• 0 Posts
  • 183 Comments
Joined 1 year ago
Cake day: June 18th, 2023
  • NaibofTabr@infosec.pubtoFirefox@lemmy.worldMozilla is trying to push me out because I have cancer – CPOEnglish
    4·
    6 days ago

    Mozilla is the primary developer of the Gecko web engine which Firefox uses. Open source or no, web engines are complicated things to develop and maintain. Even Microsoft gave up and just started using Chromium.

    Would it continue to work without a significant organization dedicated to maintaining it? Sure, probably, for awhile. Would it continue to be safe to use for things like finances? No.

    Is there any point to switching web browsers to one that is based on the same engine? Not really, no, the browser application is basically just a wrapper for the engine… a skin, a theme, like having an SUV shell vs a pickup shell on the same frame and drivetrain.

  • NaibofTabr@infosec.pubtoSelfhosted@lemmy.worldNeed help getting startedEnglish
    2·
    8 days ago

    You’re welcome. I tried to do basically the same thing a few years back (run a WordPress site from a RPi on my home network - and also a Minecraft server) and so I tried to write up the problems I ran into - I probably forgot some, but those are the major hurdles. I learned a lot along the way.

    I should also point out that if you rent hosting space (from linode or inmotion or digitalocean or many other options) then problems 1 & 4 become much easier, and 2 & 3 go away entirely (most people don’t host public websites on their home networks because of these and other issues).

    Happy to help. If you’re interested in learning networking more thoroughly, I want to point you to Professor Messer especially the Network+ content. He has far more complete explanations than I could write (and it’s free!). Even if you’re not interested in getting any certs, the explanations will be helpful.

  • NaibofTabr@infosec.pubtoSelfhosted@lemmy.worldNeed help getting startedEnglish
    2·
    8 days ago

    So your goal is to host a publicly accessible static website from a computer in your home. There are a few problems you need to overcome before even worrying about configuring any software. You need some more basic networking knowledge first.

    1. Basic Networking Theory - you should read a brief explanation of the OSI 7-layer network model. You don’t have to try to memorize this and you won’t really understand it until you start actually doing stuff, but you should read it for some basic terminology and to understand that there are distinct steps through which communication between computers happens.

      When you start running into problems (“why can’t I access the server? I did all the tutorial steps”), figuring out which layer the problem is in will help guide you to the solution:

      • is there a bad cable? -> 1. Physical
      • do I have the right IP address? -> 3. Network
      • is the firewall port closed? -> 4. Transport

    1. Privacy/Security/Safety - don’t host a publicly accessible website from your personal computer. Just don’t. To make this happen you will have to open a hole in your network security that makes your computer accessible from the public internet. Don’t do this on your daily driver computer. Don’t do this with any device that has any files on it that you care about or any access to any personal information. Don’t.

      Set up your web server/learning environment on a clean, dedicated system. This could be an old laptop or a Raspberry Pi (an older 3B model will work just fine for this) or whatever cheap computer hardware you have, as long as it can run Linux and has a physical network port (using WiFi will give you extra headaches for getting this working). If you think you might want to expand your projects in the future, you can get a used Dell server for very little money, and add more hard drives as needed. Wipe the hard drive and install Debian or Ubuntu server as a base, there’s lots of resources out there for setting up web services on either.

    1. Restricted Ports - you are most likely on a residential internet connection. Most residential ISPs close ports for security reasons, especially 80. For example, here is Cox’s list of restricted ports. You will need to find your ISP’s equivalent list and understand what you can and can’t do with your connection.

      There are workarounds, primarily through port forwarding. You will need admin access to your router to set this up. I recommend that you read that entire article because it probably applies directly to your situation.

    1. Dynamic IP Address - most people still find it easier to work with IPv4 addresses - I won’t go into IPv6 right now, but you should read a little about it just for awareness. Your residential internet most likely has a dynamic IPv4 address, which means you can’t rely on that address staying the same forever (or even until next week), which means that you can’t configure your Cloudflare domain name to point to a single IPv4 address.

      Dynamic DNS is the solution for this, and again you’ll need admin access to your router to set it up.

    1. HTTPS/TLS/SSL - if you get through all those issues then you probably have a working website, but now you’re seeing something like this when you try to view it in your browser:

      This doesn’t mean that you can’t get to your website - it just means that you can only do it via HTTP and not HTTPS, which the browser is warning you (and anyone else trying to view your website) is not secure. You can either just accept that this alert will always come up, and that you have to click through it, or you can learn about TLS and getting an SSL/TLS certificate. This is a later topic - it doesn’t matter and probably won’t make sense until after you’ve got your web server online.

  • NaibofTabr@infosec.pubtolinuxmemes@lemmy.worldLinux bestEnglish
    23·
    22 days ago

    Run Qubes

    Run whatever OS environment you need, in its own instance. Run a virtual networking stack. Crosslink your environments as needed. Segregate your environments as needed. Create new environments as needed. Destroy them as needed. Expand your virtual infrastructure.

    Experiment with BSD and then realize that TrueNAS Scale is the last NAS environment you’ll ever need, and you didn’t really want to spend time on BSD anyway. Expand your server and network infrastructure.

    Run every environment. Realize that you actually have a lot to learn about Windows, especially server and AD forests, and all the stuff you’ve complained about is actually kind of petty next to the monolith of professional computing environment that Microsoft has built (and also keeps making unnecessary self-harming changes to, and wtf is with user CALs anyway?). Learn to do user and domain management for real. Then learn what the real problems with Microsoft are.

    Experiment with Redox, then give up and do something more useful with your time.

    Install Xen Orchestra on some cheap secondhand Dell server you bought off eBay. Run a proper VM cloud environment. Run everything on top of it. Create your own VM golden images for the environments you use most often. Your personal computer doesn’t even have a local OS installed anymore, it’s just a terminal that runs whichever VM you need from your Xen server at the moment. Reject limitations.

    OS elitism is for the weak and the simple. Enlightenment is understanding the strengths and weaknesses of each platform, and getting the best from all of them.

  • NaibofTabr@infosec.pubtoAsklemmy@lemmy.mldeletedEnglish
    32·
    24 days ago

    A couple additional thoughts:

    • You sent your boss an email using your company email server. You do not control this server. You cannot rely on this email as a paper trail, any email you send could be deleted by someone else with administrative access. In Outlook it’s possible to delete any email that was sent internally and the logs that it was sent.

    • You should write down the date(s) and time(s) that you sent emails about this to your boss, on paper. Keep it with your other work notes.

    • You should not include any specific technical information about your company’s systems in this paper record as this might expose you to liability in the future. Just record when you sent the emails and a general description of the subject (e.g. “email to boss about upgrading out-of-date operating system”), and a short description of any response (verbal or written).

    • You have offered to upgrade this system. Your boss said no. It’s not your responsibility anymore.

    • If I were in your position I would tell my boss explicitly that I won’t be responsible for the security of this system or anything connected to it, at least not without a signed risk acceptance statement. You might not feel comfortable doing that, it is potentially confrontational.

    • If you’ve been told that you’re responsible for this system (your employment is dependent on it) in spite of your objections, please take a look at this article about security hardening for Windows 7 and try to implement as much as you can. If you’re not responsible for it, don’t mess with it.