This whole thread (that I shamelessly hijacked) is very informative and allowed me to understand that cybersecurity is in practice a mixture of concrete nerdy log books and vague feeling of being under a threshold of worthiness.

I woke up this morning and there was a faint noise coming from the server: immediately thought “ok that’s it, it’s pawned and become a node in a vast grid of malicious bots”…it was a cron verification of drives

Low hanging fruits are, in my personal case, pictures of my cats and public domain cultural artefacts.

Industrializing hacking of random servers sounds like a shitty idea at the end of the day…

Ignoring ? Nah someone mentionned my ISP might be protecting me uphill.

Non standard port. But aren’t secret chinese hack farm scanning wider than just 22 ? I don’t know and deep down believe that it’s pawned and scrubbing logs.

React2Shell is exactly the shitshow situation yes. Suddenly we are all at risk. But in this case, I’m sorry to say that my cats’ pictures are worthless.

Your point on nginx/wireguard makes me think that it might be better to htaccess through a reverse proxy than relying on a built in login system. For exemple, I should deactivate jellyfin’s login and put it behind an htaccess at the proxy’s level. Is that completely dumb?

Anyway, I clearly need to research “threat models” and cyber/infosec more. Thank you very much!

This is great thanks for this video

Aren’t zero day very specific? Or maybe it’s become a very generic term.

Anyway, I am under the impression that either it’s suddenly very simple to hack into EVERYONE because someone zero dayed the wireguard protocol and there a major flow in it, it’s a shitshow, for all, for some, just me or nobody, whatever. Or it’s a very targeted attack on me personaly, and that’s a whole other story and the means to protect my pictures of my cats and my cool public domain movies collection are different (think social engineering). Also port 22 being bombarded by brute force attempts so don’t choose a password that’s 6 letters thanks.

I KNOW I am missing many things, but still, I don’t get it.

Quick question: If I look through the ssh log and I don’t see the hundred of attempts, what could be going on?..

Yeah sorry I missed the part where it has no authentification whatsoever, that’s just open bar.

Authentification + monitoring + fail2ban + ip blacklist

Okay thanks for mentionning overblown paranoia, that’s what I have.

What kind of exploitable server misconfigurations are we talking about here?? Brute forcing won’t work because fail2ban, right? I’m a noob and deep down I’m convinced that my homeserver is compromised and has beenpart of a bitcoin mining farm for years… Yet, not a single proof…

Dumb question: why does everyone is so terribly afraid of opening stuff to the internet ? What’s the scenario?

Wow, tough one. It’s your first kid?

I wish I had known how deeply it would change me. And the strength it would give me. I would have feared less, I would have trusted myself from the beginning, and I would have welcomed the change as soon as it started in me.

Hahahaaa! Great job! Well done. Store the energy for your personal life. Use it to take care of yourself!

Well that’s great! Happy belated birthday. My comment might have been a bit rude in its wording, sorry, but I insist. As a father of 2, only a couple of years older than yours, I think any sign of mutual understanding of the incredible power of parenthood surpasses a material gift.

Wait a minute… checks maths

Age is a personal piece of information, but you can’t be old enough to spend money for your dad’s birthday. Even if he had you at 18 and you’re almost an adult.

If you feel like your dad has everything he needs, you might be right, and he’s a lucky bastard to have you. Keep your money and write him a letter.

I was gifted one of these 5 years moomin journals by my SO and started it in January this year. I had never kept a daily log ever before. I used to write regularly but never on a fix schedule. It’s a lot of discipline and work!

What part of internet culture wouldn’t I be baffled by in 30 years?!

Even the most simple semi-niche forum is a goldmine in comparison to the hellhole apocalypse landscape culture the AI junkies are going for.

I’d say liminal spaces / backrooms lore : https://backrooms.fandom.com/wiki/Backrooms_Wiki

“Digital humanities” is when you’re so bad with computers you post twice the same shit.

“Digital humanities” is making computers help us understand our history and how we live together, as groups, as societies of people.

“Digital humanities” is making computers help us understand our history and how we live together, as groups, as societies of people.