We can’t ever stop this kind of stuff, but with something like fail2ban you can set it up to block on too many failures.
Really though - ensuring your system is kept up to date and uses strong passwords or use a SSH keys is the best defence. Blocking doesn’t prevent them from trying a few times. Moving SSH to a non standard port will stop most of the automated attacks but it won’t stop someone who is dedicated.
This sounds like you’ll need to do a balance operation. Try this first and see if it helps:
btrfs balance start -dusage=0 -musage=0 /
If not you can increase the number to 5 or 10. This operation reallocates chunks on the disk and ensures they’re filled - check https://btrfs.readthedocs.io/en/latest/Balance.html for details.
Check out this device. I have several and they work well. Zigbee temperature sensor in a cabled probe.
Without looking at it it’s probably making a unique request to a resource on a NextDNS subdomain and watching where the request comes from. Like pulling an image from (unique _string).check.nextdns.com. This requires nothing special on the client, it’s making a standard request, and as part of that it needs to do a DNS lookup.
If the source of the and your IP are similar then it’s likely the same network, otherwise it can correlate the source with known resolvers.
I use HASS.agent to help manage my Windows desktop and expose various sensors to HA. It can suspend or hibernate the system. It does use MQTT as its connectivity plane.
You get easy access to their addons with a VM (aka HAOS). You can do the same thing yourself but you have to do it all (creating the containers, configuring them, figuring out how to connect them to HA/your network/etc., updating them as needed) - whereas with HAOS it generally just works. If you want that control great but go in with that understanding.
EasyDNS is Canadian based out of Ontario. I only use them for email and dns personally but they do web hosting also.
Yes I simplified. Some(? I’d hope all but probably not) new fobs do turn off (ignore the car broadcast) if they are not moved for a time. I proved this to myself with my 2020 car by putting my keys down by my car door, I could only unlock the car for a minute or two after I put it down, after that keyless entry didn’t work until I disturbed the fob to wake it up.
This is to mitigate the relay attack at home (and I’m sure other times, like if the key is in a purse), one avenue was that attackers would count on people hanging their keys by the door, so accessible to selective standing on the stoop with a relay. By turning off at rest they can’t be exploited this way.
Older fobs never turned off - so they are constantly broadcasting the signal for the car. Newer fobs do turn off when at rest so they’re less risky, but if say it’s in your pocket it’s constantly moving so someone could still relay it to steal your vehicle, assuming they get close enough to you.
The faraday bag is good for older fobs or if you think you’re at risk of a key relay attack.
I have a bunch of Tuya and Aqara buttons from AliExpress and I’m happy with them. I haven’t found anything similar on Canadian Amazon at least.
2,4,6 button variants of https://www.zigbee2mqtt.io/devices/WXCJKG11LM.html#aqara-wxcjkg11lm
4 button https://www.zigbee2mqtt.io/devices/TS004F.html#tuya-ts004f
BTRFS has RAID built into the file system - instead of using MD you use BTRFS profiles which tell the system how to handle data.
For instance
With this set up you could lose one device (of n, the total doesn’t matter), and not lose any data, and still be able to boot to recover with too much hassle.
BTRFS does block checksums, can scan for bit rot and recover from it, and generally tries to make your data safe. It technically supports raid5/6 for user data, the issue is around unclean shutdowns and a potential write hole where you could lose data, but if your system has a UPS backup and is on a relatively recent kernel it’s not any more dangerous than MD raid5/6 as I understand it.
You’ll need to use | float(0) in templates. All state values and attributes start out as strings. Also setting a default value in the float( cast will ensure templates don’t break when the value is invalid.
That means use this style:
{{ state\_attr("light.kitchen\_sink\_ceiling", "brightness") | float(0) }}
We need more information to recommend anything. Do you need high voltage switching? Do you have zigbee, zwave, or only wifi available? How much integration or local on device control do you actually want or need?
I’d have to check my iptables syntax again but I’m not sure you want the FORWARD between the networks unless C has a manual route to get traffic for the 192.168.15.0/24 network back via B. You just want to NAT A behind B’s IP on 192.168.38.0/24. I think the forwards are sending the traffic without doing NAT on A.
Phillips SonicCare for 20+ years. I think it’s helped me a lure with my dental care. Various models as the batteries wear out. The latest has Bluetooth that I never use but that doesn’t affect the cleaning part.
Ohhh I haven’t seen that Zooz relay before, hopefully I can get it in Canada. Going to see about replacing the Shelleys I’ve got deployed then
The thermostat should be a passive device and is really just a relay on its own. It could be connected to the switch pins on a Shelly.
I don’t know of a compact zwave dry relay though - so this does mean 2.4ghz wifi.
If it’s like one I rented a few years ago, yes the thermostat just controls a fan, and the radiator is always hot or cold as it’s controlled by the building. I’d be inclined to use a Shelly or other dry relay with a virtual thermostat in home assistant now.
It comes down to what are the developers willing or able to support.
For smaller teams they usually don’t want the responsibility of maintaining the package for distros, and HA developers have chosen to not support that option themselves. In their case I see it - what’s the benefit or incentive to them to maintain packages and the associated support costs or headaches. Containers mean they get a known state and don’t have to try to support unknown environments.
Some interested people can maintain the packages for their chosen distro - for instance I see one for Gentoo but it’s only up to 2024.6. It’s the first that came up in a search but there are likely more too supported by the community.
In my case, I also think that using HAOS on a dedicated box has led to a more stable experience as it’s not competing for resources on my other hosts, and attaching devices to it is much simpler. I think encouraging a solid base for people means a better experience overall when to be honest it’s hard to get started with it to begin with for many people.
You don’t need cards to have full bandwidth, they only time it will matter is when you’re loading the models on the card. You need a motherboard with x16 slots but even x4 connections would be good enough. Running the model doesn’t need a lot of bandwidth. Remember you only load the model once then reuse it.
An x4 pcie gen 4 slot has ~7.8 GiB/s theoretical transfer rate (after overhead), a x16 has ~31.5GiB/s - so disk I/O is likely your limit even for a x4 slot.