Iuser | morning | 10:57 |
---|---|---|
floridagram | <Ivoriesablaze> I use yumi... Man, im so far behind in the conversation | 11:11 |
floridagram | <Ivoriesablaze> But I use it as an all purpose boot disk, like not just for linux, but I have repair tools, security tools, etc on there as well | 11:11 |
Iuser | If I had checksummed my distro, I would not have had so much trouble making a usb drive | 11:20 |
Iuser | YUMI showed a percentage of completion and spotted two broken files | 11:20 |
Iuser | rufus and UUI did not | 11:23 |
floridagram | <Ivoriesablaze> normally, if i get the image from the site itself, i don't bother with checksums, though the linuxmint issue from last year should probably rethink that | 11:24 |
Iuser | It was a good lesson for me...leave nothing to chance | 11:26 |
floridagram | <Ivoriesablaze> Why not? Surprises are fun! ^_^ | 11:32 |
Iuser | Especially when they take days to correct...ach! | 11:33 |
Iuser | Hopefully this channel can help me avoid some 'suprises'. | 11:38 |
Iuser | Thanks for the chat, be back this afternoon/evening. | 11:43 |
floridagram | <AdamOutler> Any ideas as to what comes after Zesty Zapus? | 12:46 |
floridagram | <ahoneybun> There's a wiki page about all the current guesses | 13:01 |
floridagram | <ahoneybun> Can't remember where it's at though | 13:01 |
floridagram | <SivaMachina> https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ | 13:03 |
maxolasersquad | ProTip: If you have a publicly facing Linux machine, install fail2ban. If you use fail2ban, make sure you have the recidive jail enabled. | 13:47 |
maxolasersquad | The recidive jail took me from multiple hacking attemps every minute, to sometimes going up to two hours without a hacking attempt. | 13:47 |
floridagram | <AdamOutler> Max, you can change the ports as well. For example SSH on port 2222 reduces hacking to almost nothing. | 14:44 |
floridagram | <KMyers> @AdamOutler, From my experience, changing the SSH port offers a minimal increase in security. | 14:45 |
floridagram | <AdamOutler> Multiple per minute to maybe 1 per hour. It is substantial. | 14:46 |
floridagram | <AdamOutler> Most of the attempts are not full port scans. They are looking for n3wbs with a root:root login | 14:46 |
floridagram | <KMyers> Setting up a port knocking system is a pain in the @$$ but it works the best | 14:46 |
floridagram | <AdamOutler> No, that's just too much work. ssh -p 2222 me@myserver | 14:47 |
floridagram | <AdamOutler> I also have email set up so I know when a login occurred. | 14:48 |
floridagram | <KMyers> Damn @AdamOutler - you really need to update your sshd | 15:03 |
floridagram | <AdamOutler> What do you mean? | 15:41 |
floridagram | <KMyers> Check your SSH Login Folder | 15:41 |
floridagram | <AdamOutler> Har har | 15:42 |
floridagram | <KMyers> ? | 15:42 |
floridagram | <AdamOutler> Unfortunately you didn't get the secret key right. | 15:43 |
floridagram | <AdamOutler> The email is keyed | 15:44 |
floridagram | <KMyers> Give me credit for trying... at least it made you give it a 2nd look | 15:44 |
floridagram | <AdamOutler> Yeah. | 15:44 |
floridagram | <KMyers> I am sure you were thinking "Oh Shit" when you saw it, until you opened the email | 15:44 |
floridagram | <AdamOutler> Yep | 15:44 |
floridagram | <AdamOutler> I did get your IP though, thanks for that. | 15:46 |
floridagram | <KMyers> It is the IP for my personal VPN, not really a secret | 15:47 |
floridagram | <AdamOutler> Ah | 15:47 |
maxolasersquad | AdamOutler, I run my web project on differing ports, but I prefer to keep my ssh on 22 for ease. | 15:59 |
maxolasersquad | We where playing with ansible to deploy and destroy VMs on our hosting provider and had one hacked because we hadn't really worked out any of the security. | 16:00 |
maxolasersquad | The bash logs showed them trying to get access to other machines, but it was isolated, nowhere to go, nothing to do, and as an unprivileged user. | 16:00 |
floridagram | <AdamOutler> @maxolasersquad This is one occasion where I endorse security by obscurity. It adds an extra layer which weeds out the "ssh commonUser:commonPass@host" spam. | 16:00 |
maxolasersquad | Security through obscurity isn't bad when added on as a layer, and not relied upon. | 16:01 |
maxolasersquad | In a battlefield I'd rather be a well hidden bag of meat, than in an orange colored tank with florescent, "I'm here", signs. | 16:02 |
floridagram | <KMyers> Security Tip #1 : Using a short 2 letter password increases security exponentially as many brute force password cracking tools start at 3 letters | 16:03 |
floridagram | <AdamOutler> haha. Word. As a security professional, I encounter "security by obscurity" as a bad word continuously. But it does have its place. | 16:03 |
floridagram | <AdamOutler> ahhahah | 16:03 |
maxolasersquad | https://danielmiessler.com/study/security-by-obscurity "Obscurity is a Valid Security Layer" | 16:13 |
floridagram | <KMyers> One sec, looking for an article | 16:13 |
floridagram | <KMyers> https://usnews.today/2017/02/24/computer-security-tips-to-help-you-keep-safe-online/ | 16:27 |
floridagram | <AdamOutler> Wrong gloves, keith | 16:41 |
floridagram | <KMyers> BTW, refresh it f you dont see Tip 5 | 16:42 |
floridagram | <AdamOutler> Everyone knows hackers wear fingerless gloves | 16:42 |
floridagram | <AdamOutler> The social bar on your site is mesing with my ability to read. | 16:43 |
floridagram | <AdamOutler> and ability to type, apparently.\ | 16:43 |
floridagram | <govatent> Btw did you guys see the cloud flair situation | 17:35 |
floridagram | <KMyers> I did | 17:35 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!