Mastodawn

There's never been a better time to build your own router—a practice which the FCC will hopefully not *also* ban for US #homelab consumers :)

https://www.youtube.com/watch?v=04oL0qVSWJE

Homebrew routers just got a whole lot more important in the US

Knowing how to build your own router for your homelab is going to be a useful skill, until this FCC ruling is reversed:https://www.fcc.gov/document/fcc-updat...

YouTube

Show thread

Michael T Babcock 13h ago

@geerlingguy as a guy who's been building his own routers professionally for decades now, this is great advice. Also its really quite easy (and always has been with the right knowledge).
Just PLEASE don't run additional software on your routers. Run them on a device *behind* the router. You'll thank me eventually.
#firewall #router #sysadmin #networking

Show thread

Madagascar_Sky 10h ago

@mikebabcock @geerlingguy

Lol, that sounds like wisdom earned through blood and tears

Show thread

Michael T Babcock 10h ago

@Madagascar_Sky @geerlingguy among other things, your 'forward' rules used to restrict access to your LAN don't apply directly to local services. Your INPUT rules for local services don't apply to forwarded things. And if you have an allocated fixed IP range from your ISP, you probably want to bridge instead of forwarding your interfaces as well.
Should totally document my standard Linux router setup some day.

Show thread

Madagascar_Sky 10h ago

@mikebabcock @geerlingguy

Make YouTube shorts, you'll reach the youngins so easily. Linux wisdom by bonafide sorcerer. Blood magic Linux this way.

Show thread

DrScriptt 3h ago

@Madagascar_Sky @mikebabcock @geerlingguy I’m inclined to agree it will reach more eyes.

But a 3 minute short is not much time to cover firewalling. Not in sufficient detail.

There is so much you need to know about networking and services to be able to understand what the firewall is doing and what impact it will have other than just breaking things.

Admittedly less than packet sniffing.

😈

Show thread

Michael T Babcock 3h ago

@drscriptt @Madagascar_Sky @geerlingguy see also "just turn off #selinux" on every package.

Show thread

Analog AI 3h ago

@mikebabcock @drscriptt @Madagascar_Sky @geerlingguy
Like windows software which says "if you get antivirus errors, ignore them".

Show thread

Michael T Babcock 3h ago

@Retreival9096 @drscriptt @Madagascar_Sky
I have different feelings about Windows AV than I do about mandatory access controls like SELinux.

We ship a small terminal emulator internally to clients. We do not pay the Microsoft tax to have them sign it. As a result, Defender yells at everyone that it might not be safe. Why? Because we didn't pay the tax. Not because its safer to use signed software; it isn't.

#rant #antivirus

Show thread

Analog AI

@mikebabcock @drscriptt @Madagascar_Sky And if that's explained well to the user, that's great. I don't like those who blanket say ignore warnings without giving the reasons. And having Avira say it thinks something is a virus is different that having Defender say something isn't signed. (Even though both might be safe.)