Leaderboard
Popular Content
Showing content with the highest reputation on 11/13/23 in Posts
-
1 point
ANSWERED [SOLVED] OPNSense WireGuard configuration
MysticAnimated reacted to theocean for a post in a topic
In case this helps anyone in future - When creating a port forward for a Wireguard interface in OPNSense, the automatic firewall that is created doesn't work. To fix this, go to the wireguard interface firewall rules. Create a new rule that's the same as the automatic firewall rule, except click "Advanced features: Show/Hide" and set "reply-to" to the wireguard interface. Then go back to the port forward rule and set "Filter rule association" to "None" to remove the original (broken) firewall rule. -
1 pointone of the main resources i use is eli the computer guy on youtube and watch a lot of defcon / tech vids after a while everyone finds out what they need and like for their own situation how i run arch is probably not good for most, flawed and completely different than the way someone else might run arch, i loaded up manjaro the other day for a looksy and got lost in it, straight up, got lost, way too much for me but to answer your question, i think the first thing to be identified is the actual concern, the term 'threat model' is often used but not too often given to real world terms, meaning 'conditions on the ground' application for most folks in my area, norhteast united states it's the ISP, Verizon, the major players that are the real threat, and that is generic, legal datamining this has nothing to do with ethics, morales etc. this is about money, big money these companies have 24 PHDs and a floor full of extremely talented programmers all backed up by big lobby and another room full of lawyers, for a real world grasp, shut off cookies and javascript, go to facebook's home page, right click on it, view page source, and what you will be looking at is code that is worth billions of dollars company i used to work for, i used to sell microsoft networks back in the day we were a certified dealer, had microsoft staff in the shop once in a while, we had some state contracts here in PA and lots of minor day to day floor traffic fixing Dell boxes etc. back then, before the merge between the cellular industry and internet, just like anyone else, if you would have said 'meta data' was going to be a game changer, well that would have not been too high on the list to say the least you got to remember, nobody had a phone in their hand that could chat, make a call, run a webcam, trade stocks in Europe and order donuts for the techs, the infrastructure wasn't there yet and that is to my poin: the operating systems back then were on the right track, they were lean, Windows 2000 was on the right track, i literally at that time built custom DAW workstations on that operating system, on those drivers, they were stable, solid, did nothing fancy so software in general, was not built with 3rd party involvement, no outgoing connections, all anyone had to do in microsoft land was take the best of Windows 2000, the best of Windows 7, lean it up a bit, get rid of any and all bloat, harden it and you would have had a super bad ass kill linux box operating system, and the gamers themselves would have taken it over at that point, software was still written with the business model that sales and license fees make the buck, income stream, once the cell industry and the ISPs merged, the dynamic, the motive really to how and why software gets coded, the purpose of design, changed dramatically linux is no better, it just got lucky because it held very little interest in the desktop market if linux would have traded spots with microsoft or apple, same problems, and you can actually see it starting already today, the pre rolled distros, first thing they want to do, connect, call out, even Kali, connect, call out and all the other pentest distros, if you have a live distro for pentesting well don't ya think thte first thing ya want shut off and down at boot is connecting to anything? see my point? meta data is the game changer, that simply translates, once scaled, into raw political force in any country and it goes all the way back to what a PHD dude from Cambridge Analytica stated, and the bruh was spot on: 'the problem with facebook aka social media, operating systems phones apps etc is the business model' ask yourself, why hasn't anyone taken the best of tor, maybe made it more wide, why is http even allowed still, and so on, coz of money, so what we see and view is almost 100% 'human hacking' what does this got to do with your orginal post? everything, coz now you know what is the primary target, where the payload goes to: me and you and we are the problem, the real world problem i'll back that up: you look at facebook, we literally give them all of our data, access to everything, for nothing we pay our ISP's bill to then give our friends, family, coworkers and on an on to a corporation built on a business model of this: the more they collect, the more they sell, the more they make ya got to remember the one advantage i may have, with anyone my age is perspective, i knew the net before the cell biz ISP merge i knew Microsoft and worked indirectly for them before the merge if you sugar coat the poison is the human hack here i'm not different, if iwas a programmer and the boss walked up to me and said 'build this OS or app and if we make xyz deadline or meet xyz approval you will make xyz amount of additional income, i'm in' same deal with a website database, if i build a shithole that does xyz but also gets really popular and i collect the right data that is sought after by the ad industry, you walk up to me and go 'i'll give you x amount of dollars' i'm probably gonna sell hit the about:config url in mozilla and search 'url' search 'social' search 'wifi' search 'remote' search 'update' then extract all your plugins and extensions etc you will see how much of what you do is collected and piped to 3rd partys just look at google ssafe search as example, can you really get any more full of shit so going back the purpose of design, the motive, that's the threat, that's the flaw, that's what needs to be hardened linux in genearl isn't popular, malware authors code exploits to make money, bot authors want their networks running smooth so most of that 'financial targeted' exploits is aimed at the popular stuff gentoo and arch is even less popular, and the thing is if you have your own repo, roll your own kernel, just by modding your stuff 'your way' coz i say 'fuck the arch way', your on linux to do it the way you want, you just left shit operating system closed source where someone else told you how to roll' case in point in legal datamining, almost all of the linux community is on that shit data mined irc server freenode even the tor developers don't run an onion server well at least listed anyway harden the browser, harden your linux, best ya can, biggest threat to my local to my box is me, the monkey at the keyboard and i'll say this in Mark Zucerberg's favor and any social media business with any kind of voting system, coz that is and has been the multibillion dollar click, just beautiful all the way to the bank: those companies saw and applied a value metric to our data, to our click, they applied a value to what we think and do and who with and that right there is a very serious tough pill to swallow Mark Zuckerberg has a jet in his driveway not because he even exploited my data, or was unethical with it but mainly because he offered me a like button that i could click on to give a voice on his platform so the real problem that Cambridge Analytica was talking about, coz for them that was business as usual is until the internet as a whole gets together and decides that their network traffic is theirs, should be protected like a utility world wide, such as water, gas, electric, coz today it is exactly that, my ISP Comcast is a utility without the correct use of government regulation, at the federal level, why shit gets wild west treatment still, same flaw as when Enron went in to California and manipulated the power grid i'm no diff, you put me as a day trader behind a business model i can exploit to make x million in 3 hours i'm in, i'll smash that like button all the way to the bank