root

root OP , 18 days ago (edited 18 days ago)

Would that be similar to telling SSH to listen on only one interface? Because I did try that but it unfortunately did not resolve the issue

Edit: Found what you mean. I'll give this a try, thanks!

root OP , 18 days ago

Just SSH dropping. Everything on the VM side is ok.

And yes, the computer I'm using is on .6.X (LAN VLAN) and the VM is on .1.X (MGMT VLAN).

The management VLAN is only accessible by a couple devices and this is one of them. To get PiAlert to be able to see devices on the LAN VLAN, it has to have an interface to be able to ARP from.

root OP , 17 days ago

Understood. Thanks so much!

root OP , 18 days ago

Yeah, such a nightmare, lol. If I ever feel like hosting a honeypot I'll probably DMZ it or use a VPS or something, but I'm going to change gears on projects for now.

root OP , 1 month ago

Right. Most of my VLANs are set up that way; they're silos. The VLAN that this is running on is the "management" VLAN that can see the other ones

root , 1 month ago

I recently found out about Circles and was hoping to migrate friends and family to it, but it's just too much of a learning curve to get things set up.

root , 1 month ago

I read through their EULA the other day, and it seems everything is E2EE so only the recipients can see the data, but they do have access to some stuff such as last login, usernames, etc.

I have a few friends using it, and it's nice once you get it going, but adding/ finding friends is a bit of a headache in my experience

root , 1 month ago

I wonder the same

root , 1 month ago

I have a somewhat dated (but decently specd) NUC running Proxmox, and it's the backbone of my home lab. No issues to date.

root , 2 months ago

Rank choice, and more party options to use it on

root OP , 2 months ago

Updated with the forum posts

root OP , 2 months ago

Gotcha. I'm using a ATX 1800 with full tunnel. I figured there would be a default deny all (haven't touched anything in the way of the firewall on that device yet), but wasn't sure if ARP would be able to get past it from the public AP side. I guess I can always do a few experiments at home in the lab too. Thanks again!

root OP , 2 months ago

Thanks so much for looking into it! That's a relief

root OP , 2 months ago

Hey there,

Yeah I'm doing it manually, and I did try importing the config from pfsense, however it would say import successful and then "Failed" at the bottom, lol.
I did end up getting it working after finding a post from the staff mentioning that you should not put a listening address on the Peer and you should set a manual MTU of like 1300 which worked for me.

root OP , 2 months ago

Ty!

root , 3 months ago

I'm out of the loop. What's ACAB?

root OP , 3 months ago

Oooh, good point. I'm not even sure if I should be using this with cert only based auth

It does usually not make sense to use fail2ban with e.g sshd when only public key authentication or similar is enabled.

root OP , 3 months ago

Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.

root OP , 3 months ago

I was thinking that might be the case. Thank you!

root , 3 months ago

Last I checked, they didn't support my webos version without me doing the developer mode trick, but my Nvidia shield/ Jellyfin for Android TV works like a charm

root , 3 months ago

I really want(ed) to look into the *darr projects, but I don't want to give them write permissions to my NAS :/

root , 3 months ago

Yeah, I suppose I could have a specific directory for them to download to, then I move them to the directory which they play from, which is more restricted.

I thought one of the main benefits of those projects was that they can automatically download and replace versions with higher quality ones (if you have it configured that way). In that case, would I be able to have it look at my (restricted) directory which it doesn't have write perms for, but download to a different directory?

root , 3 months ago

Thank you, I'll definitely check it out.

root , 4 months ago

I've seen videos that show having two touch enabled cards next to each other prevents anyone from scanning, since their signals cause interference with one another.

I came across the video when looking up those RFID blocking cards you can add to a non shielded wallet and they work the same way

root OP , 4 months ago

Hmm, I just joined the Meshtastic room in here. I guess there's a few of them >_>

root , 9 months ago

Wish something like that would come back.

root , 9 months ago

Wait, If Windows is 96.21% and Linux is 1.96%, then MacOS is 1.83%?

Wouldn't that make Linux 2nd place?