view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
You are a foolish person.
https://www.bleepingcomputer.com/news/security/super-admin-elevation-bug-puts-900-000-mikrotik-devices-at-risk/
As far as warranty goes, Trendnet does Lifetime for their enterprise metal devices, which OP mentioned being interested in. Just looked at Microtik official warranty page, and it says to email support. Big difference.
https://www.rapid7.com/db/modules/exploit/linux/misc/cisco_ios_xe_rce/
We can go back and forth on RCEs literally all day. If your bar for using a product is “no RCEs”, get off the grid entirely my guy.
MikroTik is just as serious a network company as Cisco or Juniper, and vastly more serious from an enterprise networking point of view than trendnet.
Also where tf did OP mention anything about warranties?
Edit - https://medium.com/tenable-techblog/trendnet-ac2600-rce-via-wan-8926b29908a4
Edit - https://www.archcloudlabs.com/projects/trendnet-731br/
Edit - lol holy shit look how customer focused trendnet is! They just plugged their ears and pretended an unauthenticated RCE in their product didn’t exist haha. https://arstechnica.com/information-technology/2015/04/no-patch-for-remote-code-execution-bug-in-d-link-and-trendnet-routers/
Edit - oof yikes look there’s more. https://www.nccgroup.com/us/research-blog/technical-advisory-multiple-vulnerabilities-in-trendnet-tew-831dr-wifi-router-cve-2022-30325-cve-2022-30326-cve-2022-30327-cve-2022-30328-cve-2022-30329/
Yeah, I trust Mikrotik much more than Trendnet, though I'm happy to use Trendnet for internal switches.
API went wonky
Wow. You do you, budday.
You seem REALLY on the Microtik brand for some reason. I presented one that didn't have those issues, you retorted with some stuff, I responded with valid issues. What's your problem?
You presented one that doesn’t have security vulnerabilities? Here’s yet another CVE out for trendnet: https://nvd.nist.gov/vuln/detail/CVE-2018-19239
Every. Single. Brand. Has. CVEs. I’ve used Mikrotik, I’ve used Cisco, I’ve used Juniper, I’ve used Ubiquiti. I have a trendnet Poe switch in my attic powering some cameras and an AP right now. I have no “problem” with any brand of anything.
I do have a problem with you implying that a company doesn’t take security seriously when they do. I start to think you’re intentionally lying when you lift up trendnet as the model, because they have quite an especially atrocious history of it.
Do you have too much time to rant here but not read the articles you asked for? Lol 🤡
API went wonky
API went wonky