IAmNix
IAmNix
About
- Username
- IAmNix
- Joined
- Visits
- 205
- Last Active
- Roles
- Member
- Thanked
- 49
Comments
-
(Quote) Who are your opponents? Some hypothetical James Bond Hackerman, or some real state organization with budgets, bureaucracy and burnout to contend with? The benefit is that: 1) It is much, MUCH more difficult and expensive to extract data fro…
-
(Quote) 100%. Personal VPS's and small orgs are small fish that nobody cares about. And the regulations will not hit the hosting providers, they will hit the orgs themselves that are then required to comply (install backdoors) with their own labor…
-
(Quote) No idea, but I guess open marketplaces like Craigslist or Facebook marketplace maybe. Maybe look around mac forums if they have a buy/sell subforum.
-
Just after christmas is the best time to pick up a secondhand macbook :) Everyone's dumping their old model.
-
The problem with cloudflare isn't that it's less reliable, it's that it's a private for-profit business based in the US whose business model is to privatize the entire internet and centralize all traffic onto their networks DNS round-robin of decen…
-
(Quote) The ssh agent forwarding option is -A. So the commands would look like this: user@laptop:~$ ssh -A server-1user@server-1:~$ scp my-files/ server-2: Only do this if you trust server-1. It essentially shares access to all ssh keys on your l…
-
(Quote) This smells like mismatched ansible version to me. Ubuntu repos especially are very behind - maybe try finding a PPA to install ansible from. Or maybe install it from pip. (Quote) Not unless you want to share the git repo with other people …
-
Outside ansible, another option is to use a terminal multiplexer like Terminator to type commands in many windows at once If you do go with ansible, I'd propose the way we do it at work: * Store ansible playbook in git repository * git commit + pu…
-
firefox + ublock origin on laptop firefox + ublock origin on android phone
-
Thx for the review! I'm very curious how the durability of the x280 is. I tend to bang my computers around and kill them quite fast, and I'm scared that the thinkpads have been profit-maximized to be fragile.
-
(Quote) Huh yeah you're right, the second maintainer Kristoffer Dalby gets paid by Tailscale to maintain Headscale: https://archive.fosdem.org/2023/schedule/event/goheadscale/. That really makes me trust it less :(. Embrace, Extend, Extinguish... A…
-
(Quote) Headscale is a free and open source implementation of the tailscale server (the software), which is closed source. Headscale is unaffiliated with Tailscale (the company) and is written from scratch afaik. The tailscale client is commercial …
-
Ansible. It's a sysadmin framework that abstracts away a lot of the OS specifics, but still lets you write simple code that can either just run pure bash, or do simple/advanced sysadmin things like user management, configure services etc. You run …
-
(Quote) If they have been pwned, there won't necessarily be any obvious traces left behind. It sounds like the attacker has an exploit that they've used to privilege escalate to get a database dump. That's a one-off attack - they don't need to leave…
-
(Quote) (Quote)
-
(Quote) Gotcha, thank you! Hmm, I guess it's just an unoptimized usecase then. I can imagine that all kinds of queues and timings in networking/disk IO/CPU scheduling break down when you recurse them - like how TCP-in-TCP tunnels sounds like they s…
-
I would take this quite seriously if I were a customer at one of the providers in the list, and ask the company how they are dealing with this. Remember - the risk isn't that your server will go down, the risk is that all the personal information y…
-
(Quote) I had in mind specifically KVM-in-KVM, for example running a hypervisor like Proxmox or XCP-ng in a virtual machine. Searching for "nested" here nets many people asking vendors for the feature - I figured there's some experience f…
-
(Quote) And the recent xz backdoor affecting SSH shows that my advice was flawed, and security is never as simple as a single step :)
-
(Quote) Yeah this should work fine - both wireguard and iptables are extremely efficient, so the major downsides are "just" the extra complexity and longer network path. It's a good learning exercise too :). This trick is what many circum…
-
What you need is indeed that iptables magic. I actually had this exact issue last week, and gave up at the same step. :D If you're able to reinstall the Linux VPS, perhaps using a router OS with a webgui will make the magic easier to configure. I'm…
-
To get back on topic, here's a summary of the tools so far (Quote) . (Quote) . (Quote)
-
(Quote) That's great! Please use this thread to share links to tools and software you use so other people can contribute in a similar way :).