pyinfra turns Python code into shell commands and runs them on your servers. Execute ad-hoc commands and write declarative operations. Target SSH servers, local machine and Docker containers. Fast and scales from one server to thousands.
Endlessh is an #SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server. https://github.com/skeeto/endlessh
Forgot to toot, I had tried to use #SSH#X11Forwarding to run graphic applications on my servers (#raspberrypi , and even a broken-screen #pinephone with Wayland !)
After some configuration all of them work. Yay I can now run x11 apps on headless machines.
Mettez à jour Putty, Filezilla, TortoiseGit et WinSCP si vous utilisez des clés SSH pour vous connecter à certains serveurs (dans l'idéal faites aussi la mise à jour si vous n'êtes pas concerné). https://www.programmez.com/node/36392#Security#Hack#SSH
Static sites, RSS feed to email digest, reverse ssh tunnels (for exposing local socket with public domain name), blog engine, pastebin and couple more.
We're excited to be joining an ever-growing number of signatories that committ to
✅ working toward making openness the default for research information;
✅ working with services and systems that support and enable open research information;
✅ supporting the sustainability of infrastructures for open research information;
✅ and supporting collective action to accelerate the transition to openness of research information.
In our context, we work hard to make that happen by providing an #opensource platform for small, scholar-led, and university publishers to manage and disseminate fully open #CC0#metadata for #OAbooks - which is of particular relevance to the #Humanities#SSH!
As the saying goes, "Real BOFH use tar and rsync!"
The blog article is an excellent treatment of using tar along with SSH to effect a reliable backup plan and schedule.
Another couple of great fav GoTo solutions of mine have always been Duplicity and Duply for those not comfortable rolling their own scripts w/SSH, tar, and/or rsync :batman:
Thank you very much for sharing this @nixCraft !!!
We've released #PuTTY version 0.81. This is a SECURITY UPDATE, fixing a #vulnerability in ECDSA signing for #SSH.
If you've used a 521-bit ECDSA key (ecdsa-sha2-nistp521) with any previous version of PuTTY, consider it compromised! Generate a new key pair, and remove the old public key from authorized_keys files.
Other key types are not affected, even other sizes of ECDSA. In particular, Ed25519 is fine.
If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A lot of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.
The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.
This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.
A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24
#CyberSecurity#OpenSource#Malware#SSH#XZUtils: "So what was the malware discovered by Freund designed to do? Basically to break the authentication process that makes SSH secure and thereby create a backdoor that would enable an intruder remotely to gain unauthorised access to the entire system. Since SSH is a vital tool for the safe operation of a networked world, anything that undermines it is really bad news – which is why the cybersecurity world has been on high alert in the past week. Those running the different flavours of Linux that are in use across the world have been alerted to the dangers posed by the two rogue updates.
In some ways, the story of how the malware got into the updates is even more instructive. XZ Utils is open-source software, ie software with source code that anyone can inspect, modify and enhance. Much open source is written and maintained by small teams of programmers, and in many case by a single individual. In XZ Utils, that individual for years has been Lasse Collin, who has been with the project since its inception. Until recently he was the person who had been assembling and distributing the updates of the software." https://www.theguardian.com/commentisfree/2024/apr/06/xz-utils-linux-malware-open-source-software-cyber-attack-andres-freund
„The Missing Semester of your CS education” is a series of lectures run by the MIT students. They discuss things like #shell, #vim, #git, #ssh. Worth watching, especially if you are new to the industry.
Wir sind dieses Wochenende nur durch unglaubliches Glück und extrem knapp an wohl einer der grössten Katastrophen rund um die globale IT-Sicherheit vorbeigeschrammt.
Phuh! Doch — was ist eigentlich passiert? Wie konnte das überhaupt geschehen? Und was können (und müssen) wir tun, um dies zukünftig zu vermeiden?
«Die Feiertage. Die ganzen IT-Abteilungen feiern mit der Familie… Die ganzen IT-Abteilungen? Nein! Eine von unbeugsamen Open-Source-Enthusiasten bevölkerte Mailingliste hört nicht auf, den Eindringlingen Widerstand zu leisten.»