• 0 Posts
  • 30 Comments
Joined 1 year ago
cake
Cake day: October 18th, 2023

help-circle



  • persiusone@alien.topBtoHome NetworkingGrounding Question
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    We are not talking about high voltage telephone equipment.

    The switches in telcos are totally different than low voltage Ethernet with sensitive transcivers.

    Grounding differential potential between structures, even just a few feet apart, is often enough to destroy Ethernet transceivers without lightning strikes or surges.

    Notice: I’ve been in IT and telco for over 30 years. I have worked on Nokia telco switching equipment and can 100% tell you that Ethernet transceivers will absolutely be destroyed with much less effort than telco.



  • Attaching to light poles you dont own or have permission to do is a crime in most places.

    If you do have authority to do this somehow, I would use a power tap on the street light photovoltaic sensor. They are a twist lock style connector. They sell pass through options to keep the original sensor. That’s for the power.

    As for the connectivity… If you have permission to do this, you likely have permission to install a omnidirectional WiFi ptmp station and wireless clients (directional) at each camera. Otherwise, just use LTE or fiber. Most municipalities run conduits between each lamp and there may be existing access for fiber. You could also microtrech fiber (since you presumably have permission).

    I’ve done this for municipalities. It’s pretty easy since everything is already in place- which is why I question your intentions here. Anyone who has permission to do this would probably not need to ask how to do it.




  • Is there a reason you cannot accomplish this with a selfhosted VPN?

    Exposing anything has risk. Risk of loss of data, your systems being used for other attacks, and loss of time/money to fix. It is entirety possible to do this as safe as practical of course- keeping your stuff up to date and having some kind of visibility into intrusion detection for immediate response are ways to minimize issues.


  • Interesting. I’ve been in IT for over 30 years and have always used UPS systems. Never had data loss as a result of power issues. Also, it cleans the power a bit and I get a lot of life from my hardware. Plus, I dont have to worry at all, it works as intended. My entire lab has redundant UPS systems backed by a large generator … Zero downtime is nice.





  • Yes, this seems to happen more frequent with brands like realtek. All hardware has failure rates, generally speaking more expensive and enterprise gear fails with less frequency, but can still fail. Personally, I don’t enjoy hardware failure, so I invest in stable clean power and great hardware. It may cost more in the overall power budget but is less headache because things just don’t fail as often.





  • I have another house, about 800 miles away… With another fairly identical setup. VPN at 1gb between. That’s for the replication. Also, have another site, with a VPN, and some rackspace there for periodic backups. My more critical stuff is put in an encrypted drive and left at another location. I like doing things myself and this works for me, but you may want to look into some bucket storage in the cloud, or just a USB drive you can carry offsite on occation.


  • Mine are running all of the time, including during power outages, and are only shut down for physical maintenance and reboot for software maintenance.

    This is a little variable through. Windows hosts tend to require more frequent software reboots in my experience. About once a year, I physically open each device and inspect, clean dust (fairly rare to find it for my setup though), and perform upgrades, replace old storage devices and such. Otherwise I leave them alone.

    I usually get about 5-7 years out of the servers and 10 out of networking hardware, but sometimes a total failure occurs unexpectedly still and I just deal with it as needed.


  • Before this post gets blasted with “just use a VPN” Yes I already have wireguard up and running but trying to get family members setup with a vpn that are technology illiterate is a nightmare

    I mean, the reasons to do this cannot be understated. A VPN literally accomplishes the security and exposure issues.

    It’s your network through. You can feel free to expose your ports and services to the entire internet and take the risk of zero day attacks, brute force, and credential leaks. Knowing that your family is illiterate, it sounds like they may not use best cyber security practices with your services…

    So, that leaves it on you. You can either support it on the front end with a proper VPN like Wireguard, or support it on the back end with IDS, honeypots, advanced threat management, constant monitoring, mitigation, patch management, backup and restores, isolation, etc.

    There are not shortcuts to proper security and exposure management. You can also pay someone, or a company to do this for you.