We’re missing the most important rule here. Did the nephew open a ticket?
I legitimately can’t tell if this is a joke or some dude trying to do a humble brag post on LinkedIn. So many ‘look what I can do’ posts on that damn site.
No one that serious about network security wouldn’t already have a network dedicated to untrusted devices relatives could use. Definite joke, still entertaining 😂
LinkedIn is Poe’s Law for corporatism made into a lifestyle.
Guest vlan? Smart.
Blocking 80/443 knowing all to well everything depends on those: evil.
Throttling to 56k: the original original poster just being a dick.
Took 45 minutes: Maybe find another job. You’re not good at it.
Conclusion: The sister was right. Evil incompetent dick.
I have a feeling this is satire, and I’m usually the type of person to miss the joke and think it’s genuine
Took 45 minutes: Maybe find another job. You’re not good at it.
Bit harsh.
The OpenWRT guest wifi guide isn’t a simple switch like you would get on your OEM router, but involves manually setting up a bridge device, a new firewall zone, and a new AP on one of your radios.
This can take some time if you want to do things the right way. 10 minutes to setup with no extra config steps. Add another 10 if you need to move around your firewall rules, and another 20 for random debugging.
https://openwrt.org/docs/guide-user/network/wifi/guestwifi/configuration_webinterface
Although, you set it up once. After that it’s just a checkbox.
and of course you need to tag the new network on all your switches, routers, APs… not to forget testing and integration in your monitoring system. 45 minutes is absolutely fine.
Oh true , hadn’t thought about that - I just assumed it was a single device
I feel like when ‘Zero Trust’ first became a thing, the theme was ‘you should have every endpoint under your control hardened so it need not feer untrusted peers being able to connect’. E.g. if you think you absolutely need VPN to a ‘private network’ for security, then you are failing to be hardened in a ‘zero trust’ way, because you implicitly fear that your systems would fall to untrusted peers.
I feel like it’s evolved to ‘don’t let anything be able to connect to anything under your control unless you have admin privilege over it as well’. Which is particularly a nightmare when you try to collaborate between two companies, each balking at the other’s hard requirement to have admin access to all network peers of interest.
what a dick move tbh. i get ya wanna be secure, but why not just let him do his thing on that alternate network?
guess this is satire. zero trust and byod mix well, just isolate from your shit and you are done. block port 25 outgoing and known c2 IPs to not taint your IP.
Guys a madman, didn’t even ask for a ticket.
Kid should be learning social skills at a family party.
As a former kid struggling with social skills, I think that would’ve done me some good. It’s easy and convenient to fall into avoidance behaviour, but overcoddling did me no favours.
I was told overcoddling reduces resiliency. Parents always coming in to fix things without letting their kids try to solve it on their own. The kid may fail but the act of trying and figuring out why it failed helps greatly. Most parents just “don’t want to see their kids upset” though.
Take it with a grain of salt, as I don’t have any kids.
The balance to be struck is the golden zone between overcoddling and undersupporting. Kids need help getting “close enough” to figure out the rest on their own, gradually less so as their abilities expand.
In some ways, I was coddled and never learned how to do stuff. In others, I was neglected and had no idea where to begin to solve things, so I just didn’t. Neither is great.
as I don’t have any kids.
You don’t need to have kids to engage with the topic of how best to deal with them. It’s a valuable skill to have when dealing with children, whether your own or someone else’s. In fact, some parents probably should have engaged with the topic more before they squeezed one out. That shit is complicated and I wouldn’t want to just figure it out on the fly.
45 minutes setting up an alt vlan?
Was he getting paid by the hour?
The experience of managing a consumer-grade LAN appliance:
Open web browser
Start typing 192.168.0.1
It auto-inserts 192.168.0.12 because that’s the IP address of your NAS, and you’ve logged into it to adjust something at some point in the last six months. You register it has done this as you’re releasing the Enter key.
click Back.
Type the IP address again, this time carefully deleting the 2 it oh so helpfully inserted.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck. It loads to a completely useless stats page that has no information that anyone has ever needed to know.
Click LAN Setup.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
Parse the wall of acronyms before you, click the link that says DHCP.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
It continues in that fashion until you get what you need done or your network stops working and you have to get a pen and press the Reset button on the back of the device.
IT professional doesn’t have local DNS? LOL
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
This also goes for some NAS appliances and the in-dash console of newer cars. Underpowered ARM implementations are the scourge of this decade.
Imagine not having an opnsense firewall deployed as an IT professional
Allowing children on roblox is negligence at this point so I think this is unironically in the right
Deleting Roblox and installing Factorio
You’ll thank me when you’re older, kid.
The factory must grow.
Paying for Factorio and letting their engineering career pay for your retirement home is way cheaper than saving for retirement!
I refuse to allow my own child on it. It takes zero effort to see all the super shady shit happening there. I wont have my child exposed to that crap.
My sister-in-law let her 10 year old daughter play it with zero supervision. When we found out we told her she should be watching what her daughter’s doing so she went in to check and found the kid talking to some grown man from Azerbaijan.
This is just Uncle BOFH.
Lol wtf? Why even spend 45 minutes doing that if you’re going to completely block those ports?
Just tell him “no”.
“oh I’m trying to fix it just give me a few more minutes away from everyone” lights joint
It’s about sending a message.
I’ve only ever met two types of IT professional. Either:
- Their home network is immaculate and smooth as butter. It connects quickly and integrates with everything. They can manage it all from their phone, but they don’t have to because it’s all automated. Their server room (a) exists and (b) is cable managed. There’s a wireless access point and connected smart speaker in every room, including the garage and the back patio, but they’re carefully located for maximum sound coverage and to prevent signal interference. Their home theater is substantially better than a movie theater, and their media server is packed to the gills with content. Network security is hardened, with bespoke subnets for every user and tunneling for the media server and smart home functions. You feel a sense of calm and ease when connected to their network. “Everything I do at work, I try out at home first.”
Or:
- Their “home network” is a single Belkin router from 2011. They’ve had it since college, and it takes 9 minutes to reboot (which they have to do daily). It doesn’t even have Tomato on it and still uses the default password. They still watch OTA TV and Blu-Rays, so the wifi is exclusively connected to the smart switch that their tea kettle is plugged into so they can start their hot water before they come downstairs. You feel guilty even asking for the wifi password. “Why would I do any network stuff here? I do IT all day at work, the last thing I want to do is even touch a Cat5 cable at home.”
“Everything I do at work, I try out at home first.”
Absolutely no fucking way! And anything that touches work is isolated, their opsec sucks so much they didn’t even realized they mandate “security solutions” with known backdoors.
I think it means they setup new tech on their homelab to learn how everything works and how to break it. Then when a problem arises where one of these solutions is needed at work, you can implement it without any large issues. It makes sense if your hobby is close to or adjacent your day job, and you are on Salary, and your boss treats you right.
Yes, I’m not doing almost any of the things we do at work in my network.
I’m absolutely not running the same software. I’m not organizing the information the same way. I’m not using the same infrastructure abstraction, and even less configuring it in any similar way. I’m not writing the same languages.
The work environment is dictated by consensus between many people, with varying expertise, and weighted by how much work one is willing to put into each aspect of it. Each of those parts lead to bad tech, even though they lead to good people organization.
You are telling me that you can’t proof of concept something without a matching tech stack? Or learn exactly how a new tech works? It also sounds like you should never give your work any of your personal time, you won’t gain anything except for more work.
Our opsec is pretty well managed, but I try to squeeze anything I’d need at home to work tasks. I get paid to learn the stuff at work and then I can just implement it on my own environment.
Isn’t this basically just rich IT guy vs poor IT guy?
No, it’s 'my life is IT and i never stop working" guy, and “IT is just my job” guy.
I just order a new router on Black Friday to replace my 10 year old one. I also only console game now because PC gaming is too much of a headache. I spend my money on outdoor gear and pets, not technology. My new router is $90 bucks. I can’t fathom why I’d ever need a wifi 7 quad band router with 9Gbps of throughput for a home network, other than pure bragging rights. All my devices are like 5-10 years old and barely support wifi 6 anyway.
A couple of my co-workers are the former. They will be doing penetration testing at 2am form their home lab in the morning because they their default mode is work work work. If i’m up at 2 am i’m watching TV and snacking.
I monitor security updates, but my co-workers like get excited and ramble on anytime a new patch/attack is documented. I don’t get it. They revel in doing updates and rebuilding their VMs fresh every few weeks, I groan and clone.
Nah, I could afford nice shit but I’m still using a ubiquity edge router 8 from 10 years ago.
There is probably something to be said that there is an in between to those two extremes. The “my network is made of a Hodgepodge of shit my employer threw out that still seems to work and brand new things I replaced because I had to”
My first draft of this did mention that there was a version of the second type of IT guy who cobbled everything together with workplace castoffs and conference swag, but I couldn’t figure out how to make it work without just being over-wordy.
Maybe more like fresh IT guy vs. seasoned (=old) IT guy
The guy she tells you not to worry about VS you.
I’m in the meme. In the shitty paragraph.
Well I sit kind of between these
Like I’m not getting a dedicated router and have no server room in my apartment, and my consumer router only supports two VLANs (main and guest). But I’d say the rest is rather sophisticated with all machines defined in my NixOS config, including automated generation of firewall and reverse proxy rules for which I wrote custom modules.
Media server isn’t super full but connected to jellyseer and the rest of the stack, accessible over TLS (Let’s Encrypt certificates) only, with the option to have users managed via IDM.
However, I only have devices on my network that I somewhat trust, with an Android TV box being the worst offender. The smart TV was never connected to my network.
Would be cool to isolate my work PCs somewhat (I work from home with company provided equipment) but it’s just not worth the trouble in my opinion. Not switching out a low power device that does most for two different devices that both use more power (since you usually need a router and a modem).
deleted by creator
I want to be the first, but I am definitely closer to the second. I’m trying to find a reasonable middle ground.
Like, I want to have a nice home network with a proper NAS, Pihole DNS, Plex/Emby/Jellyfin media server, all my music properly tagged, little mediaplayer/emulation/game streaming endpoint boxes on each TV, etc. But I don’t have the time or money to do it right at the moment.
So I have my desktop set up to share out my media folders as SMB shares when it’s powered on, and I’ve used a few tools to get my video content organized right for Kodi. I’ve got Kodi installed as an app on the Xbox Series X plugged into the family room TV. The other TV has a Chromecast dongle with VLC sideloaded and set up to connect to the SMB shares, because I’m too lazy to get my Kodi setup on it. Every room in the house has an ethernet port, and most rooms have a dumb switch so as much hardware can have ethernet connection as possible. I’ve run my music collection through MusicBrainz Picard, and separated it into a properly tagged and organized folder, and one for stuff that isn’t.
I used to be the first, but because of a shitty landlord I was forced to move, and I only had 30 days to find a place. I bought a house because no one would rent to me with a large dog and she’s been with us for 10 years now.’my homelab is sitting disassembled in the basement with nowhere to even plug it in, because in order to get an outlet wired I’d have to replace my entire breaker box which is probably hanging on by a thread. I’m too house poor to even consider getting the work done over paying the bills I need to and providing my kid with food and clothing.
The place is nice enough and my family lives well, but I was the first guy and now I have to be the second guy for who knows how long.
In other words; fuck landlords
I’m almost the first (I run multiple VLANs and SSIDs using pfSense and Ubiquiti hardware) but my server is an old PC sitting under my desk and my cable management strategy is mostly “out of sight, out of mind”. I’m also heavily invested in the Apple ecosystem, especially for smart home stuff, so not everything is open source. Basically I have a complex network setup because I actually make use of it, but I really don’t enjoy working on it and if there’s an easy solution, I’ll go for it.
For the smart stuff: HomeAssistant
It is life changing once you get it running.
I got already 5 vendors and 3 different communications (BT, Matter, WiFi) integrated.
It truly is awesome
I’m in the middle. At work, I play it fairly conservative, applying well established solutions to well-known problems.
I have friends whom I advise and assist with their networks that absolutely fall into the first category.
MY network is is like the lab of a mad scientist, everything tinkered with right up to the edge of breaking. My home router collapses multiple times a year due to the wonky chaos I ask it to do. Home automaton sequences that are more complex than most rube goldberg machines. Metaphorical sharp edges and loose clutter everywhere, but an unholy abomination that works better than it has any right to - until I scrap it all to rebuild it from scratch next week.
I spent way more time than I care to think about figuring out how to get my porch lights to come on at 7am and turn off 10 minutes before sunrise without breaking when sunrise happened before 7am. I tried some serious Rube Goldberg nonsense in multiple iterations, until finally I decided to just add another “turn off the lights” at 9am every day. Most of the time it doesn’t do anything because the lights are already off, but on DST day it accomplishes my goal of making sure they don’t run all day, since 9am is always after sunrise.
If you’re using home assistant there is a “sun” integration.
My lights turn on 30 minutes before sunset and turn off 30 minutes after sunrise.
My wife didn’t want them turning on and off at the same time every day because observers could see the pattern… at least this way it’s a little more hidden.
(Side note, I just realized I said the times slightly wrong. We actually wanted it on at 6:30 and off 15 minutes before sunrise.)
Yeah, I had it turning off before sunrise just fine. The problem is that we didn’t want to turn them on until 6:30, but on the longest day of the year, sunrise actually happens at 6:14, which means that the lights would get the signal to turn off before they got the signal to turn on, which would mean that the lights would stay on all day until the night automation turned them back off again at 10pm. Which…probably doesn’t make a difference, but it would bug my totally-not-neurodivergent brain.
Anyway, I don’t use Home Assistant, but that’s probably the one I’ll choose the next time I move.
Yep. You can also use the sun’s position in the sky as well; I had one of the AIs write up the YAML.
Light sensor trigger?
I’ll take option 2
For all the AI hate on this website y’all couldn’t figure out this was written by it? This is ChatGPT in particular.
Or, wait, are you saying that my original comment that you’re replying to is ChatGPT? Because…lol, sadly, no, I’m just like this. “This” meaning pretty much everything I write is way too overwrought.
I figured it was made up (“@it_unprofession” probably ran out of content ages ago), but it doesn’t look like actual AI content to me. The sentences are too short, for one thing.
Or just copypasta.
I’ll admit it. I can feel that vibe and I don’t totally disagree.
What idiot IT specialist does not run a segregated VLAN for guest wifi access? That is just rude.
And separate wifi networks that are connected to different vpns from around the world.
I’m very against Roblox. I know a kid who had a really hard time with online predators and a lot of it stated with Roblox. He’s 19 now. He and I were talking about it recently.
Parents think Roblox is like Minecraft bc of the aesthetics of the game. But, Roblox is not a game with a chat feature, it’s a chat room with some games. That’s a big difference.
They have 380 million users. Around 60% of the user base is under the age of 16. 40% is under the age of 12. That’s 152 million mostly unmonitored kids.
I’m sure Roblox has gotten better moderation during that time, but in our experience predators meet kids on Roblox and get them to exchange Discord or other contact info with them.
Discord is also a problem here, but that’s for another rant in another thread. If you are concerned about your kids and want to discuss it with me, feel free to message me.
TLDR: DO NOT LET YOUR KIDS PLAY ROBLOX unless you are actively monitoring the game.
I’m sure Roblox has gotten better moderation during that time
Quite the opposite.
And here too! https://consumerrights.wiki/w/Roblox
Don’t forget the child labor aspect. https://www.theguardian.com/games/2022/jan/09/the-trouble-with-roblox-the-video-game-empire-built-on-child-labour
The whole company is gross. I forgot about this.
A friend’s 8 year old daughter was asking to play Roblox recently and they reached out to me since it’s in my current area of study and advised them against it due to the lack of responsibility that the corporation takes for their users.
I suggested that they introduce her to Vintage Story on a self hosted server instead. That way, they can control who has access and content.
I’m actually surprised at how many parents let their kids play Roblox unmonitored. I mean, why not let them go to the playground unmonitored instead?
why not let them go to the playground unmonitored instead?
That would actually be the safer option imo.
And far better for their physical and mental health.
I encourage parents to talk to their kids about online safety but specifically come up with a plan. I’ve written this in a few comments, but u really believe it helps.
Ask them what they do if a stranger says something that makes them scared or uncomfortable. Ask them what they would do if it’s someone they know like a friend or a family member. Help them come up with a plan and identify a person who is a safe person to tell. Someone parents and kids trust, often it’s an aunt or uncle.
A parent is fine too, but at a certain age, I find kids seem to be afraid of getting in trouble or maybe just uncomfortable talking to their parents about sex, so having a 3rd party that the kids and parents trust is a good back up option.
Vintage Story
Bro threw them straight into the deep end lmao
Do you have any idea how many bitch about you NOT letting them go to the playground unmonitired
The younger kid’s chat is disabled. not allowed to friend anyone.
The older kid has chat enabled, but is only allowed to friend people we vet.
Computers are in an open area, chats have been keylogged, we check occasionally.
If friends show up unanounced, or they chat where they’re not supposed to, they lose internet access long enough to regret it
When they get old enough to have friends online, we contact the parents, make sure they’re compatible politically, theologogically, just generally not extremists and their kids have some base level of dicipline and are safety minded.
We also semi-regularly play with them and set rules about the appropriateness of the games in relation to the kids ages. The younger one’s don’t get to play the violent ones.
Making sure the parents of your kids friends are compatible politically and theologically sounds incredibly dodgy to me.
I will say this as well: strict parents raise sneaky children
the fact that theology is even a concern is a big red flag for me dawg
Alternately they raise socially inept children if they failed to be sneaky.
Not from a multi-race household I see.
If little Timmy’s parents start talking about “those kids” my kids isn’t playing with him. Too many racist fucks out there.
If you meant racism you should have said that. Saying politically and theologically compatible implies a lot more than that. In fact it implies they have to be the same religion, which is being bigoted in itself.
Crazy, but it’s almost like parenting can make the environment safer!
Lemmy likes to portray Roblox the same way the 10pm news portrayed the Internet when I was in my preteens and teen years, like it was the wild west, everyone was a predator, etc. I let my kids hop on. Their friends include me, their mom (who has an account for some reason), each other, and the kids who live across the street. They like to play the platformers, and they invite me sometimes and we play them.
They’ll get older and they’ll go explore the internet the same way I did. I spent my adolescence and teen years eventually in AIM chat rooms, then forums, and thn Skyping random people, and somehow didn’t become a terrorist, didn’t get predated. I also am of the school of thought that you need to learn things on your own, rather than have no exposure to things that could potentially be bad.
Also, I did grow up with AIM and all that nonsense and I did get predators talking to me constantly, especially on AOL and Yahoo. Crazy that we had such different experiences during that age.
Yeah. I wouldn’t let my kids in Roblox personally bc of how the company has tried to ignore the problem . if parents just took time to understand it and talk to their kids about safety, it would solve many problems, not just in Roblox.
Crazy, but it’s almost like parenting can make the environment safer!
NOooooooooooo!!! We need the gubmint to impose stupid laws to protect teh children!!!
Bc of what I went through with my ex’s kid, I talk help parents talk to kids about online safety. It’s good that you are so proactive!
The #1 thing I see parents miss in those safety talks is coming up with a plan when something bad happens so kids know what to do.
I spoke to my 14 year old niece last weekend. She wants to use Snapchat but her parents said no. I asked her what she would do if she got a dick pick from a stranger. I asked her what she would do if her boyfriend sent her one. Various situations like that.
She didn’t know what to do, so together, we came up with a plan and identified an adult in her life that she would feel comfortable talking to that isn’t her parents. A third part adult that you and your kid can trust is helpful for kids that are afraid to talk to their parents and get grounded.
For example: if your kid is online after they got grounded and something bad happened, they might be afraid to tell you since they weren’t suppose to be online, but maybe they’ll be okay speaking to an aunt or uncle.
Every situation is different
Damn good points.
Youngest is younger that. I’m just not letting him chat until he’s a teen
Eldest has had all the appropriate talks before he got on discord.
we contact the parents, make sure they’re compatible politically, theologogically
This is insane. You call that kid’s mom to ask who she votes for and what name she uses for god, and if it doesn’t match yours, kids can’t have fun?
We have a 15 minute conversation to find out if they’re batshit crazy slur calling racist trumpeters because we dont need to subject our kids to that shit.
I find it insane that you wouldn’t take 15 minutes to get to know who your kids influencers are, but you do you.
