 There we go. Welcome to vlog. There's a 305. We're going to talk a little about security, virtualization, Ohio Linux Fest 2022, Arata and Q&A. The first thing is Ohio Linux Fest 2022, 2022, even though it's technically the last thing I have on my list here. And I gesture this way because this is where my list is. And I guess I should probably switch to the other camera so I can pull this up. I'm trying doing it from my studio computer at this time. Let me pull up the Ohio Linux Fest conference. Actually, let's see if this works. Hey, look, there we go. I think I got to move the microphone a little bit this way so it gets better audio. But join us at Join Us or Join Me at OLF 2022 on December 2nd and 3rd. I've been trying to make it a point to tell people where you can find me. And Ohio Linux Fest is one of those where you can find me type things. There we go. Made my face bigger. So you normally when I'm editing, I edit out all the times when I slide things over, look away, move my face bigger. I did a few pictures of what my studio area looks like. But so you know, there's a few monitors around me. There's a big TV off to the side here. But nonetheless, this is where I will be. And I'm excited. Actually, let's look at the program, the 2022 schedule. Python, better websites with Apache, maturing information, security program risk. Nginx, bash configuration, secure IoT. Tony Bemis, if that name isn't familiar to you, Tony, someone who I used to do the Sunday morning Linux review podcast with. He's actually the owner of the Sunday morning Linux review podcast. We've got it on forever extended hiatus for the moment. Just things gotten away for those who would have that podcast. And but Tony is still an awesome person. I'm going to be speaking there. And but bigger than that is really comes down to just like the happy hour stuff. And some of the fun you have interacting with a bunch of people working in the Linux community, that's the part I really look forward to when it comes to going there. And this is where the recursion comes because we're going back over here. Woo. And see all the people in the list here. All right. First time in over a month. Yeah. Some people have been gone. Lots of stuff. Hello from Sweden. Wow. People from all over. Hello from down under. It's probably a better way to do this and display it this way. I should probably just go back to this view. There we go. I'll go back to this view. The problem I have with this view is I can't really see the screen around doing things over here. I can throw I can look at the stuff and then I'll address it this way. That's probably an easier way to do it anyways. Fun times. But I posted on LinkedIn and actually that's something I'll pull up right now because why not? Because security is on the topic list of things I want to talk about today. And there we go. Let me find the link. You know, I think I'm actually share the link to the post. So copy link to post. We'll talk about this. Minimize anything they don't want on the screen and switch to desktop. There we go. This is a question that comes up a lot about what security tools I'm using. Actually, you know, I need to do. Let me go here and drag this somewhere else so I can read it. There we go. Without having to switch back and forth. All right. How was the stream deck video? Good for any of you that didn't watch the stream deck video. Nonetheless, the security thing I wanted to address today. Greetings and hallucinations from Washington for sure. Oh, and there's another greeting from the land land down under for sure. But the question comes up and this was a forum post as well in my forums where someone keeps asking questions about this of why we use Huntress and Sentinel one. And you know, I threw this out here and apparently a lot of people seem to like it. No one had any negative reactions to it. Not yet. Give it time. Someone will always have some negative reaction. But working in the IT and MSP space and creating content about the tools we use such as Huntress and Sentinel one. By the way, I have videos in each of these products. You get in this heated debate all the time. And I don't know I heated is probably exaggerating most of the time. It's pretty calm and less heated, but it's still a debate. And the question comes up of why do I use both of these tools because there's a cost associated with these tools. But to me, there's also a risk associated with not using the right tools. And while even myself, I have come to a conclusion where these are the best tools, there may be someone else who's come to a conclusion that may be better than mine or I'm wrong, that these aren't the best tools. Personally, I think they are is why I use them. But essentially, Sentinel one has some false positives, but is a good tool. It is a good scanning tool. It allows us a lot of in depth information and hunting tools to really investigate and understand something that happened and kind of follow the story and the events of how they came to be and how they are. So that's one reasons we like Sentinel one. And I've done a whole video on this and how will the malware rollback and everything else works. But go a little down to why huntress. And I just said, you know, let's just make a meme. And essentially, when you have two security tools, basically, Sentinel one has false positives. That means once a while it's wrong. It's not often it's not it's not a problematic tool, but these things happen. So you find a security alert panic, then you see a Zer alert from huntress calm. And I even reached out to one of my friends and maybe me and him will do a video talking about this huntress because there's a human element that really takes the time to investigate things. They don't give me false positives. And we've been using them for years. It's one of the things I really like about their tooling. So if Sentinel one and huntress give me a security alert, that's the full panic at that point, because we know there's an incident. And it's a way so I can skip any investigation and we focus on the triage was there any damage and things like that. And this actually happened today where we had an investigation, which it was just some artifacts of stuff. But nonetheless, we had to figure out how it got there, what this was, and, you know, how to deal with any potential problems. So there's really minor incident and a lot of the incidents really have been minor recently, I've only had a couple incidents over the years, we just been blessed and lucky, trust me, it's not because of skill. It's more luck that these clients haven't had any bigger issues that got away and turned into a larger disaster. But when there's a small investigation due to some tool being found, some potential foothold being gained, you know, this is still a really basic overview of the process when we're doing the threat hunting, watch the videos I have on each of the products to gain a better understanding of how we use them. But these are things that I like talking publicly about. And I someone else had mentioned about how they don't like to talk about their tools and they like to keep it a secret. And I'm like, why? The more we engage and discuss things as a community, the better understanding we gain from it. Too many people seem to think their value they create as an IT is the secret combination of tools that they've come up with that is proprietary. No one can look at our tools, because that would give them our competitive advantage. And I just don't see it that way at all. I think that's a very small minded way to think. But unfortunately, I run into this and heard something today in a discussion that made me think of someone who really doesn't get it. And this is one of the reasons I take this and put it out there. It's not just to say I'm right. It's also to bring forth discussion and maybe gain an understanding for myself of what I may or may not be wrong about. That's one of the reasons I guess I really like doing all these. And that's kind of my thoughts on why we run both these tools. And you can find this on my LinkedIn. There's a discussion, as I said, in my forums, maybe I'll link the forum post and the LinkedIn post together so you can get some cross discoverability and discussion on this topic. But I think it's an important topic about any of the tools or things we choose to do so we can all get better at using them or better at understanding how this tooling works. And eventually hold the vendors accountable too because part of the thing I've also heard some people say is that they didn't think Huntress was effective because it wasn't making a lot of noise. I'm like, well, that's the point. It doesn't make noise. It tells you if there's something wrong. It's not like a lot of these are tools that just kind of bang away making noise. And that's just kind of like an expected behavior out of them. So, nonetheless, can I, what is the another switch I have? I could probably drag myself bigger. Try to think of how I'll, well, let's go back to this, which then you can see this screen in the background. I see someone has a question. And let's see, where's my mouse? Come on over here. And then here, there we go. Make this full screen. Have you ever looked at using Android Linux based handheld gaming systems for home lab duty? They're not purpose built, but you, I could see them maybe being useful for some tasks. I mean, I actually thought it was funny because Jason Street, I mean, with a microphone over, Jason Street, a pretty infamous pen tester, if you will, a red team and guy who's notably famous for robbing the wrong bank once. He talked about using Steam Deck and things like that before because it does actually kind of make a tool. And one of the things he had pointed out on a red team engagement is that security will let you walk in with a handle. They'll stop you from bringing laptops in that server room. Oh, but your gaming system, your handheld gaming system, that's fine. I'm sure, I'm sure there's no tools on there that could possibly cause a network intrusion. So I've not really spent much time looking at it myself because it's not, not a need I have, but definitely something you can do. Hello from Venezuela and actually we'll drink this over this way more. So I'll turn my head quite as much. Am I presenting at OLLF? No, I didn't submit anything for presentation. I'm pretty sure Jay from One Linux TV will be going. He's also not a presenter. I don't think he's ever been to OLLF before. So I'm mostly just going to go and to say hi to lots of people and talk Linux and nerd out. So my purpose for going is mostly driven by a desire for education and a desire to hang out with nerds and not necessarily a desire to speak. I don't know. I should probably do a few more speaking engagements. Sentinel-1 scares me. Sure. Okay, what else we got here? Oh, for reference, how was the stream deck video? I should probably add a little context to that. 45 Drives grabbed a, I think three, yeah, three. It's only an hour ago. The information is kind of falling out of my head. Anyways, they grabbed a handful of steam decks and set up a SEF cluster to show the resiliency of it. That video is over on the 45 Drives YouTube channel. It's fun watch. And I actually had to bounce part way out towards the end because I was in the middle of another project that I was working on. But nonetheless, it's really cool. Definitely watch that. You can learn some resiliency of how SEF works and some nuances. And yeah, it's just a cool little video they're doing. They're doing such a great job. I mean, the YouTube channel just really deserves more subscribers. So if you're not subscribed to the 45 Drives channel, they talk a lot about Linux and open source. So if that seems like something you're interested in, definitely go subscribe over to their channel. We actually ordered just a few more 45 Drive servers for another project. We'll be doing a video on that once they arrive. It's going to be kind of fun. So definitely exciting for all that. So currently building a custom PSS box here to try to build a focus on reducing idle power consumption. It's an interesting process. Not something I think about. Usually you just get a low powered board and, you know, I don't know how much more tuning. I don't know where the value is. Like how much time should I spend tuning it to reduce a couple of watts and what is, is it that effective? I've never really taken the time. It's not, it's not usually where the concerns are. And mostly with firewalls, my number one concerns we're doing this commercially is going to be stability and anything that could disrupt that stability or longevity of the product running is my first and foremost concern. Well, besides security, the security is probably the obvious concern. But generally speaking, I don't want to tweak it in some way that would cause it to be unstable. So I've not really spent a lot of time experimenting with that. So might be interesting, might be a good write up if you find some way to make it more efficient. But like I said, it's not something I often run into or have a need for. Is Netgate the best PF Sense appliance in your opinion? This is Nathan. Yes. Because Netgate is the maintainers of PF Sense, PF Sense is built with the utmost compatibility for the Netgate appliances. So that's going to be where you're going to get like a good level of support, a absolute guaranteed level of compatibility, because anything that gate sells is going to be running PF Sense. You also without buying any licensing at all, you can go to the PF Sense Plus version, which is by default, what ships on the Netgate appliances, the Netgate appliances, they have a free forever subscription to PF Sense Plus. Now you can take a hand built or home built appliance and run PF Sense Plus on it, the license fees. I think right now you can do it for home for free. It's like a really minimal annual fee if you want to go to PF Sense Plus. I have a video comparing PF Sense Plus you can find to the standard CE version. They also have a write up in their blog about it. I wish they had like a chart they maintained on their site because just since they've did the blog post, there's a ZFS function that was added to PF Sense Plus only to do the boot slicing, which I think that's only PF Sense Plus. So I think my, I have a video where I talk about that because it's been, where there's a little divergence. I don't know why they don't just maintain a list. Here's the extra things you get with Plus, but maybe one day they will. Did you make an update on your 45 Drives Rover yet? Yes, I did. There's a video I have on that. So I think I released it maybe within the last two weeks. It's not too many on, not too many of them on the, on my channel. There's only a few 45 Drives videos. Do you need to use their hardware to use your Houston Command Center? Actually, no. I have a separate video on Houston Command Center and it's great. I really like it. And matter of fact, the 45 Drive servers, the two that we're ordering are a pair of them that are going to separate sites. They're not mirrored together in any special way. They will be using the Houston OS. I'll be showing off the latest iteration of it. The only things that are unique to 45 Drives and the Houston OS is the hardware mapping. It's all open source, but they take the time to build a hardware map. So it will show like the drive chassis locations. And that is matched to the 45 Drive server with their Houston OS. Outside of that, all the other features of the Houston ZFS manager and everything else are completely, you know, can run on any server. And obviously for, well, obvious reasons, if you don't have a 45 Drive server, the hardware mapping part doesn't work because who knows where your drives are. It's not going to be a one to one match. Oh, let's see. A couple of watts is worth it in European energy prices. Yeah, and that could be, excuse me, that could be a thing. It's not that ZFS isn't on community edition of PF Sense. It's that the ZFS boot slice choosing options are exclusive to the the plus version. There's, I did a video on that. If you take me like PF Sense CFS, there's a video where I talk about how you can do the different boot options in it. It's pretty slick because it takes snapshots and lets you revert back to different snapshots, but that's exclusively a PF Sense plus not a PF Sense CE features, but by default, both community edition and plus the installer installs via ZFS by default, which is great. I think that's great. Either power is a new focus in the EU with current luxury prices, but people are starting to look into it. Yeah, I mean, it does add up. I'm always thinking about energy efficiency myself. I just, you know, I just think why should we waste electricity on things just because we can? It does have a cost associated with it. So I'm always thinking about that from a perspective. It has an even more significant cost obviously in the EU right now. Probably a very silly question about what web servers behind PF Sense and HAProxyD set of firewall rules not HAProxy front and back runs. Do you only have the firewall rules and HAProxy rules? I don't understand the question. What with web servers behind PF Sense and HAProxyD? Well, it depends if you're using HAProxyD. I mean, if you're, I have an HAProxyD video where I cover how to set up, you know, your web server behind HAProxyD, so it handles all the SSL termination. So if you're using HAProxyD, then the rules are opening up to HAProxyD. They don't open up to the web server. Do you know a tutorial to use WireGuard site to site between two PF Sense boxes where internet traffic behind the boxes routed through Tunnel B out of its internet connection? I imagine if you took Christian McDonald's video on site to site VPN and PF Sense and then created an outbound NAT rule to send all the traffic out, you could do that. I think it's probably a terrible idea, but you could do it. It's not the most terrible idea, but it comes down to doing that would cause you to bottleneck your traffic quite a bit. So that's all. That's the part where I don't know why you'd want to do it, but if you wanted to do it, it should be an outbound NAT rule and you would use the VPN to do it. That's probably the easiest way to set that up. Is stuff comparable to your NAS? No. Seth is very, very different. We have an episode of The Home Lab Show where we describe what Seth is. So you can find it on YouTube, so you don't have to download it as a podcast, but you can find it on YouTube and listen to it. And the team from 45 Drives does a discussion about Seth. It's a great listen. Even I learned a lot from that one. And that's why I had them on because I'm not a Seth expert, but they are. The main concern of PF Sense is, I think he means HA proxy for double-natted PF Sense. Maybe? Not sure. Is PF Sense on location only run service on your server or cloud base? You can run PF Sense in the cloud or you can run it locally on hardware, but they do have cloud options. Actually, you can get it through the AWS and Azure Marketplaces. PF Sense is available to run inside of those. I've been testing PF Sense on HPT620 terminal with an additional LAN card and a mini PCI-X. It is stable, six months of testing, but additional LAN card to USB is no go. USB LAN cards are always where you're going to have a headache. I'm just going to throw it out there. The headache you will have will be weird. We had some problems where we could ping some things. We did a bunch of testing with this. I never did a video about it because it was inconsistent. I'm like, just basically don't do it would have been the point of the video. We're just playing around with some of the weird problems we have where the USB adapters just cause some grief dropouts and things like that. It's not a predictable way to run your networking. That's why we don't recommend it. What up, child? Yes. The problem with Azure Proxy is it disrupts connections through all the back comes when you make one change. You've got to be careful when you make that change. I don't think so. There's an option to keep the connections or not. There's a checkbox for that. I think the checkbox defaults to off to not reset connections in HAProxy. I forget what it is in there, but there is an option for that. I was reading all the chat. Terrible idea. In PSense, when you press supply, there's an option notice. I had to find that checkbox. How soon PSense go Java sent to Sway, sold? I don't predict it going that way. Thanks, Tom. Yeah, using HAProxy, so I wasn't sure if using that would bypass HAProxy, you just send traffic straight to it. I mean, that depends on what you want the rules to do. Generally, if you have your web servers behind HAProxy, you don't also have a forward NAT rule for them. That would defeat the purpose of HAProxy. Usually, you want everything to come through HAProxy. It proxies and terminates all the SSL connections, handles certificates, then passes off based on the SNI header to what server you set the back end to. For eight terabyte drives, you can do a couple of mirrors. It depends on what your risk tolerances. That's what it all comes down to. If you have only four drives, I mean, you're going to get the most space with Z1. Z2 is going to eliminate some of the space if you get it, but you get more redundancy. It comes down to what's your risk tolerance? Do you see businesses using iSCSI santa rays like Dell's Power Vault, or is hyper conversion infrastructure like PCSF pushing it out? No, people seem to be under the method. Everything's hyper-converged, and it's really not. Even that every system is. Is there hyper-converged systems? Yes, they're not pushing out the other systems though. I don't know how you do this, Dad. These lights are so bright. These lights are so bright. You're seeing all the lights. I know my son is being blinded if the studio lights are actually really bright. I just no doubt. That's why I'm linking to have the live stream go for so long before the lights kind of... Yeah, vSAN, XOSAN, Steph pushing it out. No. It is always the homelab people that seem to ask that question a lot. I mean, if you work in a dedicated environment where you have that and you don't realize how much diversity there is in the ecosystem, you could think that. But as someone who deals with a wide array of companies and how they have things set up, not everyone has a hyper-converged solution. Not everybody even needs a hyper-converged solution. It adds extra complexity. And you're not just selling the product. You're selling the entirety of managing the complexity of things. So if you have a more complex system, you have to also sell support for the more complex system. And sometimes the support costs are higher than people want and also exceed their needs. I've talked about how storage works next to CPNG. That's one of the recent videos I did. And when you look at how you can migrate storage around between devices, you realize, well, do I really need the hyper-converged? Because maybe the methodologies used for the way you can migrate storage around are adequate for your use case. And if they're not, then yes, you've got to go hyper-converged. So... Using pfSense in the cloud to escape CG-NAT home connection, we're traveling. Yes, that's an option too. It is pizza night. Yes, me and my son are going to have some pizza after this. We're going out for pizza this time. We're going to Buddy's Pizza. By the way, for anyone that wants to know, Adam Ragusa made a video on Detroit-style pizza. And I'm going to find that on YouTube real quick. Detroit-style pizza. All right. And I think I can just press this button here. So this video right here, Adam Ragusa. And this is actually where we are going, specifically where we are going for pizza, because... Let me move my head over. But anyways, I don't want to move. The Detroit-style pizza. This is actually Buddy's Pizza in Detroit. And this is somewhere... Yeah, this is where I'll actually be tonight is going there. Maybe this guy will be there. But yeah, they do... This is the original home of Detroit-style pizza and how they do it. So check that video out. It's basically... You can see the main movements. You can see the title. It says industry immigrants and Detroit-style pizza. It was the first search result when I looked. But yeah, this is... If you want real... One of my son's favorite pizzas is Buddy's Pizza. So we like going there. Let's see. A lot of questions in here. Someone else seen it. That was a good video. Yes. You missed Buddy's because you're now a Detroit expat. Yeah. If you come to Detroit, the Detroit-style pizza. I mean, I... In Detroit, I never knew until I traveled more that some people asked about Detroit-style pizza. And that is where it's from, specifically Buddy's Pizza. But we never really think about it. To me, it's just like a... It's a way they have the deep dish square pizzas. Jet's Pizza made it pretty famous. There's a lot of other places that sell the kind of a deep dish pizza like that. I never really thought about calling it Detroit Pizza. I always think about either Chicago Pizza or New York Pizza. I'm partial to the thin pizzas. Like a cracker-style pizza is one of my favorites. But the Buddy's Pizza, because of the edges being so good, I like them too. I mean, I don't dislike the other... I don't dislike the other types of pizzas. I like all the pizzas. Buddy's Loaded Cheese Fries. Yeah, yeah, yeah. Oh, let's see. Detroit Pizza is just the way pizza should be. We can go with that. I won't argue about that. I might do some upcoming videos about something else, another topic that's going to be CompTIA. I am now on the... really called steering committee. I'm joining more CompTIA things, essentially. So the reason I'll be talking about more CompTIA. And it was interesting, and my friend Jason's, the one who got me involved or pushed me to get involved in the CompTIA things, and I want to participate more. And I've had a lot of great discussions with the people at CompTIA. And it's all those things. There's going to be someone going, screw that CompTIA place. They were against the right to repair. Didn't you watch any of Lewis Rospin's videos? Yes, I did. And one of the things that I found really interesting is, one, he's right. They were against the right to repair. But why? And when you start digging into it, and by the way, internally, I mean, they know they shouldn't be against the right to repair. But you go, well, who's running the place? Who's on the committees? And you're like, oh, there's not enough people on the committees. There's not enough outsiders like myself or my friend Jason Slagle on there. And you start thinking about it from that perspective of going, well, you could try to fight a well-tuned machine geared for pushing policy. Or you could join the board of the well-tuned machine for policy and convince all the people there a better way to put out policy. Turns out that's easier. I just didn't know. And my naivety went from, you know, screw that CompTIA place, I'd previously said in a lot of videos to, oh, by the way, I'm on CompTIA, and I'm helping to shape the way they do things. I'm contributing back. I'm among my peers who all have an opinion. And we all have a voice where we are coming to a better understanding of how things should look going forward. It's not like I'm involved in everything CompTIA does, but I am getting involved in some of the things we had a meeting today discussing how things will look for such as trust mark going forward. So I find it really interesting being on the inside of all this and being able to contribute back. I look forward to participating in a lot of those meetings. And it's just one of those things I kind of had a misunderstanding myself of going, huh, I thought people, smart people wouldn't allow normal people like me in or whatever, you know, like it would be this hard thing to do. It turns out it was actually easy to join and participate in the committees and everything else. And they really appreciate people working in the industry like myself of, oh, and hey, we value your input and want to know how to shape things going forward. So this is, it's been this great discussion amongst all the people there. So that's actually been really cool. I'd appreciate a video on how to gain customer trust. I don't know, we could do that on the business technicalities one that's not going on my main channel. I don't put any of the business videos on there. So have you tested the new MSP 360 for our forward options? I haven't. But it could be that my staff has, I haven't tested it because I'll spend a lot of time using that tool. My staff does, they may have tested it. I tried to get some TSR about 10 years ago, they were still teaching me current MC and ISA in the age of PCIE. Yeah. And that comes from going slow on how you build up those certifications and everything else or how you change those. I'm not involved directly in that and actually I'm someone who doesn't have any certifications at all. So I come from this completely not certified for things. So that's a different perspective I have. So far nothing I'm involved in is directly about like a plus certification. The things I'm looking at right now is how their ISA works and how the trust mark is going to work. Basically, one of the things that is going to be a big initiative is that the industry and Camtia is definitely a player in that industry has a way we vet the IT and managed service provider or MSP companies to making sure that they are doing things in a common and secure way. And basically if you want to roll back to someone just said, how do you trust, how do you build trust with your customer? This is actually a way to build trust with the customer. You don't really want to go to court with anyone. You want to go to court with someone who has passed the bar exam. Matter of fact, it's actually required. If you have someone represent you, I don't know the nuances of it, but pretty sure you have to have someone who's a real lawyer who really has passed the bar exam and is licensed to practice law in that state. We don't have such things. Anyone who's going to end up being an IT person then converts themselves to I run an IT business and make choices is a short path of changing hats. Someone can be fired today from their job as an IT administrator and tomorrow they have an IT business running around servicing things with no concept of whether or not they're actually competent enough to do the full task of managing client networks. So that's where we have a lot of problems in the industry and it is given a bad reputation to a lot of the managers, providers, because there's a lot of bad ones out there. Now, majority of them are good actually, not the majority bad, but you notice the bad ones. The bad ones make the news. The bad ones are the source of a hack that takes over a lot of other companies and sometimes it's not because I'm not victim blaming here, but they just didn't do things in any proper way. They had no 2FA. They had all their systems exposed and things like that. We talked a little bit about this at the IT nation event is make sure we have empathy because reality is these people were attacked, but their own naivety is sometimes what leads to it. They just go, whoa, I shouldn't have all these things wide open to the network. I'm like, yeah, that really should have been closed off. Hence the reason there's needs for industry standards. So we have a way to vet them, make sure they've gone through a process and that can build customer trust that they should use that IT company for things. That was random. I like pretzels. My son comes in here and brings me pretzels. Yeah. We're like on the edge of the screen. RDP shouldn't be wide open, right? But it is. RDP is open a lot. Have you seen Shodan? There's a lot more than just RDP that's open. It is a massive problem we have. How many times has Sean tried to get you to join the RAP battle at IT nation? Only once and I thought about joining and then I decided not to. I don't know. I actually have a problem where I often talk too fast is often commented in many of my videos. Tom, could you talk a little bit slower? But I don't think that necessarily makes me someone who has any ability to rap. What do you think, Marcus? Could I win a rap battle? I don't know. Even son doesn't have faith that I should participate in a rap battle. By the way, this was actually hysterical. I don't know every detail, but basically there was some community talk about rhyming and rap battle and somehow they came up with the idea like let's have a rap battle at the IT nation event. It was fun. I actually thought it was a lot of lulls, a lot of laughs, and people participating in it. It was all nerd rap, of course. It wasn't just like any rap battle. Of course, there are going to be essentially nerd rap referencing industry things and stuff like that. It was definitely a lot of fun. These pretzels are making me thirsty. Yep, I do remember a critical system of that on a wind server with RDP open. Yeah, there's always there. Want to be a hacker? Scan for admin. You're in. Backup works too. More frequently than you would like to think. Lord system, rap for us. Get your son to lay down a sick beat. Yeah, no. You don't talk fast though. I'm an Aussie and apparently we talk fast. Yeah, that's actually an interesting inside the US as well, depending on where you're at. The middle south, people talk a lot slower than they do in the north. Depending on the broadness of the US has a diversity of paces at which the language is spoken, even though we're all speaking English. Midwesters normally get told they talk slow. I think you contrast with Jay. Yeah, me and Jay are from the same area. We grew up in Michigan here, not far from each other. And we don't, we both have different paces at which we talk. I think painting customer trust is to fix some issues with. Yeah, customer trust is hard. It's one over time. It's one by mostly doing what you say you're going to do. You say, I'm going to do this thing, then you do that thing. You wouldn't believe how many people don't do the thing they said they're going to do. And it's often the biggest complaint. The reason we're replacing so many IT companies that we run into, and we're only replacing the bad ones, not the good ones. So you get a bias and you get this weird bias like, oh, all these people must be bad, but there's a commonality between them. Almost always the answer is they've answered the phone. They were hard to get a hold of. They said they were going to fix something and never fixed it. Those are like the three common pain points. This like we asked them to do this thing. They said later, later, and later never came. So it never got done. They were difficult. The printer would go down and it was no one there to fix it even after repeated tickets, phone calls, etc. Those are almost always the trust erosion points that people have with their IT staffing. And my friend, which actually, by the way, he just sold his business, you know, as a sign company, which is one of our clients. But one of the things he made me laugh was when he started a sign company and bear with me here, it's very relevant. When I asked him, wow, you're not a really graphic designer or artist or someone who has some specialty for making signs and graphics, but we made you start a sign company. And it turns out because his history was in working in the industry that needed signs. He actually managed several golf courses and they needed signs for the different things. He goes, you know, I figured I could just become a really large sign company and an overnight success by answering the phone because that industry was so bad at doing it. And he wasn't wrong. He built the business up relatively fast, made his exit through retirement after he had it for a number of years. But I was there when he started. I remember when he started it and recently is, you know, talk to him after the exit and he did very well. And like he said, I don't know, just answered the phone and when someone asked for a sign, we delivered it on time. Novel concept turns out enough to build a business. Oh, cracker. Just gonna keep giving me. Do you have any recommendations for flint clients that can do RDP connections to windows VMs and a four man's VDI setup? Not really. I never use thin clients. Laptops are too cheap. So no recommendation on them. I haven't seen thin clients any cheaper than you can buy a cheap laptop for. Port 339 is dangerous. And if you're running into home servers, you can detect from being open outside the internet. Yeah. Actually, I'll address this one. Service level agreement is a key gives you standing. If service sucks. No, everyone complains about it. I mean, the service agreements just keep getting bigger and bigger. They're just legal documents between clients. They actually don't build any trust. Everyone signs them. Everyone's like, I hope all this I hear your lawyer, your legal team gets a copy. My legal team gets a copy. Hopefully we'll never need to call our legal teams. That isn't where any of the trust is built. It's actually built by doing things. It's built by interaction with the client, not the legal documents. People spend way too much time thinking about, are they important? Yes. Do they have a legal ramification? Yes. But they're not the talking point that builds the trust between your client. It comes down to the service ability you have with them. Looking at unified switches for home, I have a few UAP AC lights APs. I heard some of these APs use 24 volt passive and the light switches don't support instrument that checks this. Yeah, you can look up the specs for any of the access points you're looking at and determine whether or not those just see if they need passive 24. It'll be in the list. We use RDP for 22 inch through wire. Yeah, I mean wire guards fine. Untangles fine. VT wear on a RP, oh Raspberry Pi. Let's say RPF Raspberry Pi. I should have got that faster as a thing client. Yeah, that should work. There's an option for you. Our Raspberry Pi is even cheap right now. Uh, I think that might be questionable. But let's jump over to another fun thing real quick. Let's see. Let's see. Move on from this and that. And oh, here we go. Let's play with this tool because this tool is fun. All right. This is the video I'm working on. But I ran out of time because I was working on too many things today. So it didn't get recorded today. It'll get recorded tomorrow. This is run zero. And it's pretty awesome. If you aren't familiar with my video I did on a tool called rumble. This is the new version. It changed names and got better with all the same features it had in my old video on rumble discovery and now brought it over to run zero. I'm straight up impressed with all the things you can do on here. And let's go ahead and make this a little easier to read. If you see at the top here it says IT nation. And yeah, I was curious like how many iPhones are there at IT nation on this open Wi-Fi network when I did the scan sitting at my laptop. So this was some fun playing I did. So I'll be talking about that and how the agents work. And no, that's not my public IP address. No need to tell me this was the IP address of the hotel I was at. But I'll be doing an updated video on this right here. So yeah, Res, I'm done. I know our food. I know. I know you want to keep it. I was trying to see how many times I could give you a piece of food. I'm done with food. We're going to go eat after this. Res rate price are definitely pricey. Duo with RDP as good as two. It's an actual thing. By the way, Duo fails open by default if you didn't know. So if you are concerned with the Duo fail open by default option they have, you can change it. It's just, as I said, the default option. So something to consider. Service delivery is one of the critical points of psychology. We must be concerned. I sold RTX 4090 to buy two Raspberry Pis. It's not to pay for you to cover the cost. Yeah, it's expensive. What do you think about oofy cameras? Never heard of them. Never heard of them. So I have no opinions on them. But the Run Zero product. And we'll switch over here to my organization of LTS Tom. This is a demo account I have set up. But I'll be doing an updated video on here to talk about all the things. And hey, speaking of cameras, look at the Amcrest cameras I have found on my network. There's so much that this tool does now that I'll be covering. Now, I'm not going to do the integrations for the demo, but they've actually built in a ton of integrations so you can correlate data together. But, you know, feel free to throw me some comments. You might know about how this tool works or how it works as an asset discovery tool, which is just kind of fun because you can see all the things. Actually, one of my other silly things, you can have 20 results, 50, 100 results, or 256, 512, or 1024. I just like some of the little things like that. But there's, hey, look, there's all my Amcrest cameras. As a matter of fact, we can narrow down to all the different Amcrest cameras that I have on my network. And then click on them and do things like, hey, I wonder what this Amcrest camera looks like. It has screenshots and everything. I don't know. It just really slick how this all works. So I'm going to do an updated video on this. Yes, this is a paid commercial tool. This is not an open source tool, but nonetheless, it's a really neat tool for doing asset discovery and they've built in a lot of things. So I'll be, this is the upcoming video I'm working on, though. I just, something really slick about the way it works. And by the way, it's not sponsored. I happen to renew my license. And so I decided to do an updated video on it kind of based on things like that. So yeah, and they do have a free tier. They have some free options to get started with it, which is pretty cool too. That's the one I already answered. Thank you for sharing all your insights with some interesting stuff in here. We're awesome. Thank you. I don't think there's anything disabled in the trial. I'm pretty sure the trial is completely full. I don't think there's, I don't think there's anything in a trial you can't do. All right, try to figure where to put my head. Put it up here, I guess. Sure, why not? Excuse me. Yeah, I don't think there's anything in the, in the trial that's not built in. There we go. I got two screens. I'm trying to see them all at once. Dragging things across here. If you're wondering how I'm dragging everything across too, I use a tool called barrier. It allows me to have one mouse and keyboard, but extend to my other studio computer where all these things are working. So your vlogs work towards the homelab and non-company side, because I remember you creating two different channels or something like labbing and corp stuff. The vlogs are just anything. They're me riffing and talking to people because apparently there's 91 people on here. So I'll answer whatever questions whether it be corporate, which is definitely corporate, not homelab in terms of running run zero. But the business specific things are on a separate channel called business technicalities. That's where there's going to be a lot more content. And it's more than just me. I put together, we just had some discussion on this, and I put together more people so we can have a team of people creating content on the business technicalities channel. And it's going to be about how to run an IT business and interviews with business people. So a lot of more discussion around that topic. Fly away, fly away, Tom. Yeah. So nonetheless, I'm going to get this going for another 12 minutes because the other reason my son's coming down here is not only feed me, he would like me to feed him. I'm supposed to take him out to that pizza I mentioned earlier. So is there any reason a homelab or white want to look at XCPNG versus Proxmas? Lots of people run XCPNG in the home lab. I don't see any reason not to run it. I don't see a reason not to run Proxmox. It comes down to which one did you read the documentation for first and which one clicked in your head and said, hey, I really like this as a platform to build on. We use a lot of XCPNG commercially. I use XCPNG in my homelab. I just really like the way it works. I like the intuitiveness of the interface on it. I think it's just a really solid system. Been really happy with it. But, you know, that's not everybody's opinion. Some people go, no, I love, I love Proxmox. And I'm like, then use it. Like, I don't have a reason not to use it. They're both solid products. So hopefully that answers that question. Also, fun thing. If you've ever wondered what happens to your alerting system, this is snort specifically when you run the discovery tool. There's a lot of alerts in here. So it's kind of, if you're wondering if your alert system works, run the run zero discovery agent, let it scour around the network and watch your system go. We just start throwing all the traffic out there. Oh, unraid here also. Yeah, some people like unraid. I don't use it. I don't have a use case for unraid, but lots of people in the homelab do. I don't have anything against it. If you'd like to use it, I can't tell you a reason not to use unraid. Unlike, someone may ask QNAP. QNAP, poor security updates, poor security track record. I don't like QNAP that much. So I'm running unraid and virtualization. Why not both? Oh, that's the real answer. For homeland, share NAS works well. Yes. Do you ever use vendor tools like Dell OpenManage or whatever the HP equivalent is? So you can do a video on how do you set it up? If not, what would you use in the equivalent? I don't use Dell OpenManage. So I don't have a whole lot of insight into that. XCPAG works straight in the homelab. Tana's a great video doing XOA build from sources. Yes. I've got a lot of documentation on that. Choosing software can be like love on first click. Yeah, sometimes you just, it just warms your heart when you use it and that's the software you're using today because it just, it worked. It worked on the first install. I next and yesed all my way through happiness. I use unraid and I'm desktop Linux guy. I just know I won't break it. On PFSense, start Sericata. I don't know. Right now I have my home running start and my office running Sericata. I like both. I don't have, actually I have a bug I don't like which, see if I can make this bug happen. This, this bug right here. You click these links to the SID IDs and some are there, some are not. That's kind of annoying. So that's kind of a problem. There's one there. I think that's cool. That doesn't happen in Sericata. So I don't really have an answer for which one. They both work off similar rule sets. So there's not like this. One is substantially better than the other either way. So whichever one makes you happy. Unraid is paid but you can throw any drives at it. Yeah. Unraid is great when you have a bunch of disavarious sizes. I picked up Unraid because a bunch of random size it works. Yeah, that is true. You could definitely do that. Thanks for talking about headscale, the best VPN solution I've used. I've had my desktop and the DERF server works nice when the whole bunch of yes, yes, the headscale, tailscale. Hey, look, this guy did a video on it. But you can go to the GitHub page. I haven't updated the video in a while, but it's oh, that looks new. I don't think did it have that same graphic before? Probably not. Maybe the update of the graphic. That's cool. With automation, headscale is very powerful. No warranty on it, not vetted. So proceed with caution outside your home lab. Yeah. Like the original one. I still want to compare. Yeah. Like the original one, is it still what I compare all music players against? You know, it is. I mean, we all start a win app and that's, win app is still awesome. I think it probably is. It's the basis for everything. Yeah, I haven't done a test and maybe one day I will. As I expand my YouTube channel, I'll have to hire some people and that's one of the things I'll hire for is just hire people to sit and test things that I don't have time to test. Then I'll present the results, they will do the write-ups like, hey, here's the results of throwing this many packets across Snort. Here's this many packets showing across Sericata. Here's the baseline CPU when this was done and go from there. So it's on my to-do list and do those tests. It's just a time-consuming thing to do all the things I do in some of those tests. So that's definitely hiring people. It's going to be coming up soon once I find some of the right people that want to do some lab testing with me to do it. I really prefer someone to be local. That's one of the challenges. It's hard to do that work remotely because if I do it remotely, someone still has to set up in the systems and now it's taking up my time and it may not get done as fast as opposed to someone local who can come in and set it all up, run the tests, move the network cables around and test the Wi-Fi things and everything else. Awesome. Then it can all get done with much more expediency. What's in here? YouTube project. Oh, I still have my memory testing ones. That's the last video I did on this topic was memory testing with Zen server. So tunes in from Ferndale. Well, you know how to reach out to me there, sir, if you would like to help with testing. I mean, I'm not as asking people to hang out with me for free to play with hardware bonus, if you like doing that. But no, these are paid things that I will be doing to get people, you know, I've seen, I'm going to need more help with some of this stuff because that's the nature of it. I put my face, there we go. If I put my face over here, it won't be in the way. Should I make it bigger? There we go. I do all this in OBS for anyone who's wondering. There's OBS and stream yard is how all this is currently set up. Circata and snort performance. Do either of them have better support for QET? Nope. I don't think so. I don't think that any, any of that really. Spacerator one just built the studio. He'll be a fun to get a homelab show plus his accent is, yeah, I find it interesting. Nicky Xun has gone into sale just found out about it a couple of days ago. Yeah, it's an older model. Put my face behind the logo. Yeah, there we go. I could probably do that because the logo is overlaid by stream apps. So we actually could put my face up there. There we go. Can we get the same? I'm going to just goof off if I start playing with this. As cool as that is. I don't think I need to do that. Any more questions because I wasn't going to talk more about virtualization, but I'm running out of time. We talked about, we kind of did talk about it. Why, why run XTP and G? I talked about run zero video I'm doing soon. I think that's all the talking for today because the pizzaing is what happens next. Got to go over to the pizza place. Actually, you could do this. Hold on. Is there anything else I wanted to share that was from? Yeah, I can't think of anything. All right. I have some Macronus videos I will be doing. So yeah, pizza time. That's pizza time is what's next. That is for sure. I will share this. So we hit the button over here. One of the staff brought his dog to work. So I post this on Twitter as well. But yeah, it's always cool having when my staff gets to bring their dogs to work. I love pets. I just don't have any because I'm not, I'm not home enough, essentially. Or if I travel, I don't want to leave them somewhere. So because I can't always necessarily take them with me. But nonetheless, it's cool when office members bring their pets in, which is just novel. So it gets me definitely excited at the office. Throw that out there. I'm definitely a pet lover. Dogs especially. I like cats too. My daughter has a few cats. All right. 58 minutes, 59 minutes. One minute to go. We'll do it one hour, Marcus, when we'll end this. Any last minute, literally last minute questions? No pizza at 1130. You shouldn't be eating pizza at 1130 at night. Get that dog some certs and put them to work. Yeah. Tri-fi GPS dog collars are great. Really, tri-fi GPS dog collars. Interesting. Yeah, we're down to the last few seconds here. It's the countdown. Actually, what happens if I do this? Oh, that won't work. Actually, I just like the recursion part. Because that looks cool. There we go. What's the meaning of life? I don't know, but it's playing with recursion. I think this... Oh, this is... It's like when Windows goes bad, I'm sure this is distracting someone and someone's going, you're just wasting my time. You're probably right. Anyways, that's a minute well spent, right? Oh, the tweeted... Oh, you know what? Before I leave, I will tease that a little further. If I can remember the IP address... Hold on. We're going to pull it up. We better switch screens real quick. But if I can find the IP address to this, we will do a better than that. Because it's actually set up and running now. I don't know where it is. Where'd it go? There we go. So we'll go a step further and actually share this. Oh, we should probably move my head somewhere else. But yeah, we got it set up. This is the PCI KVM thing. It is connected and working. So a video will be coming soon about this. It's got cool options, text options, drive to connect different storage options. Yes, we can click the power button short and long. Actually, try to make it. Can I make this bigger? There we go. So you will see it. There we go. But yes, video coming soon on this. It's really cool. It works really slick. And it's actually controlling one of our lab servers here. And by the way, it's doing this over a VPN. So it's not only working, it's actually working over a VPN. So kind of cool. Actually, right now it's not. Is it the key? Why isn't the keyword key working? I'll figure that out. It was working a minute ago. For some reason, it's not. What am I doing wrong? Oh, fan failed. So there's actually an issue with it. But we'll figure that out. At least it's working. That's what's cool. But for some reason, it seems to be overheating. That's literally not cool. All right. Now we can end the vlog on that one. Put this over here. Yes, there's stupid things pulled up everywhere. You can see at any given time, there's probably a bunch of memes pulled up that Tom has. They'll eventually end up everywhere else. So all right, thanks everyone for joining. And I will see you next time. Later.