TCB13

TCB13, 1 year ago (edited 1 year ago)

#1 leaves a lot to be desired, as it advocates for doing something without thinking about why you’re doing it – it is essentially a non-answer.

Agreed. That’s mostly BS from people who make commissions from some vendor.

#2 is strange – why does it matter? If one is hosting a webserver on port 80, for example, they are going to poke a hole in their router’s NAT at port 80 to open that server’s port to the public. What difference does it make to then have another firewall that needs to be port forwarded?

A Firewall might be more advanced than just NAT/poking a hole, it may do intrusion detection (whatever that means) and DDoS protection

#3 is a strange one – what sort of malicious behaviour could even be done to a device with no firewall? If you have no applications listening on any port, then there’s nothing to access.

Maybe you’ve a bunch of IoT devices in your network that are sold by a Chinese company or any IoT device (lol) and you don’t want them to be able to access the internet because they’ll establish connections to shady places and might be used to access your network and other devices inside it.

#5 is the only one that makes some sense;

Essentially the same answer and in #3

If we’re talking about your home setup and/or homelab just don’t get a hardware firewall, those are overpriced and won’t add much value. You’re better off by buying an OpenWRT compatible router and ditching your ISP router. OpenWRT does NAT and has a firewall that is easy to manage and setup whatever policies you might need to restrict specific devices. You’ll also be able to setup things such as DoH / DoT for your entire network, setup a quick Wireguard VPN to access your local services from the outside in a safe way and maybe use it to setup a couple of network shares. Much more value for most people, way cheaper.

TCB13, 1 year ago

There’s Debian and Red Hat Enterprise, everything else is pointless. Enjoy.

TCB13, 1 year ago (edited 1 year ago)

But idle still would run much more than 15w

This isn’t true.

• HP Prodesk 400 G5 i5 9500T > idles at 4.5W
• Optiplex Micro 3080 > idles at 7W
• Unbranded Mini Atom C3758 > idles at 3.5W

Either way, quick math, on a 7W range were talking about less than 10$/year to run the device.

TCB13, 1 year ago

I would agree to a certain point. If you get a 10th gen CPU it is power efficient and there are a lot of gamers and whatnot selling those. Also there are a lot of MiniPCs that come with mobile “T” CPU that are very decent at idle.

TCB13, 1 year ago

Everything’s about perspective… maybe GNOME became SO bloated that KDE now seems very light. :P

TCB13, 1 year ago

Everyone does run into a Windows-only app eventually. It’s sad, it hurts but it is what it is.

TCB13, 1 year ago

Okay that’s fair. So this this the solution, fallback to a second machine running Windows? :P

TCB13, 1 year ago

Surface Laptop 3 running Kubuntu, such an improvement over what it was “designed” for.

I’m sure it is an improvement until… you’ve to use Wine to run something Windows only or a VM and end up on the exact same spot as initially but with extra steps and less performance. 😂 😂 😂

TCB13, 1 year ago

Unless you have to collaborate with others who use said Windows only apps and you can’t afford compatibility issues.