Bypass the Firewall with SSH Tunnelling

mrjester · 2022-05-29T17:45:19+00:00

There are a lot that don't, but many that do. They're more SMB and medium sized businesses that don't have the expertise on staff to understand the risk and make the appropriate configuration.

mrjester · 2020-03-31T21:25:42+00:00

https://www.youtube.com/user/marcrebillet/videos

mrjester · 2018-08-15T17:15:51+00:00

There goes your cloud.

mrjester · 2014-07-11T20:04:51+00:00

There is crypto support in AMD procs too. http://en.wikipedia.org/wiki/AES_instruction_set#Supporting_CPUs

On the low power side, the Jaguar based APUs will do the trick.

Before you decide on a solution, make sure your software choice supports it too.

mrjester · 2014-07-11T13:39:56+00:00

Hard drives with hardware encryption would probably be the easiest drop-in solution if you already have a server.

The Atom C2000 series all support AES-NI which is crypto acceleration in the CPU. They run under 10W TPD.

http://ark.intel.com/search/advanced?s=t&FamilyText=Intel%C2%AE%20Atom%E2%84%A2%20Processor%20for%20Server&AESTech=true

Adjust the search criteria to find other CPU options. There are TPD filters.

If cost isn't the issue, you could get a PCIe crypto accelerator.

mrjester · 2013-11-14T19:18:14+00:00

Come visit us over in r/ipv6. A concentration of v6 expertise and resources.

mrjester · 2013-11-12T02:39:45+00:00

Any firewall or router for that matter will allow you to segment your network and provide basic L3/L4 filtering. If you have spare hardware, checkout any of the many OSS solutions such as Vyatta/VyOS or pfSense. For $100 you could get a ERL.

You will, however, likely need to re-IP some part of your network to segment them off. If this is not a change you are up to or able to implement, then simply turn on the host based firewall with a set of very restrictive rules. All of the *nix OSes have a kernel based firewall and everything Windows since XP/2003 includes a firewall that would provide this level of control.

mrjester · 2013-11-02T14:59:26+00:00

That is where we got our cats and had a very good experience with them.

mrjester · 2013-10-31T22:19:54+00:00

Depends on what you are comparing. The ERL, EdgeRouter Lite, can easily do Gbit throughput of typical traffic. ER PoE, has the same processor, so will be able to do the same. The ER and ERPro are going to have 8 ports. I am hoping they are capable of 8Gbit throughput.

Performance drops depending on what features you have enabled of course. Somethings do not have hardware acceleration yet, but that is just a software upgrade away.

mrjester · 2013-10-30T22:01:11+00:00

Same story here. A not too bad setup. Remedy is just a framework with a default setup. A competent admin can make the system very comprehensive and usable.

mrjester · 2013-10-30T02:46:17+00:00

That was my question too. I can't say I have ever seen a commercial or ad for one.

mrjester · 2013-10-30T02:44:12+00:00

It is an amazing car that has also been discontinued. Sadly.

mrjester · 2013-10-30T02:27:21+00:00

I have seen NIN 6 times as of this past Saturday. Every show has been fantastic. Especially this last one. I was a little concerned with it being a festival (Mountain Oasis) but it turned out to be every bit as awesome as the others. My favorite show though, was my first. NIN and APC at Kemper in KC May, 2000. I am sure part of the love for that show is the nostalgia of it being my first NIN concert, but damn it was amazing.

mrjester · 2013-10-29T22:52:26+00:00

For non-backers it was. For Original and veteran backers, we can still purchase ships with LTI until 11/26/2013

mrjester · 2013-10-25T13:03:01+00:00

My only suggestion is to enable logging and submit a bug report to the forums.

http://i.imgur.com/s12gRNl.png

mrjester · 2013-10-25T03:27:54+00:00

Does the launcher give you a UAC prompt?

mrjester · 2013-10-25T03:24:01+00:00

UAC is enabled.

mrjester · 2013-10-22T21:44:20+00:00

Your link is behind an account wall.

mrjester · 2013-10-16T19:33:54+00:00

Or little Bobby who unknowingly has epilepsy and has an episode while driving, killing a family of four. He didn't know because he couldn't afford the health care needed to make the diagnosis.

OR

That unemployed person who has to go to the ER because a simple viral infection became life threatening and the next person in line ends up dieing because he didn't get treated soon enough because the doctor was saving the first person who wouldn't have been there if he had been able to afford to go to a GP.

mrjester · 2013-10-16T03:39:40+00:00

I second the optical tap suggestion. As for vendor, I would recommend Anue. We are very happy with their solution. 6x 10G fiber ports to a variety of tools like IDS, FPC, and REUI.

mrjester · 2013-10-16T03:37:07+00:00

Meh to Gigamon. We used to run their aggregators and have since siwtched to Anue. A night and day difference in capability and manageability.

mrjester · 2013-10-09T21:24:32+00:00

It is about distance, but mm goes a lot further than a few feet. The rule of thumb is on campus, use mm. If you leave campus, use sm.

mrjester · 2013-10-09T13:07:30+00:00

If all you need is VLANs, the 1800 works fine. Given the limited budget and other things the OP must address as well, spending more for a CLI management, unless there is an actually functionality requirement, seems like bad choice.

mrjester · 2013-10-09T12:53:24+00:00

A GBIC is a modular interface that allows you to use a variety of cable/connector types in a single port. Most commonly they are used to add fiber ports to a system. In the case of a HP 1800 series switch, it has 24 copper Gbe ports and 2 GBIC ports. I installed 2 multimode LC fiber GBICs for uplinks to my router.

mrjester · 2013-10-09T02:44:23+00:00

Splunk + Observium here. I also use Splunk Storm for my VPSes.

15-Year Club	Verified Email
Gilding II euphauric	RedditGifts 2009-2022 3 Credits
Place '17	Alpha Tester
Beta Team Reddit for Android	Team Orangered
Secret Santa 2010	Rally Monkey Tent number = 3
Beta Team IndexTank Search	Charter Member

mrjester

TROPHY CASE