I've been using PFSense for years, and it's been pretty great, but I also have some friends who are homelabbers that like their Unifi setups.

What do you guys prefer, and why?

Some friends of mine have a Google map going where they pin locations of interest (restaurants, etc).

I was wondering if anyone knew of a non-Google project that might allow for something similar? The goal would be to have a shareable map that a group of invited/ allowed users could add locations and possibly notes to.

My employer recently switched to Fidelity and for now I've chosen the LIFEPATH IDX 2050 A option. It looks like this one provides quarterly dividends, but the yield is 0.0%(?)

I'm looking for some fairly risk adverse options or blends that provide dividends that will be reinvested. Anyone have any recommendations?

I am hosting a couple of services (Matrix chat server and a game server). I know NAT's job is to translate external requests into internal addresses, so that the traffic can hit the WAN and ultimately make it to the internal service which is expected to handle the traffic, however I'm wondering if my setup is correct.

Everything is working as expected, but I'm just wondering how the traffic knows which service to go to. If an outside requests comes in, is it just the destination port that is used to route to the correct internal IP? Do I need to do something else here for best practices?

I've been wanting to get a privacy screen protector so that you can't see it from the sides, but all the ones I've tried have this 'oily' type of look to it. Maybe this is inherent to the technology, but does anyone know of any that do not have this oily appearance, especially on white screens?

My office/ lab at home uses around 600W when fully running, and I see that there are quite a few power stations that will comfortably handle that, and foldable 4 panel setups that can generate 300-400W.

Would there be any issues plugging a UPS (my lab has a few of them) into a solar power station such as this?

Is there some sort of feature I want to look for such as sin wave, etc to have this work reliably, or does a UPS not really care since the controller in the power station should be normalizing voltage, etc?

What are your thoughts on filen? I don't seem to be able to find a community for them here, but it seems like a pretty solid up and coming company for secure cloud storage options.

It's been years since I've checked the used electric market, but I'm seeing cars like the Hyundai Ionic 6 or Polestar 2 for low 30s, where as they were in the high 40s or mid 50s new a year ago.

My suspicion is that:

1. Normal car depreciation when driven off the lot
2. General fear of batteries wearing down prematurely, even if the car has ~10k miles
3. Any applicable federal rebates or otherwise have already been claimed and can't be claimed on used vehicles(?)

Is there any other reason why these drop so quickly? Would buying one be considered foolish in anyway?

I wanted to start using a budgeting program to better organize my spending/ goals, and basically narrowed it down to 3 --YNAB, Actual and Quicken Simplifi.

I setup a self-hosted instance of Actual and was able to import my spending from my account by exporting from my bank and importing into the app, however this seemed like it might get tedious over time, so I decided to try YNAB.

So far this has been pretty straight forward. I’m still waiting for things to sync up with my linked accounts, but I like it so far. I would try Simplifi but there’s no trial period there; though the graphs and UI make it seem appealing.

Anyone here have any experience with Simplifi/ YNAB, and why might you chose one over the other?

Hello,

So I recently revisited (and recreated) my savings spreadsheets so that I can track my needs, wants and savings. To try to keep track of my fixed costs and also try to follow the 50/30/20 rule (not sure if this is a good strategy or not).

I have everything mostly sorted, but as new things come up, say a new subscription or a cancelled one, changes in rent, etc. It will be a bit of a hassle to keep this up to date.

Are there any software/ apps that you guys use that you like that make this kind of thing easier to see where your money is going?

For those of you who know of PiAlert or similar projects/forks like NetAlertX, do you know of any that can run without WAN access?

I just got PiAlert running the other day and noticed that it does not update correctly unless it has access to WAN which seems odd, since it's basically just running arp commands within internal IP ranges over specified interfaces.

Edit: Looks like I was just able to modify one function to return a hardcoded value to resolve the need to connect to WAN

So, I finally got this project (PiAlert) working how I'd like.

It basically uses arp to keep track of devices on your network, and let you know when new ones join. It gives some basic stats like uptime, etc and you can configure a few different notification options to be alerted when a rogue device connects.

Anyways, to get this work on my network involved setting up several network interfaces, as I have quite a few VLANs I'd like to keep an eye on. While everything seems to be working, I feel like I may have created an asymmetric-routing situation, as now when I SSH to the VM hosting this, it will freeze up after a few seconds.

My interfaces look like such. The problem is that I am accessing this VM (hosted on 192.168.1.0/24) from my personal network (192.168.6.0/24). My personal network has access to 192.168.1.0/24 and obviously to it's own subnet, so I think packets are getting confused, as there are multiple routes they can take to this VM.

I believe this is confirmed, because if I disable the entry for 192.168.6.0/24 in my /etc/network/interfaces file, the problem goes away.

How should I handle this? I've tried some simple UFW rules to try to force things to only use the 192.168.1.0/24 interface, but to no avail.

Edit: Sorry for the weird markdown, not sure why it's highlighting keywords

I recently installed an instance of TPot Honeypot, and it looks and feels pretty fantastic.

I haven't opened it up to the whole world, because my goal here was to just have the same ports I expose for my personal projects (game server, matrix chat, wireguard, etc) be exposed to it.

I know this project is a bit overkill for this use case, since it comes with a ton of honeypots that I'm not using, and that I'm essentially trying to make a fancy IDS, however I have a couple questions.

1. Is it possible to add custom ports for honeypots that aren't included in the project? For example, if I have a game running on port 4567 and there is no honeypot for that, I won't see any activity.

2. Is there another (perhaps lighter) Honeypot that you guys would recommend?

Edit: I guess disregard. I realize now that I can't have honeypots running on the same ports as the services in which I'm wanting to monitor. Port forwarding from WAN to multiple devices using the same port won't work

I recently discovered Pi Alert (and the various forks of it) and it seems like something that might be useful on my homelab.

I've decided to use this version, and have tried the others as well, but I can't seem to get it to discover things outside of the VLAN that it is installed on.

It is running on a Proxmox VM using a trunk'd interface that has several VLANs available to it. If I SSH into the VM hosting Pi Alert, I am able to ping the devices on the other VLANs without issues, so I know ICMP detection should be working.

Here is the config section. I am using SCAN_SUBNETS = [ '192.168.1.0/24 --interface=ens18', '192.168.2.0/24 --interface=ens18' ] To test 2 of my VLANs, and as mentioned, they are on the same interface, however this does not seem to be working.

Anyone have any suggestions?

Hey all,

Firstly, not sure if this is the best place to ask this question, but here it goes anyways.

I've been a Systems Engineer for about 6 years now, and it's fairly enjoyable. I get to program, play with hardware from time to time, but something is missing.

In my free time, I like to spin up projects on my home lab, write and host new open source projects, maintain a fairly complex network, etc.

A couple years ago, our company got hacked, and honestly, the aftermath was some of the most fun I've ever had at a job. I got to discover new tools to help my team (like Ansible to help us perform bulk actions across our tester fleet), I got to come up with clever ways to upgrade our fleet of machines to meet the new IT regulations and deploy them at scale once we got the green light to return to the labs and I got to think of new security strategies to help better protect us (my small team within the larger company) going forward.

After the dust settled, it was back to basically only programming, but I do miss when I was able to use my infra/ security/ networking knowledge for that short time.

If I were to change from Sys Engi to something else, what should I be looking for?

This small YouTuber has been pumping out dad jokes for almost 1,000 episodes (999 currently).

Show him some love :)

PS, I’m sure some bot will yell at me for this link. Apologies.

https://youtu.be/LtSWM-f2Rg4?si=e0-uur23aJh-MhEE

This small YouTuber has been pumping out dad jokes for almost 1,000 episodes (999 currently).

Show him some love :)

PS, I'm sure some bot will yell at me for this link. Apologies.

https://youtu.be/LtSWM-f2Rg4?si=e0-uur23aJh-MhEE

After looking into travel routers a bit, I quickly came across Gl.iNet which seems to be a leader in the space. It seems they use OpenWRT which is great, but with some special sauce on top of it.

In a few different posts I've seen people mention that they are no longer open source. Does anyone know if this is the case? I see some activity on their Github repo, but am not quite sure which parts people are worried about being closed.

Post 1

Post 2

For those of you who use travel routers, do you only use them to wire guard/ openvpn back to your home networks for local resources?

Do you use the travel routers firewall features at all, or does the VPN tunnel home take care of concerns about others in the public (hotel/ coffee shop/ etc) from seeing your devices?

I've been using Whoogle for probably a couple years now, and it's been great.

I do not have a cert on my PC that's running it (in my house) so my connection to it is not https. My question though, is once my query reaches from my device to the whole server (http) does Whoogle then use HTTPS when exiting to complete the query?