borari

General users can have production servers also. I’m not sure what point you’re trying to make by quoting an FAQ at me tbh.

Judging by the downvotes, Onno wasn’t clear at all and other people thought they meant it the way I took it. I think the part that makes it obvious Onno was telling the user to use Ubuntu provided user support is that they literally said “Use the support”.

It’s not how long you get support, it’s how long that version of the OS is going to be supported by the maintainers for stuff like security updates. The reason you would choose an LTS release is because you don’t want an apt update to switch to a kernel version (or any other package version) that borks a production server.

The Lawrence of Arabia 4K remux is so fucking crispy.

Tmux is 100% what OP needs to be using.

I have a 6 bay, so yeah that might be a little limiting. I have all my personal stuff backed up to an encrypted cloud mount, the bulk of my storage space is pirated media I could download again, and I have the Synology using SHR so I just plug in a bigger drive, expand the array, then plug in another bigger drive and repeat. Because of duplication sectors you might not benefit as much from that method with just 4 bays. Or if you have enough stuff you can’t feasible push to up to the cloud to give piece of mind during rebuilding I guess.

Depending on how many bays your Synology is, you might be best off getting a nuc or a mini pc for compute and using your synology just for storage.

I just changed the Fw rule DST nat mangle port and told him to use jellyfin.

Are you also a fellow MikroTik/RouterOS user?

I wonder if having a “sign in” page within jellyfin that just fronts a wireguard configuration panel, saves the creds, and automatically connects and routes app traffic over the vpn iface is a remotely viable idea.

This is why you shouldn’t use the built-in TV OS. Use an Apple TV, Nvidia Shield, fire stick if you’re fine with ads, a tiny NUC would work, maybe a raspberry Pi although idk about that one.

My coworker was having difficulty starting and is trying to commit to finding at least one hour a day during the week, and that’s been pretty successful for them. My issue is that I get completely consumed by it. Like ignore my family, ignore food, ignore everything, get off work at 5pm and rip offsec until 1am, rinse, repeat, and I’m like enjoying life and other hobbies and stuff right now lol.

Is there any specific offsec course/cert you’re trying to get going on? I’m super privileged in that my employer pays for the Learn Unlimited, so it’s easier to slack off on the training. When I was self-paying for individual courses it was much easier for me to hold myself accountable because I only had 90 days of lab access, and it was my money on the line.

I’m not currently working on anything projects or anything. I’m slowly getting back in to the OffSec training grind. I took a “short break” while working on my OSED over a year ago and am just now hopping back into it. I’ve already got my OSCP/OSEP/OSWE, so really gunning for this OSED for the OSCE^3. It has been extremely difficult to get back into a routine of doing training every day.

Exactly this.

@uranibaba@lemmy.world, I self host my media server, my *aars, my Usenet client, Home Assistant, dns server, and have some loud af r710s for standing up test AD and simulated network environments. My website is hosted on Google Cloud, moved from AWS bc free tier ran out and g cloud is like $0.42 a month. It’s just whatever makes sense for the thing being hosted.

I don’t have FDE (BitLocker) enabled on my Windows 11 gaming PC. It sits in my house and has nothing on it but video games and video game related shit. I don’t even have my password manager installed for logging in to Steam, GoG or whatever other launcher. I manually type passwords in from the vault on my phone if the app doesn’t support QR code login like discord. Also I paid for this ridiculous m.2 nvme drive, I’m not going to just give up iops bc i want my game install files encrypted.

I don’t use FDE on my NAS. Again it doesn’t leave my house. I probably should I guess, bc there is some stuff on there that would cause me to have industry certs revoked if they leaked, but idk I don’t. Everything irreplaceable is backed up off site, but the down time it would take to rebuild my pirated media libraries from scratch vs just swapping disks and rebuilding has me leery.

I have FDE enabled on both my MacBooks. They leave the house with me, it seems to make sense.

I don’t use FDE on Linux VMs I create on the MacBooks, the disk is already encrypted.

My iphone doesn’t have the option to not use FDE I don’t think.

I use encrypted rsync backups to store NAS stuff in the cloud. I use a PGP key on my yubikey to further encrypt specific files on my MacBooks as required beyond the general FDE.

I’m like a generation younger than you at least and I’m on the default terminal and tmux train, so I’m saying you’re not out of touch.

deleted by creator

If you really regularly disclosed vulnerabilities you’d know that for entities that don’t have vulnerability disclosure programs you can always report through CISA or ENISA.

It has not defaulted to root prompt in many years.

Damn. You’ve given me a vision of a future where people call applications that are installed locally and don’t leverage any cloud/server backend for any functionality “self-hosted” programs and I hate it.

It is pretty easy. There’s tons of tutorials and walkthroughs for doing it, but anyone familiar with UIs will be able to work it out pretty quickly I think. Maybe a friction point in using the filter query, but again there’s tons of walkthroughs and guides for using it online.

If you can’t conceptualize a packet, or sockets, or network flows, even with the help of online guides/manuals, I guess it wouldn’t be easy. In that case I’d be wondering why someone would want to use those tools in the first place though, as then they probably wouldn’t have the skills necessary to leverage the information gleaned from the tool in any useful way.

Edit - As we’re in the self-hosted community, I’d argue that anyone who is self-hosting anything would probably be able to easily install wireshark and view http requests, both individual packets and the stream as a whole.