Greylog is a syslog aggregator that might do what you’re looking for.

And here we’re afforded a rare treat, to observe the elusive trouser trout in its native habitat.

The exception here would be ESP32 devices. These have been some of the most reliable devices in my home and the most versatile, no Internet access required. Zigbee works well, but runs in the same frequency space as wifi and Bluetooth. Matter and thread are the new hotness and run in that space too. They all work well together, but something to consider. Z Wave is in a separate frequency space, but is a less open protocol. I have at least a few of all of these and they all play nice. Consider your priorities and choose what’s best for your application.

Well now I feel like I have to try them.

They certainly can, law enforcement isn’t a protected class. It might be bad for business, but nothing is stopping anyone from denying service to LEOs

It was just a plane or something

The cruelty is the point. Just keep repeating that and you’ll understand most of the decisions.

And now I remembered we’ve got over 3 more years of this garbage to fight through.

Not even close to that third comma, amateur.

Not already fascist enough

Video generation, copyright matching, CSAM detection, those are just the first few that pop into my head.

They’re likely imitating his posture. It serves the dual purpose of signaling their sycophantic loyalty and normalizes the absurd stance to the rest of the world.

Rheeme Econet devices do this. They have an app to control them, but there’s also a diagnostic port that exposes everything in the app and a lot more. There’s an esp32 project that connects to the port and brings all of that into Home Assistant, no app or wifi needed.

A layered defense is always best. Nothing is 100%, but knowing your threat model will help define how far you have to go and how many layers you want in the way. Defending against State level actors looks different than swatting the constant low effort bot traffic. You’re right, if a bad actor gets root on your machine, all security is forfeit. The goal is to minimize that possibility by keeping applications and packages updated and only allowing necessary connections to the machine. You mentioned wireguard or tail scale. Set that up first. Then set up the host firewall to only allow outbound traffic onto the VPN to the required ports and endpoints on the LAN. If the VPS isn’t hosting any public facing services, disable all traffic except the VPN connection from and to the public Internet both on the cloud provider’s firewall and the host firewall. If it is hosting publicly accessible services then use tools like fail2ban and crowdsec to identify and block problem IPs.

Firewall rules on outbound traffic from the VPS to the LAN would do it. Allow traffic to the hosts and ports that the VPS needs to reach and block everything else.

I feel like you’re wrong here. Moses and Joshua were pretty big into the whole genocide thing. Deuteronomy 20:16 for example is pretty clear about that, among many other examples.

Except for the weapons we sold them, the intel reports we provided, etc, etc.

Before he was sworn in even. https://www.pbs.org/newshour/politics/watch-trump-promises-to-settle-war-in-ukraine-if-elected

I’ve had way too many conversations with people that simply can’t comprehend how that works. “But then we’d have to do everything so much earlier, it would be dark all the time.” I try to explain that we’d still do everything at the same time of day, just call it something different, but they just can’t wrap their minds around that.

Same as it ever is. Their Russian handlers and their mouth breathing, Nazi loving supporters.