• 6 Posts
  • 35 Comments
Joined 4 years ago
cake
Cake day: November 8th, 2021

help-circle


  • Any software defined radio that can transmit on these bands and RF amplifiers.

    The ham radio community also has all the information on how to build them out of of basic components, power RF transistors being the most expensive components, but that is still dollars not tens of dollars.

    Sometimes ready made gps jammers can be obtained off the shelf from overseas markets outside of the hegemon’s reach. But active protest does require being smart about it. No point in just causing irritation with the population while leaving the enemy able to operate unencumbered. That means performing observation, OSINT, signals intelligence to understand their system and find their weaknesses.

    They will have covered most vulnerabilities from their own guerilla warfare manuals so study those and find their blind spots. Find where they have become overconfident in their hardware’s ability. Where they have started taking from granted technologies that remain only reliable in peacetime.

    Use their systems against them








  • Well there’s open source open hardware anti-air missiles.

    Also it sounds innocuous and green laser diodes cost 2$ so if everyone has them they won’t be able to single out anyone.

    Also when tghe copters are down, how are they going to track you? Drones, but that’s the real purpose of the laser CCDs fry much much easier than eyes.

    The surveillance state will not stop by beingpolitely ask but by being physically dismantled. The alternative is perpetual subjugation, the end of history, as far as you are concerned you become as useful and helpless as any other farm animal once this power becomes consolidated.

    Our democracy is fake because of first past the post, ranked choice is a red herring. Proportionnal representation or your children will live in work farms. Like every fight before, this is an existential crisis for your perpetual subjugation.

    They chose to make the sky a weapon, take the sky away from them.






  • Realistically, you don’t need security, NAT alone is enough since the packets have nowhere to go without port forwarding.

    But IF you really want to build front end security here is my plan.

    ISP bridge -> WAN port of openwrt capable router with DSA supported switch (that is almost all of them) Set all ports of the switch to VLAN mirroring mode bridge WAN and LAN sides Fail2Ban IP block list in the bridge

    LAN PORT 1 toward -> OpenWRT running inside Proxmox LXC (NAT lives here) -> top of rack switch LAN PORT 2 toward -> Snort IDS LAN PORT 3 toward -> combined honeypot and traffic analyzer

    Port 2&3 detect malicious internet hosts and add them to the block list

    (and then multiple other openwrt LXCs running many many VPN ports as alternative gateways, I switch LAN host’s internet address by changing their default gateway)

    I run no internal VLAN, all one LAN because convenience is more important than security in my case.



  • Hi,

    The internal port will also be the same as the external port 80 and 443. If the router is running in bridge mode, that would mean that your dhcp, dns and nat is happening on the upstream router. That means you will have to go to the upstream router to setup the port forwarding.

    Also depending on how it works internally with the VPN. It might try to port forward the ports on the VPN’s ip address Which none of the VPN I tried allowed to port forward port 80 and 443

    With a linux or openwrt router this could be as easy as the following

    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.199:80 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 192.168.1.199:443

    But the problem with store bought router is that every one of them has a different way of doing the things so it gets confusing really fast.

    All of this confusion about port forwarding was engineered to discourage ordinary people from using their internet to host their own files and instead because cloud-dependant techno-serfs.

    Another way, would be to go on the forum low end talk and obtain a VPS, and host your apache server there. That would work, but you would be back to renting someone else’s computer (aka cloud bull) but it’s still better than paying squarespace about it.

    Keep at it, you’ll figure it out, it’s actually very easy once you know all the complicated bits, I do it all the time.