IAmNix
IAmNix
About
- Username
- IAmNix
- Joined
- Visits
- 134
- Last Active
- Roles
- Member
- Thanked
- 32
Comments
-
(Quote) Huh yeah you're right, the second maintainer Kristoffer Dalby gets paid by Tailscale to maintain Headscale: https://archive.fosdem.org/2023/schedule/event/goheadscale/. That really makes me trust it less :(. Embrace, Extend, Extinguish... A…
-
(Quote) Headscale is a free and open source implementation of the tailscale server (the software), which is closed source. Headscale is unaffiliated with Tailscale (the company) and is written from scratch afaik. The tailscale client is commercial …
-
Ansible. It's a sysadmin framework that abstracts away a lot of the OS specifics, but still lets you write simple code that can either just run pure bash, or do simple/advanced sysadmin things like user management, configure services etc. You run …
-
(Quote) If they have been pwned, there won't necessarily be any obvious traces left behind. It sounds like the attacker has an exploit that they've used to privilege escalate to get a database dump. That's a one-off attack - they don't need to leave…
-
(Quote) (Quote)
-
(Quote) Gotcha, thank you! Hmm, I guess it's just an unoptimized usecase then. I can imagine that all kinds of queues and timings in networking/disk IO/CPU scheduling break down when you recurse them - like how TCP-in-TCP tunnels sounds like they s…
-
I would take this quite seriously if I were a customer at one of the providers in the list, and ask the company how they are dealing with this. Remember - the risk isn't that your server will go down, the risk is that all the personal information y…
-
(Quote) I had in mind specifically KVM-in-KVM, for example running a hypervisor like Proxmox or XCP-ng in a virtual machine. Searching for "nested" here nets many people asking vendors for the feature - I figured there's some experience f…
-
(Quote) And the recent xz backdoor affecting SSH shows that my advice was flawed, and security is never as simple as a single step :)
-
(Quote) Yeah this should work fine - both wireguard and iptables are extremely efficient, so the major downsides are "just" the extra complexity and longer network path. It's a good learning exercise too :). This trick is what many circum…
-
What you need is indeed that iptables magic. I actually had this exact issue last week, and gave up at the same step. :D If you're able to reinstall the Linux VPS, perhaps using a router OS with a webgui will make the magic easier to configure. I'm…
-
To get back on topic, here's a summary of the tools so far (Quote) . (Quote) . (Quote)
-
(Quote) That's great! Please use this thread to share links to tools and software you use so other people can contribute in a similar way :).
-
Please do not derail the thread with funny jokes @vyas and @AuroraZero :) Thank you for the excellent tools @codelock and @Encoders! <3
-
(Quote) No. Password managers are generally safe and you should absolutely use them. Use a long diceware passphrase. Some alternatives I trust and use are Bitwarden and KeepassXC. (Password lists mostly come from hacked websites which didn't encryp…
-
For those who did get functional service - how is it? Speeds, availability, reliability, consistency?
-
Yes, vastly. I'd say three major effects are in play: Entropy, guessability and 2FA aka Wrench Proofness Entropy in short means how much randomness is contained. More randomness basically means a higher number of computations to guess (bruteforce)…
-
(Quote) If someone else wants to use Tailscale on a russian GeoIP server, here's a workaround using a random chinese apt mirror. It will still be secure since it uses the gpg key from tailscale.com. curl -fsSL https://pkgs.tailscale.com/stable/debi…
-
I'm not able to install tailscale on my VPS, because https://pkgs.tailscale.com return 451 Unavailable For Legal Reasons on seemingly all requests, making even apt update impossible. Is this type of thing common? Has anyone else gotten a 451?
-
(Quote) Network services. VPN, monitoring, reverse proxy, personal IPV4<->IPV6 proxy, https://atlas.ripe.net/ probe, https://headscale.net/ server, (Tor relay? allowed?) Edit: I guess Tor exit relays are allowed: https://relays.0x7c0.com/as/A…
-
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## Yet-Another-Bench-Script ## v2024-03-05 ## https://github.com/masonr/yet-another-bench-script ## ## ## ## ## ## ## ## ## ## ## #…
-
Back in stock again :) Beware, you have to pay minimum €5. I chose 6 month billing cycle for a total of €6.25 / 6 months recurring. You get a /48 ipv6 subnet, but it's not configured by default in the debian 12 image. Will post YABS when it finish…
-
I salute your initial trust in your fellow human <3. This forum is full of paranoid old men who have forgotten that to be human means to have trust in strangers. Their vague concerns stem from personal insecurity, and are not relevant. Sharing a…
-
The real sadness is you spent your time creating a tool that could save hours for thousands of ppl like you say, but now it never will because you limited its use to only the handful that will take the risk to type their credit card into some random…
-
(Quote) Yeah, I am sad I wasted my time researching webseeds now. @bikegremlin, if you want to profiteer off the problem, fine I'll just ignore it, but don't change your mind after people have spent time helping you (for free...) A solution with no…
-
(Quote) Torrents are literally designed for the download pattern you describe. Torrents are peer-to-peer, meaning that everyone that downloads, also helps with uploading to others - so if many are downloading at once, ppl can download from each othe…
-
(Quote) :( I looked on internetstiftelsen.se, and they did change rules to make non-swedish ppl also required to give some identifying number since November 1, 2021: https://support.registry.se/en-US/news/posts/nya-registreringsvillkor-foer-se-resp…
-
Did they keep pushing u about ID? I'd guess that ID is not a hard requirement, and they're just asking because it makes their work faster because personal information is public in Sweden - if they get your Personnummer, they can just type that in a…
-
Also see https://github.com/tonarino/innernet, it sets up private vpn mesh using your own server, it's open source and built with unix philosophy