💾 Archived View for rawtext.club › ~sloum › geminilist › 001652.gmi captured on 2020-09-24 at 01:44:23. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Matthew Graybosch hello at matthewgraybosch.com
Sun Jun 14 03:40:24 BST 2020
- - - - - - - - - - - - - - - - - - -
On Sat, 13 Jun 2020 21:22:15 -0400Sean Conner <sean at conman.org> wrote:
As someone who has worked for various ISPs and webhosting companies
for most of my career, I think this slamming of IPSs is unwaranted.
You're probably right.
1. Open servers are *attacked* at an alarming rate. At home, I run an
sshd instance tha is open to the Internet [2]. I am currently
blocking 2,520 hosts that have attempted to log in via ssh. That
count is only over the past 30 days (technically, 30 days, 10 hours,
30 minutes, as that's the average month length over the year). Not
doing so means my machine will be constantly under login attempts.
I'm finding this out the hard way. Fortunately I thought to disableroot logins in /etc/ssh/sshd_config when I first set up my VPS, but I'malso reading up on fail2ban. Thinking of using this HOWTO since itemphasizes not tampering with distributed config files.
https://phrye.com/tools/fail2ban-on-freebsd/
And then there's the *wierd* (and quite stressful) situations
involving black-hat hackers [5].
You know what? I think I recognize your email because I've read aboutyour experience with the black-hat.
I'm reading this email and thinking, "Dear creeping gods, what have Igotten myself into?"
2. If people could run a business server on their home connection,
they would. ... Never mind the power is out, why did my
server loose connection?
I've been this clueless. Fortunate my phone wasn't working so Icouldn't inflict it on some poor tech support worker.
Or in self defense, the ISP cuts the connection because the home
server is running a port scanner, participating in a botnet, or
sending out spam emails because of an unpatched exploit in some
server being run at home.
You're right, this is legit.
3. Do people realize they'll need to basically firewall off their
Windows boxes?
I firewalled the hell out of my wife's Windows machine just to blockthe damn telemetry. It's insane.
4. It was email that poisoned home-run servers intially.
I remember this now. I know there was a reason I was reluctant to eventry setting up external email on tanelorn.city. I thought I was justbeing irrational.
That is true too, but I suspect even *if* you could easily run a
server at home, 99% would not even bother (or know what it is).
Fair point.
Never underestimate the lack of giving a damn the general
population have. I'm sure there are aspects of your life that you
lack a damn about that other people think you should give more than a
damn.
You're right. It's just that I see barriers and had forgotten that someof the barriers exist for a reason.
I think it's a conversation worth having, as it relates to how
Gemini expands with new content.
Thanks for taking the time to reply. There's a lot here that I eitherdidn't know or had forgotten.
-- Matthew Graybosch gemini://starbreaker.org#include <disclaimer.h> gemini://demifiend.orghttps://matthewgraybosch.com gemini://tanelorn.city"Out of order?! Even in the future nothing works."