Is there a way for me to be “notified” if shell access of any form is gained by someone?
Falco is a very powerful tool for this.
(Justin)
Tech nerd from Sweden
Is there a way for me to be “notified” if shell access of any form is gained by someone?
Falco is a very powerful tool for this.
If you’re not using something like synology, it isn’t really an issue to run applications and nas on the same machine. I would generally recommend separating them so you have more options in the future if you want to run muliple servers for HA or expansion, but it should be fine either way. It is worth noting that quad core N100 computers are like $150 on aliexpress if you want a cheap application server(s).
Generally it’s simpler if you have your NAS separate from your application server. Synology runs NAS really well, but a separate application server for docker/etc is a lot easier to use and easier to upgrade than running on Synology. Your application server can even have a GPU for media transcoding or AI processing. Trying to do everything on one box makes things more complicated and fragile.
I would recommend something like Debian or NixOS for the application server, and you should be able to manage it over SSH. You can then mount your NAS as an NFS share, and then run all your applications in Docker or NixOS, using the NAS to store all your state.
That’s fair. I’m just thinking I could never use something like this because I would be invading the privacy of others using my Jellyfin. I would live to see an anonymous view counter on every movie though tbh.
Seems pretty creepy to be collecting logs about what people watch. Why do people use this?
You need IP cameras and then you need a NVR server for recording, detection, and display. There are some good open source NVR programs out there with docker support. I’ve been wanting to try Viseron. There’s also ZoneMinder and Shinobi that seem to be good.
Unfortunately most consumer cameras are cloud only. This seems to be a list of cameras you can look into: https://wiki.zoneminder.com/Hardware_Compatibility_List
Your best bet is probably a chinese brand for cameras. Dahlua seems popular. There are also a bunch of PoE cameras on Aliexpress for $15-25, but I can’t attest to if they’re any good. Hikvision cameras seem to have been popular too, but they have been recently sanctioned by EU/US for human rights violations.
STH measured 23w on theirs, but it can vary based on which one you buy. Tons of compute power with those 4 E cores.
https://www.servethehome.com/fanless-intel-n100-firewall-and-virtualization-appliance-review/4/
$150 fanless N100 pc with 4x2.5gbps from aliexpress and install OPNsense on it.
deleted by creator
Being able to find and read software documentation and knowing how to use the tools that automate software deployment are why SRE/devops/cloud guys get paid the big bucks.
I definitely recommend synapse over dendrite or conduit btw. dendrite and conduit have a bunch of missing features, and my first attempt at dendrite server shat the bed with its NATS store and died. I definitely recommend Synapse for all matrix servers going forward.
The .well-known entries I found were the hardest to test, since synapse doesn’t provide a web server for them, and Element throws a fit if you don’t have CORS set up exactly in the way it wants you to.
I mostly have my matrix server working now, with bridges even. However, Element randomly logs itself out on a daily basis which is really frustrating :/
Apparently there’s something called fcast, but I’ve never tried it.
they have CEC adapters and remotes for PCs that you can use.
Windows requires that antuviruses run at kernel level, programs which are notoriously buggy and harmful. It is a design flaw to require users to implement mandatory security features in this way. (it is literally not possible to run windows 10 or 11 without an antivirus) Similar security programs on Linux do not run at kernel level, nor should they.
Furthermore, every copy of Windows since Windows 7 requires that kernel modules are signed by Microsoft themselves. Microsoft personally signed off on this code that crashed millions of computers.
Is this implying that a publicly-traded corporation whose software is installed on millions of computers around the world has the same level of agency and responsibility as a preschooler?
When it comes to IT reliability and security, kinda, yeah.
Windows AV and MDM is a bit of a horror show in the corporate space. I worked somewhere where developers weren’t allowed to use WSL because it was blocked by McAfee. We also had 3 different MDMs running and they were slow as balls even though they were modern 8 core laptops.
Didn’t know 70% was a “couple percent”
If someone hands a toddler a gun and they shoot someone, who’s fault is it?
Microsoft*
This is an industry wide issue. This is just the first symptom.
The fact that random companies like Crowdstrike have kernel drivers in millions of computers they they ship remotely is a security risk in and of itself. We’re lucky crowdstrike just shipped a bug that crashes computers, other companies could have shipped a lot worse.
Unraid is bad at NAS and bad at docker. Go with a separate Nas and application server.