i_am_not_a_robot

@i_am_not_a_robot@discuss.tchncs.de

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨How can I keep my forwarded port secure?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
A large percentage of those hosts with SSH enabled are cloud machines because it’s standard for cloud machines to be only accessible by SSH by default. I’ve never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they’re on a virtual private network managed by the hosting provider for other reasons.

SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.
⁨Comment⁩ on ⁨How can I keep my forwarded port secure?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Shodan reports that 35,780,216 hosts have SSH exposed to the internet.

Moving SSH to ports other than 22 is not security. The bots trying port 22 on random addresses with random passwords don’t have a chance of getting in unless you’re using password authentication with weak passwords or your SSH is very old.

SSH security updates are very infrequent and it takes practically no effort to keep SSH up to date. If you’re using a stable distribution, just enable automatic security updates.
⁨Comment⁩ on ⁨How can I keep my forwarded port secure?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Having SSH open to the internet is normal. Don’t use password authentication with weak passwords.
⁨Comment⁩ on ⁨Selfhost your own gitea instance - selfhosted, lightweight github alternative⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
It’s also ahead of gitea in some aspects: forgejo.org/faq/#is-there-a-roadmap-for-forgejo
⁨Comment⁩ on ⁨FOSS Alternative to Chromecast?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Or use Miracast, AKA WiDi, Smart View, SmartShare if you just want to mirror a screen.
⁨Comment⁩ on ⁨is it possible to host a small instance on your pc without renting anything?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
You don’t need a static IP to have a domain name, and you don’t always need to pay for a domain name either.
⁨Comment⁩ on ⁨Should I stick with Docker Swarm for self-hosting?⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Docker Swarm encryption doesn’t work for your use case. The documentation says that the secret is stored encrypted but can be decrypted by the swarm manager nodes and nodes running services that use the service, which both apply to your single node. If you’re not having to unlock Docker Compose on startup, that means that the encrypted value and the decryption key live next to each other on the same computer and anyone who has access to the encrypted secrets can also decrypt them.
⁨Comment⁩ on ⁨Traefik conditional certificate for same URL⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
That sounds like Cloudflare is giving you certificates intended only to be used for talking to Cloudflare.

You might be able to do it if Cloudflare sends a different SNI. It’s probably better if you get real certificates from Let’s Encrypt and just use those.
⁨Comment⁩ on ⁨Has anyone checked out this ipv6rs service yet?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
They don’t allocate you a prefix. The website says they give you 5 addresses.
⁨Comment⁩ on ⁨Has anyone checked out this ipv6rs service yet?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Some bad still ISPs don’t provide IPv6 connectivity. (Verizon)
⁨Comment⁩ on ⁨Appreciation / shock at workplace IT systems⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
New action items have been assigned to you:
- Remedial cybersecurity training (4hr): due by Mar 22
⁨Comment⁩ on ⁨Appreciation / shock at workplace IT systems⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
My favorite is when IT deploys software that replaces all the links in your e-mails with https://example.com/phishing/YiCdMdsY so you can’t tell whether the e-mail is phishing or not, frequently sends you very obvious fake phishing e-mails that interrupt your work by going straight to your priority inbox, and punishes anyone caught clicking on phishing e-mails. Then HR sends out e-mails that have all the indicators of low effort phishing and you’re supposed to click on those.
⁨Comment⁩ on ⁨I want to bring some attention to Slidge XMPP Bridges⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Isn’t puppeteering, afk self botting, a bannable offense one some of these networks?

…discord.com/…/115002192352-Automated-user-accoun… This article is only half true. Bot accounts do not have full access to all API routes, but you can still be banned for botting regular accounts.
⁨Comment⁩ on ⁨Leviton ToS Change⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
They’re competitors.
⁨Comment⁩ on ⁨What's the deal with Docker?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
If you’re already using systemd, do not switch to Docker. Use Podman instead. Docker runs all your services under the Docker service. Podman can both run the same containers as systemctl services.
⁨Comment⁩ on ⁨What are your homelab stats?⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
How do people get to so many Docker containers before moving to Kubernetes? I only have 76 containers across 68 pods and that’s far too much for me to manage in Docker.
⁨Comment⁩ on ⁨Self Hosting an RSS feed for news/media/etc?⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
YouTube has RSS feeds you can access without scraping, but it’s per channel so if you follow a lot of channels you’ll be following a lot of RSS feeds.

Lemmy also has RSS feeds for each community.

Are you looking for a reader instead? A reader aggregates the feeds and displays them. Usually it keeps track of which items you’ve already read.
⁨Comment⁩ on ⁨Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
Nobody cares about your home services unless they can use them to send spam or mine bitcoin. Owncloud is a funny name because it seems to imply it’s for personal use: your own cloud. I didn’t know until I found myself in one, but apparently a lot of schools use Owncloud.

phpinfo is just a bad idea. It’s a built in facility that dumps everything without knowing whether it’s sensitive or not, right into the current page, making it trivial to add this vulnerability to your own application or library that an unsuspecting developer will include into their application. There’s not even a single security warning in the documentation. Here’s practically the same problem from 21 years ago: nvd.nist.gov/vuln/detail/CVE-2002-1725
⁨Comment⁩ on ⁨Need help: accessing all my containers by name⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
It might work if you put them on the same Docker network? I use Kubernetes and it definitely has this feature.
⁨Comment⁩ on ⁨[HELP] Server blocking LAN responses over Wireguard VPN⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Is it the server telling the server that the client’s port is unreachable or is it the client telling the server that the port is unreachable? Do you see the packets traveling over the Wireguard interface? Do you see the response if you use Wireguard from the client?

The request traced out is incorrect. WG Client IP initiates a DNS request to Server IP, and then WG Client Addr receives a response from WG Server Addr. The DNS response should come from the same IP that the request was sent to. The client may be rejecting a response coming from an unexpected source. If you’re doing masquerading instead of plain routing, you need to make sure that you’re doing NAT in both directions.
⁨Comment⁩ on ⁨Is there some way to play DVD ripped into .iso file in VLC (desktop) directly from a network (HTTP)? (It works on VLC for Android (mostly), but not desktop)⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Try vlc http/dvdnav://192.168.44.1:8080/interstellar.iso.

If that doesn’t work, you probably also need to install CSS decryption support (ie libdvdcss2). Apparently the Android version of VLC comes with this built-in.
⁨Comment⁩ on ⁨[IDEA] automatic advertisement software⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Isn’t it already decentralized? There are some other implementations in the “see also” section. en.wikipedia.org/wiki/Pingback
⁨Comment⁩ on ⁨Can I/Should I upgrade RAM past my machine's recommended specs?⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
If the machine supports up to 32GB RAM, it probably only has the hardware for 32GB RAM. Maybe it only has 25 address lines for RAM.
⁨Comment⁩ on ⁨Let's talk about the curious and ingenious DriveSpace, an MS-DOS program promising to double the available disk space.⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Windows 95 was also a shell on top of MSDOS. Windows NT wasn’t running on top of DOS, but it was primarily for business use until Windows XP.
⁨Comment⁩ on ⁨Certbot is great. Let's Encrypt is great.⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Downloading certificates from your domain provider is often a security problem. Only you are supposed to know your private keys.
⁨Comment⁩ on ⁨Replacement for Docker Desktop on Windows?⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
First, it’s not possible to use “pure docker” on Windows. Docker is for running additional user mode environments under the same kernel. You can’t run Linux applications under the Windows kernel without WSL1, and WSL1’s Linux implementation does not support the features required for Docker. This is also possible in limited cases with Windows Server, but because of differences in the way Windows works you almost always end up running a second kernel.

WSL2 can be used to run Docker, and in fact that’s how Docker Desktop works since years ago. When you start Docker Desktop it starts a WSL2 distribution under which the containers run. Running Docker from the command line only will not positively change the performance of your containers.

Running other virtualization software, especially VirtualBox, to start a separate Linux VM and running your containers in there is going to be more complicated and give worse performance unless you disable all virtualization-based features of Windows, such as WSL2 and security isolation.

The solution to your memory problem is most likely one of the following:
1. Don’t disable the pagefile. Windows uses a weird memory model where all virtual memory must be backed by physical memory. Certain software will allocate virtual memory without using it, and Windows will require that the sum of the physical memory size and the page file size be adequate to use all of that virtual memory. Disabling the pagefile or limiting it to small sizes because you “have enough RAM” will cause out of memory errors while you still have plenty of RAM available.
2. Reduce the amount of memory that Docker is allowed to use to a level that your Windows software can tolerate. You may need to switch Docker Desktop to Hyper-V mode for this option to be available, which isn’t an option if you’re on Windows Home, and this may reduce compatibility.
3. After stopping your containers, run echo 1 > /proc/sys/vm/compact_memory at a WSL2 prompt or wsl -u root – bash -c ‘echo 1 > /proc/sys/vm/compact_memory’ from a Windows prompt. See Memory Reclaim in the Windows Subsystem for Linux 2 for details about what this does.
⁨Comment⁩ on ⁨Raspberry pi 4 inside abandoned scooters⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
Surely the drive motors use far more energy than the computer, and the computer doesn’t need to be fully powered on all the time.
⁨Comment⁩ on ⁨I have a 220 volt outlet, my PSU supports 115-240v, but the plug is only a standard 120v plug. How doninokug it in?⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
It’s not? I guess it’s more like 230-240 but it should be fine,