click here to log out

PhantomCatClock · July 31, 2020, 05:45:10 PM

Maybe that was true at one point, but I feel like they really do have the security game on lockdown. When there is a security concern, bug, or error, they don't fix the virus—they fix the system against the abstract of the attack in question. (for a good time, read Apple's minor release notes circa 2006 and compare it to Microsoft's from maybe five years prior)

but what's the point of all this security if you can't use your phone. that's like having big heavy sweaty low hanging balls but nobody's allowed to kick you in the balls. why do i even have this gigantic tight ballsack if nobody's going to kick it

wait no hang on it's

it's

it's like having a laptop where you can only use programs that came with it OH WAIT THAT'S WHAT MICROSOFT WANTS ANd no just kidding but there is a 2n1 that ships in safe mode which blows chunks (you can overwrite it with win10 and use the same key tho)

PhantomCatClock · August 01, 2020, 02:18:45 AM

I did it. I finally hit a YouTube end screen where every thumbnail was not only a recommended video I've already seen, but a recommended video I've seen recently.

Marlin Clock · August 01, 2020, 10:10:32 AM

Go outside. The nation is finally no longer balls hot.

FLOUNDERMAN_CLOCK · August 01, 2020, 01:46:49 PM

Quote from: Marlin Clock on August 01, 2020, 10:10:32 AM
Go outside. The nation is finally no longer balls hot.

the late floundermanclock seventeen seconds after following your advice

PhantomCatClock · August 01, 2020, 01:58:40 PM

Quote from: Marlin Clock on August 01, 2020, 10:10:32 AM
Go outside. The nation is finally no longer balls hot.

i wish

VCRClock · August 01, 2020, 07:21:40 PM

Quote from: VCRClock on July 09, 2020, 11:36:18 PM
uhhhh, how come when I say "Montanan" nobody cares but the second I say "bananan" everybody got something to say

yo i think i figured out why they call people from indiana hoosiers

Slurpee · August 02, 2020, 01:22:54 AM

when's the last time
you listened
to Fire on High
by ELO

?

do yourself a favor m8

[u2]22Ndi2HUheg[/u2]

listen to it regular then listen to it again and only pay attention to the percussion
then listen to it again and only listen to the fiddle. not the strings, the random ass fiddle that comes in all by itself just jamming rhe fuck out
or just, listen to it once but notice those things the first time

Slurpee · August 02, 2020, 01:24:35 AM

y'know, I don't think they sampled anything for this
it sounds like an arrangement of pre-existing sounds, like there's the weird hollow echoing footsteps and the hallelujah chorus and the... dies irae? and the repeating guitar riff (is that the bo diddley beat?) but I think they just did all that

is that wailing victorious guitar at 2:14 from anything or is that just a, fucking, soaringly epic part of an already amazing song?

it kinda blows my mind that this was done in 1975
do you know what a fucking computer looked like in 1975? fucking shitty I'll bet!!!!!

PhantomCatClock · August 02, 2020, 01:40:21 AM

have you ever had an idea so good that you could get anybody to do it for you just by telling them the idea

PhantomCatClock · August 02, 2020, 01:40:46 AM

FUCK posting that stopped the song. it is lost forever. i will never hear the second half.

Slurpee · August 02, 2020, 01:46:29 AM

Quote from: PhantomCatClock on August 02, 2020, 01:40:21 AM
have you ever had an idea so good that you could get anybody to do it for you just by telling them the idea

"let me eat your ass"

PhantomCatClock · August 02, 2020, 01:52:05 AM

no man this is serious

i'd tell you the one that reminded me of the concept, just now, but i don't like the idea of removing someone's free will, even if they use it throw away perfectly good gorillaz avatars

Slurpee · August 02, 2020, 01:53:09 AM

Quote from: PhantomCatClock on August 02, 2020, 01:52:05 AM
no man this is serious

i'd tell you the one that reminded me of the concept, just now, but i don't like the idea of removing someone's free will, even if they use it throw away perfectly good gorillaz avatars

you lost me

VCRClock · August 02, 2020, 01:54:37 AM

yeah I think all that stuff is just ~what ELO is~ and they had the resources to do that stuff

of course, even if you had completed recordings of each individual part in the song, 1975 is a couple of decades away from samplers that could even approach putting it together, so what I'm saying is there's a ridiculous amount of audio tape involved, and just oodles of nerd hours put in by people whose job it was to move knobs all day

PhantomCatClock · August 02, 2020, 02:04:39 AM

so, fail2ban.

port 22 is a warzone, on the open internet. A year ago, I looked at my log files and laughed at the stupid idiots trying to log in with random ass (plausibly generic, at least) usernames (ex.: eric@, paul@, rob@) (oh fuck that is a real user now) (AHEM) and only like 50% trying root or pi.

Server blew up. Actual (sort of) server in a datacenter. Power supply fucked up, fried every downstream component--including my storage. No data was recoverable. Got some sweet compensation, though—just have to recreate the server and all its scripts. Step one: automate trolling the log files to chuck baddies at the firewall.

Looking at the logs this time, not super far later, a few things came to my attention:
• these botters have gotten smarter
• these botters have gotten stupider

specifically, of the 453 (!) banned machines (this server has been up and without a firewall for ten hours) all but sixteen tried logging in as root. Four tried admin, one tried ubnt, one tried debian, and the rest tried pi. From this, I glean that someone's building a botnet (probably to sell but who knows) and that they're recently active in the game--this isn't some fire-and-forget virus going around. They did not like the poor results from earlier and are JUST trying root@, now.

Issue: it's 20 fucking 20 and the first thing I did was disable root login.

Second issue: if I'm correct, I now have a list of 453 IP addresses. 437 of these addresses obviously allow root login over SSH and have either no ban filters in place or a password easy enough to guess from some common passwords file floating around.

Come on botters. Keep your head in the game.

also the ssh thing was pretty much just fail2ban connected to iptables. the filters are easy enough to write that I was able to crank out the custom angles of attack (angles of defense?) that I needed in like ten minutes. recommended

Slurpee · August 02, 2020, 02:54:45 AM

I'm pretty good at telling who has COVID based on sight alone and there's at least 4 people that shouldn't be at this orgy

PhantomCatClock · August 02, 2020, 03:04:39 AM

Every time someone says "I can't wear a mask, I have a medical condition" it takes all my willpower to say "is that medical condition COVID-19!?"

VCRClock · August 02, 2020, 01:48:31 PM

Quote from: PhantomCatClock on August 02, 2020, 02:04:39 AM
specifically, of the 453 (!) banned machines (this server has been up and without a firewall for ten hours) all but sixteen tried logging in as root. Four tried admin, one tried ubnt, one tried debian, and the rest tried pi. From this, I glean that someone's building a botnet (probably to sell but who knows) and that they're recently active in the game--this isn't some fire-and-forget virus going around. They did not like the poor results from earlier and are JUST trying root@, now.

Issue: it's 20 fucking 20 and the first thing I did was disable root login.

I'ma go with "dumber." Guessing male nerd first names (sorry Rob) for users seems pretty sound, 'cause those guys seem like sudoers and it's not as rude as asking to be root. "Pi" is also an excellent guess, because it's the official username of "just put a machine on the internet but don't necessarily know shit about security." Who knows why they're fishing for low power machines, but okay. I'm a total fuckwit and even I wouldn't have enabled root login.

QuoteSecond issue: if I'm correct, I now have a list of 453 IP addresses. 437 of these addresses obviously allow root login over SSH and have either no ban filters in place or a password easy enough to guess from some common passwords file floating around.

Come on botters. Keep your head in the game.

I never thought of it this way. Now all you have to do is sell the botnet before they do.

Quotealso the ssh thing was pretty much just fail2ban connected to iptables. the filters are easy enough to write that I was able to crank out the custom angles of attack (angles of defense?) that I needed in like ten minutes. recommended

I've used fail2ban (not to the extent of complicated config) but not iptables. I don't currently have anything online, but I guess I'd better look into that next time I get ambitious

VCRClock · August 02, 2020, 01:49:14 PM

[U2]YxmdmJtUpjU[/U2]

PhantomCatClock · August 02, 2020, 07:51:52 PM

Quote from: VCRClock on August 02, 2020, 01:48:31 PM
I'm a total fuckwit and even I wouldn't have enabled root login.

it's enabled by default i believe. At least it was on Debian, but I'd assume that's how SSH

Quote from: VCRClock on August 02, 2020, 01:48:31 PM
I've used fail2ban (not to the extent of complicated config) but not iptables. I don't currently have anything online, but I guess I'd better look into that next time I get ambitious

Admittedly I use it for a pretty narrow use case, despite spending most of yesterday morning writing a custom firewall, but I don't think fail2ban does anything on its oooown. Debian and its ilk actually ship with iptables as the default firewall tho. I think that's the default action in fail2ban

News:

click here to log out