There are plenty of reasons to criticize Microsoft but I don’t think this is one of them. First, Windows Defender is quite good as far as antivirus software goes. If you ever had to do desktop support in the days when Norton, McAfee, and AVG reigned supreme, then you know what I’m talking about.
Second, one of the biggest challenges for an OS vendor is backwards compatibility. Especially since Windows dominates the enterprise space and has for the last 25+ years. Big corporations can get really cranky about their legacy applications from 1998 that are still basically holding the entire org together. While it’s short sighted to not be proactive about keeping your technology current, it’s also a reality that many businesses simply aren’t proactive.
Windows definitely has its flaws but it has come a long way in terms of both security and reliability over the years.
My wife and I have been watching “Ballers” and thing I’ve been trying to figure out the whole time is, who the hell walks around Miami all day in a suit?
I’ve heard it said that the longer you work with JavaScript, the more you hate it. I’m not gonna lie, I really miss working on ASP.Net Core backends. Switching from that to NodeJS was a huge downgrade.
A lot of the “stereotypes” around teenagers are based on an element of truth. Being a teenager is difficult for a lot of reasons. Probably the biggest one is that physical growth quickly outpaces brain development. They’re kids who are changing into adults but lack hindsight, experience, the ability to analyze risks, and a sense of their own mortality.
I tell my teenager that everyone makes mistakes. An honest person takes responsibility for their mistakes. A smart person learns from them. But, a wise person learns from the mistakes of others. None of those things is easy and they each require a lot of humility. If you can learn to put your pride aside and be a good student of life, it makes things a lot easier.
Your router is, at it’s core, a very advanced traffic cop and NAT – Network Address Translation – is it’s primary function. You have multiple devices on your local network (LAN) that need to communicate with other non-local servers via the WAN (i.e. the internet). Now you have a problem. Your ISP assigns you (usually) a single IP address on their network which is on a different subnet than your LAN. Devices on your local network and devices on the WAN are not aware of one another and cannot communicate with each other directly. So, requests have to be routed to the correct destination via your router.
SRC-NAT
Let’s say you’re trying to pull up a website on your computer. Your computer sends the request to the router. Your router alters the IP packet headers so that the request source address, and therefore the address that the server responds to, is your WAN IP instead of the requesting devices LAN IP. Your router then forwards the packet to the destination server, tracks the connection, and forwards the response back to your computer.
DST-NAT
Let’s say you’re hosting a web service on your home server that you want to make available publicly. You would set up a dst-nat (often called port forwarding) rule in your router/firewall which will tell your router to redirect any requests received at the WAN IP on port 80 or 443 to your home server’s IP address. Unlike SRC-NAT, your router doesn’t replace the source IP address. Just the destination. Your server knows that the requesting device is not on your LAN subnet and will forward the response back to the gateway (your router) which is already tracking the connection and will forward the response back to the requesting device via the WAN.
Routing DNS with DST-NAT
Since DST-NAT is just changing the destination IP address and routing the packet to the new destination, this can be done internally in some situations as well. To redirect DNS requests, you would set up a rule in your router/firewall to grab outbound UDP packets that originated from the LAN, do not originate from your internal dns server, and have a destination of port 53 and redirect/dst-nat them to the IP address of your choice. The new destination can be an internal or external IP address and the requesting device won’t know the request was redirected. OpenWRT’s documentation actually has a section that deals with DNS redirection which you can find here. The DNS redirection part is near the bottom of the page.
That’s correct. I block DoT in my firewall and block known DoH domains in piHole. I’m sure stuff slips through occasionally but the vast majority of my DNS requests are handled by piHole.
Traditional DNS over UDP/53 is insecure but I’m using ProtonVPN’s DNS server over VPN externally so I’m not worried about that.
I have a firewall rule to dst-nat any outgoing DNS requests not coming from piHole back to the piHole server. That way all devices on the LAN are forced to use piHole for DNS and can’t bypass it. I don’t have an OPNSense firewall but I would think it should be able to do that as well.
“The build is failing. Does anyone know why the build is failing!? See, right here. It says the build failed. Can someone look into why the build failed. Why is the build failing??”
Considering the US has one arm shoved up Israel’s ass like a sock puppet, this is not really that surprising. Where there is a puppet, there are fingers operating it.
One downside of being a lizard: there’s always the risk that while you’re enjoying your nice nap in the sun, a bird of prey is barreling down on you with the speed and precision of a fighter jet and you won’t even know it until you’ve been violently jerked awake. Just in time to realize that you are completely fucked.
So, you know, it’s a tradeoff. No student loans, or really any responsibilities, but also dramatically higher risk of sudden violent death.