- cross-posted to:
- programmerhumor@lemmy.ml
- cross-posted to:
- programmerhumor@lemmy.ml
You must log in or # to comment.
The real question is : Why did you invite anyone over, before having a guest VLAN set up ? Classic beginner mistake.
I have two seperate guest VLANs, one for my family, and one for the people I love.
Whatever happened to just talking to each other? I’m glued to my devices all day every day, yet even I ignore the phone during holiday family gatherings.
Nobody’s forcing you to go; if you prefer be on the internet rather than interacting with your family, please just stay home.
Edit: Downvotes be damned, I stand by what I said. If this asocial shut-in who hasn’t had a friend since 2014 (because people annoy me) can come out of my shell a few times a year, and spend some time with the people I grew up, so can you. No excuses.
One day they will all be dead or estranged, and you will regret not looking up from your phone for two hours to spend quality time with them when they were alive and in your life, as you die alone in your nursing home (assuming you’re rich enough to afford assisted living, that is). Don’t say you aren’t warned.
Most people feel obligated to at least pretend they like their family.
Don’t worry, you’ll eventually get over your feelings of obligations towards others before you reach 40. Life becomes a lot less stressful once you stop giving a fuck about being a people-pleaser.
For me, i felt like that also when I was 35. I didnt want my family to be in my life since I didnt feel good around them.
Now at 50, I have again connected to some of them. Because you get back to those feelings that life is not endless and you start to think about that you will one day not be here anymore. And its nicer if that happens when you have made peace with at least some of those people.
Tldr, age made me think different at different stages. Maybe it happens for others as well. :)
It changes one kind of stress for another in a lot of cases. If you annoy everyone you come into contact with, you end up alone, which isn’t great for your mental health, and turns every interaction into an annoyance, so you end up stressed by the necessity of interacting with people you don’t want to interact with. There is no escape from humanity when you are human.
Sounds like the network people at my company. They are asking us to spend more time in the office, but they don’t provide enough desks, they don’t provide working wired LAN and they only provide semi-working Wifi. All with proxies that don’t work and filters that don’t let me access the webapp I am supposed to maintain, which is blocked for “being a commercial website”. Thanks, I know, I have to program that crap.
This reads like a classic LinkedinLunatics post and I love it. Great parody!
Guest vlan? Smart.
Blocking 80/443 knowing all to well everything depends on those: evil.
Throttling to 56k: the original original poster just being a dick.
Took 45 minutes: Maybe find another job. You’re not good at it.
Conclusion: The sister was right. Evil incompetent dick.
Took 45 minutes: Maybe find another job. You’re not good at it.
Bit harsh.
The OpenWRT guest wifi guide isn’t a simple switch like you would get on your OEM router, but involves manually setting up a bridge device, a new firewall zone, and a new AP on one of your radios.
This can take some time if you want to do things the right way. 10 minutes to setup with no extra config steps. Add another 10 if you need to move around your firewall rules, and another 20 for random debugging.
https://openwrt.org/docs/guide-user/network/wifi/guestwifi/configuration_webinterface
Although, you set it up once. After that it’s just a checkbox.
and of course you need to tag the new network on all your switches, routers, APs… not to forget testing and integration in your monitoring system. 45 minutes is absolutely fine.
Oh true , hadn’t thought about that - I just assumed it was a single device
I have a feeling this is satire, and I’m usually the type of person to miss the joke and think it’s genuine
Even if it is satire, doesn’t mean we can do a full breakdown, especially for comedic value.
I mean fuck me, i can build an entire bespoke DDU from bare metal to cool down in less time than that.
We’re missing the most important rule here. Did the nephew open a ticket?
45 minutes setting up an alt vlan?
Was he getting paid by the hour?
The experience of managing a consumer-grade LAN appliance:
Open web browser
Start typing 192.168.0.1
It auto-inserts 192.168.0.12 because that’s the IP address of your NAS, and you’ve logged into it to adjust something at some point in the last six months. You register it has done this as you’re releasing the Enter key.
click Back.
Type the IP address again, this time carefully deleting the 2 it oh so helpfully inserted.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck. It loads to a completely useless stats page that has no information that anyone has ever needed to know.
Click LAN Setup.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
Parse the wall of acronyms before you, click the link that says DHCP.
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
It continues in that fashion until you get what you need done or your network stops working and you have to get a pen and press the Reset button on the back of the device.
IT professional doesn’t have local DNS? LOL
Imagine not having an opnsense firewall deployed as an IT professional
Wait 3 to 5 business weeks while the 16-bit ARM microcontroller they put in these things serves a web page like old people fuck.
This also goes for some NAS appliances and the in-dash console of newer cars. Underpowered ARM implementations are the scourge of this decade.
It auto-inserts 192.168.0.12 because that’s the IP address of your NAS, and you’ve logged into it to adjust something at some point in the last six months. You register it has done this as you’re releasing the Enter key.
I avoid this by having my router interface on 1) a double digit IP. And 2) a non-standard port
What idiot IT specialist does not run a segregated VLAN for guest wifi access? That is just rude.
A broke one.
And separate wifi networks that are connected to different vpns from around the world.
I legitimately can’t tell if this is a joke or some dude trying to do a humble brag post on LinkedIn. So many ‘look what I can do’ posts on that damn site.
No one that serious about network security wouldn’t already have a network dedicated to untrusted devices relatives could use. Definite joke, still entertaining 😂
LinkedIn is Poe’s Law for corporatism made into a lifestyle.
Ok but 56kbps is just evil
It’s only considered evil if it doesn’t also produce dial-up noises.
But since op didn’t clarify, let’s just assume evil.
eh, when the landlord moved a business into their house and expected me to keep providing IT for free, but also for the business: I rate limited them to 5kbps. just enough to say it has internet, not fast enough to use the internet without timing out on every page. I got paid the next day.
Lol wtf? Why even spend 45 minutes doing that if you’re going to completely block those ports?
Just tell him “no”.
“oh I’m trying to fix it just give me a few more minutes away from everyone” lights joint
It’s about sending a message.
Throtting and port blocking is for housemates who pissed you off, not nephews.
Kid should be learning social skills at a family party.
As a former kid struggling with social skills, I think that would’ve done me some good. It’s easy and convenient to fall into avoidance behaviour, but overcoddling did me no favours.
Same, my parents pushed me into socializing, which i HATED at the time. I know it helped.
I was told overcoddling reduces resiliency. Parents always coming in to fix things without letting their kids try to solve it on their own. The kid may fail but the act of trying and figuring out why it failed helps greatly. Most parents just “don’t want to see their kids upset” though.
Take it with a grain of salt, as I don’t have any kids.
The balance to be struck is the golden zone between overcoddling and undersupporting. Kids need help getting “close enough” to figure out the rest on their own, gradually less so as their abilities expand.
In some ways, I was coddled and never learned how to do stuff. In others, I was neglected and had no idea where to begin to solve things, so I just didn’t. Neither is great.
as I don’t have any kids.
You don’t need to have kids to engage with the topic of how best to deal with them. It’s a valuable skill to have when dealing with children, whether your own or someone else’s. In fact, some parents probably should have engaged with the topic more before they squeezed one out. That shit is complicated and I wouldn’t want to just figure it out on the fly.
I’ll admit it. I can feel that vibe and I don’t totally disagree.
Which actual IT guy supports antivirus?
Ohh fuck yes, I support antivirus, but only on Windows, maybe, possibly OSX. If you give bare Windows to a kid, they’ll have viruses as soon as they learn to use Google.
TBF, Fam gets my guest network. It’s not allowed to touch anything in my house, they can only route through. DHCP sends their DNS to 4.2.2.2 and 8.8.8.8, They can’t even touch my DNS, they can’t see any of my home automation and they can’t see each other. They can push the connection as hard as they want, the QOS won’t let them take priority.
For my son I just used APLs in group policy. Only approved apps could run. I encouraged him to be better than me and he has definitely kept me on my toes. Now he is in college for cyber security and loving it.
So far he hasn’t broken anything major on his computer or the network, well, aside from messing up his BIOS a couple times… But then he got to teach me how to program EEPROM (like I said, he has kept me learning stuff I normally wouldn’t).
EEPROM’s are fun. If you want more of that, check out Ben Eater on YouTube, he has a giant series on building an 8-bit computer from scratch. he actually goes through the whole design philosophy. There’s a lot of ‘new’ stuff in there that’s not entirely boring.
Thanks! I’ll definitely check it out!
Lol generally I’ll refer to the OS builtin tooling (XProtect/MS Defender) and EDRs as “Antivirus” otherwise the non-techies will freak OmG wE hAVe NO aV! And then the “anti”-viruses like mcafee and Kaspersky mysteriously spawns
And also on-demand AV software can be good for spot checks or if you’re sus of something.
It’s the “Real-time” shit that hooks into the kernel that needs to be avoided like the plague
When i was a windows person many moons ago i ran into viruses once or twice. Kaspersky was the only av in those days that effectively cleaned them from my system.
Now i am a linux dude. Where there doesnt really seem to be an effective antivirus solution because, even though malware exists, it’s so fucking sophisticated and stealthy you may never know it.
it’s so fucking sophisticated and stealthy you may never know it.
Even more reason to install an AV on Linux.
It is the whole point of an AV to prevent malware the user doesn’t notice.
Almost every malware tries to be invisible to the user. Because if they aren’t, they would be wiped off instantly. This goes for every OS.
There dont seem to be any particularly effective ones.
In my experience malwareis just so different in linux tho, like. Malicious udev rules, bpfdoor, that ssh things hears ago that allowed someone to basically eavesdrop on anything that was right there in the code.
If someone manages to get something malicious running on linux it’s a different ballgame from wjndows - theres so much bash everywhere that can be modified to do nasty things.
Im not saying an antivirus is a bad idea on linux or anything - but there really doesnt seem to be anything decent.
Clamav seems like the only game in town. And i have nonidea how effective that is anyway
Lock down their accounts so they can’t even install shit.
wth is the point of a guest network if you have 443 blocked lmao.
Even my VPN port is 443 so it gets past basic port filtering because HTTPS is usually the only one allowed compared to other protocols.
My guest network is restricted to TFTP only if you know what I mean.
what a dick move tbh. i get ya wanna be secure, but why not just let him do his thing on that alternate network?
guess this is satire. zero trust and byod mix well, just isolate from your shit and you are done. block port 25 outgoing and known c2 IPs to not taint your IP.
He is doing the right thing if only because he is preventing a child from playing Roblox.
He’d be a hero if he gave him a copy of Minecraft (or really almost any non-F2P game) to play instead.
Luanti.
Vintage story!
