💾 Archived View for station.martinrue.com › haze › a0ea0348b5cf460ebf6e146a45ff5ddf captured on 2023-01-29 at 20:48:43. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
Wow! Cyber attacks on Gemini is now a thing!! Just saw SQL injections attempts in TLGS's log this morning (I log system errors).
I totally welcome people attacking the service with good will, trying to find vulns and report. Hopefully this is that.
If not, good luck pwning it, enjoy the near-OpenBSD level of paranoia protections. Dedicated user, unveil(), hardened malloc, etc...
6 months ago · 👍 marmarper, acidus, barnaba
hahaha! I spent about a decade Breaking into websites, and thought it might be fun to adjust some CGI scanners against Gemini. But actually it wasn’t me 😇 If it was I would totally tell you · 6 months ago
@krixano Yeah, sounds like good idea. I'll see what I can do. Maybe to test each server that has security.txt avaliable. So we can automatically alart the capsule owner if say directory treversal is possible. · 6 months ago
We definitely should have some security experts testing servers out automatically for security stuff - as long as they are doing it to help fix security problems, that is. · 6 months ago
I was getting some directory traversal attacks on my server. I would bet @acidus has his search engine do this to test servers and send them an email about the vulnerability, since he wrote a post about it. Thankfully, my server shouldn't be vulnerable to those attacks. · 6 months ago