So now your ISP sees all of your queries instead of CF. (Assuming the cloudflared option is using DoH)
I’ll trust Cloudflare over Comcast/AT&T/etc. any day of the week.
So now your ISP sees all of your queries instead of CF. (Assuming the cloudflared option is using DoH)
I’ll trust Cloudflare over Comcast/AT&T/etc. any day of the week.
I found it amusing that these posts were adjacent.
Yeah &F is factory default, M1 is speaker on only until connect, S11=35 is the dial speed (although we later learned that 50 ms is the minimum). Dial speed was important because we’d have Telemate on constant redial trying to get into the BBSes that were popular but were busy because they only had one or two phone lines.
I believe you. I’m just saying their non-firewalls (i.e., switches and APs) don’t have that limitation.
My firewall is a Fortigate 60F.
I would never use their firewalls/gateways, but their switches are pretty good for the price and their APs are decent (although tbh after 3 generations my next AP will likely be an enterprise Aruba).
That said, I still use Unifi in docker, everything is up to date, and nothing is requiring a sign-in to the cloud. Am I missing something? If it’s just the firewalls, then I’m not surprised since I’ve never been remotely tempted to use them, but it sure isn’t all of their devices.
We can restrict the use of software TOTP, which is what companies are doing when they move users onto the MS Authenticator app.
Admins can’t control the other TOTP apps like Google Authenticator or Authy unless they go full MDM. And I don’t think someone worried about installing the MS Authenticator app is going to be happy about enrolling their phone in Intune.
Edit: And even then, there is no way to control or force users to use a managed device for software TOTP.
This is incredibly well said and I agree 100%. I’ll just add that software TOTP is weaker than the MS Authenticator with number matching because the TOTP seed can still be intercepted and/or stolen by an attacker.
Ever notice that TOTP can be backed up and restored to a new device? If it can be transferred, then the device no longer counts for the “something you have” second factor in my threat model.
While I prefer pure phishing-resistant MFA methods (FIDO2, WHFB, or CBA), the support isn’t quite there yet for mobile devices (especially mobile browsers) so the MS Authenticator is the best alternative we have.
I like returning 418 instead of 404 or 403 on the files the script kiddies are hunting for on my web servers. I’m sure it does nothing but I’d like to think I’ve wasted some of their time at least once.
I like to watch Dr. Horrible’s Sing-Along Blog. Always puts me in a better mood, although it is a bit sad too.
The advantage of this is it keeps paying off even years later.
We put googly eyes on an oscillating fan (among many other things) at the beginning of the pandemic and they still make me giggle every time I see them.
Adding my vote for Zabbix. It was a bit of a bear to set up and I had to write custom scripts to install the agents with TLS settings that were secure enough for me, but once it’s all set up it’s amazingly easy and intuitive to use and incredibly customizable.
Just mark it as final then. This whole thread is infuriating. People working themselves into pretzels with their misguided reasons for not wanting auto-save when they really just don’t know to use the software.
OP is right. I use Office 365 and haven’t lost work on a document in over 10 years. Auto-save absolutely should be the default.
Yes it does make sense. Because the insurance companies operate completely on hypotheticals. And that has a very real cost to the business being insured.
This is the answer. Although you may need to look up the IP address (a lot of them use 192.168.100.1) and you may need to reconfigure your gateway/firewall/router to route that subnet out its WAN interface while still performing NAT.
It’s sort of fixed via Teams Connect, but it involves admins setting up new B2B direct relationships alongside special Shared channels. But 99% of admins aren’t aware this even exists, let alone the end users.
https://learn.microsoft.com/en-us/entra/external-id/b2b-direct-connect-overview
I thing the technical term for this is an RGE.
(Resume Generating Event)
I know plenty account SNI already, but thanks. You might want to study more yourself, since we’re being condescending.
https://blog.cloudflare.com/encrypted-sni/