Win 11 , hardening your instalation.

Status
Not open for further replies.

granddad

Well-Known Member
Most Helpful Member
I guess most members are savvy re various win system attacks , perhaps not ..
 
Usually, with a new Microsoft release, the best system protection is simply not to install it, until other suckers victims have found and reported all the really serious bugs, and they have been fixed.

Typically six months to a year, and it may be good enough to try, though they kept breaking things with Win 10, sometimes catastrophically, rather longer than that.
 
Anyone know if Win 11 will be a free 'upgrade' from Win 10, or will it be subscription-based?
 
I'm just soo happy I've jumped out of the MS boiling soup cup, not struggling with upcoming upgrades that doesn't work with semi old parts.

This simply just cannot be untold:
 
Anyone know if Win 11 will be a free 'upgrade' from Win 10, or will it be subscription-based?

It's been said it will be a free upgrade, IF your hardware supports it - but it has some silly (and fairly pointless) hardware requirements.
 
I had to go from Ubuntu 12.04 to 20.04 and I don;t like a lot of things.
For starters, between OK and cancel is miles of real estate.
It's blurry. I kinda hate ICONS.
I think there is more attention to the terminal instead of less.
Some things you might need to get systems running are not installed like network tools. The CD/DVD burner isn;t installed/
They added yet another package manager.
You can't access the root of the file system by mouse clicks without adding a symbolic link
NFS is faster.
The new network control panel is very messy.
I don't see multiple networks of the same name any more. Sometimes it;s useful.

There is one glitch I can't seem to fix. I had a router, an ASUS RT-68ac or something like that. that I can't use as a media bridge anymore.
So, I can't plug my Ethernet cable into the router and have access to my network. I can access the router, but cannot go any furtherthan that. No internet access. I don't have the latest firmware installed on the router.

Chrome is wierd. Firefox also turned deadly from v68 t0 85. You can;t tell it not to upgrade. Chrome plays videos mnatively that fireox needs vlc to play. The PIP (Picture in Picture) sort of works. It doesn't PIP closed captions. I don;t have time to complain.

I reported 2 issues in Libreoffice, two are verifies. The third i have to explain better,

Libreoffice changed "change" and "change all with "correct" and "correct all".
"correct" is ambiguous. It could mean it's spelled right or could mean "change".
 
So, I can't plug my Ethernet cable into the router and have access to my network. I can access the router, but cannot go any furtherthan that. No internet access. I don't have the latest firmware installed on the router.

That sounds like the default route is not set, or no nameservers defined?
 
Certainly linux is not for everybody. Choosing the right distro is important, and depending on requirements linux does have to be customized , and that does need patience and quite lot of command line knowledge. I just have a simple PC desktop setup ( well 3 ) You can run a 'live' linux from a USB memory, before you install , also there is a very good forum . I got to dislike win after 7 , and not wanting to continually update sw and virus checkers etc. Linux was way faster simpler plus MPLABX is well behaved !
 
That sounds like the default route is not set, or no nameservers defined?

All I did was change from Linux 12 to linux 20. Remember this is a media bridge, I cable to the bridge. The bridge is supposed to connect to my wireless. I can access the config page of the bridge, but it gets no further. I can't get to my router even or anything else on the network. Just the bridge.

I think from the bridge, I can get outside. It has a linux core/

The router is 10.10.0.1. the bridge is 10.0.1.55. SM is 255.255.255.0

Not too good on routes. I can probably use the route command on either linux machine, but on the router it would not be persistant.
Therefore the computer can't see the DHCP server either which is 10.10.0.1.

I can connect to the bridge when the laptop is connected wirelessly to my network.



Note: the connect to DNS server automatically is greyed out.

Here is the routing table, but I;m not connected wired to the bridge:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.1.0 * 255.255.255.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 10.0.1.1 0.0.0.0 UG 0 0 0 br0
admin@RT-AC68U:/tmp/home/root# ping 10.0.1.1
PING 10.0.1.1 (10.0.1.1): 56 data bytes
64 bytes from 10.0.1.1: seq=0 ttl=64 time=1.724 ms
64 bytes from 10.0.1.1: seq=1 ttl=64 time=1.597 ms
^C
--- 10.0.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1.597/1.660/1.724 ms

admin@RT-AC68U:/tmp/home/root# ifconfig
br0 Link encap:Ethernet HWaddr <redacted>:8D:90
inet addr:10.0.1.55 Bcast:10.0.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:441410 errors:0 dropped:0 overruns:0 frame:0
TX packets:987205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:42886727 (40.8 MiB) TX bytes:341130186 (325.3 MiB)

eth0 Link encap:Ethernet HWaddr <redacted>8D:90
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:452173 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:41295371 (39.3 MiB)
Interrupt:179 Base address:0x4000

eth1 Link encap:Ethernet HWaddr <redacted>8D:90
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:711873 errors:0 dropped:0 overruns:0 frame:1666220
TX packets:988936 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:51928766 (49.5 MiB) TX bytes:349352130 (333.1 MiB)
Interrupt:163

eth2 Link encap:Ethernet HWaddr <redacted>8D:94
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:92279
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:169

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:180133 errors:0 dropped:0 overruns:0 frame:0
TX packets:180133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:38042902 (36.2 MiB) TX bytes:38042902 (36.2 MiB)

vlan1 Link encap:Ethernet HWaddr <redacted>:8D:90
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:452173 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:41295371 (39.3 MiB)


admin@RT-AC68U:/tmp/home/root# ping www.google.com
PING www.google.com (172.217.10.36): 56 data bytes
64 bytes from 172.217.10.36: seq=0 ttl=118 time=29.893 ms
64 bytes from 172.217.10.36: seq=1 ttl=118 time=29.169 ms
^C
--- www.google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 29.169/29.531/29.893 ms

admin@RT-AC68U:/tmp/home/root#

There's some Linux command that I use don the laptop and I got "limited connectivity"

So, this does not have the laptop connected wired to the bridge, It's just the bridge in free space and connected to the wireless network.

Route on the laptop (laptop connected wirelessly to the network) and working

ubuntu@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 600 0 0 wlp7s0
10.0.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp7s0
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp7s0

anything else I could do? Do it in the bad configuration?
 
default _gateway 0.0.0.0 UG 600 0 0 wlp7s0

There is do default gateway defined, so it cannot send data outside the LAN segment it's on.

Try this:
sudo ip route add default via 10.0.1.1

If that works, add or charge the gateway line for vlan1 in /etc/network/interfaces
eg.
gateway 10.0.1.1

It may be calling the interface wlp7s0 rather than vlan1, from the routing table? I'm familiar with Redhat / Centos & don't do much with ubuntu.
Or whichever interface you will normally use?
 
rjenkinsgb Well, the first part worked. Googling revealed all sorts of suggestions that don;t work for permanence.
The interfaces file doesn't exist.

They used to Ubuntu 12.04 have easy to remember interfaces like eth0:. Now enp2s0 (20.04) for wired.

Thanks. Probably the first time I got some real help.
 
I have a Jetson Nano I'm just about to update to Ubuntu 20

Once I get that done I'll be able to see what it does with networking..
 
It was just wired, because I was using the system on 12,04 LTE and an ASUS RT-ac68u router in media bridge mode (wired) and after updating, no more wired internet. With 20, I feel like my hands are moving all over the map. OK is on one side of the screen and cancel is on the other. They have a new package manager, snap, that can queue updates. I still like synaptic. Everything is "blurry". I really like dark text, not this grey stuff. Networking is really wierd. Even Adobe reader is gone. It does forms. The replacemenrrt "software center" is a disaster too. Everything is hidden or not there.

The last thing, I need to try is VPN.
 
The topic of data protection worries me too. I recently read that Windows 11 will increase security for users. It will replace passwords and use a PIN or biometric data such as facial features, fingerprints, or iris, remaining locally on the device. Windows Hello can also use more secure hardware features. I like the use of encryption keys and user credentials better. So I still decided to purchase a Windows 11 license and bought it here https://mysoftwarekeys.com. It's cool when even if intruders get into the system, they won't get access to the data.
 
Last edited:
Status
Not open for further replies.
Cookies are required to use this site. You must accept them to continue using the site. Learn more…