Technitium DNS Server in Docker: Is this the Best Home Server DNS?

Technitium DNS Server in Docker: Is this the Best Home Server DNS? @vexpert #homelab #TechnitiumDNSServer #HomeLabDNS #DNSPrivacyandSecurity #DNSServerComparison #PiHolevsTechnitium #AdGuardHomevsTechnitium #CustomDNSConfiguration #BlockAdsandMalwareDNS

When many enthusiasts or home labbers start to look at services they want to run at home after purchasing some server gear, DNS server is one of the first services that you can benefit from. DNS provides the core name resolution for your home lab and server environment. Hosting your own DNS server provides many benefits over using the configured ISP’s DNS server settings. Table of contentsWhat…

View On WordPress

Google Domains has officially been acquired by Squarespace, and domain migrations are underway. Understand your options, why choosing the right registrar matters, and how to ensure a smooth domain transfer process without downtime.

Top Alt DNS

NextDNS: IPv4: 45.90.28.0, 45.90.30.0 IPv6: 2a07:a880::, 2a07:a881::

Cloudflare DNS: IPv4: 1.1.1.1, 1.0.0.1 IPv6: 2606:4700:4700::1111, 2606:4700:4700::1001

Google Public DNS: IPv4: 8.8.8.8, 8.8.4.4 IPv6: 2001:4860:4860::8888, 2001:4860:4860::88441  

Proton DNS: IPv4: 162.216.1.0, 162.216.8.0 IPv6: 2a10:4880:100::, 2a10:4880:108::

Quad9 (quad9.net): IPv4: 9.9.9.9, 149.112.112.112 IPv6: 2620:fe::fe, 2620:fe::9 Focuses on security, blocking malicious domains.

AdGuard DNS (adguard-dns.io): IPv4: 94.140.14.14, 94.140.15.15 (default) IPv4: 176.103.130.130, 176.103.130.131 (adblocking) IPv4: 94.140.14.15, 94.140.15.16 (family protection) IPv6: 2a10:50c0::ad1:ff, 2a10:50c0::ad2:ff (default) IPv6: 2a10:50c0::1:ff, 2a10:50c0::2:ff (adblocking) IPv6: 2a10:50c0::3:ff, 2a10:50c0::4:ff (family protection) Offers various filtering options, including ad blocking and parental controls.

CleanBrowsing (cleanbrowsing.org): Family Filter: IPv4: 185.228.168.168, 185.228.169.168 IPv6: 2a0d:2a00:1::, 2a0d:2a00:2:: Adult Filter: IPv4: 185.228.168.10, 185.228.169.11 IPv6: 2a0d:2a00:1:2::, 2a0d:2a00:2:2:: Security Filter: IPv4: 185.228.168.9, 185.228.169.9 IPv6: 2a0d:2a00:1:1::, 2a0d:2a00:2:1:: Provides family-friendly DNS with various filtering levels.

OpenDNS (opendns.com): IPv4: 208.67.222.222, 208.67.220.220 IPv6: 2620:119:35::35, 2620:119:53::53 offers options for security, and family filtering.

(via DNS Filtering in home network)

I was so surprised to learn that the dance scene in the cabin didn't land with everyone, because it became my favorite scene in the whole game.

The lock being magically sealed beforehand signifies peace and safety: the girls are secure in their special cabin and have the privacy to dance together. Kat leads them and Nora joins, and I love the little parallel that Autumn encourages Swann to join, just like how she invited her to the movies to get away from Corey and Dylan in their first scene together.

What really captured me about the dancing is that it's not any one specific style or even overtly romantic. The girls dance shamelessly, exactly the way someone would sing in the shower or jam out alone in their room, except they're together and completely comfortable with each other, knowing there's no shame or judgement. Even though they've just ran for their lives, even though makeup is melting all over their faces, even though they know Kat is dying-- they keep dancing anyway. The game is telling you: forget that last scene, just live in the moment for a second. That's exactly what the girls are doing, and is what allows the scene to be the most impactful to the audience.

And Swann-- just, Swann. Here's a plus-sized girl who's felt lonely, unattractive, and unlovable her whole life, who's been told over and over that she's too weird and quiet yet somehow takes up too much space at the same time. She's never felt at home in her body. But when she finally joins the dance floor, the shot is framed as her best friends literally pulling her out of the darkness and into the light (I see you, lesbian lighting!). Her dancing is genuinely so enchanting, because here she is smiling with her eyes closed, arms up, spinning in graceful circles around her friends, and she's finally allowed to take up SPACE. She allows her arms to stretch out and allows her body to twirl and lean and sway. THIS is what Swann being comfortable in her skin looks like, and it's simply beautiful.

It's incredible how well the scene is choreographed to make the dances look so un-choreographed and natural. Each couple gets a unique dance and kiss-- even when the rest of the tape may feel rushed, Dontnod decided not to skimp on this beautiful scene. With no words exchanged, it's like the girls' kiss is part of the dance routine, and the kisses are long too. It's a kiss that literally sweeps them off their feet and visually transports them away from their problems and confined lives. Above all, it proves the power of community, and how all of the girls are able to fully blossom in each other's presence and support. I could honestly talk about this scene forever. And DN is pitch perfect, as always, with their song choice, with the girls' dance set to "Lazuli" by Beach House:

In the blue of this life Where it ends in the night When you couldn't see me You would come for me

There's nothing like lapis lazuli Let it go back to me

Like no other, you can't be replaced (There's nothing like lapis lazuli) Like no other, you can't be replaced (There's nothing like lapis lazuli)

What would you say are good reasons to use a VPN?

bypassing countrywide/internet provider blocklists or monitoring (of porn, lgbt content, etc (often just changing ur dns server (see cloudflare dns or quad9) will also be enough, but this might be more risky)), piracy, technically bypassing geoblocks on content (but like, just pirate shit lol), as one of multiple layers when doing other fun illegal shit online (do not ask me for specific advice, just a commercial vpn will not be sufficient protection) etc.. a vpn will not magically protect you from getting hacked or inherently increase security, and having one always enabled will not do much more than just slowing your internet down for most users. regarding isp/government monitoring it also simply shifts who you have to trust to another commercial entity, often operating under thin margins while being easily subpoenad, generally dont trust a privacy focused company that has a suspiciously high marketing budget. (furthermore companies such as nordvpn have been officially found of false advertising by at least the UK government, pointing this out in their replies on twitter will get you blocked, same with poining out how trivially they were hacked in the past and how shoddy their security has been at times)

All right, since I bombarded a poor mutual yesterday...

Privacy is not security and security is not privacy. These terms are not interchangeable, but they are intrinsically linked.

While we're at this, anonymity =/= security either. For example, Tor provides the former, but not necessarily the latter, hence using Https is always essential.

It is impossible to have privacy without security, but you can have security without privacy.

A case in point is administrators being able to view any data they want due to their full-access rights to a system. That being said, there are ethics and policies that usually prevent such behavior.

Some general tips:

Operating System: Switch to Linux. Ubuntu and Linux Mint are widely used for a reason. Fedora too. And don't worry! You can keep your current operating system, apps and data. If you're on a Mac computer, you can easily partition your hard drive or SSD by using Disk Utility. If you're on Windows, you can follow this guide.

You want to go a step further? Go with Whonix or Tails. They're Linux distributions as well, but they're both aiming for security, not beauty so the interface might not be ideal for everyone. Many political activists and journalists use them.

You want anonymity? Then you need to familiarize yourself with Tor. Also, Tor and HTTPS and Tor’s weaknesses. When you're using it, don't log in to sites like Google, Facebook, Twitter etc. and make sure to stay away from Java and Javascript, because those things make you traceable.

Alternatives for dealing with censorship? i2p and Freenet.

Is ^ too much? Welp. All right. Let's see. The first step is to degoogle.

Switch to a user-friendly browser like Firefox (or better yet LibreWolf), Brave or Vivaldi. There are plenty of hardened browsers, but they can be overwhelming for a beginner.

Get an ad blocker like Ublock Origin.

Search Engine? StartPage or Duckduckgo. SearXNG too. Like I said degoogle.

Get a PGP encrypted e-mail. Check Protonmail out.

There's also Tutamail that doesn't cover PGP, but uses hybrid encryption that avoids some of the cons of PGP.

Skiff mail is also a decent option.

Use an e-mail aliasing service such as SimpleLogin or AnonAddy.

Check OpenPGP out. Claws Mail is a good e-mail client for Windows and Linux, Thunderbird for Mac OS.

Gpg4win is free and easy to use for anyone that wants to encrypt/decrypt e-mails.

Instead of Whatsapp, Facebook messenger, Telegram etc. use Signal for your encrypted insant messaging, voice and video calls.

Get a metadata cleaner.

Get a firewall like Opensnitch, Portmaster or Netguard which can block Internet for trackers.

Alternatively, go with a private DNS that blocks these trackers. NextDNS is a good paid service. Rethink a good free option.

Replace as many of your applications as you can with FOSS (free and open source) ones. Alternativeto can help you.

Always have automatic updates on. They are annoying af, I know, but they are necessary.

Keep your distance from outdated software.

Always have two-factor authentication (2FA) enabled.

Do not use your administrator account for casual stuff. If you're on Linux, you probably know you can be sudo, but not root.

On Linux distributions use AppArmor, but stay away from random antivirus scanners. Other distributions default to SELinux, which is less suited to a beginner.

Never repeat your passwords. If you can't remember them all, use a password manager like KeePass.

Encrypt your drive.

Honestly, VPNs have their uses and ProtonVPN, Mullvad and Windscribe are decent, but eh. If you don't trust your ISP, why would you trust the VPN provider that claims they don't log you when you can't verify such a thing?

Contingency Plan

I am hopeful that we will miraculously be smart enough to not allow a fascist to be elected president again.

I am hopeful that people will realize everything will be worse under Republican rule - read up on project 2025 to give you a clearer idea what that looks like. Listen to the awful rally at MSG last weekend.

I am hopeful the arrogance of the privileged that are aiming to "protest" by not voting will change their mind as they will be the reason for more blood to be shed. Not just in Palestine, but also right here. School shootings will increase. Deaths among women, be it by abuse or being forced to carry to term. Deaths among minorities.

I am hopeful, however.

But if this election turns to shit, you're going to need to understand how to stay safe - as safe as you are able.

There are many things you need to change regarding your online and offline life.

Online:

If you feel you are a target of republican policies, you'll want to purge or just simply stop posting data about yourself regarding your online presence.

selfies

pictures of your home inside or out

pictures of trips you've been on and posted online

any reference to your real name

any reference to your real home address or general area

jobs (where you work or what you do)

Privacy is REALLY important to me.

update your DNS settings, preferably on the router you use, but you can also do it on your PC, to use cloudflare dns 1.1.1.1 and 1.0.0.1 Updating the DNS to cloudflare will prevent your ISP seeing some traffic and will actually improve website response times too)

please use a VPN like NordVPN or something. There's a lot of them out there. Using a VPN will not only encrypt data, it will also hide your ip.

Use a more secure browser - Tor Browser is good for that given it goes through the onion network - but it can make websites harder to use because of how strict it is. You can use LibreWolf as an alternative which comes with pretty secure settings "right out of the box".

Use offline Password Managers (don't use or let your browser remember them). I use KeePass

Get off any app that tracks anything. This includes but not limited to period trackers, fitness trackers, anything that tracks your location and uploads it to the app developers. An app that says "We don't track your data" today does NOT mean that they won't update and start tracking you tomorrow. Be VERY wary of all app privacy policies. You will need to literally read them now. If they share your data, don't use it. Because these companies sell your data to not only advertisers but also law enforcement.

[Please take some time to search and understand the above by yourself, otherwise this will be a gargantuan post if I have to explain it all.]

Offline

You're going to have to accept that convenience is no longer possible or feasible. Everyone's situation is different and I can only recommend looking to the people you trust the most for help in any which way you can. Even crossing state boarders is dangerous for some people.

Breathe. Think it through. Ask for help.

Please also provide resources if you have any to this post so we can send it around.

Secure person frets about modern security

(...)

Internet of Things. More like @internetofshit. Whenever possible, avoid "smart" devices, which are essentially incredibly insecure, internet-connected computers that gather tons of data, get hacked all the time, and that people willingly place into their homes. These things have microphones, and they routinely send data back to the mothership for analytics and to "improve customer experience" lol ok.

As an example, in my younger and naive years I once purchased a CO2 monitor from China that demanded to know everything about me and my precise physical location before it would tell me the amount of CO2 in my room. These devices are a huge and very common attack surface on your privacy and security and should be avoided.

Messaging. I recommend Signal instead of text messages because it end-to-end encrypts all your communications. In addition, it does not store metadata like many other apps do (e.g. iMessage, WhatsApp). Turn on disappearing messages (e.g. 90 days default is good). In my experience they are an information vulnerability with no significant upside.

Browser. I recommend Brave browser, which is a privacy-first browser based on Chromium. That means that basically all Chrome extensions work out of the box and the browser feels like Chrome, but without Google having front row seats to your entire digital life.

Search engine. I recommend Brave search, which you can set up as your default in the browser settings. Brave Search is a privacy-first search engine with its own index, unlike e.g. Duck Duck Go which basically a nice skin for Bing, and is forced into weird partnerships with Microsoft that compromise user privacy. As with all services on this list, I pay $3/mo for Brave Premium because I prefer to be the customer, not the product in my digital life. I find that empirically, about 95% of my search engine queries are super simple website lookups, with the search engine basically acting as a tiny DNS. And if you're not finding what you're looking for, fallback to Google by just prepending "!g" to your search query, which will redirect it to Google.

Credit cards. Mint new, unique credit cards per merchant. There is no need to use one credit card on many services. This allows them to "link up" your purchasing across different services, and additionally it opens you up to credit card fraud because the services might leak your credit card number. I like and use privacy dot com to mint new credit cards for every single transaction or merchant. You get a nice interface for all your spending and notifications for each swipe. You can also set limits on each credit card (e.g. $50/month etc.), which dramatically decreases the risk of being charged more than you expect. Additionally, with a privacy dot com card you get to enter totally random information for your name and address when filling out billing information. This is huge, because there is simply no need and totally crazy that random internet merchants should be given your physical address. Which brings me to...

Address. There is no need to give out your physical address to the majority of random services and merchants on the internet. Use a virtual mail service. I currently use Earth Class Mail but tbh I'm a bit embarrassed by that and I'm looking to switch to Virtual Post Mail due to its much strong commitments to privacy, security, and its ownership structure and reputation. In any case, you get an address you can give out, they receive your mail, they scan it and digitize it, they have an app for you to quickly see it, and you can decide what to do with it (e.g. shred, forward, etc.). Not only do you gain security and privacy but also quite a bit of convenience.

Email. I still use gmail just due to sheer convenience, but I've started to partially use Proton Mail as well. And while we're on email, a few more thoughts. Never click on any link inside any email you receive. Email addresses are extremely easy to spoof and you can never be guaranteed that the email you got is a phishing email from a scammer. Instead, I manually navigate to any service of interest and log in from there. In addition, disable image loading by default in your email's settings. If you get an email that requires you to see images, you can click on "show images" to see them and it's not a big deal at all. This is important because many services use embedded images to track you - they hide information inside the image URL you get, so when your email client loads the image, they can see that you opened the email. There's just no need for that.

Additionally, confusing images are one way scammers hide information to avoid being filtered by email servers as scam / spam.

VPN. If you wish to hide your IP/location to services, you can do so via VPN indirection. I recommend Mullvad VPN. I keep VPN off by default, but enable it selectively when I'm dealing with services I trust less and want more protection from.

DNS-based blocker. You can block ads by blocking entire domains at the DNS level. I like and use NextDNS, which blocks all kinds of ads and trackers. For more advanced users who like to tinker, pi-hole is the physical alternative.

Network monitor. I like and use The Little Snitch, which I have installed and running on my MacBook. This lets you see which apps are communicating, how much data and when, so you can keep track of what apps on your computer "call home" and how often. Any app that communicates too much is sus, and should potentially be uninstalled if you don't expect the traffic. I just want to live a secure digital life and establish harmonious relationships with products and services that leak only the necessary information. And I wish to pay for the software I use so that incentives are aligned and so that I am the customer. This is not trivial, but it is possible to approach with some determination and discipline.... (ete etc)

Author: CrimethInc. Topic: technology

“The future is already here,” Cyberpunk pioneer William Gibson once said; “it’s just not very evenly distributed.” Over the intervening decades, many people have repurposed that quote to suit their needs. Today, in that tradition, we might refine it thus: War is already here—it’s just not very evenly distributed.

Never again will the battlefield be just state versus state; it hasn’t been for some time. Nor are we seeing simple conflicts that pit a state versus a unitary insurgent that aspires to statehood. Today’s wars feature belligerents of all shapes and sizes: states (allied and non-allied), religious zealots (with or without a state), local and expatriate insurgents, loyalists to former or failing or neighboring regimes, individuals with a political mission or personal agenda, and agents of chaos who benefit from the instability of war itself. Anyone or any group of any size can go to war.

The increased accessibility of the technology of disruption and war[1] means the barrier to entry is getting lower all the time. The structure of future wars will sometimes feel familiar, as men with guns murder children and bombs level entire neighborhoods—but it will take new forms, too. Combatants will manipulate markets and devalue currencies. Websites will be subject to DDoS attacks and disabling—both by adversaries and by ruling governments. Infrastructure and services like hospitals, banks, transit systems, and HVAC systems will all be vulnerable to attacks and interruptions.

In this chaotic world, in which new and increasing threats ceaselessly menace our freedom, technology has become an essential battlefield. Here at the CrimethInc. technology desk, we will intervene in the discourse and distribution of technological know-how in hopes of enabling readers like you to defend and expand your autonomy. Let’s take a glance at the terrain.

Privacy

The NSA listens to, reads, and records everything that happens on the internet.

Amazon, Google, and Apple are always listening[2] and sending some amount[3] of what they hear back to their corporate data centers[4]. Cops want that data. Uber, Lyft, Waze, Tesla, Apple, Google, and Facebook know your whereabouts and your movements all of the time. Employees spy on users.

Police[5] want access to the contents of your phone, computer, and social media accounts—whether you’re a suspected criminal, a dissident on a watch list, or an ex-wife.

The business model of most tech companies is surveillance capitalism. Companies learn everything possible about you when you use their free app or website, then sell your data to governments, police, and advertisers. There’s even a company named Palantir, after the crystal ball in The Lord of the Rings that the wizard Saruman used to gaze upon Mordor—through which Mordor gazed into Saruman and corrupted him.[6] Nietzsche’s famous quote, “When you look long into an abyss, the abyss also looks into you,” now sounds like a double transcription error: surely he didn’t mean abyss, but app.

Security

Self-replicating malware spreads across Internet of Things (IoT) devices like “smart” light bulbs and nanny cams, conscripting them into massive botnets. The people who remotely control the malware then use these light bulbs and security cameras to launch debilitating DDoS[7] attacks against DNS providers, reporters, and entire countries.

Hackers use ransomware to hold colleges, hospitals, and transit systems hostage. Everything leaks, from nude photos on celebrities’ phones to the emails of US political parties.

Capital

Eight billionaires combined own as much wealth as the poorest 50% of the world’s population. Four of those eight billionaires are tech company founders.[8] Recently, the President of the United States gathered a group of executives to increase collaboration between the tech industry and the government.[9]

The tech industry in general, and the Silicon Valley in particular, has a disproportionately large cultural influence. The tech industry is fundamentally tied to liberalism and therefore to capitalism. Even the most left-leaning technologists aren’t interested in addressing the drawbacks of the social order that has concentrated so much power in their hands.[10]

War

Nation states are already engaging in cyber warfare. Someone somewhere[11] has been learning how to take down the internet.

Tech companies are best positioned to create a registry of Muslims and other targeted groups. Even if George W. Bush and Barack Obama hadn’t already created such lists and deported millions of people, if Donald Trump (or any president) wanted to create a registry for roundups and deportations, all he’d have to do is go to Facebook. Facebook knows everything about you.

The Obama administration built the largest surveillance infrastructure ever—Donald Trump’s administration just inherited it. Liberal democracies and fascist autocracies share the same love affair with surveillance. As liberalism collapses, the rise of autocracy coincides with the greatest technical capacity for spying in history, with the least cost or effort. It’s a perfect storm.

This brief overview doesn’t even mention artificial intelligence (AI), machine learning, virtual reality (VR), augmented reality (AR), robots, the venture capital system, or tech billionaires who think they can live forever with transfusions of the blood of young people.

Here at the tech desk, we’ll examine technology and its effects from an anarchist perspective. We’ll publish accessible guides and overviews on topics like encryption, operational security, and how to strengthen your defenses for everyday life and street battles. We’ll zoom out to explore the relation between technology, the state, and capitalism—and a whole lot more. Stay tuned.

Footnotes

[1] A surplus of AK-47s. Tanks left behind by U.S. military. Malware infected networked computer transformed into DDoS botnets. Off the shelf ready to execute scripts to attack servers.

[2] Amazon Echo / Alexa. Google with Google Home. Apple with Siri. Hey Siri, start playing music.

[3] What, how much, stored for how long, and accessible by whom are all unknown to the people using those services.

[4] Unless you are a very large company, “data center” means someone else’s computer sitting in someone else’s building.

[5] Local beat cops and police chiefs, TSA, Border Patrol, FBI… all the fuckers.

[6] Expect to read more about Palantir and others in a forthcoming article about surveillance capitalism.

[7] Distributed Denial of Service. More on this in a later article, as well.

[8] Bill Gates, Jeff Bezos, Mark Zuckerberg, Larry Ellison. In fact, if you count Michael Bloomberg as a technology company, that makes five.

[9] In attendance: Eric Trump. Brad Smith, Microsoft president and chief legal officer. Jeff Bezos, Amazon founder and CEO. Larry Page, Google founder and Alphabet CEO. Sheryl Sandberg, Facebook COO. Mike Pence. Donald Trump. Peter Thiel, venture capitalist. Tim Cook, Apple CEO. Safra Catz, Oracle CEO. Elon Musk, Tesla CEO. Gary Cohn, Goldman Sachs president and Trump’s chief economic adviser. Wilbur Ross, Trump’s commerce secretary pick. Stephen Miller, senior policy adviser. Satya Nadella, Microsoft CEO. Ginni Rometty, IBM CEO. Chuck Robbins, Cisco CEO. Jared Kushner, investor and Trump’s son-in-law. Reince Priebus, chairman of the Republican National Committee and White House chief of staff. Steve Bannon, chief strategist to Trump. Eric Schmidt, Alphabet president. Alex Karp, Palantir CEO. Brian Krzanich, Intel CEO.

[10] We’ll explore this more in a later article about “The California Ideology.”

[11] Probably a state-level actor such as Russia or China.

YI Cam Remote Access: Your Guide to Self-Hosted Surveillance

Want to have complete control over your YI Cam and go beyond its default cloud? For more privacy and customization, many users prefer YI Cam Remote Access, rather than using the manufacturer's cloud. Therefore, this post explores how to accomplish this sophisticated configuration, assisting you in navigating the frequently challenging process of self-hosting your camera's feed. Walk through this post to learn more details! 

Understanding the YI Cam Remote Access

Generally, you need to install a custom firewall on your device if you want to access the YI camera remotely and connect it to your server. Additionally, it allows leveraging the benefits of the RTSP (real-time streaming protocol) streaming as well as FTP access.  Moreover, it eliminates the need for third-party platforms and for configuring cameras to the self-hosted servers.

However, it acts as a “Network Remote Controller,” especially for the multimedia servers. It allows users to control media playback remotely. But it does not deliver audio or video streams continuously; instead, it communicates with the servers streaming the multimedia content. Hence, for the YI Cam Remote Access, users must connect their security cameras to the server through RTSP.

How to Connect Camera To Server for YI Remote Access?

Moreover, enabling the YI Cam Remote Access opens up several possibilities and advanced functionalities. So, let’s begin with the essential steps to Connect Camera To Server for managing and monitoring your YI camera remotely. 

Initially, confirm your YI Cam supports the RTSP or streaming compatibility, as some models may require custom firmware.

Subsequently, set up your chosen server device, such as a computer, NAS, or Raspberry Pi, with a suitable operating system.

Next, install essential software like Blue Iris, MotionEye, FFmpeg, or Home Assistant to manage the video feed.

Finally, configure secure remote access using methods such as port forwarding, VPN, or Dynamic DNS for external viewing.

Now, you can view, configure, and control your YI camera remotely.

Bottom Line

In conclusion, YI Cam Remote Access empowers you with full control over your camera's feed through self-hosting, prioritizing privacy & customization. Additionally, this advanced setup typically requires RTSP compatibility, a dedicated server, and management software. With secure remote access methods such as VPN or port forwarding, you can ensure seamless monitoring from anywhere.

Fast list for privacy minded people (I lied, it's long):

Change your DNS from the default ISP provisioned one to literally anything else that has decent reputation. CloudFlare is pretty good to bet on, and Firefox has toggles to use it instead of your system DNS. Alternatively if you don't hate Google, they have a DNS that is marginally an improvement from an ISP default but you're certainly being datamined by Big Letters and they are gleefully compliant warrants or not. There are ample public DNS servers out there unlike the next point.

That is fine for general browsing and making it difficult for your ISP to snoop on you, a step further is obfuscating your public IP which makes it difficult for third-parties to track and identify you. VPNs come in here. Free ones ought to be avoided unfortunately in all but the most milquetoast use-cases. Even then they are likely collecting your data so it's best to use a paid service from a well reputed provider that is specifically not based in a 14 Eyes or mandatory logging country. CyberGhostVPN has a lot of literature on this to reference.

Use HTTPS-forcing extensions and avoid HTTP-only websites. This will require all data in transit to be encrypted which makes it impossible for third-parties including your ISP to know exactly what you are doing. Some sites still have HTTP bits on otherwise HTTPS websites, make sure your extension or browser refuses to load these parts without your consent. However be mindful that the server you are talking to obviously will know what data you sent or requested and may or may not store or use it in some way. This info may be available in some privacy statement etc. Assume that your IP, connection details, etc are all logged and act accordingly.

Avoid Tor unless you are especially confident in your understanding. While it isn't 100% confirmed, it's been generally accepted that certain powers have indeed compromised swathes of the Tor network and have the ability to eventually identify you. The naive use of this tool will be more of a hindrance causing false security than it will help you if you are actually needing a list like this.

Likewise, do not assume encryption means anything. Don't buy into anything you don't understand enough to feel confident explaining to someone else. At most, if it isn't a absolute pain in the ass, find a reputable encrypted email provider or learn how to use OpenPGP to encrypt email communications. Side note to OpenPGP, it also is useful as a way to verify your communications are yours and is often used as such in mailing lists or for contributing to open software/validating packages. In a deep fake world this will become more important but isn't quite a privacy matter.

Generally speaking, fancy tools and technologies are worthless if you can't really use them and actually a hindrance to you. If you start with a zero privacy/zero security assumption as default and operate accordingly you'll already be far ahead of the curve with little added complexity or effort. Don't say stupid shit, don't do stupid shit, don't give out stupid shit. Never ever use public or work APs for personal or private browsing, I'd say don't even connect to public wifis at all even. Don't do personal stuff at work either, and try to keep work computers off your private network and personal devices off work networks. Mindset is probably by far more important than any of the other points. Techno neophytes and fetishists will never tell you that most of your privacy and security comes from your brain.

And since it won't let me do it my way.. 0. Security does not mean privacy, nor does privacy mean security. These are two separate goals. This is an important distinction to make.

this is one of those posts i am going to make that will absolutely go over most people's heads on this website but i recently learned about a networking thing and i feel for the sake of online privacy i need to post

How does the internet work?

every website is just a computer somewhere else. VERY broadly and basically, every computer has a phone number (this is called an IP Address.)

when you want to go to a website, (like tumblr dot com), your computer makes a phone call to tumblr dot com, who then picks up the phone, and connects you to tumblr dot com, which you can then use

now, computers use numbers in IP addresses. for example, tumblr's IP address is 192.0.77.40. this is the address the computer uses to make a call to tumblr. but as i'm sure you know, we don't type that IP address into the address bar to go to tumblr. this is where the DNS server comes in

What's a DNS server?

you can think of a DNS server like an old timey telephone switch board. back in the day to make a phone call, you called an Operator ((a human woman, most often)) who would complete the phone call for you by connection your phone line, to phone line of the person you were calling.

a DNS server does the same thing. when you want to go to tumblr dot com, your computer connects to your Internet Service Provider (ISP), who contacts the DNS Server. The ISP says '(your IP address) wants to connect to tumblr dot com please'. and the DNS server says 'tumblr dot com? one moment' and it has a list of websites, with their IP addresses, and it then connects you to tumblr dot com

this is all well and good, and how the internet works

So what's the problem?

most (probably all, but) most ISPs, unless you tell them not to, use their OWN DNS server to complete the connection. ISPs will then use this as a means to scrape more data from you. which is bad we never want to give our data to ISPs

this can be remedied by using a custom DNS server run by a third party. you can then use their server instead of the one from your ISP. now your ISP would have to work a lot harder to figure out you went to tumblr dot com than if you walked up to them and asked to borrow their phonebook, basically

this will require you to know how to change your network settings. it is slightly different depending on your home network setup. this is a setting you can change in your router.

Some of you may have one box in your basement that your ISP installed that does everything related to the internet.

Some of you may have went to like Best Buy or Target and gotten a combination router/wi-fi access point.

i don't think anyone who has a stand alone Router would need me to tell them that that is where they would access this setting but, that is where you would do that.

somewhere in the settings is going to be an option to change your DNS settings. and a menu will pop up. usually you can set up to 4 or more of these.

1.1.1.1 is one of the most widely used ones from a company called Cloudflare.

9.9.9.9 is another popular one from Quad9

both companies tout privacy and security as one of their tenants. (as in they will not sell your data of the websites you visit to data brokers or advertisers)

add those to your custom DNS list and restart your router, and you should be good to go!

to note there are loads of custom DNS servers out there that can help you do different things. for example, another from cloudflare is 1.1.1.3 which sets it up so that you can't access adult websites from your network. (could be useful for parents or small businesses without big IT departments, for instance.)

YOU SHOULD, WHENEVER POSSIBLE, utilize a custom DNS server in conjunction with a VPN provider like ExpressVPN or similar, to increase the amount of layers of abstraction between you and your ISP

anyways thank you for your time please be safe online

From Novice to Pro: Mastering Microsoft Azure for Unparalleled Career Growth

Introduction

In today’s ever-evolving digital landscape, staying ahead in the realm of information technology is essential for professionals seeking unparalleled career growth. With the increasing reliance on cloud computing, mastering Microsoft Azure, one of the industry’s leading cloud platforms, has become a vital skill set. This comprehensive guide aims to transform novices into experts, providing valuable insights and resources to help individuals navigate the Azure landscape and unlock endless career opportunities.

Education: Building a Strong Foundation

Embrace the Fundamentals

Before diving deep into the vast realm of Microsoft Azure, it is crucial to lay a strong foundation by acquiring foundational knowledge. Familiarize yourself with the core concepts of cloud computing, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Understand the advantages and drawbacks of cloud computing and how it is revolutionizing the way businesses operate.

Explore Azure Fundamentals

Start by earning the Azure Fundamentals certification as you set out on your path to mastering Microsoft Azure. This entry-level certification validates your understanding of Azure services, cloud concepts, Azure pricing models, security, privacy, and compliance. It equips you with a strong base of Azure knowledge and sets you on the path to becoming an Azure expert.

Invest in Continuous Learning

To stay ahead in the rapidly evolving technology landscape, it is crucial to invest in continuous learning. The ACTE institute offers a variety of resources, including Microsoft Azure training courses, documentation, and certifications, to help individuals deepen their Azure expertise. Leverage these resources to expand your knowledge and enhance your problem-solving skills, keeping you at the forefront of industry developments.

Information: Navigating the Azure Landscape

Familiarize Yourself with Azure Services

Microsoft Azure offers a vast array of services designed to meet diverse business needs. Spend time exploring and gaining familiarity with the core Azure services, including Virtual Machines, Azure App Service, Azure Functions, Azure Storage, and Azure SQL Database. Understand their use cases, benefits, and how they integrate within the broader Azure ecosystem. This knowledge will enable you to confidently architect, deploy, and manage Azure solutions.

Master Azure Networking

Networking forms the backbone of any cloud infrastructure. Azure provides an extensive suite of networking services and capabilities that enable seamless and secure communication between various components of an Azure deployment. Dive deep into understanding concepts such as virtual networks, subnets, Azure DNS, Azure Load Balancer, and Azure Traffic Manager. By mastering Azure networking, you will gain the expertise needed to design and deploy highly available and resilient architectures.

Harness the Power of Azure Security

As organizations increasingly adopt cloud technologies, ensuring robust security measures within the Azure environment is paramount. Gain an in-depth understanding of Azure’s security features and controls, including Azure Active Directory, Azure Security Center, Azure Key Vault, and Azure DDoS Protection. By becoming well-versed in Azure security, you can protect sensitive data, detect and respond to threats, and confidently address compliance requirements.

Technology: Advancing Azure Proficiency

Automate with Azure Automation

Automation is the key to maximizing efficiency and productivity within Azure deployments. Acquaint yourself with Azure Automation, a service that allows you to automate repetitive, manual tasks and standardize processes. Learn how to create and manage runbooks, design and implement automation workflows, and leverage the power of Desired State Configuration (DSC). By becoming proficient in Azure Automation, you can streamline operations and unleash the true potential of Azure.

Embrace DevOps with Azure DevOps

In the world of modern software development, DevOps practices play a vital role in driving agility, collaboration, and continuous delivery. Azure DevOps provides an end-to-end DevOps platform, empowering teams to plan, develop, test, and deploy applications seamlessly. Expand your Azure proficiency by diving into Azure Boards, Azure Repos, Azure Pipelines, and Azure Test Plans. Mastering Azure DevOps will enable you to deliver value faster, ensuring your career growth remains unmatched.

Explore Advanced Azure Services

Once you have developed a strong foundation in Azure, immerse yourself in the realm of advanced Azure services. Gain expertise in areas such as Azure Kubernetes Service (AKS), Azure Functions, Azure Logic Apps, Azure Cognitive Services, and Azure Machine Learning. These cutting-edge services allow you to build intelligent applications, leverage artificial intelligence capabilities, and unlock new possibilities in various domains. By continuously exploring and expanding your Azure skills, you position yourself as a sought-after professional in the technology landscape.

Mastering Microsoft Azure offers an unparalleled path to career growth in the information technology industry. By embracing education, navigating the vast realm of Azure services, and advancing your Azure proficiency through technology-driven practices, you equip yourself with the tools and knowledge needed to propel your career to new heights. The journey from a novice to an Azure pro may seem daunting, but with determination and a commitment to continuous learning, the rewards are plentiful. So, seize the opportunity, immerse yourself in the world of Microsoft Azure, and unlock a future filled with endless possibilities.

Understanding the Power of Windows Server for Modern Business Infrastructure

In today’s digital era, businesses rely heavily on secure and stable server environments. One of the most trusted platforms available is Windows Server. Developed by Microsoft, this server operating system powers networks, applications, databases, and enterprise-grade systems worldwide.

Whether you're managing files, databases, or virtual machines, Windows Server offers advanced features designed for both small businesses and large enterprises.

Why Choose Windows Server?

Windows Server delivers exceptional reliability and scalability. It helps IT teams create a secure, manageable, and flexible network environment. The platform supports both physical and virtual infrastructures.

Some key benefits include:

Active Directory integration

Built-in security features like Windows Defender

Remote desktop and storage management

Support for virtualization with Hyper-V

These features enable businesses to operate efficiently and securely, with minimal downtime and strong user access controls.

Advancements in Windows Server 2022

The release of Windows Server 2022 brought major enhancements. It’s built on a foundation of strong security, hybrid capabilities, and container support.

Here are a few standout features:

Secured-core server: Protects against firmware attacks

SMB over QUIC: Enables faster and safer file transfers

Azure Arc integration: Connects on-premise systems to cloud management tools

Improved performance for TCP and UDP traffic

These updates make Windows Server 2022 ideal for businesses that need a high-performance, future-ready solution.

How Windows Server Enhances Security

Cybersecurity threats are on the rise. That's why Microsoft included advanced protection in its latest releases. Windows Server uses features like Windows Defender, BitLocker, and Secure Boot to prevent unauthorized access and system corruption.

In Windows Server 2022, security is even more robust. The new “Secured-core” feature protects critical firmware and system components. It prevents attacks that bypass traditional antivirus tools.

The server also supports encrypted DNS and HTTPS for secure data transmission.

Subheading: Windows Server for Virtualization and Cloud Integration

Virtualization has become a cornerstone of modern IT. Windows Server includes Hyper-V, a powerful hypervisor that lets you run multiple operating systems on the same machine.

You can also integrate Windows Server with Microsoft Azure. This allows hybrid cloud setups that combine on-premise and cloud-based resources.

Windows Server 2022 supports Azure Arc, which offers centralized control of cloud and on-premise assets. This feature streamlines management and improves visibility across complex environments.

Scalable and Reliable Network Infrastructure

Windows Server is designed to scale with your business. Whether you’re adding new users, departments, or services, the server supports growth.

With features like Network Load Balancing (NLB) and Failover Clustering, downtime is minimized. These tools distribute traffic and automatically shift loads when systems fail.

Windows Server also supports Storage Spaces Direct. This allows you to build highly available storage systems using local disks. These setups are cost-effective and easy to maintain.

Managing User Access and Permissions

One of the most valuable features of Windows Server is Active Directory. It allows you to manage users, devices, and permissions from a single interface.

You can define roles, assign access levels, and enforce security policies. This is crucial in business environments where data privacy and security are top priorities.

Windows Server 2022 enhances group policy processing speed. It also introduces more logging capabilities for better tracking and compliance.

Subheading: Comparing Windows Server Versions for Your Business

Over the years, Microsoft has released several versions of Windows Server. From 2008 to Windows Server 2022, each update has introduced key innovations.

The 2022 version stands out for its:

Cloud readiness

Zero Trust architecture

Enhanced performance metrics

Integrated management tools

If your business needs top-tier security, fast performance, and cloud compatibility, Windows Server 2022 is the clear choice.

Licensing and Support Options

Microsoft offers flexible licensing for Windows Server. You can choose between Standard, Datacenter, and Essentials editions depending on your needs.

Each edition comes with its own set of features. Essentials is best for small businesses. Datacenter supports unlimited virtualization. Standard offers a balance of functionality and cost.

Updates and patches are regularly released, keeping your server secure and compliant.

Final Thoughts: Is Windows Server Right for You?

If your organization requires a stable, scalable, and secure IT foundation, Windows Server is a smart investment. It offers everything from identity management to storage, remote access, and virtual machine hosting.

For advanced capabilities and future-proof performance, Windows Server 2022 delivers unmatched value. It’s packed with tools to meet modern IT challenges, whether on-site or in the cloud.

With its proven track record, continual updates, and seamless integration with Microsoft tools, Windows Server remains a top choice for businesses worldwide.

Beyond Expiration: Advanced Domain Monitoring Threats You Didn't Know About

In today's hyperconnected world, your domain name is more than just a URL—it's your digital identity, brand reputation, and customer gateway. While many website owners remember to renew their domains on time, few realize that domain threats extend far beyond expiration. From DNS hijacking to WHOIS tampering, modern cybercriminals have found sophisticated ways to exploit overlooked vulnerabilities.

This article explores the advanced domain monitoring threats you probably haven’t heard about—and how tools like WebStatus247 can help protect your online presence 24/7.

🔍 1. DNS Hijacking: Invisible Takeover of Your Traffic

DNS hijacking occurs when attackers alter your domain's DNS settings to redirect traffic elsewhere—often to phishing pages or malware-infested sites. This may happen through:

Compromised DNS provider credentials

Registrar vulnerabilities

Insider threats

If your DNS records are changed without you noticing, your users could end up on fake sites, damaging trust and security.

How Monitoring Helps: A domain monitoring tool instantly alerts you if your DNS A, CNAME, MX, or TXT records change—helping you react before harm is done.

👁️ 2. WHOIS Tampering: Silent Brand Theft

WHOIS records show ownership and contact details for a domain. While many use privacy protection, some data still remains accessible. If a hacker changes the WHOIS record (name, email, company), they may:

Gain control over domain transfers

Receive verification emails

Impersonate the real domain owner

Solution: Real-time WHOIS change detection flags suspicious alterations to your registration information, keeping you in control of domain ownership.

🧿 3. Typosquatting & Homograph Attacks

Typosquatting involves registering a domain that looks similar to yours (like webstatuz247.com instead of webstatus247.com) to mislead your customers. Homograph attacks go further by using international characters that look like English letters—such as "а" (Cyrillic) instead of "a."

Why It’s Dangerous:

Fake login pages steal credentials

Customers lose trust

You lose traffic and revenue

Prevention: Advanced monitoring tools can track new domain registrations that mimic yours. These alerts allow you to take swift legal or technical action.

🔒 4. SSL Certificate Expiry & Misconfiguration

Many businesses forget to renew their SSL certificates, leading to security warnings in browsers like Chrome and Firefox. Worse, an attacker could:

Replace your certificate with a fake one

Trigger HTTPS errors that reduce SEO rankings

Break API integrations

Monitoring Feature: SSL monitoring ensures your certificate is valid, unexpired, and properly configured—so your site always remains secure and trusted.

⏳ 5. Name Server Changes: A Sign of Breach

Name servers are the backbone of your domain’s direction. A sudden switch to unknown name servers can mean someone has hijacked your domain.

Real-world risk: Hackers can transfer your domain to a new hosting provider and serve malicious content, all while your real team remains unaware.

How Monitoring Helps: WebStatus247 and similar tools monitor name server integrity and alert you to any unauthorized changes—buying you time to lock things down.

🛠️ How WebStatus247 Protects You

WebStatus247’s Domain Monitoring Suite offers:

Instant alerts for DNS, WHOIS, and name server changes

SSL certificate expiry notifications

Multi-channel alerts via email, Slack, and webhooks

Dashboard insights for all your domain activity

Global monitoring to detect region-based issues

This makes it a top-tier solution for developers, businesses, and agencies looking to guard against both basic and advanced domain threats.

✅ Final Thoughts

Most domain owners think they're safe as long as their registration doesn't lapse. Unfortunately, modern domain threats are stealthy, technical, and damaging—and they’re becoming more frequent.

The good news? You don’t need to be a cybersecurity expert to stay protected. With domain monitoring tools like WebStatus247, you get peace of mind, instant alerts, and complete control—so you can focus on growing your business instead of guarding your domain every minute.