Originally from NW, in the Bay now. Welcome!

Missed bearded Mark!

I didn’t understand from that article how the c2 server reaches the malware.

How could a remote server access the draft emails on a hosts Outlook client? I can see how the client can manipulate them and stuff data to avoid detection, but I don’t see how the c2 server access them.

Maybe I need to know more about the graph API?

Fail2ban is not a static security policy.

It’s a dynamic firewall. It ties logs to time boxed firewall rules.

You could auto ban any source that hits robots.txt on a Web server for 1h for instance. I’ve heard AI data scrapers actually use that to target big data rather than respect web server requests.

Meanwhile the tv will bombard you with wifi connection request modal popups. Lol

Dumb TVs exist, and they’re 5x the price of smart TVs.

Ads and data mining subsidizes the hardware cost. If you want cheap TVs you get spyware and ads.

Routing takes place on layer 3 (ip) so destinations are ip networks and hosts.

Each packet you create has a destination IP. Your computer looks at your route table to see where it goes by matching the destination ip with each network. It will be sent to the most specific match first and your default gateway last.

If you’re default gateway is you’re vpn server via your vpn interface then you just need to add more specific route for destinations of interest through a different gateway (you’re router) via the physical interface

Raw disk access is a privilege in Linux, usually reserved for root.

You could have root change the permissions on the directory to allow another user or group write access.

goes to Google, on the raw network, and on the VPN.

You can’t “go” to a destination on two networks in a single request. It’s all packets on a wire, if it comes from two sources, it was two requests.

Unless you mean two different requests. As in while on the VPN everything is tunneled, and while not on the VPN it’s not, but this is the opposite of what the OP was asking for. He wants the VPN on for some use cases, and off for others. That’s split tunneling.

He’ll likely wind up with difficulties around trying to figure out which destinations he doesn’t want routed through the VPN, because there’s no way to do it by protocol, since routing happens on layer 3, not 4 or 7. He’ll likely need to know those address in advance.

Interesting. There’s no difference in my dialect.

One NIC is fine

Told my wife and kids they can run whatever they want if they don’t involve me. If you want me to help with computer issues then I’m installing Linux.

If you don’t want that, you better learn how to computer because you’re on your own

Canadian with a shitty mobile keyboard, that’s all.

Swipe keyboard. It picks random yours, and I’m exhausted from flying all day so I didn’t proof read.

Yes that’s called routing.

You don’t bind it to a NIC, you specify the destinations you want forwarded to each interface. Your VPN connection is just another interface.

If you’re looking for good docs, you may want to Google split tunnel vpn, and also bone up on your networking.

A few static routes should get you what you need

Pfsense is built on this, but it has some free software issues.

OpnSense was a pfsense fork from some of them original creators, that is free software.

Both are fantastic.

I can see this being a breaking change for some strange edge cases and (ab)uses.

Neo4j might with

The treaties the federal government has say they will maintain water infrastructure?

Don’t get me wrong, they should, and we shouldn’t leave people behind. I’m just trying to figure it all out

I want everyone to have access to clean potable water. But in my community, that’s the manicupalities responsibility, not the federal government. Genuine question, why is that different for first Nations?

Another genuine question. Why are so many first Nations without it, if they’re all seperate communities with separately managed water systems?