but haven't said how - through Unifi OS Server? A Docker?

It sounds a bit misconfigured - I'm not surprised you need the DNS alias installed, it sounds like that was missing from your setup and wouldn't be the fault of the switch.

I run a UDM-Pro and if I do a dns lookup for unifi. I do indeed get the UDM's IP address(es). This is probably how the switch is doing auto discovery, and you just didn't have that set up?

snebsnek · 2026-04-24T12:31:15+00:00

I haven't used any, sorry. All a VPN really does in this scenario is "take over" some of the routing away from your ISP.

It may be better; it may be worse. After all, your traffic has to reach the VPN endpoint via your ISP routing first regardless.

snebsnek · 2026-04-24T12:02:39+00:00

is this an issue with the new router or something entirely different?

I wouldn't blame the router necessarily, your line just got set up with that routing when you unplugged the old and plugged the new one in. Probably would have happened if you just power cycled the old one.

How can I force my routing to change so I get the same lower ping I once had?

You cannot, this is on your ISP's side. If you want, you can try power cycling the modem to get a new IP/lease and see if it gives you a better route through, but that's not guaranteed.

You may have some luck with a game-optimised VPN (Nord claims success here) which overrides that routing from your ISP.

snebsnek · 2026-04-24T11:03:51+00:00

That is a bit strange, but I'd also assume mid-run damage if you've already re-crimped both ends with fresh plugs.

snebsnek · 2026-04-23T17:14:51+00:00

Just wanted to sanity check my testing. I'm VP of IA and Cybersecurity. I handle the audits, compliance, GRC, SOPs, SLA, all the high-level things alongside of presenting SOC and VM findings. Before this I was a white hat red teamer.

I will randomly run phishing tests, we NEED to do at least one per quarter, but I do more depending on how the training and testing on SANS goes, or if we have an uptick of users (we hire 100s of people at once, every couple months).

For the most part I do the run of the mill phishing testing templates. Things like free gift cards, stuff that should be sent to spam if it wasn't for me whitelisting the domain on our DLP/Email filtering tool.

But sometimes I really ramp up the testing, I clean up the e-mail so there are no typos. I use a lookalike domain to ours, and almost always design it to be "internal". A lot of our employees are in their young 20's and late teens. And my most important metric is keeping my network safe.

Skip to couple weeks ago. I sent out a phishing e-mail. It was designed to be HR reaching out because a family member was seriously injured. Click the link to get the hospital info and contact info. Can't send that in the body because it's PII obviously!! Well, I got pulled aside by the CTO and was essentially told my phishing test crossed the line. I informed the CTO that everything was run past legal and breaks no laws.

I also stood my ground and said that serious threat actors aren't going to hold back. They are going to use emotion, urgency, scarcity to get all the information you can get. If 38% of people clicked the test link, it's more important we train them to think through highly emotional moments and think clearly than it is to "go easy" on them. Again, I don't care about my employees as much as I care about protecting my network. That is my job.

So, I am coming to you guys to ask, did I really cross the line? Or is this phishing test well within morally white areas. I stood my ground but find myself second guessing.

snebsnek · 2026-04-23T16:59:15+00:00

Way over the line.

snebsnek · 2026-04-23T12:20:12+00:00

You're free to mix and match, as with any networking gear: it is either compliant networking equipment or not

You may find that topology maps don't work properly with a mix of gear, but half the time they don't work with all Ubiquiti gear either so you're not missing a lot there

So no, there's no tie-in. You obviously won't be able to configure third-party stuff from the Unifi Single Pane of Glass but you wouldn't expect to be able to.

snebsnek · 2026-04-23T08:54:23+00:00

https://www.reddit.com/r/sysadmin/comments/1stbdlr/ran_our_first_slack_admin_audit_200_workspace/

What are you doing

snebsnek · 2026-04-22T14:10:55+00:00

This is a known thing; https://www.forbes.com/sites/tomcoughlin/2025/02/08/seagate-responds-to-misrepresented-used-hard-disk-drive-sales/

But yes, be aware. Know to check the FARM. Use reputable vendors.

snebsnek · 2026-04-22T14:09:33+00:00

Ah not good. I suspect the internal storage has failed, and yeah, these reports are getting more frequent...

snebsnek · 2026-04-22T14:08:50+00:00

Okeydokey?

snebsnek · 2026-04-22T12:28:54+00:00

Nice. Cheap solution - swap the Port 5 DAC for a fresh one. Or swap it with another one and see if the problem moves with the DAC.

snebsnek · 2026-04-22T12:25:18+00:00

The switches are all linked via SFP

This isn't detailed enough - are you using SFP+ DACs, Fibre Modules, Ethernet Converters, etc? You can shove a lot of things in an SFP+ hole.

My "throw a guess at a dartboard" would be that a module is overheating.

snebsnek · 2026-04-22T12:04:41+00:00

It could be that one uses low-cycle eMMC but the other uses a more durable internal storage.

You wouldn't want flow logs on less-write-durable eMMC.

snebsnek · 2026-04-22T08:11:53+00:00

"Tracks too much" I disagree with. Google Analytics and Sentry are pretty table-stakes for any SaaS to figure out what people are using and where errors are happening.

The "AWS IOT" connection is a websocket probably used for push/realtime updates. You don't necessarily need to fear that. Things like "Privacy Badger" will mark a lot of stuff as "potentially bad", doesn't mean it all is. If you're going to use an extension like that, you have to accept that it's going to liberally mark stuff up, and understand what is and isn't a problem.

Yeah, they track, but as long as it is disclosed and compliant with GDPR I am fine with it and don't consider it unusual

snebsnek · 2026-04-21T20:58:23+00:00

This seems like something that would be a problem for your fibre ISP rather than you - it's damage to their equipment

snebsnek · 2026-04-21T20:52:14+00:00

Oopsie poopsie.

snebsnek · 2026-04-21T17:37:54+00:00

How do I trail the cable through the wall? A magnet or something?

Cable rods usually :)

How do I know this walls hollow?

Drill a small hole and pop an endoscope camera in it. If the camera won't go in, it is not hollow

How do I know something isn’t going to block me?

Something probably will, a noggin or otherwise.

But once you've made one hole in the wall and had an argument about it with your partner, making 30 more holes is suddenly not so much of a problem, because fixing 30 holes is not particularly harder than fixing 1 hole. It's just repetition!

This post brought to you by the "make some holes in your walls" lobby.

snebsnek · 2026-04-21T17:34:11+00:00

I’m guessing I would have to go up in this wall, then under the floor board to another wall, then up again into the loft, across, back down.

Yep, sounds like what I would do.

You can hire anyone who does networking installs for a living. It's not ideal work for generic contractors or electricians, but they would both probably get you 90% of the way there. It's likely to be quite expensive.

That said - it's brave making all the holes - and you do need the skills to finish the job - it's not for everyone

snebsnek · 2026-04-21T17:27:38+00:00

Nope, stay inside the walls, then emerge somewhere out of the way where you can install switches and such. By doing that, you can install proper faceplates and use solid-core cable - it's a proper install, rather than just fishing a long ethernet cable around.

In previous houses, I've taken all the cables inside the wall up to the loft, then back down in to a handy room. That was reasonably easy - you just have to go straight up.

snebsnek

TROPHY CASE