what about activating your ssh server only when you need it?
You could even activate it via mobile phone (e.g. SMS to your box),
and stop your ssh the same way.
Exotic ssh port is a very good way to avoid already a good deal of
brute attempts. The ssh activation another way to make the box withou
On Sun, 3 Nov 2013 19:08:16 +0800
Chris Down wrote:
> If you do this, you should make sure that you run on a port <1024,
> though, otherwise someone could find some way to make your daemon crash
> and masquerade as it (which is still protected a little assuming that
> your SSH host key is not rea
On 2013-11-03 09:47, FRIGN wrote:
> How effective is it to actually bind sshd to another port (like 1337 for
> instance)?
> Is that a sane defense against those attacks or have the
> attackers advanced in the last few years to to a broader portscan?
In my experience, it cuts it down quite signific
On Sun, Nov 03, 2013 at 09:47:34AM +0100, FRIGN wrote:
> On Sun, 3 Nov 2013 12:26:52 +0200
> sin wrote:
>
> > Word, I get something like ~100 attacks per few minutes. I rate limit
> > it at the firewall level.
>
> How effective is it to actually bind sshd to another port (like 1337 for
> instan
On Sun, 3 Nov 2013 12:26:52 +0200
sin wrote:
> Word, I get something like ~100 attacks per few minutes. I rate limit
> it at the firewall level.
How effective is it to actually bind sshd to another port (like 1337 for
instance)?
Is that a sane defense against those attacks or have the
attackers
On Sun, Nov 03, 2013 at 07:46:25AM +0100, Roberto E. Vargas Caballero wrote:
> > Once there was one that was trying to brute force my ssh, but, it was
> > sent very fast to blacklist.
> > I looked up a bit, and it was a known (found on web list of banned
> > ip's) hackers based on Russia.
>
> Only
> Once there was one that was trying to brute force my ssh, but, it was
> sent very fast to blacklist.
> I looked up a bit, and it was a known (found on web list of banned
> ip's) hackers based on Russia.
Only once?, You must be a lucky man, because the usual is several
attacks by each day ...
R
On 2013-11-02 22:54, Dmitrij D. Czarkoff wrote:
> Chris Down said:
> > On 2013-11-02 11:13, Dmitrij D. Czarkoff wrote:
>
> Irony?
Huh?
pgpfsdKrYPUaF.pgp
Description: PGP signature
Thorsten Glaser said:
> (The frontend needs not be graphical, of course.)
Why?
--
Dmitrij D. Czarkoff
Thorsten Glaser said:
> it just involves a little bit of effort. But not much more, since one
> needs to trim the quote in other MUAs as well.
Such amount of effort stopped me from using mobile Gmail app - I now get
to PC in order to answer mail.
--
Dmitrij D. Czarkoff
Chris Down said:
> On 2013-11-02 11:13, Dmitrij D. Czarkoff wrote:
Irony?
> Surely the answer to that is to not use Gmail's webmail client, then?
It isn't always an option. You might be tied to using Gmail UI for some
reason, which makes using other clients impractical.
--
Dmitrij D. Czarkof
ludovic samek dixit:
>encrypted actually? Do you know some dev lists where they use
>encryption?
I’m carrying the Secure List Server patch for mailman on the
installations we use at work. (Reminds me to get the time to
update and polish this and upload to Debian proper…)
http://non-gnu.uvt.nl/ma
On 2013-11-02 15:18, Thorsten Glaser wrote:
> Either that, or hand-trim the fullquote before adding one’s own text.
> People even do that in Outlook Expreß when they need to but know how
> to properly quote… it just involves a little bit of effort. But not
> much more, since one needs to trim the q
Chris Down dixit:
>On 2013-11-02 11:13, Dmitrij D. Czarkoff wrote:
>> Gmail's webmail doesn't allow to tune quoting & attribution in a
>> sensible manner, so repeating this every time doesn't make much sense.
Meh, until it’s beaten into peoples’ brains… ;-)
>Surely the answer to that is to not u
On 2013-11-02 12:03, patrick295767 patrick295767 wrote:
> well, a lot of large corporate companies offer a webmail portal?
> Accenture for instance.
>
> IT do not like it so much, but, it is still not too bad in terms of security.
You are slowly demonstrating that you do not actually read the e-m
well, a lot of large corporate companies offer a webmail portal?
Accenture for instance.
IT do not like it so much, but, it is still not too bad in terms of security.
Microsoft: http://c15048056.r56.cf2.rackcdn.com/2.png
No security is perfect :)
2013/11/2 Chris Down :
> On 2013-11-02 11:33,
On 2013-11-02 11:33, koneu wrote:
> I don't get people who use it either.
> However I've been told it's quite useful on public computers.
I'm amazed that people consider it wise to access their e-mail on public
computers, to be honest. You wouldn't access online banking on a public
computer (I hop
Chris Down wrote:
>On 2013-11-02 11:13, Dmitrij D. Czarkoff wrote:
>> Gmail's webmail doesn't allow to tune quoting & attribution in a
>> sensible manner, so repeating this every time doesn't make much
>sense.
>> May be you just move the links to your signature?
>
>Surely the answer to that is to
On 2013-11-02 11:27, patrick295767 wrote:
> But you can always encrypt the email.
> Btw, why aren't we posting (emailing to the list) in plain text and
> encrypted actually? Do you know some dev lists where they use
> encryption?
> - I would be interesting if there was. - Yes, this would be a first
On Sat, Nov 2, 2013 at 4:10 AM, Thorsten Glaser wrote:
> patrick295767 patrick295767 dixit:
>
>>Security is not perfect. A bouncer is fine, or helps.
>
> You just want to flame, I’d guess.
No, no. I am kinda checking regularly my machines, and I avoid as much
as possible to leave open services.
M
On 2013-11-02 11:13, Dmitrij D. Czarkoff wrote:
> Gmail's webmail doesn't allow to tune quoting & attribution in a
> sensible manner, so repeating this every time doesn't make much sense.
> May be you just move the links to your signature?
Surely the answer to that is to not use Gmail's webmail cl
Thorsten Glaser said:
> And neither the one nor the other Googlemail user know how to
> properly write eMails. I sense a theme there.
Gmail's webmail doesn't allow to tune quoting & attribution in a
sensible manner, so repeating this every time doesn't make much sense.
May be you just move the lin
patrick295767 patrick295767 dixit:
>Security is not perfect. A bouncer is fine, or helps.
You just want to flame, I’d guess.
>The idea of protecting your data makes senses. Security is an
>important topic.
Says the Googlemail user. Oh, the irony.
>2013/11/2 Ryan O�Hara :
[…]
>> On 11/1/13, pat
Security is not perfect. A bouncer is fine, or helps.
The idea of protecting your data makes senses. Security is an important topic.
2013/11/2 Ryan O’Hara :
> Use a bouncer if you’re paranoid. Otherwise, keep in mind that people
> have better things to do.
>
> On 11/1/13, patrick295767 patrick295
Use a bouncer if you’re paranoid. Otherwise, keep in mind that people
have better things to do.
On 11/1/13, patrick295767 patrick295767 wrote:
> I may reply your question by another question, on the subject of plain
> IP list, as follows:
> - Do you like to be scanned, or bruted force, ...?
> - y
I may reply your question by another question, on the subject of plain
IP list, as follows:
- Do you like to be scanned, or bruted force, ...?
- you probably matter and prefer to avoid attacks or attempts, right.
Well, OFTC kinda sucks (although it works) for this first reason for instance.
2013/
On Fri, Nov 1, 2013 at 3:19 AM, A wrote:
> On Fri, Nov 1, 2013 at 2:22 AM, patrick295767 patrick295767
> wrote:
>>
>> I believe that OFTC is not along the suckless philosophy somehow.
>>
> And why is that?
>
I believe that OFTC is not along the suckless philosophy somehow.
2013/11/1 Chris Down :
> On 2013-11-01 09:14, patrick295767 patrick295767 wrote:
>> You trace the IP address on OFTC or provide some cloak?
>
> Go talk to the OFTC ircops if you want that. Usually, they won't give
> you one, but who
On 2013-11-01 09:14, patrick295767 patrick295767 wrote:
> You trace the IP address on OFTC or provide some cloak?
Go talk to the OFTC ircops if you want that. Usually, they won't give
you one, but who cares.
pgpg0uM1UBHk_.pgp
Description: PGP signature
You trace the IP address on OFTC or provide some cloak?
2013/11/1 Chris Down :
> On 2013-11-01 09:08, patrick295767 patrick295767 wrote:
>> Would you know if there could be a new channel of Suckless on irc
>> freenode?
>>
>> I would recommend freenode which is quite popular.
>
> We already hav
On 2013-11-01 09:08, patrick295767 patrick295767 wrote:
> Would you know if there could be a new channel of Suckless on irc
> freenode?
>
> I would recommend freenode which is quite popular.
We already have an IRC channel, #suckless on OFTC.
pgpksOqMQRME3.pgp
Description: PGP signature
irc://irc.oftc.net/suckless
Hi Guys,
Would you know if there could be a new channel of Suckless on irc
freenode?
I would recommend freenode which is quite popular.
Could you create one on freenode, follow and add it to your irc channel...?
See you soon !
Pat'
--
May Suckless Dev Be With You, Always
...mayb
33 matches
Mail list logo
