scrappymouse
Limp Gawd
- Joined
- Mar 18, 2016
- Messages
- 244
https://www.digitalocean.com/community/questions/why-is-digital-ocean-visiting-my-site Good reading to understand what actually may be going on with your hobby server.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Im an adult, i can make my own decisions, i dont need my ISP trying to babysit me, its insulting.
I get wanting to reduce ISP control, but I'm actually for more ISP 'filtering' if it can be disabled / dialed back by the customer as desired.
When speaking to the average customer that ISPs service, well, having the ISP filter crap out helps keep everyone safe.
Realistically though you can filter whatever you want with a good router, so ISP filtering is uneeded.
The child-like rantings of a loose nut behind the keyboard best to be ignored and never spoken of again.
Sure- my submission is mostly that the filtering should be enabled by default, but also manageable from the customer's gateway device.
For a home user that might be logging into the gateway page or even using an app, where I envision some combination of DNS filtering and blocking and IPS / inspection filtering and blocking, with network wide, client range, and specific clients in terms of granularity. Being able to see what's being passed, what's being blocked, and what isn't, with real descriptions of services etc., would be something that most consumers would be able to handle I think.
For the enterprise, perhaps something similar in terms of implementation but with more granularity and customization, and also perhaps with an API for integration into enterprise edge management frameworks.
But wouldn't the argument for a bit more protection lie in fact that breeches have occurred at the DOD, FBI, Major banks and millions of smaller websites where data has been stolen.
ITT: people that don't understand networking begging ISPs to do the one thing they never should: mess with your packets.
ITT: people that don't understand networking begging ISPs to do the one thing they never should: mess with your packets.
Bad enough that its considered SOP to fuck with your UDP/53: a "feature" shoved onto the unwashed masses you have to opt out of by choosing real DNS sources.
I randomly discovered that verizon is also messing with ICMP traffic as well, easy workaround for now.
Nearly all of these are due to institutional incompetence. Others can be pinned to insiders. Usually, it's a bit of both.
Here, while a consumer lacks the benefit of defense in depth (unless ISPs help!), they also are far more agile and present a far smaller attack surface.
I think a core issue for governments and private companies is a lack of sufficient skilled personnel. There just aren't enough of those to go around.
I know I haven't been around here very long by most standards, but I suspect this will still resonate with some of you -
With all these health issues befalling us, I was reflecting that it wasn't that long ago I was quite invincible. I remember it clearly and fondly. What a severe difference only a few years makes, doesn't it? I'm beginning to think I should stop burning the candle at both ends, or at least consider it.
I think a core issue for governments and private companies is a lack of sufficient skilled personnel. There just aren't enough of those to go around. Also, some companies still don't get it. For example, the Target breach of a few years ago happened because the CSO or CIO asked for more resources for security but had the request denied. That didn't save them from getting fired, of course.
Check out my 'nym.
x509