This is the best way, really. Generally, you have much more control over what you plug into it.
A display shouldn't have anything even approaching what can be called an 'OS' on it. Yet here we are.
swizzlestick
joined 5 months ago
Sometimes even that's not enough. I've had some questionable kit before that would just ignore the DNS settings fed to it if it thought they were no good, and fall back to something else preconfigured.
pfSense is a wonderful tool for situations like that. Anything intended for local use only here just doesn't get outside at all. Handy for stuff like a fire stick that only needs to be calling up a local media library.
It can also mangle any DNS requests going out to a different server and redirect them to itself instead. You could do this without it with iptables/nftables on a generic Linux box, but pfSense makes it much friendlier.
There are other packages that can do the same, but physically all you need is one piece of hardware as a bouncer that manages connections between inside/outside.
On Dell server hardware with the right cards/licensing, you can remove the need for physical access to the server to input an FDE password by leaning on iDRAC. This provides access to the console remotely during the boot process (and thereafter).
Alternatives exist that supposedly do the same thing, but I've never had to try them. Airconsole, pikvm, blikvm etc.
You can keep this interface unexposed by using wireguard to dial in when you're away, as per your original thinking. Just make sure the endpoint isn't on the server you're rebooting...
Half the shit I actually want I just run directly these days, rather than nosing through either.
- ncpa.cpl
- diskmgmt.msc
- devmgmt.msc
- control userpasswords2
- cmd
- mstsc
- regedit
- taskmgr
Just to name a few.
It's utter bollocks. It used to be the OEM crap that had to be removed or clean installed over. Now you have to spend time unfucking fresh installs.
My 11 image is just about usable, but only after a lot of gutting, reg entries, powershell scripts and openshell.
The railroading to sign in with an MS account has become worse too, but still just about bypassable.
Big Clive is great for interesting electronics/deathtraps 🙂
NurdRage ticks the box for me. Also NileRed before he moved out of a garage lab. Still cool though.
It's very modern, cheesy & spoon-feedy. Lots of staging. Overly friendly. Like it is filmed with the approval and oversight of HR.
I know what you mean. He does some amazing things, but I tend to stick to the highlights rather than sit through whole videos. This one, the elephant toothpaste vid, and others like it can be watched as a 15 second clip if you just want to see the hook.
It clearly works for his target audience, so I can respect sticking to the formula.
Used FF forever, even though the birth and rise of Chrome.
We're done. The company I IT for therefore is also done. As are friends and family I sort computers for.
The shit now stinks and must be taken out.
For that vote, we actually had a whole-ass government produced booklet through the door.
It supported Remain and explained all the shit that would happen if Leave went through.
The plebs saw some lies about the NHS slapped on the side of a bus, suspended all intelligence, and voted Leave. In my eyes the majority was not strong enough to consider changing foundation policy, but here we are.
All the turmoil promised came to fruition.
view more: next ›
At that point I would expect control of it, or at least for it to respect the configuration it is given. If neither are true, then it just doesn't go online at all. If that's part of the main function, then I find an alternative or live without it.
Nothing on the inside should be sending anything to the outside that can't be inspected before it leaves, with the exception of stuff that is directly driven by a human (guests browsing, etc).