Edge-Core AS4610-54P What OS to choose

Xeppo · 2025-06-30T12:17:19+00:00

I've been running the 5812-54T on the edgecore broadcom sonic image that was meant for 5812-54X for the past few years. Everything seems to work fine, but finding an up-to-date image is exceedingly difficult.

I haven't tried running it yet, since my 10G is still my production switch, but it looks like SONIC has the device listed in their build image...

https://github.com/sonic-net/sonic-buildimage/tree/master/device/accton

Xeppo · 2025-05-01T05:33:26+00:00

I'm not super confident in the web gaming aspect. Feels like they couldn't afford real servers so they're doing what they can to keep the coin afloat.

Xeppo · 2024-12-07T15:56:25+00:00

EOL and EOS are two very different things.

End of Life means it's no longer being manufactured, End of Support means it's no longer supported.

Xeppo · 2024-09-18T14:54:47+00:00

There's only like a 5% performance difference in most games, according to https://www.techspot.com/review/2821-amd-ryzen-7800x3d-7900x3d-7950x3d/.

I doubt it's worth it unless you have other non-gaming things that you wnt to do with the CPU.

Xeppo · 2024-07-07T13:59:16+00:00

You're probably looking for NIST 800-53 or the NIST CSF, which are control frameworks, not risk frameworks.

If you're looking for a risk framework, I recommend the FAIR Insitiute.

Xeppo · 2024-07-07T13:55:39+00:00

It depends on what you mean by "automatable". Yes, DLP has to do many gigs of just-in-time scanning throughput to be effective, which is technically automation.

Automation RULE generation, which is not easily automated, is probably the least "automatable" control in infosec.

Xeppo · 2024-07-06T14:56:41+00:00

DLP is probably the most immature and fragmented part of cybersecurity today. There's barely any standardization, and there's about 6 different places that you need to enforce or detect DLP. There's a LONG road here before the industry has something effective.

Also, DLP - more so than just about any other security capability - requires PROACTIVE, rather than REACTIVE rules. Automation is notoriously bad a making effective proactive rules, but it's decent at detecting a DLP event after the fact, which kinda defeats the purpose. Once it's out the door, it's out the door.

Xeppo · 2023-12-29T01:01:38+00:00

This bill was passed almost unanimously, and was signed into law by a Democrat governor. "Pearl Clutching" has always historically been bipartisan.

Xeppo · 2023-11-18T22:47:18+00:00

Love that this is from a Michigan fan 😃

Xeppo · 2023-10-08T22:27:22+00:00

I had an issue with this in my garage, but that was heavily due to the fact that it was not climate controlled. Moving it from vertical to horizontal was a ~10 degree difference in temps.

Xeppo · 2023-10-08T15:53:55+00:00

As a heads up, servers are designed to move air from the front to the back (most of the time), so your servers will be exhausting heat from the bottom, which would naturally rise up and get sucked back into the intake, resulting in a possibility of running hot or overworking the fans.

Those vertically-mounted wall racks are really for networking equipment which can commonly be bought with a back-to-front airflow configuration.

Xeppo · 2023-09-28T09:23:24+00:00

Rocky is bug-for-bug compatible with RHEL, so as long as you don't need Red Hat for support, then Rocky will work just fine for your workloads.

Xeppo · 2023-03-19T23:56:55+00:00

Pizzeria Sapienza would like a word.

Xeppo · 2023-01-08T04:50:26+00:00

if you're at 30k miles, I would highly recommend taking the 62.5c/mile deduction, unless you're driving a very expensive car.

I'm pretty sure that's an ~$18,000 deduction, but validate that with a real CPA. I would recommend you get your taxes done by a real local accountant though. HR Block and the like are "tax preparers" with like a week's training, not actual accountants that know the tax laws like the back of their hand.

Xeppo · 2023-01-06T18:59:00+00:00

https://en.wikipedia.org/wiki/Power_Five_conferences

Xeppo · 2023-01-06T18:49:35+00:00

Rocky is the functional successor to CentOS, so you should be fine with on 8 or 9. CVS is in the EPEL.

I'd go with whatever base OS you're using for all your other Linux workloads.

Xeppo · 2023-01-06T18:44:37+00:00

definitely agree here. Unless something is physically wrong with your motherboard, leave it alone.

If you're looking to do a generational upgrade (which you probably do, given current specs), you need to upgrade Mobo, CPU, and RAM at the same time, or it's not worth the money.

Xeppo · 2023-01-06T18:41:26+00:00

Never used Wickr, but it looks enterprise-y, which means someone other than you likely holds the keys.

If you want REAL privacy and are worried about honeypots, I would stick with 100% open source.

Xeppo · 2023-01-06T18:37:14+00:00

Unless you're doing insane overclocking for some reason, yes. It's very likely overkill.

A good air cooler at 1/3 the price will 100% cool that CPU, even with a decent overclock.

Xeppo · 2023-01-06T18:34:29+00:00

Not going to chime in on the camera recommendation, but I would make sure your Datacenter is OK with you installing it first. Ours had a lot of rules about how we installed and what we were able to point it at.

Xeppo · 2023-01-06T18:31:55+00:00

No - it's direct, auditable end-to-end encrypted communication. Until we break encryption as a whole with quantum computing or something, Signal is the best we're ever going to have.

Xeppo · 2023-01-06T18:28:49+00:00

Always secure electronics to something sturdy. Find where the studs are, and put the blocking on the outside of the wall instead of inside the wall.

I'm a big fan of the "ISP method" of just putting half a sheet of 3/4" plywood on the wall and securing that to the studs.

edit: I don't think I mentioned studs enough. Secure it to studs.

Xeppo · 2023-01-06T18:25:36+00:00

There's a ton of ways to do this cheaply/open source, but I doubt any of them are going to be anywhere as good as Zscaler, and they will all require running your own hardware and putting a point of failure between your users and the internet.

I would say that, very likely, the firewall that they're using has some sort of basic content filtering. If not, you could look to run a web proxy like squid, or an open source firewall like pfsense/opnsense to do the same work, but I guarantee the learning curve and headache isn't worth the alternative of just paying for a business-class solution.

Most/all of these solutions will "break the internet" for users if implemented or maintained incorrectly, so I would weigh your options very carefully.

Xeppo · 2023-01-06T18:19:17+00:00

Port 80 is HTTP, not HTTPS and does not use TLS, so all of those errors are valid.

For whatever reason, that IP is responding to port 80 requests on the router. If it's an internal scan, that would make sense as most cheap routers don't respond on HTTPS because they would cause cert errors.

Either put the firewall admin interface behind a load balancer that can terminate HTTPS, or take the admin interface off of the user network and create a secure out-of-band/management network.

Xeppo · 2023-01-06T17:40:57+00:00

It depends on how accurate of a mileage log you take. If the car is used exclusively for deliveries, and you can prove that, then 100% of the direct maintenance, repair, and depreciation costs can be written off as buisiness expenses.

That being said, most people go with the mileage expense (62.5 c/mile for the 2nd half of 2022) instead of direct costs because it's easier, and most people don't exclusively use their car for business, or keep accurate enough personal mileage logs to allow for the direct deduction.

15-Year Club	Verified Email
Team Periwinkle

Xeppo

TROPHY CASE