Repeating the Web's Mistakes (was gemini+submit:// (was Re: Uploading Gemini content))

[colecmac at protonmail.com]

> I'm finding this out the hard way. Fortunately I thought to disable
> root logins in /etc/ssh/sshd_config when I first set up my VPS, but I'm
> also reading up on fail2ban. Thinking of using this HOWTO since it
> emphasizes not tampering with distributed config files.

If you haven't already, it's a MUST to setup an SSH key and turn off password
login. This will basically remove all SSH based attacks.

https://www.cyberciti.biz/faq/how-to-set-up-ssh-keys-on-linux-unix/

makeworld

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, June 13, 2020 10:40 PM, Matthew Graybosch <hello at matthewgraybosch.com> wrote:

> On Sat, 13 Jun 2020 21:22:15 -0400
> Sean Conner sean at conman.org wrote:
>
> > As someone who has worked for various ISPs and webhosting companies
> > for most of my career, I think this slamming of IPSs is unwaranted.
>
> You're probably right.
>
> > 1.  Open servers are attacked at an alarming rate. At home, I run an
> >     sshd instance tha is open to the Internet [2]. I am currently
> >     blocking 2,520 hosts that have attempted to log in via ssh. That
> >     count is only over the past 30 days (technically, 30 days, 10 hours,
> >     30 minutes, as that's the average month length over the year). Not
> >     doing so means my machine will be constantly under login attempts.
> >
>
> I'm finding this out the hard way. Fortunately I thought to disable
> root logins in /etc/ssh/sshd_config when I first set up my VPS, but I'm
> also reading up on fail2ban. Thinking of using this HOWTO since it
> emphasizes not tampering with distributed config files.
>
> https://phrye.com/tools/fail2ban-on-freebsd/
>
> > And then there's the wierd (and quite stressful) situations
> > involving black-hat hackers [5].
>
> You know what? I think I recognize your email because I've read about
> your experience with the black-hat.
>
> I'm reading this email and thinking, "Dear creeping gods, what have I
> gotten myself into?"
>
> > 2.  If people could run a business server on their home connection,
> >     they would. ... Never mind the power is out, why did my
> >     server loose connection?
> >
>
> I've been this clueless. Fortunate my phone wasn't working so I
> couldn't inflict it on some poor tech support worker.
>
> > Or in self defense, the ISP cuts the connection because the home
> > server is running a port scanner, participating in a botnet, or
> > sending out spam emails because of an unpatched exploit in some
> > server being run at home.
>
> You're right, this is legit.
>
> > 3.  Do people realize they'll need to basically firewall off their
> >     Windows boxes?
> >
>
> I firewalled the hell out of my wife's Windows machine just to block
> the damn telemetry. It's insane.
>
> > 4.  It was email that poisoned home-run servers intially.
>
> I remember this now. I know there was a reason I was reluctant to even
> try setting up external email on tanelorn.city. I thought I was just
> being irrational.
>
> > That is true too, but I suspect even if you could easily run a
> > server at home, 99% would not even bother (or know what it is).
>
> Fair point.
>
> > Never underestimate the lack of giving a damn the general
> > population have. I'm sure there are aspects of your life that you
> > lack a damn about that other people think you should give more than a
> > damn.
>
> You're right. It's just that I see barriers and had forgotten that some
> of the barriers exist for a reason.
>
> > I think it's a conversation worth having, as it relates to how
> > Gemini expands with new content.
>
> Thanks for taking the time to reply. There's a lot here that I either
> didn't know or had forgotten.
>
> ------------------------------------------------------------------------------------------------------
>
> Matthew Graybosch gemini://starbreaker.org
> #include <disclaimer.h> gemini://demifiend.org
> https://matthewgraybosch.com gemini://tanelorn.city
> "Out of order?! Even in the future nothing works."