21·
12 days agoWhy is your VPN jump box better than an SSH jump box?
troed
HW/FW security researcher & Demoscene elder.
I started having arguments online back on Fidonet and Usenet. I’m too tired to care now.
- 0 Posts
- 14 Comments
Joined 2 years ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
There’s no difference to the work I need to do to secure an open SSHd vs an open WireGuard server. None.
Yes I harden, and penetrate, systems for a living. If your systems need remote access there is no standard (neither in fintech or military) that classifies SSHd as being “worse” than a VPN.
Yeah I don’t do security via obscurity :D I agree you need to keep your Internet facing services up to date.
(No need to educate me on Wireguard, I use it. My day job is slightly relevant to the discussion)
Why would a Swedish ISP care? I’ve run servers from home since I first connected up in … 1996. I’ve had a lot of different ISPs during that time, although nowadays I always choose Bahnhof because of them fighting the good fights.
That attack vector is exactly the same towards a VPN.
It’s perfectly safe to run SSH on port 22 towards the open Internet with public key authentication only.
Which distro allows root to login via SSH?
0·14 days agoDepends on language and platform ;) Ghidra, strace, printouts gets you quite far. The only language I regularly step would be assembler.
Sublime Text.
The only thing I need from my editor is syntax highlighting and not be slow.
(Assembler, C, Python, Java and Bash are the languages I mostly work with)
0·15 days agoBad for Linux. I see Asahi Linux on Apple hardware as being the “best Linux” for consumer use (and home servers) moving forwards.
1·5 months agoThat sounds problematic. Where do they detail this?
Wikipedia:
Google Safe Browsing “conducts client-side checks. If a website looks suspicious, it sends a subset of likely phishing and social engineering terms found on the page to Google to obtain additional information available from Google’s servers on whether the website should be considered malicious”.
But why are random people visiting your instance?
If you were just selfhosting services for you and your family, would really browsers be flagging your site?
No idea what country you’re in but Ac3 Comfort is over the counter “everywhere” and works great.