Glad it's getting a little more light. Been trying to tell people this for a few years now lol. It's the reason I've stayed away from it since first learning of the tool and looking at the "source code".
Mikelius
0 Post – 53 Comments
Joined 1 years ago
Old Profile: https://beehaw.org/u/Mikelius
The NoScript list terrifies me a little though... Not sure what's going on there, but that's a lot of JavaScript lol.
I use iperf3 with Speedtest's servers, personally. But for a browser, yes JavaScript is needed.... But needing JavaScript files from like 20 different domains is typically a red flag for me on any site.
Just to get it out there... I checked this out about a year ago. It's not completely open source. The project consists of many executables and "pre complied dependencies" that don't appear to share matching checksums which may indicate modifications of some sort. Looks like a great tool, but I'm extremely skeptical of what's going on under the hood.
Hopefully they do truly open source it and prove me wrong, I'd love to give it a try some day.
Nice! Guess I can add it back to my wishlist and consider buying it soon! Been holding off on it too long
For me, it's just that I don't want to have to turn the console on with plans to play for 1 hour only to be introduced to mandatory forced updates or show installation times that eat that entire hour away anyway. I just want to play my damn games, not to mention 100% offline if I so choose to.
I hate short variable names in general too, but am okay with them for iterators where i and j represent only indices, and when x/y/z represent coordinates (like a for loop going over x coordinates). In most cases I actually prefer this since it keeps me from having to think about whether I'm looking at an integer iterator or object/dictionary iterator loop, as long as the loop remains short. When it gets to be ridiculous in size, even i and j are annoying. Any other short names are a no go for me though. And my god, the abbreviations... Those are the worst.
What is that weird >>=== symbol? Looks like a cross breed between C and JavaScript here.
Even if a game doesn't look like it'll work based on protondb, try it anyway. Many times I've had games that were marked as low ratings start up without any changes lol. I remember even when d4 beta came out, I saw people struggling to install and play it on the first weekend... Worked out of the box for me.
I'd do my part in buying games from them more if they didn't block my home network from their website lol. Yes it's behind a VPN, and no I'm not turning it off to give up my privacy just to buy something I can get from stores that won't block me.
I honestly used to buy games from them a lot, but once their website became inaccessible, I sorta forgot about them. Surely I'm not the only one right...?
Even if it's removed from fdroid because they want to close source it, I assume my current installations of their apps would be unaffected - just become stale and obsolete over time since they won't get updates... But as they're offline anyway, not too concerned in the short term. Hopefully the company respects the privacy amd care of the open source community and won't take that away from us, though. One way to find out.
I've had this issue many times as well. I've found changing the MTU would help since it seems some filter specific ranges. Doesn't always work but I've had more success than failure doing so
I'm a Linux mint user for my main system and am no beginner. As others have said, it's friendly to both beginners and advanced users, it's good to see you've made that choice.
That being said, don't stop there. Whether it's in a virtual machine or some old laptop, also try one of the "from scratch" systems. I went with Gentoo and that is the root of where a ton of my Linux knowledge started. It's my favorite distro simply because it has that history for me. You'll find everyone has their own favorites for their own reasons, so be sure to explore and find the one that you enjoy and helps you learn.
It always amazes me that they're able to do so much for voyager after all these years. Had I been the one to make it, I'd be like "space junk now" after the first problem because I doubt I would have come up with all the amazing redundancies they did.
Out of curiosity, why not just leave ssh access to the local network so you can only reach it by VPN in the first place? Note I might be misunderstanding what the goal of this was, so feel free to lmk if I'm off the field with my question lol
This isn't really a "Linux" problem. Calling it a Linux problem implies all distros do the same thing out of the box because it's a part of the core system. Systemd has a file, /etc/systemd/resolved.conf which has one line DNS= that you can add the servers you want. It's as simple as that. If you're using Dnsmasq for DNS instead, you'd edit the Dnsmasq file. If you're not using my of those (i.e. you removed systemd-resolved, Dnsmasq, etc) then you can just edit the /etc/reeolv.conf directly without worry of it being overwritten.
While many distros come with systemd out of the box, not all of them do. For example, I use Gentoo with rc and after editing my resolv.conf, never had to worry about it again unless I decided to install a custom DNS software on it later.
I read many replies to your post as "DNS software shouldn't be allowed to change DNS settings" for the most part, and that doesn't quite make sense to me. If it's a problem, remove said software. Browsers are definitely annoying in the DNS front, I won't disagree with that. Fortunately, they allow you to turn that off though.
Seems phishy.
I've had the opposite experience and was actually referring to this generation in my comment, specifically for the series X.
With Xbox 360 and even some Xbox one games, I was able to come home with the game and put it into the console knowing I could play it right away from the disc (or install for the Xbox one and play). When I buy a game now, referring to physical copies, I'm unable to play without requiring internet. I understand some games have limitations on disc size, but once upon a time, that's where multi disc came in. Just the other day I forgot to unplug my console from the network to play a game and was hit by a firmware update request that I couldn't say "later" to. Once that finally finished, I unplugged but I guess the console already got wiff of an update for the game I wanted to play and said I need to be connected to the internet to continue.
This is definitely not something I ran into with older generations, personally. That being said, it sounds like your experience was different, so I suppose mileage may vary
Been using Gentoo on my server for over a decade now and probably won't ever leave the compiling front, especially with a 12-core/24-thread CPU making it go as quick as regular binary updates on my mint laptop... But that being said, in happy to see them considering to do this. It'll bring in some folks who are afraid of (or just dislike) compiling everything from source. I think the biggest packages that'd benefit from this are definitely the browsers and desktop environments.
Cyberpunk worked out of the box for me, but senua 2 absolutely refuses to start no matter what kind of voodoo I try ("fatal error"). I seem to always be on the opposite spectrum of protondb mint users I swear.
Just got flashbacks of Lemmings from my childhood when reading this comment, lol
I also use Linux mint with cinnamon... Is this not just the Ctrl + Fn + arrow key? I think that's it, or maybe shift (not at my computer to check). Either way, I use this all the time to fit windows either on 50% of the left or right, or in one of the 4 corners. For example, if I want it in the top right, I just use the hot keys and target right then up.
Plus 1 to openvas. UI is indeed horrendous though.
Be careful running high load tests against sensitive devices. I once ran it against a PoE switch I used for my cameras and it did something so crazy that it required me not to only power cycle the switch, but to disconnect all the cameras first and then power cycle. Was super confusing and felt like it found a way to short the device lol. Scared the hell out of me.
That being said, I've found many many things to improve on my devices thanks to openvas.
Lots of comments already mentioning the differences. I have tried these, including the mentioned ipfire, and decided on the end to use opnsense plus openwrt on two different devices.
I chose opnsense at the time many years ago because it supported wireguard out of the box, where as pfsense required some weird install process I didn't want to deal with. Plus I liked the UI to opnsense more.
My moden has been literally replaced by my firewall so I have the ONT connected to it and then use it to do all the heavy lifting for... Well, firewall stuff. It connects to a VPN so my entire network routes through the VPN. Then my openwrt device is connected to that. It also handles firewall stuff, but more at an internal level (keeping network devices only permitted to communicate with devices I say are okay, blocking internet access, etc) and also hosts my nginx setup to route to various servers.
While I could do everything on one machine with opnsense, I've got a particular setup that allows me to have multiple devices at the firewall level, truly isolated from the rest of my internal network (for a couple of internet open port services). And it gives me peace of mind that if someone found a zero day in opnsense, I'm not totally screwed unless they also got one in openwrt.
To answer "which is better to begin with", I personally find opnsense way more flexible and robust than the other 2 options. Has a lot more capabilities and upgrading is super easy without requiring jumping through weird hoops and such like openwrt does.
My solution to this question a year or so ago was to take my gaming desktop, which was collecting dust after I moved to my gaming laptop, and gut it down to a 4U server rack case. Best decision I've ever made. 12 core Ryzen and 128gb memory. Got a 10g adapter in the pci express, 8xHDD for data and then 2 mirrored nvme for the OS itself. Only thing I kept out was the video card since I had no use for it (yet)
An equivalent "server" on the market would probably cost a fortune and cost you a ridiculous amount of electricity.
I tend to find out about vulnerabilities before it hits the news outlets from the rss feed at https://seclists.org/oss-sec/
Other than that, I've got a bunch of other security feeds I follow and also have automated updates with just about everything.
Never tried regular Arch after trying Black Arch, so not sure if they're the same feel, but after realizing the work it would take just to be given the capability to resize windows in the UI instead of just coming with drag and resize out of the box, Black Arch was a huge no go for me... Which kept me from wanting to touch regular Arch, lol. That being said, I go nope to Ubuntu the most. Gentoo is my favorite and is what my server has been running for the past decade without any kind of issue, but for laptop and daily use, I use Mint. Been on that one for about a decade now too... Used to use Peppermint (that still a thing?) and Suse the most before those.
Gentoo!
Not much for myself, like many others. But my backups are manual. I have an external drive I backup to and unplug as I intentionally want to keep it completely isolated from the network in case of a breach. Because of that, maybe 10 minutes a week? Running gentoo with tons of scripts and docker containers that I have automatically updating. The only time I need to intervene the updates is when my script sends me a push notification of an eselect news item (like a major upcoming update) or kernel update.
I also use a custom monitoring software I wrote that ties into a MySQL db that's connected to with grafana for general software, network alerts (new devices connecting to network, suspicious DNS requests, suspicious ports, suspicious countries being reached out to like china, etc) or hardware failures (like a raid drive failing).... So yeah, automate if you know how to script or program, and you'll be pretty much worry free most of the time.
Glad I looked at this thread. The fact they're cheap and have what sound like reliable PoE hats... Tempted to replace a few old Pis lol. Maybe. But can at least say no future devices will be Pis at this point.
Note: only using them for simple things. Wireguard VPN (no I don't have a fast internet so I don't need more than the 1gb connection speed), pi hole, and a touch panel I installed that connects to home assistant on the wall.
If you have a pi or Linux box, try setting it up as a syslog server. Then tell opnsense to use that for forwarding logs to. Doesn't guarantee you'll see what went wrong, but maybe it'll help.
I'm not sure opnsense has journalctl or something similar, but that would be a good place to look for some history, too.
This gave me a good laugh, absolutely loved this!
I converted my gaming machine into a server as well. I actually took the graphics card out as I couldn't find a major use for it, but kept the 12 core Ryzen and upped it to 128gb memory. It now self host way too many things, including a few game servers my friends and I play... But even with all this, CPU carries along nicely and not even at half memory consumption (yet).
But as others have asked, what's your goal? Don't overkill it if you're only hosting one service or something. If you're doing a lot like I do, then up the RAM. And seriously consider whether the GPU is even useful or needed if you're not using a desktop environment.
This is what I use. The project is dead and had some bugs that kept it running on my system right away, but as it's open source, I was able to fix the code a little bit to success. Just wish it was a little friendlier on cpu or could be selective on which apps to run instead of recording nonstop regardless. I have it start up with Steam for now though.
Try using the private IP options instead and see if that works. The generic one being 10.64.0.1, but other options that include ad voicing and such ranging from 100.64.0.1 to 100.64.0.25 or something like that. I've got my entire network setup behind their VPN and a a pihole pointing to one of their private DNS addresses without any issues. I left their pubic DNS years ago so that I could make sure my DNS requests were always within the tunnel instead
Damn nice! I left Game Pass Ultimate for the lack of this since I'm a Linux user. This could definitely bring me back lol
Thanks for clarifying! Took a deeper look on my computer and I guess I learned that NoScript was misidentifying due to the cors or something. Just had to call it out before, as one can never be too careful these days :D
Oh gotcha, I misunderstood this post as talking about a self hosted VPN, not external provider. That explains it! :D
My comment on arch is just related to the use of black arch for a regular desktop or laptop machine, not my server (no desktop environment for the server). Was mostly trying it to compare it with Kali, actually.
Black arch does come with xfce by default indeed, but resizing windows isn't available right away. At least it wasn't when I tried it a couple of years ago. It required changing a bunch of configurations manually for whatever reason.
I've been using the fdroid syncthing-fork version for a long time now and haven't had any issues at all... Doesn't mean it'll last forever but it's been getting the job done for me even in its current state.
... And can't remember my original reason to use the fork instead lol