Wow! Cyber attacks on Gemini is now a thing!! Just saw SQL injections attempts in TLGS's log this morning (I log system errors).
I totally welcome people attacking the service with good will, trying to find vulns and report. Hopefully this is that.
If not, good luck pwning it, enjoy the near-OpenBSD level of paranoia protections. Dedicated user, unveil(), hardened malloc, etc...
1 year ago 路 馃憤 marmarper, acidus, barnaba
hahaha! I spent about a decade Breaking into websites, and thought it might be fun to adjust some CGI scanners against Gemini. But actually it wasn鈥檛 me 馃槆 If it was I would totally tell you 路 1 year ago
@krixano Yeah, sounds like good idea. I'll see what I can do. Maybe to test each server that has security.txt avaliable. So we can automatically alart the capsule owner if say directory treversal is possible. 路 1 year ago
We definitely should have some security experts testing servers out automatically for security stuff - as long as they are doing it to help fix security problems, that is. 路 1 year ago
I was getting some directory traversal attacks on my server. I would bet @acidus has his search engine do this to test servers and send them an email about the vulnerability, since he wrote a post about it. Thankfully, my server shouldn't be vulnerable to those attacks. 路 1 year ago