• 1 Post
  • 23 Comments
Joined 1 year ago
Cake day: June 23rd, 2023
  • gerdesj@lemmy.mltoTechnology@lemmy.mlWindows 11 will reportedly display a watermark if your PC does not support AI requirementsEnglish
    2·
    4 months ago

    I’ve just moved my work PC from a cast off from a customer - it had a BIOS date stamped 2012, and was a rather shag Lenovo with a … Intel Core something and four GB RAM. Cheap though, ie free. I did wedge in a SSD to make it usable.

    I run KDE which isn’t known for being tiny and I have a Postgres DB and a few containers for experiments running. The new box is a i5 Intel G13 thingy - HP mini jobbie. Luxury

    To ensure that I am as disadvantaged as everyone else, I run ESET Endpoint AV and full disc encryption on it. It boots EFI and Secure Boot is enabled. I will pass a Cyber Essentials Plus audit (UK standard) without having to employ any misdirection. I’ve also read up on the US standards. The STIG for Ubuntu 22.04 is doable but my desktop is running 23.04 and 24.04 has just come out.

    I run my company and we have some customers who have some rather more stringent requirements than others. We also have our own standards.

  • gerdesj@lemmy.mltoOpen Source@lemmy.mlWhat lesser known free and open source software do you use daily to improve your life?English
    2·
    5 months ago

    I think we might be writing at cross purposes. The system you had for your mum obviously worked effectively for you and that is the important thing.

    POTS provide(s|d) a fixed point of reference - your address is registered against the number for 999 etc; it provides power for a handset or device; Its been like that for a lot of decades! These are cast iron guarantees. A POTS line has guarantees, enshrined in UK law, that mobile etc does not have. POTS is circuit switched (well it was) which means there is a physical path between the ends for the duration of the conversation.

    So, by old school, I mean that you currently have important guarantees about telephony in the UK that will evaporate in future. In 2025 or so, we in the UK will have finished migrating from our old school POTS copper lines and will enjoy our smart new SoGEA lines instead. Single Order Generic Ethernet Access. Instead of an emulated circuit switched line we will use VoIP across the entire country. Nothing wrong with that but it probably won’t have the guarantees that POTS had.

    Red Care is no more - BT have dropped it on the floor as of Feb this year which may indicate that things are not well with our future comms promises. The general system that Red Care was one product of is still available.

    This is the important point: Promises (in law) that we used to be able to rely on for comms may (will) be binned.

  • gerdesj@lemmy.mltoOpen Source@lemmy.mlWhat lesser known free and open source software do you use daily to improve your life?English
    5·
    5 months ago

    In the UK at least, the POTS (Plain Old …) copper phone lines carry an electrical current as well as signals and can power the handset. There are certain guarantees about this so that in an emergency your phone will still work so you can dial 999 (our original emergency number) or 112. Our fire regulations require something like 30 minutes before things should start failing. In the real world, you get out immediately and use your mobile.

    We have an emergency alarm monitoring system used by businesses. Its generally known as “Red Care” which was a brand run by BT (British Telecom). You have a small device connected to a phone line (and powered by it) and it will monitor your fire detectors and building access control systems and a 24 hour manned monitoring centre will notify you in the event of an emergency. Nowadays, these devices will use your wifi and internet connection. Sometimes: old school is best.

  • gerdesj@lemmy.mltoOpen Source@lemmy.mlWhat lesser known free and open source software do you use daily to improve your life?English
    3·
    5 months ago

    Which distro do you use? Ubuntu, Debian, Arch and Gentoo have packages and I’ve no doubt that most others do too. On Linux you should not have to go to random websites and download stuff and faff around - use the built in distribution packages. If you are not sure what you’ve got try this at a command prompt and read the output:

    $ cat /etc/os-release

    As a last resort, you can run tcpdump on nearly anything and dump to .pcap, transfer that and then open that in Wireshark. Note that modern Windows has a OpenSSH client and server available so getting files around via scp is a doddle. Windows can even do NFS too and there is of course Samba - but CIFS/SMB can be tricksy.

  • gerdesj@lemmy.mltoOpen Source@lemmy.mlWhat lesser known free and open source software do you use daily to improve your life?English
    80·
    5 months ago

    Errm, Wireshark. Please bear with me.

    Wireshark is a shining example of an open source project completely and utterly crapping on the closed source competition. As a result we all benefit. I recall spending a lot of someone else’s money on buying a sort of ruggedized laptop with two ethernet ports to do the job back in the day.

    Nowdays, I can run up a tcpdump session on a firewall remotely with some carefully chosen timings and filters and download it to my PC and analyse it with Wireshark.

    OK, all so convenient but is it any use?

    Say you have a VoIP issue of some sort. The PCAP from tcpdump that you pass to Wireshark can analyse it to the nth degree. Wireshark knows all about SIP and RTP (and IAX) and you can even play back the voice streams or have them graphed so you can see what is wrong or whatever. That’s just VoIP, it has loads of other dissectors and decorators built in.

    So what?

    The UK (for example) will be dispensing with boring old, but reliable, POTS (Plain Old Telephony System) by 2025. Our entire copper telephony and things like RedCare (defunct soon) will go away.

    We are swapping out circuit switching for packet switching. To be fair, a lot of the backend is already TCP/UDP/IP that is shielded away from us proles. When SoGEA (Single Order Generic Ethernet Access) really kicks in then the old school electric end to end connection will be lost in favour of packet switching, which never fails (honest guv).

    If you are an IT bod of any sort, you really should be conversant with Wireshark.

  • gerdesj@lemmy.mltoOpen Source@lemmy.mlAccessing NAS when not on LANEnglish
    1·
    7 months ago

    Nextcloud is simply software that runs on something. You might use DNS to find the something that your Nextcloud runs on … or not. A domain can cost as little as say £10/year (no details given - loose costing provided!) but you say you don’t want one.

    You could do some weird stuff involving something like this: Your clients update a database on the server with their current IP address(es) and the server reciprocates in kind regularly.

    For an internets conversation, both sides need to know IP address, protocol, and optionally port; for both ends. For example, a webby conversation might involve:

    My end: 192.168.100.20/24, tcp port 2399 -> NAT -> 33.22.4.66, tcp port 2245 Remote web server: 99.22.33.44/37, tcp port 443

    Now, provided both sides are warned off about changes to addresses and port numbers on a regular basis, then comms will still work.

    Say, your home external IP address changes, then your browser writes that new address to the remote server and comms continue. Provided one end knows all the details of the other end at any point in time and can communicate local changes then we are good.

    000000000000000000000000000000000000000000000000000000000000000000

    Maybe not. Lookup: Dynamic DNS.

  • gerdesj@lemmy.mltoKDE@lemmy.kde.socialSync to Samba Share via GUI [ unsolved ]
    2·
    8 months ago

    Problem: I want to sync data from a Linux PC to a NAS Samba share. You do impose a constraint that a GUI should be available. I’ll bear that in mind.

    If you can access it via scp (which is very likely, but you don’t mention the NAS model) then use rsync or similar - multiple GUIs are available and it sounds like you’ve found some already

    It’s a Samba share, mount it and then sync data. GUIs are available for the sync bit. Depending on your distro a GUI may be available for the mounting thing. If you specify a mount in /etc/fstab then it is a permanent mount.

    I suggest you break the problem down into two bits and solve those independently. The first one is data access ie via Samba and the second is the sync bit.

  • gerdesj@lemmy.mltoSelf Hosted - Self-hosting your services.@lemmy.ml[Question] What are your computers named?English
    8·
    1 year ago

    I once named a load of servers for a helicopter company in the UK with elements. The cluster nodes were copper, silicon, etc. The cluster itself was called iron. The volumes were labelled fe_function.

    It worked - it was easy to read and the bits that implied “cluster” were grouped appropriately. All the other servers had random elemental names unless they were associated in some way, in which case the group would be used. The engineers (real engineers with oil or distressingly nasty lubricants in their veins) loved it - it made sense, without being too quirky. It was very legible.

    When those systems were hoicked out and replaced, the usual nonsense was applied: 2 char country code + 2 char site code etc etc ad nauseam. Followed by my absolute pet hate: 01. Oh so you might need 99 domain controllers? Yes you might, but not on one site.

    Let’s face it, it is mostly AD admins who don’t get hostnames. I blame MS - their docs and blogs strive to be … authoritative or at least look so. An entire generation (possibly two) of sysadmins have been sold up the river by MS and their wankery.

  • gerdesj@lemmy.mltoSelf Hosted - Self-hosting your services.@lemmy.ml[Question] Please help troubleshooting my Caddy server. Can't get it to work since changing from IPv4 to IPv6English
    2·
    1 year ago

    You don’t need to put the IPv6 address into your browser. The host command shows that you have got DNS sorted - try:

    $ dig @9.9.9.9 myserver.now-dns.net AAAA

    That should return an IPv6 address and the @9.9.9.9 means: use the Quad9 DNS server - 1.1.1.1 or 8.8.8.8 will also try external DNS servers - CloudFlare and Google. Hopefully that’s naming sorted out.

    Now to actual access. Your router will (probably), by default, block all inbound connections. I’ve just had a look at your screenshot and it has a menu entry: “Port forwarding IPv6”. IPv6 doesn’t need port forwarding really but I suspect that is how you allow access. I am now guessing. There is such a thing as IPv6 NAT and something called NPT (Network Prefix Translation) which is not for the faint of heart!

    Have a look around in that menu a screen shot might help.

    It might help if you tell us where you are (very roughly - country and perhaps city), your ISP and router model. I can get you to the point of all of this working but there are rather a lot of unknowns. I can see that your router offers Dutch or English so I will guess you are from the Netherlands.

  • gerdesj@lemmy.mltoSelf Hosted - Self-hosting your services.@lemmy.ml[Question] Please help troubleshooting my Caddy server. Can't get it to work since changing from IPv4 to IPv6English
    2·
    1 year ago

    As well as a link local address you should also have one or more globally routeable ones too. Hopefully you have at least one of those set up in DNS with a AAAA address. Therefore you should be able to put the address of your web server into your browser and off it goes. In theory IPv6 should be preferred by your browser, so even if both an A record and a AAAA record resolve for the name, IPv6 should kick in.

    A quick check would be:

    $ host mywebserver.example.co.uk

    That should return an IPv4 and an IPv6 address. The IPv6 address is the same for internal and external - there is no distinction, which can be surprising if you are used to IPv4 and NAT. The final bit of the equation is that your internet router needs to allow access “from all to globally routeable ipv6 address of the web server”.