[10:57] <Iuser> morning
 I use yumi... Man, im so far behind in the conversation
 But I use it as an all purpose boot disk, like not just for linux, but I have repair tools, security tools, etc on there as well
[11:20] <Iuser> If I had checksummed my distro, I would not have had so much trouble making a usb drive
[11:20] <Iuser> YUMI showed a percentage of completion and spotted two broken files
[11:23] <Iuser> rufus and UUI did not
 normally, if i get the image from the site itself, i don't bother with checksums, though the linuxmint issue from last year should probably rethink that
[11:26] <Iuser> It was a good lesson for me...leave nothing to chance
 Why not? Surprises are fun! ^_^
[11:33] <Iuser> Especially when they take days to correct...ach!
[11:38] <Iuser> Hopefully this channel can help me avoid some 'suprises'.
[11:43] <Iuser> Thanks for the chat, be back this afternoon/evening.
 Any ideas as to what comes after Zesty Zapus?
 There's a wiki page about all the current guesses
 Can't remember where it's at though
 https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
[13:47] <maxolasersquad> ProTip: If you have a publicly facing Linux machine, install fail2ban. If you use fail2ban, make sure you have the recidive jail enabled.
[13:47] <maxolasersquad> The recidive jail took me from multiple hacking attemps every minute, to sometimes going up to two hours without a hacking attempt.
 Max, you can change the ports as well.  For example SSH on port 2222 reduces hacking to almost nothing.
 @AdamOutler, From my experience, changing the SSH port offers a minimal increase in security.
 Multiple per minute to maybe 1 per hour.  It is substantial.
 Most of the attempts are not full port scans.  They are looking for n3wbs with a root:root login
 Setting up a port knocking system is a pain in the @$$ but it works the best
 No, that's just too much work.  ssh -p 2222 me@myserver
 I also have email set up so I know when a login occurred.
 Damn @AdamOutler - you really need to update your sshd
 What do you mean?
 Check your SSH Login Folder
 Har har
 ?
 Unfortunately you didn't get the secret key right.
 The email is keyed
 Give me credit for trying... at least it made you give it a 2nd look
 Yeah.
 I am sure you were thinking "Oh Shit" when you saw it, until you opened the email
 Yep
 I did get your IP though, thanks for that.
 It is the IP for my personal VPN, not really a secret
 Ah
[15:59] <maxolasersquad> AdamOutler, I run my web project on differing ports, but I prefer to keep my ssh on 22 for ease.
[16:00] <maxolasersquad> We where playing with ansible to deploy and destroy VMs on our hosting provider and had one hacked because we hadn't really worked out any of the security.
[16:00] <maxolasersquad> The bash logs showed them trying to get access to other machines, but it was isolated, nowhere to go, nothing to do, and as an unprivileged user.
 @maxolasersquad This is one occasion where I endorse security by obscurity.  It adds an extra layer which weeds out the "ssh commonUser:commonPass@host" spam.
[16:01] <maxolasersquad> Security through obscurity isn't bad when added on as a layer, and not relied upon.
[16:02] <maxolasersquad> In a battlefield I'd rather be a well hidden bag of meat, than in an orange colored tank with florescent, "I'm here", signs.
 Security Tip #1 : Using a short 2 letter password increases security exponentially as many brute force password cracking tools start at 3 letters
 haha.  Word. As a security professional, I encounter "security by obscurity" as a bad word continuously.  But it does have its place.
 ahhahah
[16:13] <maxolasersquad> https://danielmiessler.com/study/security-by-obscurity "Obscurity is a Valid Security Layer"
 One sec, looking for an article
 https://usnews.today/2017/02/24/computer-security-tips-to-help-you-keep-safe-online/
 Wrong gloves, keith
 BTW, refresh it f you dont see Tip 5
 Everyone knows hackers wear fingerless gloves
 The social bar on your site is mesing with my ability to read.
 and ability to type, apparently.\
 Btw did you guys see the cloud flair situation
 I did