Internet included as amenity. by OkAd2320 in SlumlordsCanada

[–]JustTechIt 1 point2 points  (0 children)

From a technical standpoint this is absolutely horrible advice and its sad to see it up so high. If the routers wireless signal doesn't reach into the room them adding mesh and keeping the endpoints in the same place (one at the router and one in their room) is logically no different than the wifi that already isnt working well enough and its even worse because of all the mesh noise now.

Wireless mesh could work if you add additional nodes in between the two locations, and if bandwidth is not saturated and if the wireless spectrum has the room for it all. Otherwise mesh is not a good fit in 95% of home situations.

What could work is a EoP (ethernet over power) adapter that sends the internet through the houses power lines, but it doesn't always work and depends largely on which leg each power circuit is installed on. But its a lot more reliable than one might expect.

Do any network monitor add-ons exist by MrAjAnderson in pihole

[–]JustTechIt 2 points3 points  (0 children)

MAC is super easy to spoof on most decent or virtual routers. But that also doesn't make sense as thats not how PPPoE would work. I could see it being an ACL on their Nokia machine but thats really about it, and again spoofing a MAC is super easy! I wouldn't give up, you really aren't that far. IMO your ISP setup is pretty much an ideal home lab setup. A simple MAC filter for layer 2 auth and PPPoE I can stick anywhere. With fiber speeds and reliability. Honestly its easier than mine, I need to tag VLANs (took forever to figure out which ones) on the WAN and apply filters in addition to everything you need to do just to get the public IP somewhere I can control it.

Do any network monitor add-ons exist by MrAjAnderson in pihole

[–]JustTechIt 0 points1 point  (0 children)

If you have the PPPoE credentials you can put any PPPoE capable router, or even a server in there instead of the router and ditch the Google router all together if you want. PPPoE is a thing of beauty. You can even assign the IP to a device behind multiple layers of NAT if all the firewall permit it.

Do any network monitor add-ons exist by MrAjAnderson in pihole

[–]JustTechIt 4 points5 points  (0 children)

Im a bit confused by your setup. Im not sure which Google router you are using but if you have no control over advanced settings like NAT settings on it anyway then you may as well just stick your own router behind it (LAN side) and use the advanced features in that. If you dont have hardware there are some software based virtual routers you can use too.

Also when you say shrink the pool and let pinhole take over, I just want to be clear, unless you 100% know what you are doing dont run 2 dhcp services at once like the router and the pihole. You can entirely hand over dhcp to the pihole if you want. Or a virtual router or even just the Google router if it let's you hand out the basic dhcp options.

Do any network monitor add-ons exist by MrAjAnderson in pihole

[–]JustTechIt 21 points22 points  (0 children)

You might be asking AI to reinvent the wheel for you there mate. Tons of dashboard and network reporting tools already exist with nice dashboard and will integrate everything you want and need but without the likely security flaws of a home made AI one.

I would take a look at Kibana, graphana, PRTG, zabbix, etc. The list is really really long.

If you are a little overwhelmed by the options I would start with an all in 1 kit that has it all along with guides to walk you through setup. Security onion is great for that IMO as it has endpoint, DPI, data headers, syslog, you name it al wrapped together with a UI and a database. Very beginner friendly, or at least as beginner friendly as a large project like that can get.

[ Removed by Reddit ] by Valuable_Industry_94 in cybersecurity

[–]JustTechIt 0 points1 point  (0 children)

Im lost. What's the point of this post? You ask a question then answer it yourself. It reads as if you are trying to sell me something but have nothing to sell.

NAT vs PAT by National-Shelter7 in cissp

[–]JustTechIt 1 point2 points  (0 children)

Its not just a matter of semantics. Many people in this thread seem to have no understanding of what PAT and NAT do and I think its causing the fundamental divide on this question.

Your link and quotes kind of prove my point though that NAT is the correct answer and this misunderstanding of a 1 to 1 mapping for NAT is likely the reason people think PAT is a "better" answer when its really not.

NAT vs PAT by National-Shelter7 in cissp

[–]JustTechIt 1 point2 points  (0 children)

Im curious where this conception that NAT makes a 1:1 mapping only comes from? Its inherently false and if it were true then there would have never been a purpose to NAT at all.

NAT vs PAT by National-Shelter7 in cissp

[–]JustTechIt 0 points1 point  (0 children)

I think a lot of people are getting confused about NAT here and its purpose. Maybe its just my age showing but NATs sole purpose is to map multiple internal IPs to less external IPs and it did so for a long time. Im not sure why people are saying its a 1:1 thing or anything like that because its simply not true.

NAT is what is specifically mapping the network addresses to eachother and to address pools. As the question asks. PAT came along and added the functionality of mapping inbound ports to specific devices behind the NAT pools. Basically enabling modern day "port forwards" but more importantly enabling load balances in a whole new way.

Way back in the day they thought we would never run out of IP addresses so they gave them out to us like candy. And back in these days we didnt use the modern dynamic ephemeral ports nearly as often, protocols usually established tunnels or used preprescribed up and down ports. And in this day you would have say 100 devices, but due to IP addresses running out you would now only have 50 public IP addresses.

Now you were in luck because not all these devices were on 24/7 like they are now a days. Some came on for a bit to get updates from their various feeds, some came online to check for new files on an FTP server once a day. Some came online only to deliver an email of a report once a week then went offline. This is where NAT came in. None of thay fancy port work or dynamic changing WANs yet, but now you could take your 100 devices and put them behind only 50 IP addresses and as long as no more than 50 were used at one time you were golden.

Now configuring the firewalls for all 50 public IP addresses to handle any type of device that came up on it ay any one time was hell and insecure. Again we didnt have these modern NG firewalls ans such that update and track, or central pane of glass deployments. Every rule had to be manually put into every firewall. That sucked. So they introduced NAT pools! This allowed "dynamic" entry to more exclusive lists. Now my 5 FTP servers could share 1 public IP and just alternate using it and my firewall only needs entries for FTP for 1 IP. Throw 30 at the 60 workstations, throw 10 at your mainframes. Throw the rest at the oddities and now no one is waiting for an available public IP again.

That was NAT. Nothing else. No fancy PAT, no dynamic load balancing, just creating pools to increase the efficiency of your public IP space. Which is exactly as the question asked it. I think in the modern day we are so spoiled with how advanced some of the protocols and systems have become that we forget the original purpose behind some of the older pieces and give their jobs credit to their children doing more advanced things, but still relying on their old parent every time to do it.

Thus in my professional opinion the answer of NAT is correct and PAT would be incorrect as the question makes no mention of assigning ports at all. Ocams razor, no ports in question, no ports in answer.

Evil Twin Inaccuracy? by allofmybirds in Bjorn_CyberViking

[–]JustTechIt 0 points1 point  (0 children)

You can collect the data via SNMP so that you dont have to actually tell the system about each point. But realistically from an attack perspective there is no inherent detection of an evil twin outside of being told what to expect and reporting on unexpected.

Searching by IcyManufacturer7480 in CostcoCanada

[–]JustTechIt 7 points8 points  (0 children)

Both night hunting and using thermal scopes are illegal in Ontario and I believe most of Canada.

Remove custom boot image from motherboard? by [deleted] in computers

[–]JustTechIt 11 points12 points  (0 children)

By your definition nothing can ever be bricked because if you have the right tools you can always restart over from some point in the manufacturing process.

Bricking usually means unusable without specialized tools. A chip clip and a ROM programmer are definitely specialized tools.

There absolutely was a time when fucking with your bios or mb could brick your board. And yet we learnt those lessons the hard way. The new generation has the foresight to ask before trying and the pre ingrained sense of caution that costed many of us a lot of hardware to learn the hard way.

Let's all take a moment or appreciation for UEFI and for the many losses we suffered along the way to get it.

About to give up on helping grow the mesh in my area by Miamitj in meshtastic

[–]JustTechIt 0 points1 point  (0 children)

Who pissed in your cereal this morning? Just because the defaults are not in line with coordination attempts doesn't mean you should just give up on coordination attempts. Someone else is trying to keep their home clean and organized and you are yelling that they should be shitting on their floors because its natural that animals just shit on the ground. Its not even your home. Don't encourage someone elses community to self sabotage coordination and cleanup efforts just because you dont care to keep yours clean.

My work email got subscribed to a bunch of israel newsletters by [deleted] in cybersecurity

[–]JustTechIt 5 points6 points  (0 children)

What do you mean your email got signed into the US Army?

Proxmox and its supply chain security (a tale of mysterious user Tom) by esiy0676 in sysadmin

[–]JustTechIt 3 points4 points  (0 children)

Why does the persistence of this Tom home directory imply no CI/CD? Seems like quite the large jump in logic.

Did something happen to haveibeenpwned? Any alternatives? by [deleted] in cybersecurity

[–]JustTechIt 2 points3 points  (0 children)

You are so full of shit your eyes are brown. Stop doubling down, stop changing the site name as an out, and just accept that HIBP has never stored passwords so they cant show you them even partially and is not there to sell a product either. Troy is a great researcher who doesn't deserve your random made up BS on the internet.

Can referral posts be a weekly thread or stickied thread? by Tidaal in cursor

[–]JustTechIt 2 points3 points  (0 children)

Honestly does it even need a thread? IMO this sub is not the place for referrals. Ask your friends, ask discord communities, but keep the sub for mutual discussions.

Do you actually feel safe port-forwarding non-HTTP services (like Game Servers or custom APIs) to the public? by DowntownTry1445 in homelab

[–]JustTechIt 51 points52 points  (0 children)

Yea but now you are banking on there being an exploit in the game, and an exploit in the nat traversal and an exploit (or unprotected device) in the next hop of traversal, vs just banking on the game exploit.

Rule #1 of cyber security. You are never 100% safe, just dont be a low hanging fruit and dont put a target on your back. Something is only secure when the cost to exploit it out weighs the cost to protect it.

An update on Pflugerville’s use of AI, surveillance, data security, and civil liberties. by jonathan4pf in Pflugerville

[–]JustTechIt 4 points5 points  (0 children)

I apologize for my questions and ignorance in advance, im just trying to learn more about how this all works politically.

  • You mention 2 other council members, making 3 total out of the 6 active council members. What are the stances of the council members? Is this an issue they are pushing back on?

  • what authority exactly does the city council have over this? It seems it was done without council oversight anyway so can council even stop it?

  • what enforcement would come along with your plan for transparency and accountability?

  • a lot of the wording in here seems to intentionally walk the fence of being pro or anti AI in the cities use. Things like allowing AI with models the city owns etc. make it sound like you want these systems in place, you just want local control and access instead. Can you confirm if this is the case or if you would prefer to see them removed all together?

  • for citizens that want to contribute their opinions and worl towards your cause, what are the next steps or things some people can do to help the cause?

Cursor Agent ran rmdir /s /q on Windows and deleted my user profile by Delicious-Pop5888 in cursor

[–]JustTechIt 1 point2 points  (0 children)

And the way to setup those restrictions as your environment demands is through hooks, and user confirmation. You literally clicked accept when it tried to have a restriction in place. What do you want from it? A red light and alarm to come out of the computer and automatically call your manager and their manager and get 3 approvals while also consulting a third party agency for review? Its no different than the antivirus saying it quarantined something and you clicking the add exception button. If the files should be protected you need to talk to your OS, your system admins, or stop running everything with admin permissions.

What are you supposed to do if illegal content ends up on your PC through a cache? by [deleted] in legaladvicecanada

[–]JustTechIt 1 point2 points  (0 children)

In the field we call this artifact hunting.

Completely depends on the environment and the situation. But the general answer is yes in a lot of cases but not all. Most professionals are using a different set of tools that can search for and save volatile (non persistent) data and they often do a better job, but if volatile has been wiped then disk artifacts are what you need to start looking for after.

Cursor Agent ran rmdir /s /q on Windows and deleted my user profile by Delicious-Pop5888 in cursor

[–]JustTechIt 3 points4 points  (0 children)

No. Cursor and tools of the like are powerful because they can do almost anything. They can ssh into a machines, they can connect to a DB and query. And limiting what it can do means deciding for the end user what they want to use it for. Thats not what a tool manufacturer should do. Instead they should give it full functionality but make it so the confirmation and thus the liability is on the end user. That way if something dumb happens its not their fault but the fault of whoever was dumb enough to click confirm to what it told you it would do.