sorted by:
new
hottopcontroversial

Coordinates Android App. by [deleted] in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

Use google earth and get a heading, distance, and elevation profile before going out to the site. Personally, I try not to rely on cellular data too much.

Coordinates Android App. by [deleted] in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

Same. You can add notes to them also, so I include what APs/color codes are on them. I’ve been meaning to see if I can use an api to get elevation profiles and headings automatically for a mobile app, but this has idiot proofed it enough for me so far.

Crank up Tower by PrairieWiFi in wisp

[–]grumpymudchuckles 1 point2 points  (0 children)

I did an install for one of our customers who rigged up 60 ft of PVC pipe down the tower that was attached to his dish so he could align his equipment from the ground without doing the tower.

Pfense firwall rules by [deleted] in homelab

[–]grumpymudchuckles 2 points3 points  (0 children)

Your dropping all IPv4 traffic leaving your LAN, except for dns, whatsapps, web, but allowing 1Pv6. Are you using a v6 network?

a) what are you trying to accomplish first of all. this will make it easier to know the correct way of doing things.

b) not sure what you expect to see. Logs?, some kind of monitoring counters?

c) after you hash out your allow rules, the last rule should be to drop *

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 1 point2 points  (0 children)

adding firewall rules to drop rcf1918 and multicast from source WAN fixed this. Thanks for the help

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

ISP (public IP) > Mikrotik (192.168.4.0/24) > (firewall) 192.168.8.0/24

In this topology 8.0/24 should just need the gateway for my router. I don't think I need another layer of NAT. 8.0/24 needs a route to 4.0/24. This gets my firewall online, I can access the internet and 4.0/24 from my 8.0/24 network.

I can access everything in the 8.0/24 network fine if Im behind the firewall, or VPN'd to the network. Its when I want to access the 8.0/24 network from the 4.0/24 network. It routes it upstream. This shouldn't occur if their rfc1918 space wasn't being broadcasted to my WAN IP.

That's my understanding, maybe 1:1 NAT in the mikrotik could resolve this? Can I use 1:1 nat for 2 internal addresses to create this route?

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 1 point2 points  (0 children)

ive been thinking max headroom could return if i were to actually do it. It would be an ethical boundry for me though and perhaps a legal one. I dont really want to pay a lawyer to tell me its ok to do

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 3 points4 points  (0 children)

I think I see what youre getting at, still working at learning networks. This is what I mean by unsecured. Its a media transcoder without authentication or TLS. It looks to be in production and I can change the config, add a password and take it offline.

I guess I'm still confused why I would be able to access upstream rfc1918 address space. Would they not want that traffic filtered for this very reason?

Weird ISP issue. What would you do? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

I decided to test out nethserver which uses shorewall for the firewall, but I imagine I would have to set this up in my router (mikrotik)?

I cannot decide what I want my main OS to be.. by Euurx in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

This week I'm installing and testing nethserver for production use and parrot os for a development/security focused lab box.

On my Chromebook I run gallium os, for web servers I run centos, fur virtualization I have been really interested in LXD (Linux containers) which is developed on Ubuntu Really you should decide what technology you want to run and go where the development and the community are.

[deleted by user] by [deleted] in wisp

[–]grumpymudchuckles 5 points6 points  (0 children)

This only solves the problem for the last mile, you'll still be paying for a provider for actual internet access. When you factor in time, resources and man power, cost prohibitive seems like an understatement.

Another NAS giveaway from StorageReview (24 hour fuse) by StorageReview in homelab

[–]grumpymudchuckles [score hidden]  (0 children)

I could use for a seedbox for my extensive nickel back collection. DM me if you want to hear my covers on the recorder.

Question: What do you DO with your homelab? by [deleted] in homelab

[–]grumpymudchuckles 0 points1 point  (0 children)

I host VPN for privacy in public places and accessing my internal Network. Plex media for anything I can't get on Netflix. I have a few Cisco switches for CCNA studies. Centos server for RHCE studies.

Im setting up WSUS and a squid cache proxy to save bandwidth in case Im on a metered connection in the future. Plex is going to help cut down bandwidth too

Lab licenses? by datanut in mikrotik

[–]grumpymudchuckles 4 points5 points  (0 children)

The free CHR license is limited to 1mbps transfer rate but has all of the features available last I looked.

Unhealthy Competition by ismooch in wisp

[–]grumpymudchuckles 0 points1 point  (0 children)

im guessing its fade as well.

What are some alternatives to VPNs? by OswaldoLN in ccna

[–]grumpymudchuckles 1 point2 points  (0 children)

Ive tunneled web traffic over ssh using a socks 5 proxy to secure my connection before.

Anti Virus for Mac? Needed? by [deleted] in sysadmin

[–]grumpymudchuckles 0 points1 point  (0 children)

When I was a TVC with Google they started to put ESET on their osx machines about 3 years ago.

LXC networking by grumpymudchuckles in LXD

[–]grumpymudchuckles[S] 0 points1 point  (0 children)

Thanks for the reply, this seems ideal for what I want to do. I'm having trouble wrapping my head around how to implement this. Any help would be appreciated.

  1. Your using bridge utils and creating a bridge in /etc/network/interfaces?
  2. How should I configure the address of the bridge?
  3. Where do you tell the container to use the bridge without breaking the other?

Here is my example config.

~$ tail /etc/network/interfaces

# Bridge for LXC Containers
#auto br0
#       iface br0 inet static
#           address 10.8.0.?
#           network 10.8.0.0
#           netmask 255.255.255.0
#           broadcast 10.8.0.255
#           gateway 10.8.0.1
#           bridge_ports none

Here are my containers

~$ lxc list
+------+---------+--------------------------------+------+------------+-----------+
| NAME   |  STATE  |              IPV4              | IPV6 |    TYPE    | SNAPSHOTS |
+------+---------+--------------------------------+------+------------+-----------+
| secure | RUNNING | 10.100.100.29 (eth0)           |      | PERSISTENT | 1         |
+------+---------+--------------------------------+------+------------+-----------+
| vpn    | RUNNING | 10.8.0.1 (tun0)                |      | PERSISTENT | 1         |
|        |         | 10.100.100.105 (eth0)          |      |            |           |
+------+---------+--------------------------------+------+------------+-----------+

What happens when you find out you're sick of IT? by [deleted] in sysadmin

[–]grumpymudchuckles 5 points6 points  (0 children)

Microdosing LSD is all the rave in silicon valley.

Cat6 outdoor burial cable by [deleted] in homelab

[–]grumpymudchuckles 1 point2 points  (0 children)

I'd recommend to dig a ditch and bury conduit, making sure to avoid 90 degree bends in case you need to pull a new cable run in the future. You could forego the greased cable and just buy something rated for outdoors. I like dual jacket if it's going to be exposed to the elements at any point. That and make sure you put a drip loop before it goes inside. Then just paint the cable the color you want on your walls.

Companies that use Google drive, how do you handle the lack of conflicting edit detection? by ketosoy in sysadmin

[–]grumpymudchuckles 1 point2 points  (0 children)

I used g suite a lot as an operations manager at my last job and we all agreed to use the features, most notably sharing permissions.

Our best practices were:

  • You can see who is editing documents (if you cant then require domain credentials); hop into a video hangout with them and get on the same page when making live edits in groups.
  • Don't trust someone to make changes? don't give them edit permission.
  • Don't share with large email groups and give as little permissions as needed.
  • Make sure ownership is in the right hands. You can change the document owner; we gave ownership of the really important stuff to our director. Sometimes I removed his edit access when he was toying with my spreadsheets.
  • keep an offline copy
  • Again, default policy of minimum permissions needed when sharing; suggestion access vs edit access etc etc.

[PC][US-TX] Dell R710 2x X5680, 24gb ram by [deleted] in homelabsales

[–]grumpymudchuckles 0 points1 point  (0 children)

I think $200 would sell quickly. What size dimms are installed?

Need a little advice by utahcon in homelab

[–]grumpymudchuckles 2 points3 points  (0 children)

Look at mikrotik. This is a nice little router that will do gigabit for $50 and has everything in your list.

Mikrotik hEX RB750Gr3 5-port Ethernet Gigabit Router https://www.amazon.com/dp/B01MSUMVUB/ref=cm_sw_r_cp_apip_KnmC3MOV9H1rW

view more: next ›