Setting the default gateway is unnecessary for a network of peers that are already on the subnet. It can only lead to problems as the hosts try to send every request outside their network to 169.254.1.1, which doesn’t even exist in this scenario
Setting the default gateway is unnecessary for a network of peers that are already on the subnet. It can only lead to problems as the hosts try to send every request outside their network to 169.254.1.1, which doesn’t even exist in this scenario
The poster you’re replying to is suggesting a static IP in the apipa range, not an apipa assigned ip. You’d already know a static IP because you set it yourself.
deleted by creator
Wouldn’t blow my mind if this was a state actor, it’s a huge breach during an election year
Damn, I created a minor niche meme. And my teachers didn’t think I’d amount to anything
I did, yeah. I thought the original flowchart was really childish and cringy so I made this and posted it on some Linux circlejerk sub on reddit. It didn’t get any traction, I’m shocked to see it pop up years later. I guess somebody must have liked it
Where’d you get that image? I made that 7 or 8 years ago. Has it been making the rounds? It’s weird to see it in the wild lol
If OP, freed from the confines of the corporate security suite, happens to get infected with a firmware or boot partition malware…
Postfix with MTA that filters maybe.
This provides very little of exchange’s functionality. The closest thing I’ve seen in the open source universe is zarafa, which crowbars activesync emulation into an imap/caldav/carddav infrastructure, badly I might add, and with 3-4x the complexity, maintenance cost, and attack surface. I wouldn’t even recommend it for a small business let alone a government agency with all the compliance regulations they have to deal with.
This is one case where Microsoft owns the market because they legitimately have the best tool for the job.
I don’t recommend thinkpads. As I mentioned elsewhere in this thread, they don’t allow you to replace your own wifi card. Latitudes have great Linux support, and as a business class machine they’re as reliable and easy to work on as thinkpads
Thinkpads are locked down, the bios will refuse to boot if you install a non-Lenovo wifi card.
Almost every open source project accepts donations. They want your money, they just don’t demand your money.
For great justice, you must
use rust and zig
Technically true but I wouldn’t suggest using a self signed cert on the internet under any circumstances.
Absolutely do not expose your server on port 80. Http is unencrypted, you’d be sending your login credentials in plaintext across the open internet. That is Very Bad™. If you own a domain name, you can set up a letsencypt cert fairly easily for free. Then you could expose 443 and at least your traffic will be encrypted in transit. It won’t solve the other potential issues of exposing your instance like brute force or ddos attacks, but I’d consider it a bare minimum.
If you use a VPN like many others are suggesting it won’t matter as much because the unencrypted traffic never leaves your local network.
Wireguard installation is going to be much more secure than a Nextcloud
I understand that, and it’s a good suggestion and a better solution if it fits the OPs use case. I don’t understand suggesting they do both. Either VPN or port forwarding solve the problem, doing both seems unnecessary.
before you start forwarding ports on your router
Don’t you mean instead of? If all the OP wants to do is access next cloud, they can do it over the VPN without forwarding ports. What you’re suggesting doesn’t solve the problem of port 80 being an attack vector, and adds yet another attack vector (the VPN itself)
It ruins my joke about the overly verbose commands though
Just use the List-And-Display-Available-Relevant-Commands-Formatted-As-Table commandlet. Couldn’t be easier.
You would not. In the example given 169.254.1.1 doesn’t even exist, no machine is listening on that address so it couldn’t possibly do any good if it wanted to