So for port forwarding you need the port on the router the host and the port the traffic should get forwarded to on the selected host.
So you are saying, when exposing a host then the host is reachable over internet but when using port forwarding it is not?
How you check this? What commands/procedure?
Because in the local/private network are many hosts, like your phone, pc and your server. Exposing means that the device that is exposed gets basically everything forwarded what usually the router would handle. Exposing does expose a host to the WAN.
Forwarding a Port only forwards the specified ports. You can use multiple hosts for that. For example you can port forward port 80 to your Phone to port 321 or whatever and port 443 to your server at port 20.
Host exposure does what it says, exposing the host. Thats not port forwarding.
A compacted archive could be used as an attack vector.
Both of them are valid for any OS.
Because you pointed 2 programs at the same directory to sync the content with an external directory structure.
In my experience adding an already existing directory structure to a sync program is a bad idea. Create the directory and then move the existing structure into it to be safe or/and at the very least have a backup.
Not having a backup is on you. You got lucky this time.
NOTE: Scrutiny is a Work-in-Progress and still has some rough edges.
Honestly, at this point i would not recommend the usage of scrutiny, the development was almost ways really slow and the creater does not seem to have kuch interest in the project. There are still standing issues and imho important features missing.
I would look into prometheus+grafana or something of that sort.
I cannot, i did some searches when i wrote the comment but could not find info about it. It is possible that i am confusing it with another project. I added a iirc but maybe that was not clear enough that i am not sure about it.
That’s simply bad software practice, which was fixed once pointed out. Fact is that if they had done this on purpose, they wouldn’t have changed it and instead, would’ve came up with an excuse to keep it the same way.
This is not correct. While they have removed it from being installed on newer installs/updates, the certificate remains on the system that ran the corresponding version installer/upgrade unless it will be manually removed by the few percent that got the news.
I am talking about it in general. If you trust it or not depends on you. I am just saying that the argument that it is OS or that you can host the server yourself does not automatically mean that it is safe. That applies to any software.
It could install software that transmits the data some time else. Basically something virus would do. The code can be hidden somewhere or loaded from somewhere with simple code.
Those are basic tactics used for years by malware. If just simply monitoring would be enough to protect against malware then we would have way less problems.
You should never run untrusted code or code by untrusted ppl.
You are not running the software cause you do not trust the ppl running it? So you do host the software anyway? Just because it is OS and just because you can run it on your own hardware does not mean you can blindly trust it.
The installer has included a root certificate before that gets installed without asking. Also there are some code blobs in the code iirc.
Also how they handled the initial wayland “support”.
It is relatively easy to smuggle in backdoors if you are the maintainer of the code and afaik there was not even an independent audit.
Saying it is fine just because of it being OS is really naive.
You have clearly not understood what it does. It basically acts as a basic WAF by blocking the access to various paths that are required by the default sharing feature but not by this “proxy”.
I mean you have the current image cached on the local server when you use it.
1 GB of RAM for every TB of storage is recommended but you can do with way less for ZFS.
What do you mean with encryption? Does it need to be transport encrypted, end to end encrypted or is encryption at rest (when the server is offline) good enough?
Open standards are the first step of a functional transition to an open government. From there Open Source Software can compete against commercial software, once the ppl see that the FOSS offers the same features then the proprietary paid software they can easily switch to it. With open standards they only need to train the users, no data to migrate etc.
Focus instead on enforcing standards’ compliance so i can open a
.docxwith any program and be usable anywhere.
That’s an impossible task. Not even Microsoft manages that. Do not want to count how often i used libreOffice to repair or convert an older MSOffice file so it can be opend with modern Versions of MSOffice.
Once there was a 500MB Excel Sheet with lime 500-1000 used Cells, opened and saved it to.a xlsx file using libreOffice and reduced it to a few MB while still being fully functional.
https://prometheus.io/docs/introduction/overview/
would fit all points.