The democratic protests are all being funded– with the protests in Newark taking in over $800 million a year. That’s just one set of protests in one city. Multiply those amounts times the number of cities where it’s happening, and you can see that we are looking at billions. More than a couple of billion. Every election year. That’s how we always get unrest every election year.
Now think about that for a moment. How much is money has been spent on these “protests” in the past six years? $20 billion? 40? More? That isn’t grassroots. It isn’t the Democrats- they raise less than $200 million most years, and couldn’t afford the billions that is being spent here. They couldn’t afford to fund the protests in Newark, let alone an entire nationwide movement. That isn’t even large private donors. There is only one class of donor that can sustain that level of funding.
The entire 2020 George Floyd protest playbook was nearly identical to the CIA insurgency manual. I wrote about that extensively during the 2020-2022 timeframe.
The US government is one of the few who could fund and organize this sort of operation. The list is short because a general campaign to do this is expensive, labor intensive, and has little benefit for the cost.
Unless you are trying to destabilize the US. Think about that, and what the implications of that are. It will keep you up at night.
For those of you who are IT nerds, some of this stuff will seem basic- my apologies, I am still learning, and I assume that a good number of the people who read this blog are as well.
IoT devices are notoriously insecure because manufacturers frequently prioritize low costs and rapid production over robust security. These devices often suffer from weak default credentials, a lack of encryption, and limited hardware capacity for security software, making them easy targets for hackers to hijack and form botnets or even to spy on you and sell your information to others.
Using VLANs can help with that. A virtual network, or VLAN, allows you to maintain separate, distinct networks within your physical network. These virtual networks are like tiny virtual containers that cannot talk to or even see each other, but can be configured to communicate as much or as little information between each other as you desire. That’s where the security comes in.
By creating different ‘trust’ levels within your home network, you can create a system whereby those who are inside of your guest VLAN can only communicate with the Internet or your printer, but nothing else. This prevents a guest from snooping through your files, accessing your router controls, or other mistakes. Placing all of your IoT devices in another VLAN will keep them isolated from other parts of your network and allow you to control where and how much information they can send or receive. Trusted devices such as your cell phone or laptop can be configured to have no restrictions.
In short, it increases security by giving devices “need to know” access without giving them access to things they shouldn’t be accessing. That’s what this new system I am installing does. I setup a few different VLANs:
Trusted. Devices within this VLAN will have IP addresses ending in 20.xx
IoT devices. Devices within this VLAN will have IP addresses ending in 30.xx
Storage. Devices within this VLAN will have IP addresses ending in 40.xx
Guest. Devices within this VLAN will have IP addresses ending in 50.xx
Cameras. Devices within this VLAN will have IP addresses ending in 60.xx
Each IP range can then be assigned any number of permissions. For example, IP addresses ending in 50.xx are setup to only be able to access the Internet and a printer. Guests will therefore be allowed to print or surf the Internet, but that is all.
So that is the plan for our network security here at the Ocho. Will it stand up to determined hacking or the NSA peeping at my stuff? Of course not. Is it better and more robust than what I have had in the past? Certainly. Perhaps it will cause those devices and people with nefarious intent to look elsewhere for lower hanging fruit.
Now if you will excuse me, today is going to be a pleasant, breezy 84 degrees, so I am going to go mow the lawn.
I am not an IT expert by any stretch of the imagination. Still, I am doing OK with this server upgrade. Some of these concepts are new, some not so new. Still, I am doing alright with the upgrades. I spent the day installing some upgrades.
Mounting
I first tried to mount the cabinet, but it was designed for studs that are 16 inches on center, and my walls have 24 inch stud spacing. I cut me two 1×6″ Spruce boards 26 inches long. I drilled them for screws to attach to the studs, and also drilled 5/16 holes 16 inches apart, then I drilled a countersink centered on those holes. Those holes fit a 5/16 bolt and washer. I painted the boards to match the wall, then attached them to the studs with 4 #8x 3″ wood screws at each end of the board.
Now I had two boards spanning the studs with 5/16″ bolts sticking out that matched the mounting holes on the cabinet that allowed me to bolt the cabinet to them.
If you look below the cabinet, you can see the old onQ panel this cabinet is replacing. Once all is done, I will remove it and drywall over the hole. Yeah, the reflections in the glass show the toilet paper and paper town reserves I keep on top of the laundry room cabinets.
Installing Equipment
I put a thermostat in the cabinet that will control the exhaust fan. Then I attached my devices to the racks:
12U Omada SG3218XP-M2 POE managed switch. This is the main switch for my network.
10U Keystone 24 pin patch panel. Ports1-5 are reserved for Infrastructure connections like modem, UPS, Moca, 6-15 are for POE devices like AP’s, 16-18 are for non powered devices, and 19 thru 24 are for cameras
9U is a SG2210XMP, currently an unused switch but I plan on having it be the switch for my future IP security cameras
8U, 7U, 6U are open.
5U is a shelf with a Moca unit, the modem, and a switch that cycles power to the gateway and modem in the event it cannot access the Internet
4U is a power distribution unit
3U and 2U are currently vacant, but will have a Synology RS1221+ as a storage drive and for future cameras
1U is a 500 watt UPS. I know it’s small for what I am powering, but I am only using it to bridge the second or two that it takes my Powerwalls to take over when grid power fails.
I got everything wired and labeled. The network is fully functional and stable, and the entire thing went as smoothly as I could have hoped. It took me longer to mount the cabinet on the wall than it did to get the network up and running. I now no longer have a home level network. This is bordering on prosumer level stuff.
You will note the empty slots for the second switch and the double drive server. Im waiting on parts for those. I will also neaten up the wires a bit.
Setting Up Virtual Networks
The last thing I did today was set up several VLANs:
Management, VLAN 10
VLAN 30 for IOT devices.
Servers, VLAN 40
Guest Network VLAN 50
Security Cameras, VLAN 60
To verify that it works, I logged in to the guest network SSID and was assigned an IP of 192.xx.50.x. I haven’t created rules yet, just wanted to make sure I did it correctly.
Moving Forward
Tomorrow, I will install the disk server, a Synology RS1221+. I don’t have disk drives for it yet, but that’s coming. Once that is installed, I will begin to place devices and clients into the various VLANs. Once that is sorted, I will begin assigning rules. One step at a time.
I am not planning on working on or installing cameras until the weather cools enough for me to get in the attic and run more Ethernet cables, so not until at least October or November.
A few of my readers have commented on how they enjoy practice pearls, so I thought I would go ahead and share a simple one. This particular pearl is not just for medical people, it will work quite well for those of you who are not in the medical profession. In the medical profession, a lot of time is spent training people in the latest, greatest technology- the newest medication, the latest technique, the wow factor, but sometimes, it is the old school method that works best. I recently had the chance to teach a young doctor this exact lesson.
Lacerations
We had a woman that entered the emergency room who had cut off the last quarter inch or so of the tip of her finger with a pair of scissors while attempting to cut open an Amazon package, of all things. In so doing, she had also managed to nick the artery, and blood was pulsing out of the end of her finger. She had the presence of mind to bring in what she thought was the tip of the finger (what she brought in wasn’t the finger) and she was attempting to control the bleeding herself, but wasn’t succeeding.
The doctor looked at it and suggested we perform a digital block and attempt to stitch off the artery and suture the wound closed. That was going to be a bear to do. Instead, I suggested that we try something a bit more old school. I took a large emesis basin, filled it with ice, a little water water, and a bottle of Providone. I told the woman to place her finger in the basin and keep it there until the cold became painful. This concoction does three things:
The ice numbs the area
the Providone cleans the wound (there is a risk of infection if you don’t)
the ice also constricts blood vessels and is great at controlling bleeding
She spent about 15 minutes with her hand in that basin, and this stopped about 80% of the bleeding. I pulled her hand out, cleaned the finger with a couple of gauze pads (4×4), then had her hold one against the tip of her finger using her thumb. After about 5 minutes of that, we still had some bleeding, so I soaked a gauze pad with tranexamic acid (TXA) and placed it against the wound. That stopped the rest of the bleeding. I dressed the wound, and we sent her home.
Esophageal Varices
Just as you can get varicose veins in your legs, you can get them in your esophagus as a result of cirrhosis of the liver and the resulting portal hypertension. I was working in the ED one night when a patient began vomiting large amounts of blood. I’m not talking about what most people would think are large amounts of blood, but what a nurse who works in the ED thinks are large amounts of blood. It looked like this:
We were under the gun: if this bleeding didn’t stop, we were looking at a dead patient. I inserted an NG tube to suction out the blood, and the doctor and I came up with a plan. Using a piston syringe, I would push about 100 ml of ice water into the tube, let it sit for about 30 seconds, then suction it back out. I repeated this about 5 or 6 times, and each time, the amount of blood that came out with it was less. I was forced to stop after that 5th or 6th time, because the cold must have been irritating to her heart, as evidenced by the fact that she began having short runs of ventricular tachycardia. For that reason, anyone trying this, I would recommend placing the patient on a cardiac monitor and keeping a close eye on on their heart rhythm while doing this.
Ice- it’s quite useful in emergency medicine, but it isn’t used much any more in emergency medicine because it doesn’t have the sexy feel of the latest, greatest advances in medical technology, but it is still damned effective. Sometimes old school is still the best way to go.
My Father in law needed some help throwing sod in his yard today, so I wound up spending the day helping him with yard work. I have told the in-laws not to do that sort of work, but to call me instead. They fall quite often, and I don’t want them getting hurt.
I spent about 8 hours throwing sod and working in their yard. It was 95 degF today, so I am spent.
Family comes first. Let’s see what we can do tomorrow.
The so- called “teen takeover” trend expanded this past weekend when a large group of “teens” headed to Clearwater Beach and immediately began attacking people before it ended with gunshots. The police chief had this to say:
Deputy Chief of the Clearwater Police Department, Michael Walek, held a press conference around 8:30 p.m., where he said the incident was organized through social media and that it happened because of a “bunch of kids acting like kids,” claiming that this kind of incident would not happen again.
Kids shooting each other is actung like kids? That’s because it’s “teens”
Records, communication, and security are all important parts of prepping. A robust computer network can work of all of those things. We’ve talked about the other sections of the prepping pyramid, but haven’t spent a lot of time on how we can use information technology to strengthen the other sections of the pyramid.
I wasn’t happy with how crowded and sloppy the onQ panel that contains everything is. It looks like a bowl of spaghetti and even though I have the largest panel made, it’s still crowded.
I am using Ring Cameras for surveillance, but I am not happy with them, for reasons that will be covered in a future post.
I have a Terramaster NAS with four 4TB NvMe SSDs in it, but I can’t get those SSDs any more because they now cost 5 times more than they once did.
There is a second setup in the bedroom I use as an office. It has an Omada switch, and it runs my office equipment. The issue is the UPS there just died, and I want everything consolidated, so I am moving that into the main server.
So I have decided to make a few changes. We are keeping the Omada system, but I am making a few upgrades.
I am mounting a 12U server cabinet on the wall of the utility closet in the house. This will make things cleaner and easier to manage.
I will be putting an 8 bay HDD rack in the cabinet. It will be used as both a NDVR and as a NAS device.
Three rooms in the house are device dense: the living room, the master bedroom, and the office. I am going to clean up the architecture a bit to make things faster and more resilient.
So how are we doing this? Well, in the racks, there will be:
A rackmount UPS. I just need enough storage to ridge the second or two it takes my powerwalls to take over when the power fails.
Power distribution
An Omada controller
An Omada gateway
A 24 port keystone patch panel
An Omada 16 port managed POE switch
an 8 bay rackmount HDD rack.
A shelf where the modem will be, along with my current NAS (until the HDD rack is installed)
There will be 4 remaining U for future additions
Records
Records are important. Having copies of things like financial records, professional licenses, certifications, and other important documents will allow you to rebuild your life in the aftermath of a large disaster. Ask the residents whose lives were destroyed in Hurricane Katrina how important those records were in doing that. Having a robust set of electronic records with copies of every important document, all in a RAID, is a great step towards that goal. I am thinking of at least 12TB of RAID storage space for important files. I need it, because I scan every document, bill, and receipt that comes into this house.
Security
One or two of the HDD bays will be reserved for surveillance hard drives. I am looking at 20TB or more of storage space for the camera system. Once the weather gets cooler, I am planning on running Ethernet cables in the attic for a PTZ camera, two outdoor wide view cameras, a doorbell camera, and one or two covering other areas of the property, all in 4k. So, a total of 5-6 cameras that will record 24/7. That takes up more storage space than my documents and files.
That’s the hardware. I will also have it organized into several VLANs for network security. There will be a VLAN for:
One for infrastructure. This will allow APs to be on their own VLAN, as well as controllers and those sorts of things.
IOT devices, so I can limit how much they will spy on the rest of the house. They will only access each other and the Internet.
Entertainment devices like televisions and SONOS speakers. Internet only
A Guest VLAN that will only have access to a printer and the Internet
Then phones belonging to my wife and I that will have full access.
I will decide more on rules later, but that is the idea in my head for now.
Implementation
First step is to get all of the hardware installed and move the network that already exists into the server cabinet. Then I will setup VLANs. After that, we will install the HDD rack and move the NAS files there. I have another HDD based NAS that I can use as a backup file server.
If you don’t support rioting to protect illegal immigrants, you’re a tyrant, according to the Libertarian Party.
The term is peaceably assemble and petition the Government for a redress of grievances. Rioting, blocking others from traveling, committing violent acts and arson, are not peaceable or a petition.
I just can’t be a libertarian. I like classical liberal or perhaps Lockean liberal better.
