Cyber

After being home for weeks, I went away for business, the 1st night away there was a brief powercut and the firewall (on a UPS) seemed to get stuck.

So, that's no DNS, DHCP, or connectivity between wifi and LAN... All due to (admittedly aging) hardware issue.

Since then my entire home system has had issues whilst it all settles down.

It made me think about getting some redundancy into the system to handle a single failure.

So,.can you give me any insights into High Availability like CARP (for pfSense), VM failover (on Incus?), mesh wifi, Home Assistant, etc?

Of course there are going to be single points, like ISP line, etc, but seems like something to test out.

So, just a light post, I upgraded my Pi4 last night and found the Linux firmware breaks a 32bit install.

I've been meaning to change to 64bit for months, but as it's my DMZ box for torrents, radicale, etc, then it's just finding the right time to convert an adhoc setup into my ansible scripts.

Luckily I had a SD backup from September to get it running again

So, what have you broken over the holidays?

cross-posted from: https://discuss.tchncs.de/post/49194514

I stumbled across Diode whilst looking for ways to do secure off-site backups (to my own equipment at another house) and it feels like a paid-for TOR (Ok, there is a free option)

I'm looking for any real experience as the site has too much marketing lingo in it:

Every Client is secured with a public/private key self-custody identity

And this doesn't seem very dynamic if I want to change something:

Diode’s Blockchain Name System can be used for Client friendly names

And somewhere on the site it infers unlimited storage...!

So, is the free option worth me looking into, or is it a waste of time?

I have a few VMs and PMs around the house that I'd setup over time and I'd now like to rebuild some, not to mention just simplify the whole lot.

How the hell do I get from a working system to an equivalent ansible playbook without many (MANY) iterations of trial & error - and potentially destroying the running system??

Ducking around didn't really show much so I'm either missing a concept / keyword, or, no-one does this.

Pointers?

TIA

Just found my Vivaldi update contained a little more than just bugfixes... it now has Proton VPN built in.

It's actually part of the browser, not an extension, so I'm in two minds whether I like that... or not.

You need either a Vivaldi account or a Proton account, so it's not completely anonymous, but it's a start.

The free-tier of Proton VPN also appears to be bandwidth limited and your exit point is randomised, so... yeah, it's ok...

"On 11th November BBC iPlayer will no longer be available directly on this device."

OK, so, I didn't purchase this particular (Blaupunkt) TV, but as it's my mother's then, well, I'm the one that has to "fix" this.

Personally, I use TVs as a simple screen and watch everything through other devices (Roku, or a Linux PC running MythTV).

I see the BBC website has some links to review sites, but I thought this might be another place to ask for - preferably open source - devices that could be used.

Comments?

As a long-term MythTV user, I read all the discussion about Plex vs Jellyfin, but I'm still here... recording Live TV, watching films, listening to "me choonz" all on free, open-source software. What am I missing? Any other MythTV users out there?

Just stumbled across this (overly dramatic?) article and thought I'd just post it here...

It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.

Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.

I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of

pfSense... Anyone have much experience with the new Kea DHCP server?

I'm using 2.7.2 (Community Edition) on a fairly good Celeron based system that's not heavily loaded, but I have 7 network segments (VLANs and physical interfaces), so I have 7 DHCP pools / configs.

Just adding 1 more static reservation can cause a significant delay when reloading the service and because I register static reservations in DNS, the network loses DNS so I "break the internet" for a short while.

Would Kea fix this?

Well, as the title says, I've had a few notifications that alerted over night and I'm wanting to sleep instead

These are ntfy alerts, but driven by Uptime Kuma... and I can't find a programmatic / config option that says "don't notify between 11pm and 7am" (but willing to admit I've just not found it... yet...)

I need my (Android, ofc) phone to be on in case of family calls / messages, so I can't use "Do Not Disturb", and remembering to manually mute the ntfy app each night just doesn't make sense to me - computers are quite capable of automating my requirements for me.

So... any pointers? I'm sure you're not all getting alerts at 2am because your ISP dropped a few packets...

I secure systems for my day job. That means installing AV software, ensuring Windows Firewall is ON, etc. (Plus many other things...)

I've seen discussions around disk encryption here, but I don't recall much about a malware protection. Maybe a little about personal (desktop) firewalls.

I'm aware of Clam, etc, but is anyone actually using these tools much?

Or are we just presuming we're all immune from the bad guys targeting Windows?