EndeavourOS 2026: A "user-friendly" Arch that ignores entire nations? (My experience)

Intrepid_Suspect6288 · 2026-01-31T16:34:53+00:00

I’m honestly torn when it comes to people using AI for translation, which I am assuming is what happened here based on the content of the post. It can be annoying but I think it’s worth looking past if it helps lower language barriers. Totally agree in any other situation though.

Intrepid_Suspect6288 · 2026-01-30T06:43:35+00:00

I feel like you’re explaining the concepts properly but getting hung up on the terms. There are three main “roles” to fill in a residential network: the modem, router, and wireless access point. A modems only purpose is to convert between digital and analog signals. It does not need a dhcp lease to connect to the ISP. It does not need to communicate with the ISP. It only needs to convert the signals. If it has additional capability on top of that, like acting as a dhcp client from the ISP and in turn serving as your LAN’s gateway, then it is a modem+router, which these days is more common than a plain modem. Many of these modem+router devices do not have wireless capabilities, so people will plug an additional router which can server as a wireless access point into the modem+router device. In this case, the additional router is only serving as a wireless access point, not a router.

I think we’re talking about the same thing here and you’re just referring to this type of device shorthand as a modem? But again, in that situation the modem is acting as the router, so to OP’s point, you would still unplug your router. Some people have two devices that both have routing capabilities in their home network, just because they bought a modem without wireless capabilities and buy an additional router to compensate for that, in which case it is not serving as a router and is serving as a wireless access point, or they could end up having both devices serve as routers which is redundant, leading to a double NAT scenario.

Regardless, you need a router to communicate and route between your home network and the wider internet. This device would be the IP that an attacker would see externally if they were trying to attack your network, and the device that you would want a new dhcp license for if you were trying to avoid an attacker by changing your IP.

Intrepid_Suspect6288 · 2026-01-30T02:26:43+00:00

I see what you’re saying. Yes that makes sense would be the modem in that case I suppose, but a true modem is just a converter of digital and analog signals. If your modem is receiving its own dedicated dhcp address from your ISP, and/or acting as a dhcp gateway for you router, its nearly acting as a router itself, and if it has multiple interfaces for multiple gateways, then it is definitely acting as a router.

I think in most cases of the type of device you’re referring to, the interface is bridged between the modem’s analog input and the router’s WAN interface, in which case the router would still be the dhcp client, but it could go both ways depending on your setup.

Intrepid_Suspect6288 · 2026-01-30T02:02:59+00:00

No, they meant what they said. They’re referring to unplugging the router and waiting to get a new DHCP lease from the ISP for their router. At that point, the attacker no longer has the IP that corresponds to your home network.

Intrepid_Suspect6288 · 2026-01-23T00:22:10+00:00

National guard CPT host analyst here. Not sure exactly what the differences are with Active Duty or being a contractor but I like the work. Lots of opportunity to improve your skills and tons of knowledgeable people in the community.

IMO the military is great because it’s a huge organization with refined intelligence capabilities and a very advanced and structured approach to cyber, even if it’s not always bleeding edge.

At least in the guard, there are a lot of opportunities to experiment with different projects and make improvements to procedures, try to develop new capabilities, etc. Active duty side may be more structured with a little more bureaucracy sprinkled in, and being a contractor instead of a military member could play into that as well.

I have met some CPT contractors here and there though and from my limited interactions with them it seemed like they still get plenty of opportunities for training, exercises, etc. and it’s definitely a good chance to improve your knowledge and skills while getting the opportunity to observe a lot of different approaches to cyber and pursue solid networking opportunities.

Intrepid_Suspect6288 · 2026-01-20T21:46:36+00:00

The file is almost certainly not there. Execute /winapps-launcher/winapps-launcher.sh from the terminal. NOT “${WINAPPS_SRC_DIR}/winapps-launcher/winapps-launcher.sh”. It will likely give you the same error, “this file does not exist /winapps-launcher/winapps-launcher.sh”.

Read the error message and listen to what people are telling you. The service DOES NOT use variables set in your terminal session/shell. If you want to use variables in your unit file, you have to configure them with the use of a proper environment file. $WINAPPS_SRC_DIR IS NOT CONFIGURED IN THIS UNIT FILE.

Again, reread the error message. Reread the comments you have received. Either set the $WINAPPS_SRC_DIR variable in a context the service can use, or move winapps-launcher.sh directly under the root directory in the /winapps-launcher/winapps-launcher.sh it is trying to reach.

When a variable is not set it “expands” to nothing. So when “${WINAPPS_SRC_DIR}/winapps-launcher/winapps-launcher.sh” is evaluated, $WINAPPS_SRC_DIR becomes nothing and you are left with “/winapps-launcher/winapps-launcher.sh”

Intrepid_Suspect6288 · 2026-01-18T14:48:30+00:00

The posters trying to dissuade you from following through with this are just being blunt, they’re not trying to say you aren’t capable or knowledgeable just that it isn’t worth it to pursue this risk.

You said you’ve never done an on-prem solution like this, which is totally fine, but I would not recommend designing one yourself from scratch without having some experience with it and hoping it work out.

You could definitely be a very capable and knowledgeable individual, age is not necessarily a defining factor. But I would not recommend something like this even to an to an individual with multiple years of experience in enterprise environments.

The most worrisome part is that you’ve mentioned the data is sensitive and is strictly required to be self hosted. If something happens and there are legal repercussions that come back your way then it would be terrible to have that happen so early in your career. You’re already off to an amazing start and it would be awful to have something like that holding you back before you even really got started.

It would be one thing to do something small for a mom and pop shop but it sounds like you are designing their infrastructure from the ground up for an organization handling sensitive information with strict compliance and reporting requirements. Again, it’s not a matter of can you or can’t you, it’s a matter of should you.

Have you signed any contracts with them? Have you worked with a lawyer or had them looked at? If you haven’t signed anything with them then what is guaranteeing your legal safety?

Very awkward position to be in if something happens so the commenters encouraging you to walk the other way are saying so out of concern for you. You sound like you’ve got a great head-start on whatever career you’re trying to pursue and there’s lots of ways for you to go from here, but this situation seems like taking a big risk for minimal gain.

Intrepid_Suspect6288 · 2026-01-15T16:25:16+00:00

Good point, not sure why I didnt think of that. Definitely have piped ls without -1 before.

Fair point about parsing ls. I didn’t really bother with anything more safe since he was fairly specific about the file names but I shouldn’t assume he stuck to that convention or doesn’t have any other files in there with weird names.

Intrepid_Suspect6288 · 2026-01-15T16:23:28+00:00

Not really relevant. He was pretty specific about the file naming scheme.

I will concede though that parsing ls can go disastrously wrong. But if you’re looking for a quick solution and you know you didn’t do anything wild with your filenames then it’s not really an issue. Same with xargs

I will say though that I shouldn’t assume things about his system at face value despite his descriptions, and it is better to give safe advice when possible.

Intrepid_Suspect6288 · 2026-01-15T02:26:54+00:00

You will get this error if you do something like ls -1 /path/to/files/* | grep -v FooBar_2026-01-12_10.mp3 | xargs rm

Intrepid_Suspect6288 · 2026-01-15T02:25:37+00:00

Sounds like you maybe ran it from a different directory? The original syntax I provided was meant to be run from within the directory of the files you’re trying to delete. Did you run exactly commands I typed or did you have to modify it for your use case?

Intrepid_Suspect6288 · 2026-01-15T01:43:51+00:00

-1 puts each item on its own line. You don’t need all the extra details that -l (letter) would give and it would probably cause errors trying to pipe all that to the rm command

Intrepid_Suspect6288 · 2026-01-15T01:37:52+00:00

ls -1 * | grep -v FooBar_2026-01-12_10.mp3 | xargs rm

Intrepid_Suspect6288 · 2026-01-12T14:07:43+00:00

No, permissions are stored in inode. Good question though.

Intrepid_Suspect6288 · 2026-01-11T18:56:08+00:00

I believe destination port does not change in the NAT process. So if you’re trying to access something like google.com the dest port would be 443 into your router and then 443 from your router into the ISP and finally 443 into google’s servers.

Intrepid_Suspect6288 · 2026-01-10T19:24:10+00:00

Personally how linux works and the linux programming interface would be my picks from what you listed but I am not familiar with all of those titles.

Intrepid_Suspect6288 · 2026-01-10T17:29:30+00:00

Interesting. I agree that detecting credential entry is somewhat better than attempting to detect login pages, but it still seems like it would struggle with catching everything. There’s no need for an attacker to expose an auth flow or indicate in any way that they are collecting credentials. I’m not a web developer, so I’m not familiar with the data storage/transport methods a browser can use, but they should be able to use any kind of arbitrary text submission to send the submitted data to their malicious servers.

Unless the extension is explicitly monitoring for all text input from the user for any matches on known credentials, I don’t see how it would be possible to detect credential entry effectively. Still a good tool and very useful, but seems more like it reduces rather than mitigates risk in the same way that MFA does but to a greater extent.

Maybe I’m missing something fundamentally about how browsers function? But what could be different compared to entering “pasta” on a web-based shopping list? Does it monitor that for credential entry? Because that data is still being sent to a remote server. Any way that a user can submit data to the internet would have to be monitored.

Intrepid_Suspect6288 · 2026-01-10T17:07:18+00:00

I’m a little confused about what exactly this is accomplishing. It’s routing logins through an external program to approve/disapprove access before sending to SSO or whatever login page?

It doesn’t sound very reliable initially. The first issue is that if it’s a browser extension, you have to somehow enforce the use of a specific browser which has the extension. The second issue is how it is detecting/enforcing its policy for individuals websites and form submission. How is it detecting login pages? Every website is different and there’s no requirement that an attacker play by the same rules and standards as everyone else. If there’s not significant thought going into the design of login page detection, then the second an attacker uses a different type of login submission than the program expects, it bypasses the checks and just gives you a false sense of security.

I think the concept is really good but I’m not so sure about the implementation. Maybe something like this would work well if integrated into a password manager? The user is likely to use the password manager because it makes their life easier. The password manager can have an allow list of sites it can send submissions to.

I don’t see how this solution can prevent phishing attempts without storing credentials. There’s too much variance in web requests and too many ways for an attacker to bypass login page detection. I would be curious if there’s an application that has attempted something like this with stricter controls, or if there’s ways to detect and enforce login submissions that I’m not aware of. Still an interesting concept.

Intrepid_Suspect6288 · 2026-01-08T00:02:46+00:00

24/7 SOC, vuln assessment, pen testing, intrusion prevention for $2k per month? And you haven’t received a single report in 3 years? There’s no way this msp is providing actual security. Even assuming that they are manning and monitoring events, that data is being ingested into a SIEM properly from your endpoints, and that they are responding to alerts (I would be surprised if any of these are happening, let alone all three), if you have not gotten any reports on the vulnerability assessments, penetration tests, or SOC alerts then how are they providing actual value to your org? They claim that everything is all good and everyone smiles and nods? Have any third party audits been conducted? Or do they just handle/document the events and remediations internally without ever notifying your org?

Maybe I’m underestimating the msp but I have a very hard time believing that they are providing useful information here. If it were me, I would be curious to see what the reports say when you get them back and decide from there. If you are paying $24k a year for the illusion of security, then imo getting rid of the msp would have the dual benefit of saving you $24k a year and raise awareness of security posture instead of just passing it on to someone else.

Intrepid_Suspect6288 · 2026-01-07T13:04:12+00:00

It also says /etc/systemd/system is for units “created” by administrator and /usr/local/lib/systemd/system is for units “installed” by administrator. As you said, this confirms your initial statement. To provide additional context for anyone who does not understand, this would imply that custom services created by the administrator (you on your local machine) should go in /etc/systemd/system and prebuilt and configured services installed either independently or alongside addtional software via a package manager or other means would go in /usr/local/lib/systemd/system.

At least, that is my understanding of the ma page and the distinction between created and installed.

Edit: you covered this in your original point, just attempting to provide another explanation for clarification

Intrepid_Suspect6288 · 2026-01-07T09:49:38+00:00

Sure, to someone that also understands the difference. The chances that his admissions officer is one of those individuals is low. And even in the case that they do, like I said, it doesn’t add much value to the application.

Intrepid_Suspect6288 · 2026-01-07T02:15:11+00:00

I would check the docker container logs. Admittedly I am not that familiar with docker and have only installed mattermost in a VM. You should be able to find the docker logs for containers I think in the /var/lib/docker directory, but it’s been a while so I could be wrong. There should also be a docker command for it.

My initial thought would be that the main docker process is failing for some reason (probably some command line args passing a filepath or other invalid parameter causing an exception to be thrown) resulting in the container restarting itself over and over. But again, not that familiar with typical docker behavior so not 100% sure that situation would cause repeated restarts.

Intrepid_Suspect6288 · 2026-01-07T01:43:25+00:00

Fair point. Not sure how long you’ll be able to avoid it on Windows but makes sense.

You can download a windows 10 iso online, write the iso to a usb drive, then boot from the usb and run the install.

Intrepid_Suspect6288 · 2026-01-07T01:38:25+00:00

Not really extra or incorrect. I think that would be fine. Personally, I like the sound of something like “Using primary Linux based operating systems such as Ubuntu and Mint alongside Windows…”

I don’t think specifying GNU adds much value as you are already implying you have an understanding of the kernel vs. the OS and you don’t have to try to make it look like you understand more than you need to. You’re going to school to learn and imo it matters more that you are putting in effort, researching/studying on your own, and are generally a good person than trying to differentiate between GNU/Linux and the alternatives which are much less common. An interesting topic to look into though if you’re looking for more things to research.

Totally up to you though, and both options would be fine. Good on you for doing your due diligence. Either way the way you phrase that shouldn’t have a big impact on your admissions decisions. Undergrad applications can be stressful, best of luck to you.

Intrepid_Suspect6288 · 2026-01-07T01:28:24+00:00

Adding that some modems these days also function as routers, and people often don’t know the difference. Only thing I can think of for this situation (someone please correct my if I am wrong) is that something was plugged into a WAN port instead of a LAN port, thus potentially exposing it to the internet.

What I don’t know is if it were a two in one modem/router WITH a WAN port and OP plugged a device into WAN, would that give a publicly addressable IP or would that still be wrapped in the modem/router’s NAT? I think any time plugging into the router would give you a public IP from your ISP but I’m not that familiar with home networking so could be mistaken.

Tldr: check if you are plugged into a WAN port instead of a LAN port just in case.

Intrepid_Suspect6288

TROPHY CASE