• Re: being able to experience the same "internet experience" that I enjo

    From SH@21:1/5 to Vir Campestris on Fri Jan 7 22:02:01 2022
    On 07/01/2022 21:53, Vir Campestris wrote:
    On 07/01/2022 21:48, SH wrote:
    Over to you all for discussion!

    I disallow trackers, but allow quite a few ads.

    This is the funding of a lot of the web sites. If everyone blocks all
    their ads they'll have no revenue and shut down.

    Andy

    I don't mind small and non-intrusive ads but when you have:

    sky scraper ads on both sides of the webpage

    ads between every single paragraph as you scroll down the page

    and pop up ads that appear on top of the webpage

    ads that remain at the top 1/4 of the browser window as you scroll down

    is what I find very objectionable. :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Vir Campestris@21:1/5 to All on Fri Jan 7 21:53:18 2022
    On 07/01/2022 21:48, SH wrote:
    Over to you all for discussion!

    I disallow trackers, but allow quite a few ads.

    This is the funding of a lot of the web sites. If everyone blocks all
    their ads they'll have no revenue and shut down.

    Andy

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to i.love.spam@spam.com on Fri Jan 7 23:47:32 2022
    SH <i.love.spam@spam.com> wrote:
    I've wondered about setting up a Web top server on say a Raspberry Pi 4
    at home, but presumably I'd have to set up HTTPS as well for a secured connection as I can't use Wireguard on a remote PC.

    There's VNC in the browser:
    https://novnc.com/info.html
    so you could VNC back to your Raspberry Pi (or whatever) from a browser, and then run a browser inside a browser.

    I'm not 100% clear on the security of this approach (I don't know how
    they're doing authentication and encryption of the websocket, although presumably the VNC servers who integrate websocket support must have worked that out?), but you could set firewall rules so that the Pi can't see the
    rest of your network. That way if anyone compromises the Pi they can't get anywhere else inside, they can only attack the internet.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From RJH@21:1/5 to i.love.spam@spam.com on Sat Jan 8 07:10:08 2022
    On 7 Jan 2022 at 22:02:01 GMT, "SH" <i.love.spam@spam.com> wrote:

    On 07/01/2022 21:53, Vir Campestris wrote:
    On 07/01/2022 21:48, SH wrote:
    Over to you all for discussion!

    I disallow trackers, but allow quite a few ads.

    This is the funding of a lot of the web sites. If everyone blocks all
    their ads they'll have no revenue and shut down.

    Andy

    I don't mind small and non-intrusive ads but when you have:

    sky scraper ads on both sides of the webpage

    ads between every single paragraph as you scroll down the page

    and pop up ads that appear on top of the webpage

    ads that remain at the top 1/4 of the browser window as you scroll down

    is what I find very objectionable. :-)

    IME local newspapers are worst for this to the point of making them unreadable online.

    --
    Cheers, Rob

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Adrian Caspersz@21:1/5 to All on Sat Jan 8 08:20:06 2022
    On 07/01/2022 21:48, SH wrote:


    I've wondered about setting up a Web top server on say a Raspberry Pi 4
    at home, but presumably I'd have to set up HTTPS as well for a secured connection as I can't use Wireguard on a remote PC.


    I've installed Apache Guacamole on a Linux box that sits on the internal
    lan. This works well as an RDP gateway to other PCs on the that lan, and
    is very useable for me through a VPN when accessed from outside.

    https://guacamole.apache.org/

    Some folks have installed this OK on a Pi.

    5. Assume I will not be allowed to or cannot download and install additional software to their computer.

    It's a web server at the end of the day and will work without the VPN.

    However you obfuscate the port forwarding solution you use, you are
    going to have idiots attempting all sorts of nonsense to break in.

    If you can install an SSL identity certificate on the users browser,
    then that may be a way forward.

    --
    Adrian C

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to RJH on Sat Jan 8 10:42:42 2022
    On 08/01/2022 07:10, RJH wrote:
    On 7 Jan 2022 at 22:02:01 GMT, "SH" <i.love.spam@spam.com> wrote:

    On 07/01/2022 21:53, Vir Campestris wrote:
    On 07/01/2022 21:48, SH wrote:
    Over to you all for discussion!

    I disallow trackers, but allow quite a few ads.

    This is the funding of a lot of the web sites. If everyone blocks all
    their ads they'll have no revenue and shut down.

    Andy

    I don't mind small and non-intrusive ads but when you have:

    sky scraper ads on both sides of the webpage

    ads between every single paragraph as you scroll down the page

    and pop up ads that appear on top of the webpage

    ads that remain at the top 1/4 of the browser window as you scroll down

    is what I find very objectionable. :-)

    IME local newspapers are worst for this to the point of making them unreadable
    online.



    yes absolutely spot on,and not only that when you look at regional news
    on the BBC website, you see links for articles on the local paper....

    The hyperlink has the title of the news article IN BOLD and then
    underneath it has the name of the local paper hosting that article but
    it does not look like a clickable link at first glance.

    when you click on the atrticle title hyperlink, it takes you to

    https://ct.moreover.com/?a= blah blah

    rather than

    http://www.name_of_local_newspaper/news/article/blah blah

    The DNS I have blocks CT.moreover.com so I get a "This site can't be
    reached"

    I end up having to click on the 2nd hyperlink which takes me to the
    front page of the local newspaper such as
    http://www.name_of_local_paper.co.uk and then search for the article title.

    The Independent is terrible for adverts and trackers, the Daily Mail is
    not far behind either.

    The worst was teh Taboola and Outbrain stuff cunningly labelled as
    "Around the Web" but you get taken to sites where the article is across multiple pages and loads of adverts and lots of multiple "Next" buttons
    but only one of them actually takes you to the nexty page, the others
    take you to other websites....

    The WWW is really the Wild West Web!

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Adrian Caspersz on Sat Jan 8 10:31:35 2022
    On 08/01/2022 08:20, Adrian Caspersz wrote:
    On 07/01/2022 21:48, SH wrote:


    I've wondered about setting up a Web top server on say a Raspberry Pi
    4 at home, but presumably I'd have to set up HTTPS as well for a
    secured connection as I can't use Wireguard on a remote PC.


    I've installed Apache Guacamole on a Linux box that sits on the internal
    lan. This works well as an RDP gateway to other PCs on the that lan, and
    is very useable for me through a VPN when accessed from outside.

    https://guacamole.apache.org/

    Some folks have installed this OK on a Pi.

    5. Assume I will not be allowed to or cannot download and install
    additional software to their computer.

    It's a web server at the end of the day and will work without the VPN.

    However you obfuscate the port forwarding solution you use, you are
    going to have idiots attempting all sorts of nonsense to break in.

    If you can install an SSL identity certificate on the users browser,
    then that may be a way forward >

    that sounds like an idea worth exploring, perhaps I could put Apache Guacomole on the DMZ of my LAN, so the idea is that I can set up
    firewall rules so that the Apache box can access the DNS on the LAN side
    and accept remote conenctions from the WAN?

    In fact I could replicate the DNS server so that I have two, one on the
    DMZ for the Apache and leave the original on the LAN side.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to i.love.spam@spam.com on Sat Jan 8 11:41:29 2022
    SH <i.love.spam@spam.com> wrote:
    Hmmmm..... Just been reading the documentation.....

    It looks like I'd have to either:

    have 3 Raspberry Pi's on the WAN or DMZ side where one is the Linux
    desktop, one is the Gaucamole server ane one is a clone of my original DNS.

    or try and fit 3 docker images on one Raspberry Pi to do a desktop, a
    DNS clone and the Gaucamole docker image?

    I've not used Docker, and not certain that a single R Pi can do all this
    but a 3 R Pi solution is more expensive.

    I don't see why you need three machines. You need to run:

    1. A VNC/RDP/etc server to provide the desktop you want to log in to
    2. A Guacamole server to offer that on the web
    3. A DNS server to do your filtering

    but they can run on the same hardware. 'Server' doesn't mean 'piece of
    metal' it means 'program' (aka 'daemon' for a thing that sits in the
    background waiting to respond to requests).

    I'm assuming you already have #3, so you can just point your new setup's DNS
    at that.

    For #1 and #2, I'd just run Raspberry Pi OS which provides a desktop out of
    the box. Then install a VNC server on that, and then install Guacamole.
    That does all the desktop stuff.

    You could also run #3 on the same machine, to keep it all together.

    I'm not familiar with how much CPU/RAM resource Guacamole would need, but I don't imagine it's vast - probably a Pi 3 or 4 would be sufficient to run everything (especially the versions with >1GB because browsers like their
    RAM), maybe not a Zero/1/2.

    Doing this with Docker just makes things a bit easier to manage all these services talking together, and avoids you having to build Guacamole, but I wouldn't learn Docker just for the sake of this project - you can just
    install Guacamole natively: https://guacamole.apache.org/doc/gug/installing-guacamole.html

    You could also use a Windows/Mac/Linux machine on your network to offer #1,
    if you prefer to offer that desktop experience, which would avoid Pi RAM limitations.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Sat Jan 8 11:19:48 2022
    On 08/01/2022 10:31, SH wrote:
    On 08/01/2022 08:20, Adrian Caspersz wrote:
    On 07/01/2022 21:48, SH wrote:


    I've wondered about setting up a Web top server on say a Raspberry Pi
    4 at home, but presumably I'd have to set up HTTPS as well for a
    secured connection as I can't use Wireguard on a remote PC.


    I've installed Apache Guacamole on a Linux box that sits on the
    internal lan. This works well as an RDP gateway to other PCs on the
    that lan, and is very useable for me through a VPN when accessed from
    outside.

    https://guacamole.apache.org/

    Some folks have installed this OK on a Pi.

    5. Assume I will not be allowed to or cannot download and install
    additional software to their computer.

    It's a web server at the end of the day and will work without the VPN.

    However you obfuscate the port forwarding solution you use, you are
    going to have idiots attempting all sorts of nonsense to break in.

    If you can install an SSL identity certificate on the users browser,
    then that may be a way forward >

     that sounds like an idea worth exploring, perhaps I could put Apache Guacomole on the DMZ of my LAN, so the idea is that I can set up
    firewall rules so that the Apache box can access the DNS on the LAN side
    and accept remote conenctions from the WAN?

    In fact I could replicate the DNS server so that I have two, one on the
    DMZ for the Apache and leave the original on the LAN side.

    Hmmmm..... Just been reading the documentation.....

    It looks like I'd have to either:

    have 3 Raspberry Pi's on the WAN or DMZ side where one is the Linux
    desktop, one is the Gaucamole server ane one is a clone of my original DNS.

    or try and fit 3 docker images on one Raspberry Pi to do a desktop, a
    DNS clone and the Gaucamole docker image?

    I've not used Docker, and not certain that a single R Pi can do all this
    but a 3 R Pi solution is more expensive.

    SH.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Sat Jan 8 13:14:47 2022
    On 08/01/2022 12:39, GB wrote:
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so
    successful that over 60% of DNS requests are blocked and web pages
    load so much faster and my privacy on the web is much improved.....

    Can I go off at a tangent - please forgive me. I buy my internet
    connection from Zen, which is quite a sophisticated ISP. If this is so
    easy to implement, why don't Zen (or some other ISP) offer a DNS with a similar blacklist?

    Is there a market niche here?



    Thats an excellent question......

    There are a range of free public DNS such as CloudFlare, Quad9, Google, OpenDNS, Comodo, Level3 and many more.

    Now many ISP's run a proxy DNS sitting between you and the external
    public DNS.

    The ISP's router default settings typically points to the Proxy DNS.

    There are many reasons for this:

    The ISP's can implement blocklists to block access to filesharing sites, usually in response to a UK court order by some studio enforcing their
    content rights.

    Also the IWF have a list of website URLs where they are known to host
    illegal content and this is used by the Major ISP to prevent access.

    The Proxy DNS can also log what sites their subscribers visit, so they
    can sell on data to advertisers on which sites are the most visited on a
    per user basis, which websites are the most used across all customers etc.

    They can also do whats called DNS hijacking where if a public DNS
    returns no such webpage, you then get the ISP's own search engine
    offering you alternatives rather than a Error 404 page.

    Some ISP's offer child cybersafety options that limit access to sites
    dealign with drugs, alcohol, gambling, suicide etc, that is done at the
    Proxy DNS level.

    Very often, when you get the router, it has the DNS IP addresses set up
    in it or is obtained from the ISP by the DHCP daemon in the router.

    If you want to do your own DNS, you need to disable the DHCP in the
    router and set up your own DHCP and either point to a public DNS or your
    own DNS yourself.

    PiHole can do this.

    Now my own DNS holds a blacklist of 3,500,000 URLs but it does talk to
    an upstream public DNS if I want to access a website for the first time
    (my DNS caches my searches)

    I currently use CloudFlare.

    there are some other public DNS that do offer child safety such as
    AdGuardDNS.

    SOme public DNS can offer protection against dodgy sites such as

    https://www.csoonline.com/article/2876075/6-dns-services-protect-against-malware-and-other-unwanted-content.html


    but again, to access these you need to change router settings....

    Hope that helps?

    S.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GB@21:1/5 to All on Sat Jan 8 12:39:11 2022
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so successful that over 60% of DNS requests are blocked and web pages load
    so much faster and my privacy on the web is much improved.....

    Can I go off at a tangent - please forgive me. I buy my internet
    connection from Zen, which is quite a sophisticated ISP. If this is so
    easy to implement, why don't Zen (or some other ISP) offer a DNS with a
    similar blacklist?

    Is there a market niche here?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Sat Jan 8 13:38:39 2022
    On 08/01/2022 13:14, SH wrote:
    On 08/01/2022 12:39, GB wrote:
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so
    successful that over 60% of DNS requests are blocked and web pages
    load so much faster and my privacy on the web is much improved.....

    Can I go off at a tangent - please forgive me. I buy my internet
    connection from Zen, which is quite a sophisticated ISP. If this is so
    easy to implement, why don't Zen (or some other ISP) offer a DNS with
    a similar blacklist?

    Is there a market niche here?



    Thats an excellent question......

    There are a range of free public DNS such as CloudFlare, Quad9, Google, OpenDNS, Comodo, Level3 and many more.

    Now many ISP's run a proxy DNS sitting between you and the external
    public DNS.

    The ISP's router default settings typically points to the Proxy DNS.

    There are many reasons for this:

    The ISP's can implement blocklists to block access to filesharing sites, usually in response to a UK court order by some studio enforcing their content rights.

    Also the IWF have a list of website URLs where they are known to host
    illegal content and this is used by the Major ISP to prevent access.

    The Proxy DNS can also log what sites their subscribers visit, so they
    can sell on data to advertisers on which sites are the most visited on a
    per user basis, which websites are the most used across all customers etc.

    They can also do whats called DNS hijacking where if a public DNS
    returns no such webpage, you then get the ISP's own search engine
    offering you alternatives rather than a Error 404 page.

    Some ISP's offer child cybersafety options that limit access to sites
    dealign with drugs, alcohol, gambling, suicide etc, that is done at the
    Proxy DNS level.

    Very often, when you get the router, it has the DNS IP addresses set up
    in it or is obtained from the ISP by the DHCP daemon in the router.

    If you want to do your own DNS, you need to disable the DHCP in the
    router and set up your own DHCP and either point to a public DNS or your
    own DNS yourself.

    PiHole can do this.

    Now my own DNS holds a blacklist of 3,500,000 URLs but it does talk to
    an upstream public DNS if I want to access a website for the first time
    (my DNS caches my searches)

    I currently use CloudFlare.

    there are some other public DNS that do offer child safety such as AdGuardDNS.

    SOme public DNS can offer protection against dodgy sites such as

    https://www.csoonline.com/article/2876075/6-dns-services-protect-against-malware-and-other-unwanted-content.html


    but again, to access these you need to change router settings....

    Hope that helps?

    S.



    P.S. there is no commercial incentive really for the ISP to filter out
    adverts or trackers and it goes against net neutrality rules where all
    IP packets from anywhere are of equal value no matter what the actual
    data is within the IP packet.

    Some content providers do produce so much data such as film/content
    (such as Netflix!) providers that there has been hints that ISPs want to
    charge the providers to reflect the extra costs of networking
    instructure to handle the amount of data they have to transport over
    their networks.....

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Theo on Sat Jan 8 14:37:32 2022
    On 08/01/2022 11:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    Hmmmm..... Just been reading the documentation.....

    It looks like I'd have to either:

    have 3 Raspberry Pi's on the WAN or DMZ side where one is the Linux
    desktop, one is the Gaucamole server ane one is a clone of my original DNS. >>
    or try and fit 3 docker images on one Raspberry Pi to do a desktop, a
    DNS clone and the Gaucamole docker image?

    I've not used Docker, and not certain that a single R Pi can do all this
    but a 3 R Pi solution is more expensive.

    I don't see why you need three machines. You need to run:

    1. A VNC/RDP/etc server to provide the desktop you want to log in to
    2. A Guacamole server to offer that on the web
    3. A DNS server to do your filtering

    but they can run on the same hardware. 'Server' doesn't mean 'piece of metal' it means 'program' (aka 'daemon' for a thing that sits in the background waiting to respond to requests).

    I'm assuming you already have #3, so you can just point your new setup's DNS at that.

    For #1 and #2, I'd just run Raspberry Pi OS which provides a desktop out of the box. Then install a VNC server on that, and then install Guacamole.
    That does all the desktop stuff.

    You could also run #3 on the same machine, to keep it all together.

    I'm not familiar with how much CPU/RAM resource Guacamole would need, but I don't imagine it's vast - probably a Pi 3 or 4 would be sufficient to run everything (especially the versions with >1GB because browsers like their RAM), maybe not a Zero/1/2.

    Doing this with Docker just makes things a bit easier to manage all these services talking together, and avoids you having to build Guacamole, but I wouldn't learn Docker just for the sake of this project - you can just install Guacamole natively: https://guacamole.apache.org/doc/gug/installing-guacamole.html

    You could also use a Windows/Mac/Linux machine on your network to offer #1, if you prefer to offer that desktop experience, which would avoid Pi RAM limitations.

    Theo


    Hmm.... my current Raspberry pi runs Raspbian which then gives teh full
    desktop plus a browser, The pi Hole is then installed, followed by
    Wireguard and followed by Ubiquiti Network Controller.

    It is then run headless without a monitor to provide the DNS, VPN and
    Wireless network monitoring.....

    SO it does look like from what you say I could get another Rapsberryu
    Pi, put Raspbian on that, followed by VNC/RDP/etc followed by Gaucamole
    and followed by a clone of my own DNS and pop this on the DMZ so it
    becomes completely self contained and isolated from the LAN.

    I only intend to use it as a remote web browser with filtered DNS as I
    have no need to anything else. If I need to do office work, I do have
    O365 anyway.

    I've looked around the web for a Pi 4 but they are all out of stock
    everywhere :-(

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Sat Jan 8 20:10:23 2022
    p.p.s....

    The comms between your PC and the public DNS is the clear, with no
    encryption or user aaccount authentication.

    so someone could set up a fake evil twin DNS, pretend to be a "real"
    public DNS and send you DNS replies that send you to fake websites or
    direct you to websites that are laden with malware or malvertising hence compromising your machine.

    You can mitigate against this by implementng DNSSEC and DoH between your
    home network and a public DNS that supports DNSSEC and DoH.

    Both Cloudflare and Quad9 support DNSSEC and DoH.

    DoH is DNS over HTTPS.

    DNSSEC is DNS Security Extensions.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Raj Kundra@21:1/5 to All on Mon Jan 10 08:57:02 2022
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so successful that over 60% of DNS requests are blocked and web pages
    load so much faster and my privacy on the web is much improved.....

    See: https://ibb.co/d6mRZJg

    So all my computers have the same internet experience at home via the
    home DNS.

    I also set up and installed a Wireguard VPN server at home and put
    Wireguard on all my mobile phones. So all phones VPN back to my home
    and use *my* DNS rather than a public DNS liek cloudflare or Quad9 9
    or Google's own. It does not matter if this is over Public Wifi or
    over the mobile phone network.

    So whenever I surf the internet on my smart phones anywhere in the
    world, I get the same experience as at home. This is really useful
    when the mobile data speed is not very good as I am avoiding
    downloading all the ads and trackers etc.

    However there are occasions where I am not at home and a smart phone
    just does not cut the mustard.

    So I am forced sometimes to surf the internet on a friends or family
    computer and I get force fed all these unwanted adverts and trackers.

    Now what I'd like to do is be able to surf the internet on any one's
    computer using my own home DNS.....

    Now the question is how to do this?

    Please assume the following:

    1. I have a static IP at home.

    2. I have fibre to the home which gives me 500 Mbit UP and 500 Mbit DOWN.

    3. I currently only have one port open on my fibre router for incoming connections to my Wireguard Server. This Wireguard server holds the
    DNS IP settings. There is just one port forwarding rule which forwards
    from the outside world to the Wireguard VPN server. Obviously, all connections are encrypted as the remote devices are running Wireguard
    VPN.

    4. My friends or family will typically have Chrome or Edge or Firefox browsers on their computers

    5. Assume I will not be allowed to or cannot download and install
    additional software to their computer.

    I have looked into having a virtual PC, such as Shadow as I could
    install Wireguard on that to connect back to home and a simple web
    browser can be used to access Shadow. However, I would have to pay
    from £30 a month.  See https://shadow.tech/en-gb/

    I've wondered about setting up a Web top server on say a Raspberry Pi
    4 at home, but presumably I'd have to set up HTTPS as well for a
    secured connection as I can't use Wireguard on a remote PC.

    I would also have to set up a port forwarding rule for the Raspberry
    Pi 4. As I understand it a Web Top presents a windows or linux desktop
    over a internet browser session. This would obviously be configured to
    use my Home DNS.

    I've heard of LogMeIn and GoToMyPC but that obviously requires a PC
    powered up at home to accept remote connections? Is this secure and
    could this be done on a Raspberry Pi running Linux? This would
    obviously be configured to use my Home DNS.

    Over to you all for discussion!

    Simple solution will be buy a cheap laptop set it up as you like and
    take it with you and use it instead.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Raj Kundra on Mon Jan 10 09:31:09 2022
    On 10/01/2022 08:57, Raj Kundra wrote:
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so
    successful that over 60% of DNS requests are blocked and web pages
    load so much faster and my privacy on the web is much improved.....

    See: https://ibb.co/d6mRZJg

    So all my computers have the same internet experience at home via the
    home DNS.

    I also set up and installed a Wireguard VPN server at home and put
    Wireguard on all my mobile phones. So all phones VPN back to my home
    and use *my* DNS rather than a public DNS liek cloudflare or Quad9 9
    or Google's own. It does not matter if this is over Public Wifi or
    over the mobile phone network.

    So whenever I surf the internet on my smart phones anywhere in the
    world, I get the same experience as at home. This is really useful
    when the mobile data speed is not very good as I am avoiding
    downloading all the ads and trackers etc.

    However there are occasions where I am not at home and a smart phone
    just does not cut the mustard.

    So I am forced sometimes to surf the internet on a friends or family
    computer and I get force fed all these unwanted adverts and trackers.

    Now what I'd like to do is be able to surf the internet on any one's
    computer using my own home DNS.....

    Now the question is how to do this?

    Please assume the following:

    1. I have a static IP at home.

    2. I have fibre to the home which gives me 500 Mbit UP and 500 Mbit DOWN.

    3. I currently only have one port open on my fibre router for incoming
    connections to my Wireguard Server. This Wireguard server holds the
    DNS IP settings. There is just one port forwarding rule which forwards
    from the outside world to the Wireguard VPN server. Obviously, all
    connections are encrypted as the remote devices are running Wireguard
    VPN.

    4. My friends or family will typically have Chrome or Edge or Firefox
    browsers on their computers

    5. Assume I will not be allowed to or cannot download and install
    additional software to their computer.

    I have looked into having a virtual PC, such as Shadow as I could
    install Wireguard on that to connect back to home and a simple web
    browser can be used to access Shadow. However, I would have to pay
    from £30 a month.  See https://shadow.tech/en-gb/

    I've wondered about setting up a Web top server on say a Raspberry Pi
    4 at home, but presumably I'd have to set up HTTPS as well for a
    secured connection as I can't use Wireguard on a remote PC.

    I would also have to set up a port forwarding rule for the Raspberry
    Pi 4. As I understand it a Web Top presents a windows or linux desktop
    over a internet browser session. This would obviously be configured to
    use my Home DNS.

    I've heard of LogMeIn and GoToMyPC but that obviously requires a PC
    powered up at home to accept remote connections? Is this secure and
    could this be done on a Raspberry Pi running Linux? This would
    obviously be configured to use my Home DNS.

    Over to you all for discussion!

    Simple solution will be buy a cheap laptop set it up as you like and
    take it with you and use it instead.



    Agreed...... but not everyone likes disclosing their WiFi password. :-)


    However, I could perhaps consider a Pi 4 with Linux, Wireguard, RDP/VNC
    and Gaucamole.

    Plug that via ethernet into friends/family router and plug into wall
    socket via USB-C, then go to their PC and access that Pi via a browser
    and then I would have a VPN back to home and hence access to my DNS.

    Pi 4's are in short supply so I have a question, can Linux be put onto a
    Intel NUC?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Mon Jan 10 09:36:17 2022
    On 10/01/2022 09:31, SH wrote:
    On 10/01/2022 08:57, Raj Kundra wrote:
    On 07/01/2022 21:48, SH wrote:
    Right.....

    I run a Pi Hole at home which is a DNS with a massive blacklist of
    3,500,000 URLs which all relate to Malvertising, Adverts trackers,
    referer URLs, news aggregators like taboola and outbrain, this is so
    successful that over 60% of DNS requests are blocked and web pages
    load so much faster and my privacy on the web is much improved.....

    See: https://ibb.co/d6mRZJg

    So all my computers have the same internet experience at home via the
    home DNS.

    I also set up and installed a Wireguard VPN server at home and put
    Wireguard on all my mobile phones. So all phones VPN back to my home
    and use *my* DNS rather than a public DNS liek cloudflare or Quad9 9
    or Google's own. It does not matter if this is over Public Wifi or
    over the mobile phone network.

    So whenever I surf the internet on my smart phones anywhere in the
    world, I get the same experience as at home. This is really useful
    when the mobile data speed is not very good as I am avoiding
    downloading all the ads and trackers etc.

    However there are occasions where I am not at home and a smart phone
    just does not cut the mustard.

    So I am forced sometimes to surf the internet on a friends or family
    computer and I get force fed all these unwanted adverts and trackers.

    Now what I'd like to do is be able to surf the internet on any one's
    computer using my own home DNS.....

    Now the question is how to do this?

    Please assume the following:

    1. I have a static IP at home.

    2. I have fibre to the home which gives me 500 Mbit UP and 500 Mbit
    DOWN.

    3. I currently only have one port open on my fibre router for
    incoming connections to my Wireguard Server. This Wireguard server
    holds the DNS IP settings. There is just one port forwarding rule
    which forwards from the outside world to the Wireguard VPN server.
    Obviously, all connections are encrypted as the remote devices are
    running Wireguard VPN.

    4. My friends or family will typically have Chrome or Edge or Firefox
    browsers on their computers

    5. Assume I will not be allowed to or cannot download and install
    additional software to their computer.

    I have looked into having a virtual PC, such as Shadow as I could
    install Wireguard on that to connect back to home and a simple web
    browser can be used to access Shadow. However, I would have to pay
    from £30 a month.  See https://shadow.tech/en-gb/

    I've wondered about setting up a Web top server on say a Raspberry Pi
    4 at home, but presumably I'd have to set up HTTPS as well for a
    secured connection as I can't use Wireguard on a remote PC.

    I would also have to set up a port forwarding rule for the Raspberry
    Pi 4. As I understand it a Web Top presents a windows or linux
    desktop over a internet browser session. This would obviously be
    configured to use my Home DNS.

    I've heard of LogMeIn and GoToMyPC but that obviously requires a PC
    powered up at home to accept remote connections? Is this secure and
    could this be done on a Raspberry Pi running Linux? This would
    obviously be configured to use my Home DNS.

    Over to you all for discussion!

    Simple solution will be buy a cheap laptop set it up as you like and
    take it with you and use it instead.



    Agreed...... but not everyone likes disclosing their WiFi password. :-)


    However, I could perhaps consider a Pi 4 with Linux, Wireguard, RDP/VNC
    and Gaucamole.

    Plug that via ethernet into friends/family router and plug into wall
    socket via USB-C, then go to their PC and access that Pi via a browser
    and then I would have a VPN back to home and hence access to my DNS.

    Pi 4's are in short supply so I have a question, can Linux be put onto a Intel NUC?

    P.S. that prompts a question, how to determine the IP address of the
    device I plug into a friends/familys router assuming I am not allowed to
    access teh router pages or download and install Angry IP scanner?

    Is there a commnd line command I can use to show a list of attached
    network devices and their device IPs?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to i.love.spam@spam.com on Mon Jan 10 11:57:00 2022
    SH <i.love.spam@spam.com> wrote:
    On 10/01/2022 09:31, SH wrote:
    Pi 4's are in short supply so I have a question, can Linux be put onto a Intel NUC?

    Of course. You might also look at ex-corporate mini desktops: https://www.servethehome.com/introducing-project-tinyminimicro-home-lab-revolution/
    which can be had a lot cheaper secondhand than a NUC.

    P.S. that prompts a question, how to determine the IP address of the
    device I plug into a friends/familys router assuming I am not allowed to access teh router pages or download and install Angry IP scanner?

    Is there a commnd line command I can use to show a list of attached
    network devices and their device IPs?

    arp -a

    should tell you the MAC address of devices on the same network segment that your computer has talked to. At least on things with a Unixy network stack
    - Windows might be different (although tools like nslookup can come over). Although you might need admin rights to do it.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to i.love.spam@spam.com on Mon Jan 10 12:42:35 2022
    SH <i.love.spam@spam.com> writes:
    On 10/01/2022 08:57, Raj Kundra wrote:
    Simple solution will be buy a cheap laptop set it up as you like and
    take it with you and use it instead.

    Agreed...... but not everyone likes disclosing their WiFi password. :-)

    If they’re letting you have access to the computer you already have
    access to their network (and probably more).

    However, I could perhaps consider a Pi 4 with Linux, Wireguard,
    RDP/VNC and Gaucamole.

    Plug that via ethernet into friends/family router and plug into wall
    socket via USB-C, then go to their PC and access that Pi via a browser
    and then I would have a VPN back to home and hence access to my DNS.

    Pi 4's are in short supply so I have a question, can Linux be put onto
    a Intel NUC?

    I have a NUC running Linux, it works fine.

    However, the normal solution to your requirements is a laptop.

    --
    https://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Richard Kettlewell on Mon Jan 10 13:02:20 2022
    On 10/01/2022 12:42, Richard Kettlewell wrote:
    SH <i.love.spam@spam.com> writes:
    On 10/01/2022 08:57, Raj Kundra wrote:
    Simple solution will be buy a cheap laptop set it up as you like and
    take it with you and use it instead.

    Agreed...... but not everyone likes disclosing their WiFi password. :-)

    If they’re letting you have access to the computer you already have
    access to their network (and probably more).

    However, I could perhaps consider a Pi 4 with Linux, Wireguard,
    RDP/VNC and Gaucamole.

    Plug that via ethernet into friends/family router and plug into wall
    socket via USB-C, then go to their PC and access that Pi via a browser
    and then I would have a VPN back to home and hence access to my DNS.

    Pi 4's are in short supply so I have a question, can Linux be put onto
    a Intel NUC?

    I have a NUC running Linux, it works fine.

    However, the normal solution to your requirements is a laptop.


    Mmnnnn. I don't disagree.....

    it does mean planning ahead for unexpected needs to access internet and
    lugging said laptop around.... plus I've got to secure laptop at all
    times against theft.

    it'd be easier that if I do need internet access, I can just hop on
    someone's computer, fire up their browser and surf via my personal DNS.

    Perhaps a NUC on my DMZ running linux, a clone of my DNS, RDP/VNC and
    gaucamole might be a way forward as NUC seem easier to get hold of vs a
    R Pi.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Raj Kundra@21:1/5 to All on Mon Jan 10 21:48:57 2022
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Raj Kundra on Mon Jan 10 22:21:00 2022
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able to
    use my own DNS rather than the one(s) that the friend/family's ISP is
    using....

    WHich bring me back to my OP. :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GlowingBlueMist@21:1/5 to All on Mon Jan 10 22:35:49 2022
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able to
    use my own DNS rather than the one(s) that the friend/family's ISP is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive. Linux
    and possibly a version of Windows could be setup that way. Boot the
    local PC and tell it to use the flash rather than internal hard drive.

    You would preset the portable OS drive to use your VPN tunnel the same
    as your cell phones. When done, remove the flash drive and reboot the
    hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto a
    key ring.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to GlowingBlueMist on Tue Jan 11 08:03:50 2022
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able to
    use my own DNS rather than the one(s) that the friend/family's ISP is
    using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.  Linux
    and possibly a version of Windows could be setup that way.  Boot the
    local PC and tell it to use the flash rather than internal hard drive.

    You would preset the portable OS drive to use your VPN tunnel the same
    as your cell phones.  When done, remove the flash drive and reboot the
    hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto a
    key ring.


    Thats not a bad idea actually.... (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before the
    HDD, if not, that the bios is not PWD protected or the owner might ask questions as to why I need to go into the bios!

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GlowingBlueMist@21:1/5 to All on Tue Jan 11 16:58:47 2022
    On 1/11/2022 2:03 AM, SH wrote:
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able
    to use my own DNS rather than the one(s) that the friend/family's ISP
    is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.  Linux
    and possibly a version of Windows could be setup that way.  Boot the
    local PC and tell it to use the flash rather than internal hard drive.

    You would preset the portable OS drive to use your VPN tunnel the same
    as your cell phones.  When done, remove the flash drive and reboot the
    hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto a
    key ring.


    Thats not a bad idea actually....  (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before the
    HDD, if not, that the bios is not PWD protected or the owner might ask questions as to why I need to go into the bios!
    With UEFI and BIOS using differing boot formats you might need two
    drives, one for each type. Like you said with luck the borrowed machine
    will boot to the flash drive with out any physical assistance.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to GlowingBlueMist on Wed Jan 12 08:40:34 2022
    On 11/01/2022 22:58, GlowingBlueMist wrote:
    On 1/11/2022 2:03 AM, SH wrote:
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password

    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able
    to use my own DNS rather than the one(s) that the friend/family's
    ISP is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.  Linux
    and possibly a version of Windows could be setup that way.  Boot the
    local PC and tell it to use the flash rather than internal hard drive.

    You would preset the portable OS drive to use your VPN tunnel the
    same as your cell phones.  When done, remove the flash drive and
    reboot the hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto a
    key ring.


    Thats not a bad idea actually....  (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before the
    HDD, if not, that the bios is not PWD protected or the owner might ask
    questions as to why I need to go into the bios!
    With UEFI and BIOS using differing boot formats you might need two
    drives, one for each type.  Like you said with luck the borrowed machine will boot to the flash drive with out any physical assistance.


    actually two more thoughts occur to me:

    1. Is it possible to have a self-executable self contained Virtual
    machine file on the USB stick that does not require the host machine to
    have hyper-v or Virtual box or citrix or Zen/Xen? almost like where you
    can try out a Linux from a Live CD in Windows before making the decision
    to install?

    I could then set up the VM with wireguard and a browser.

    2. is there a self executable self contained web browser that has
    Wireguard embedded and allows me to specificy the IP of my home network
    and the IP of my home DNS?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GlowingBlueMist@21:1/5 to All on Thu Jan 13 01:26:34 2022
    On 1/12/2022 2:40 AM, SH wrote:
    On 11/01/2022 22:58, GlowingBlueMist wrote:
    On 1/11/2022 2:03 AM, SH wrote:
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password >>>>>>
    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being able
    to use my own DNS rather than the one(s) that the friend/family's
    ISP is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.
    Linux and possibly a version of Windows could be setup that way.
    Boot the local PC and tell it to use the flash rather than internal
    hard drive.

    You would preset the portable OS drive to use your VPN tunnel the
    same as your cell phones.  When done, remove the flash drive and
    reboot the hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto
    a key ring.


    Thats not a bad idea actually....  (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before the
    HDD, if not, that the bios is not PWD protected or the owner might
    ask questions as to why I need to go into the bios!
    With UEFI and BIOS using differing boot formats you might need two
    drives, one for each type.  Like you said with luck the borrowed
    machine will boot to the flash drive with out any physical assistance.


    actually two more thoughts occur to me:

    1. Is it possible to have a self-executable self contained Virtual
    machine file on the USB stick that does not require the host machine to
    have hyper-v or Virtual box or citrix or Zen/Xen? almost like where you
    can try out a Linux from a Live CD in Windows before making the decision
    to install?

    I could then set up the VM with wireguard and a browser.

    2. is there a self executable self contained web browser that has
    Wireguard embedded and allows me to specificy the IP of my home network
    and the IP of my home DNS?


    Might be nice to have but I have no idea on the feasibility of either of
    your two questions.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to GlowingBlueMist on Thu Jan 13 09:02:40 2022
    On 13/01/2022 07:26, GlowingBlueMist wrote:
    On 1/12/2022 2:40 AM, SH wrote:
    On 11/01/2022 22:58, GlowingBlueMist wrote:
    On 1/11/2022 2:03 AM, SH wrote:
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password >>>>>>>
    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being
    able to use my own DNS rather than the one(s) that the
    friend/family's ISP is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.
    Linux and possibly a version of Windows could be setup that way.
    Boot the local PC and tell it to use the flash rather than internal
    hard drive.

    You would preset the portable OS drive to use your VPN tunnel the
    same as your cell phones.  When done, remove the flash drive and
    reboot the hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed onto
    a key ring.


    Thats not a bad idea actually....  (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before
    the HDD, if not, that the bios is not PWD protected or the owner
    might ask questions as to why I need to go into the bios!
    With UEFI and BIOS using differing boot formats you might need two
    drives, one for each type.  Like you said with luck the borrowed
    machine will boot to the flash drive with out any physical assistance.


    actually two more thoughts occur to me:

    1. Is it possible to have a self-executable self contained Virtual
    machine file on the USB stick that does not require the host machine
    to have hyper-v or Virtual box or citrix or Zen/Xen? almost like where
    you can try out a Linux from a Live CD in Windows before making the
    decision to install?

    I could then set up the VM with wireguard and a browser.

    2. is there a self executable self contained web browser that has
    Wireguard embedded and allows me to specify the IP of my home
    network and the IP of my home DNS?


    Might be nice to have but I have no idea on the feasibility of either of
    your two questions.


    I did a bit of digging around on the internet.

    I came across LinuxLive USB creator:

    https://www.linuxliveusb.com/

    unfortunately, this has not been maintained since 2015

    https://www.linuxliveusb.com/en/blog

    I could not get this to work as the 2GB memory stick is probably too
    small even after downloading a smaller distro like Knoppix CD.
    (see comment below)



    I also came across Portable Virtualbox at

    https://www.vbox.me/ and that is currently using Virtual box v5.1.22.

    I tried this, it did appear to install on to USB but Win 10 will not let
    it run due to "security issues" and advises me to check for updated
    software.

    I saw that you can point the installer to a downloaded file so I then downloaded the latest version of Virtual box which is 6.1 and pointed
    the Portable Virtual box installer to that.

    It starts to install but aborts abruptly with no message and its clear
    that the installation did not complete on the USB stick and there was
    still over 1GB spare space.

    I do have a 32GB sandisk USB stick floating around somewhere so I was
    restriced to a 2GB stick which is probably not enough for doing this
    sort of thing.

    In any case, you'd probably be best with a very fast USB3 flash memory
    stick to make this a viable approach.

    So it looks like there was some serious community effort in doing this
    but it seems to have stalled.... :-(

    I will try this again once I find my 32GB USB3 stick..... :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Adrian Caspersz@21:1/5 to Theo on Thu Jan 13 09:10:14 2022
    On 08/01/2022 11:41, Theo wrote:

    Doing this with Docker just makes things a bit easier to manage all these services talking together, and avoids you having to build Guacamole, but I wouldn't learn Docker just for the sake of this project - you can just install Guacamole natively: https://guacamole.apache.org/doc/gug/installing-guacamole.htm

    If anyone is interested, have a look at ...

    Remote Access to ANY server - Guacamole WebApp Tutorial
    https://www.youtube.com/watch?v=Sq-irDBauvo

    ... for a scripted non-docker implementation someone else has created.

    https://github.com/MysticRyuujin/guac-install

    FWIW, I use docker alongside nginx for https support.

    As well as allowing remote networking, Guacamole is useful for me to
    access my home computers on my work laptop that has restrictions on
    loading personal software. It's a nice (almost) air gap that's avoid
    bridging IP networks that shouldn't be bridged.


    You could also use a Windows/Mac/Linux machine on your network to offer #1, if you prefer to offer that desktop experience, which would avoid Pi RAM limitations.

    Theo

    For the OP, This youtuber has some other interesting networking related
    videos

    https://www.youtube.com/c/CraftComputing/videos

    e.g.

    You're running Pi-Hole wrong! Setting up your own Recursive DNS Server!
    https://www.youtube.com/watch?v=FnFtWsZ8IP0

    --

    Adrian C

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From GlowingBlueMist@21:1/5 to All on Thu Jan 13 08:54:35 2022
    On 1/13/2022 3:02 AM, SH wrote:
    On 13/01/2022 07:26, GlowingBlueMist wrote:
    On 1/12/2022 2:40 AM, SH wrote:
    On 11/01/2022 22:58, GlowingBlueMist wrote:
    On 1/11/2022 2:03 AM, SH wrote:
    On 11/01/2022 04:35, GlowingBlueMist wrote:
    On 1/10/2022 4:21 PM, SH wrote:
    On 10/01/2022 21:48, Raj Kundra wrote:
    On 10/01/2022 09:31, SH wrote:
    Agreed...... but not everyone likes disclosing their WiFi password >>>>>>>>
    Then they are not friends are family worth bothering with.


    that may be so, but it still leaves me with a problem of being
    able to use my own DNS rather than the one(s) that the
    friend/family's ISP is using....

    WHich bring me back to my OP. :-)
    You could walk around with one of those PC's on a flash drive.
    Linux and possibly a version of Windows could be setup that way.
    Boot the local PC and tell it to use the flash rather than
    internal hard drive.

    You would preset the portable OS drive to use your VPN tunnel the
    same as your cell phones.  When done, remove the flash drive and
    reboot the hosts PC and all would be back to "normal".

    Many flash drives are now physically small enough to be placed
    onto a key ring.


    Thats not a bad idea actually....  (*)

    now to find a very lightweight Linux distro that boots qucikly and
    allows persistence back to the USB stick.....

    (*) assuming that the Bios has got USB set as a boot drive before
    the HDD, if not, that the bios is not PWD protected or the owner
    might ask questions as to why I need to go into the bios!
    With UEFI and BIOS using differing boot formats you might need two
    drives, one for each type.  Like you said with luck the borrowed
    machine will boot to the flash drive with out any physical assistance.


    actually two more thoughts occur to me:

    1. Is it possible to have a self-executable self contained Virtual
    machine file on the USB stick that does not require the host machine
    to have hyper-v or Virtual box or citrix or Zen/Xen? almost like
    where you can try out a Linux from a Live CD in Windows before making
    the decision to install?

    I could then set up the VM with wireguard and a browser.

    2. is there a self executable self contained web browser that has
    Wireguard embedded and allows me to specify the IP of my home network
    and the IP of my home DNS?


    Might be nice to have but I have no idea on the feasibility of either
    of your two questions.


    I did a bit of digging around on the internet.

    I came across LinuxLive USB creator:

    https://www.linuxliveusb.com/

    unfortunately, this has not been maintained since 2015

    https://www.linuxliveusb.com/en/blog

    I could not get this to work as the 2GB memory stick is probably too
    small even after downloading a smaller distro like Knoppix CD.
    (see comment below)



    I also came across Portable Virtualbox at

    https://www.vbox.me/   and that is currently using Virtual box v5.1.22.

    I tried this, it did appear to install on to USB but Win 10 will not let
    it run due to "security issues" and advises me to check for updated
    software.

    I saw that you can point the installer to a downloaded file so I then downloaded the latest version of Virtual box which is 6.1  and pointed
    the Portable Virtual box installer to that.

    It starts to install but aborts abruptly with no message and its clear
    that the installation did not complete on the USB stick and there was
    still over 1GB spare space.

    I do have a 32GB sandisk USB stick floating around somewhere so I was restriced to a 2GB stick which is probably not enough for doing this
    sort of thing.

    In any case, you'd probably be best with a very fast USB3 flash memory
    stick to make this a viable approach.

    So it looks like there was some serious community effort in doing this
    but it seems to have stalled.... :-(

    I will try this again once I find my 32GB USB3 stick..... :-)
    You might want to take a look at the programs UNetbootin and Rufus to
    actually make the bootable flash.

    UNetbootin has a list of distributions, one of is "Damn Small Linux" http://www.damnsmalllinux.org/ , not that I've tried that particular distribution and I suspect your 2GB might still be a bit small a flash
    drive. Checkout their offering at
    http://damnsmalllinux.org/usb-qemu.html . They claim to be able to boot
    a version of their "DML" with out needing to boot the host windows
    machine. (kind of sounds like it might be close to what you are looking
    for) They are selling a 8GB flash with their program already installed
    for $35 plus shipping.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to All on Fri Jan 14 07:56:06 2022
    I came across this:

    https://www.youtube.com/watch?v=jlHWnKVpygw

    its a Raspberry pi thats been turned into a OpenWRT router and also has
    a USB Wi fi adapter added.

    The idea was you take it to starbucks, use your smartphones and tablets
    to join the hotspot created by the Pi (suitably WPA-PSK2'ed)

    and the Pi's own onboard Wifi would then join the public wi fi and
    create a VPN connection using OpenVPN to a VPN service, in this case
    NordVPN.

    That got me thinking, a USB ethernet adapter and replace OpenVPN with Wireguard, sort out some DHCP etc and then use this and a ethernet patch
    lead to insert on the ethernet lead between friend/family computer and
    their router?

    What do the panel think?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to i.love.spam@spam.com on Fri Jan 14 12:41:50 2022
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN with Wireguard, sort out some DHCP etc and then use this and a ethernet patch
    lead to insert on the ethernet lead between friend/family computer and
    their router?

    If your friend has ethernet, why not just plug in a laptop of your own?

    You may well find that folks are using wifi from their desktop to their
    router anyway. But you might just plug yourself into their router directly, with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible like in the loft.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Theo on Fri Jan 14 12:46:17 2022
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and then use this and a ethernet patch
    lead to insert on the ethernet lead between friend/family computer and
    their router?

    If your friend has ethernet, why not just plug in a laptop of your own?

    You may well find that folks are using wifi from their desktop to their router anyway. But you might just plug yourself into their router directly, with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible like in the loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi box
    would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a laptop,
    plus I can't get on with laptop mice so if I can use a friend's desktop
    all the better.

    I don't actually need access to the router as I can jsut unplug the
    ethernet from back of PC and plug my pi in. :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Rob Morley@21:1/5 to i.love.spam@spam.com on Fri Jan 28 19:20:12 2022
    On Sat, 8 Jan 2022 10:42:42 +0000
    SH <i.love.spam@spam.com> wrote:

    The worst was teh Taboola and Outbrain stuff cunningly labelled as
    "Around the Web" but you get taken to sites where the article is
    across multiple pages and loads of adverts and lots of multiple
    "Next" buttons but only one of them actually takes you to the nexty
    page, the others take you to other websites....

    I know better than to click those links, yet I still occasionally find
    myself falling down the rabbit hole. I wonder how much revenue it
    generates, versus how much it devalues clicks.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Rob Morley on Fri Jan 28 21:49:03 2022
    On 28/01/2022 19:20, Rob Morley wrote:
    On Sat, 8 Jan 2022 10:42:42 +0000
    SH <i.love.spam@spam.com> wrote:

    The worst was teh Taboola and Outbrain stuff cunningly labelled as
    "Around the Web" but you get taken to sites where the article is
    across multiple pages and loads of adverts and lots of multiple
    "Next" buttons but only one of them actually takes you to the nexty
    page, the others take you to other websites....

    I know better than to click those links, yet I still occasionally find
    myself falling down the rabbit hole. I wonder how much revenue it
    generates, versus how much it devalues clicks.


    which is why Taboola and Outbrain is in the blocklist :-) I just get a
    blank space on the web page where their "stuff" normally appears

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Raj Kundra@21:1/5 to All on Tue Feb 1 17:27:06 2022
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and then use this and a ethernet
    patch
    lead to insert on the ethernet lead between friend/family computer and
    their router?

    If your friend has ethernet, why not just plug in a laptop of your own?

    You may well find that folks are using wifi from their desktop to their
    router anyway.  But you might just plug yourself into their router
    directly,
    with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible like
    in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi box
    would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a
    laptop, plus I can't get on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router as I can jsut unplug the
    ethernet from back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Raj Kundra on Tue Feb 1 17:31:30 2022
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and then use this and a ethernet
    patch
    lead to insert on the ethernet lead between friend/family computer and >>>> their router?

    If your friend has ethernet, why not just plug in a laptop of your own?

    You may well find that folks are using wifi from their desktop to their
    router anyway.  But you might just plug yourself into their router
    directly,
    with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible like
    in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi box
    would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a
    laptop, plus I can't get on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router as I can jsut unplug the
    ethernet from back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading submissions
    Online banking

    Need I go on?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Steve Hough@21:1/5 to SH used his keyboard to on Tue Feb 1 18:35:30 2022
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet
    adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and then
    use this and a ethernet patch
    lead to insert on the ethernet lead
    between friend/family computer and
    their router?

    If your friend has ethernet, why not just
    plug in a laptop of your own?

    You may well find that folks are using wifi
    from their desktop to their
    router anyway. But you might just plug
    yourself into their router directly,
    with a long cable if needs be.

    Though not much help if they have put it
    somewhere inaccessible like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a
    Wifi USB and teh pi box would use wi fi to
    wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to
    carry around than a laptop, plus I can't get
    on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router
    as I can jsut unplug the ethernet from back
    of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is
    dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading
    submissions
    Online banking

    Need I go on?

    But why so much effort?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Steve Hough on Tue Feb 1 20:51:24 2022
    On 01/02/2022 18:35, Steve Hough wrote:
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN with >>>>>> Wireguard, sort out some DHCP etc and then use this and a ethernet >>>>>> patch
    lead to insert on the ethernet lead between friend/family computer >>>>>> and
    their router?

    If your friend has ethernet, why not just plug in a laptop of your
    own?

    You may well find that folks are using wifi from their desktop to
    their
    router anyway.  But you might just plug yourself into their router
    directly,
    with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible
    like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi box
    would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a
    laptop, plus I can't get on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router as I can jsut unplug the
    ethernet from back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading submissions
    Online banking

    Need I go on?

    But why so much effort?

    because I want to avoid the trackers and adverts and reduce my attack
    surface for malvertising

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Steve Hough@21:1/5 to All on Wed Feb 2 10:27:38 2022
    SH laid this down on his screen :
    On 01/02/2022 18:35, Steve Hough wrote:
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet
    adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and
    then use this and a ethernet patch
    lead to insert on the ethernet lead
    between friend/family computer and
    their router?

    If your friend has ethernet, why not just
    plug in a laptop of your own?

    You may well find that folks are using
    wifi from their desktop to their
    router anyway. But you might just plug
    yourself into their router directly,
    with a long cable if needs be.

    Though not much help if they have put it
    somewhere inaccessible like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in
    a Wifi USB and teh pi box would use wi fi
    to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier
    to carry around than a laptop, plus I
    can't get on with laptop mice so if I can
    use a friend's desktop all the better.

    I don't actually need access to the router
    as I can jsut unplug the ethernet from
    back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is
    dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading
    submissions
    Online banking

    Need I go on?

    But why so much effort?

    because I want to avoid the trackers and
    adverts and reduce my attack surface for
    malvertising

    Don't mind me saying, but it does smack a bit of
    paranoia. I just run Adblock, works fine for me.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From SH@21:1/5 to Steve Hough on Wed Feb 2 11:49:37 2022
    On 02/02/2022 10:27, Steve Hough wrote:
    SH laid this down on his screen :
    On 01/02/2022 18:35, Steve Hough wrote:
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace OpenVPN >>>>>>>> with
    Wireguard, sort out some DHCP etc and then use this and a
    ethernet patch
    lead to insert on the ethernet lead between friend/family
    computer and
    their router?

    If your friend has ethernet, why not just plug in a laptop of
    your own?

    You may well find that folks are using wifi from their desktop to >>>>>>> their
    router anyway.  But you might just plug yourself into their
    router directly,
    with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible
    like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi
    box would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a
    laptop, plus I can't get on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router as I can jsut unplug
    the ethernet from back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading submissions
    Online banking

    Need I go on?

    But why so much effort?

    because I want to avoid the trackers and adverts and reduce my attack
    surface for malvertising

    Don't mind me saying, but it does smack a bit of paranoia. I just run Adblock, works fine for me.

    Ah, you're running adblock at device level.

    My DNS, Pi Hole and Wireguard is running at network level so all mobile
    phones, tablets and media players like Roku are protected

    It means less maintance as I only have to work at one machine rather
    than on every device. Some devices resist installation of adguard or
    similar.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Raj Kundra@21:1/5 to All on Wed Feb 2 16:52:20 2022
    On 02/02/2022 11:49, SH wrote:
    On 02/02/2022 10:27, Steve Hough wrote:
    SH laid this down on his screen :
    On 01/02/2022 18:35, Steve Hough wrote:
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet adapter and replace
    OpenVPN with
    Wireguard, sort out some DHCP etc and then use this and a
    ethernet patch
    lead to insert on the ethernet lead between friend/family
    computer and
    their router?

    If your friend has ethernet, why not just plug in a laptop of
    your own?

    You may well find that folks are using wifi from their desktop >>>>>>>> to their
    router anyway.  But you might just plug yourself into their
    router directly,
    with a long cable if needs be.

    Though not much help if they have put it somewhere inaccessible >>>>>>>> like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug in a Wifi USB and teh pi >>>>>>> box would use wi fi to wi fi as per the Youtube tutorial.

    A little pi in a box is infinitely easier to carry around than a >>>>>>> laptop, plus I can't get on with laptop mice so if I can use a
    friend's desktop all the better.

    I don't actually need access to the router as I can jsut unplug
    the ethernet from back of PC and plug my pi in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading submissions
    Online banking

    Need I go on?

    But why so much effort?

    because I want to avoid the trackers and adverts and reduce my
    attack surface for malvertising

    Don't mind me saying, but it does smack a bit of paranoia. I just run
    Adblock, works fine for me.

    Ah, you're running adblock at device level.

    My DNS, Pi Hole and Wireguard is running at network level so all
    mobile phones, tablets and media players like Roku are protected

    It means less maintance as I only have to work at one machine rather
    than on every device. Some devices resist installation of adguard or
    similar.

    Next step is to get a bunker, add your own Oxygen supply and recycle
    your own waste the list will keep getting longer and longer.

    Unless you announce to world that you are a XXXXX, no one is going out
    to get you.

    Scammers are taking random chance and can be easily avoided by not
    clicking on every link in E mail.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Steve Hough@21:1/5 to All on Wed Feb 2 19:34:14 2022
    Raj Kundra pretended :
    On 02/02/2022 11:49, SH wrote:
    On 02/02/2022 10:27, Steve Hough wrote:
    SH laid this down on his screen :
    On 01/02/2022 18:35, Steve Hough wrote:
    SH used his keyboard to write :
    On 01/02/2022 17:27, Raj Kundra wrote:
    On 14/01/2022 12:46, SH wrote:
    On 14/01/2022 12:41, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    That got me thinking, a USB ethernet
    adapter and replace OpenVPN with
    Wireguard, sort out some DHCP etc and
    then use this and a ethernet patch
    lead to insert on the ethernet lead
    between friend/family computer and
    their router?

    If your friend has ethernet, why not
    just plug in a laptop of your own?

    You may well find that folks are using
    wifi from their desktop to their
    router anyway. But you might just
    plug yourself into their router
    directly,
    with a long cable if needs be.

    Though not much help if they have put
    it somewhere inaccessible like in the
    loft.

    Theo

    Even if Wifi is used, I could also plug
    in a Wifi USB and teh pi box would use
    wi fi to wi fi as per the Youtube
    tutorial.

    A little pi in a box is infinitely
    easier to carry around than a laptop,
    plus I can't get on with laptop mice so
    if I can use a friend's desktop all the
    better.

    I don't actually need access to the
    router as I can jsut unplug the
    ethernet from back of PC and plug my pi
    in. :-)

    Or even better "Do not use Internet"


    that is hard to do now when so much is
    dependent on it

    Tesco dot com for weekly grocery shop
    electricity/water/gas bills meter reading
    submissions
    Online banking

    Need I go on?

    But why so much effort?

    because I want to avoid the trackers and
    adverts and reduce my attack surface for
    malvertising

    Don't mind me saying, but it does smack a
    bit of paranoia. I just run Adblock, works
    fine for me.

    Ah, you're running adblock at device level.

    My DNS, Pi Hole and Wireguard is running at
    network level so all mobile phones, tablets
    and media players like Roku are protected

    It means less maintance as I only have to
    work at one machine rather than on every
    device. Some devices resist installation of
    adguard or similar.

    Next step is to get a bunker, add your own
    Oxygen supply and recycle your own waste the
    list will keep getting longer and longer.

    Unless you announce to world that you are a
    XXXXX, no one is going out to get you.

    Scammers are taking random chance and can be
    easily avoided by not clicking on every link in
    E mail.

    Precisely. Lifes too short for all that faffing.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to i.love.spam@spam.com on Wed Feb 2 21:20:07 2022
    SH <i.love.spam@spam.com> wrote:
    Ah, you're running adblock at device level.

    My DNS, Pi Hole and Wireguard is running at network level so all mobile phones, tablets and media players like Roku are protected

    It means less maintance as I only have to work at one machine rather
    than on every device. Some devices resist installation of adguard or
    similar.


    For your travelling situation, how about a laptop of your own, an LTE card
    (no reliance on others' network), and running Pi-Hole in Docker on the
    laptop. That does everything in a one-box solution, with no external dependencies.

    You can plugin external display/keyboard/mouse if you want a 'desktop' experience, and use wifi at home/in a coffee shop/when staying somewhere you can find out the password.

    A lot of business laptops have a WWAN slot for an internal LTE card, you'd
    just need a SIM card for data.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Raj Kundra@21:1/5 to Theo on Sat Feb 5 12:54:37 2022
    On 02/02/2022 21:20, Theo wrote:
    SH <i.love.spam@spam.com> wrote:
    Ah, you're running adblock at device level.

    My DNS, Pi Hole and Wireguard is running at network level so all mobile
    phones, tablets and media players like Roku are protected

    It means less maintance as I only have to work at one machine rather
    than on every device. Some devices resist installation of adguard or
    similar.

    For your travelling situation, how about a laptop of your own, an LTE card (no reliance on others' network), and running Pi-Hole in Docker on the laptop. That does everything in a one-box solution, with no external dependencies.

    You can plugin external display/keyboard/mouse if you want a 'desktop' experience, and use wifi at home/in a coffee shop/when staying somewhere you can find out the password.

    A lot of business laptops have a WWAN slot for an internal LTE card, you'd just need a SIM card for data.

    Theo

    Obstacle: That involves spending money on a laptop and then paying for
    data use :-))

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)