Man pages maintenance suspended by Findmysec in c/[email protected]
[-] [email protected] 3 points 1 day ago

Alright we should use that then

Man pages maintenance suspended by Findmysec in c/[email protected]
[-] [email protected] 12 points 1 day ago

I thought AGPL was the more restrictive version of GPL? Which license should we use so that corporates need to pay?

[Unpopular opinion] Linux is not a good choice for regular users by Findmysec in c/[email protected]
[-] [email protected] 4 points 1 day ago

You must be LTT's chaperone

Man pages maintenance suspended by Findmysec in c/[email protected]
[-] [email protected] 36 points 1 day ago

Everything needs to be slapped with the AGPL. Fuck corporate America

Gentoo vs any other distro by Findmysec in c/[email protected]
[-] [email protected] 20 points 2 days ago

Gentoo is the epitome of RTFM. It is beyond the Arch install in "complexity".

What companies do you try to support? by Findmysec in c/[email protected]
[-] [email protected] 9 points 2 days ago

Support Mullvad.

You should have bought the framework after they put more effort into Coreboot.

Pine64 and Fairphone are good companies too

Does Wikipedia really need my donations? by Findmysec in c/[email protected]
[-] [email protected] 6 points 3 days ago

Thanks man. I would much rather give my time than my money for OSS projects, but I have a lot to learn and do not match up the quality of contributions needed in said projects. I'll do what I can.

Does Wikipedia really need my donations? by Findmysec in c/[email protected]
[-] [email protected] 13 points 3 days ago

It definitely makes a difference, and putting money into Wikipedia is a great use of funds. The reason I asked the question is because I'm not well off, but I still like to donate to projects from time to time. This means I have a limited (and strict budget), and was wondering if they need my tenner badly enough to send marketing emails over it. Because I'd like to donate to people who actually really need the money, and Wikipedia will do just fine for some time without my money going to them.

The Insecurity of Debian by Findmysec in c/[email protected]
[-] [email protected] 7 points 3 days ago

You do know that you can run SELinux on Debian right?

And MAC isn't the end-all for security arguments

[Answered] Any open source host solution for private users? by Findmysec in c/[email protected]
[-] [email protected] 14 points 3 days ago

Tell her to pay for Proton. Easy way out

Does Wikipedia really need my donations? by Findmysec in c/[email protected]
[-] [email protected] 13 points 3 days ago

I think they need my help

136
Does Wikipedia really need my donations? (infosec.pub)
submitted 3 days ago by [email protected] to c/[email protected]
58 comments fedilink

Every now and then I'll get an email from someone higher up in Wikipedia asking for a donation. I don't really mind a tenner but I don't know if it pads the pockets of corporate management or actual contributors. Also, are they really short of money or is this tugging at emotional strings a play at something else? I wish Wikipedia survives but there's a lot of projects I need to donate to and I have a budget.

Our family mail server quit working today. Maybe it's a bit long in the tooth... by Findmysec in c/[email protected]
[-] [email protected] 32 points 4 days ago

Family email server? Your family have an email server to themselves? You managed to deal with block lists over 2 decades and more?

My utmost respect to your dedication

4
What's with the sheer number of shutdowns recently? (infosec.pub)
submitted 1 week ago by [email protected] to c/[email protected]
13 comments fedilink

I've never known so many shutdowns inside 2 weeks as the last two have been. Even websites pirating manga were shut down. What happened? What's with this massive legal wave of shutdowns, and why now?

89
I find no motivation in working for myself (infosec.pub)
submitted 1 month ago by [email protected] to c/[email protected]
67 comments fedilink

The title is really vague, so I'll try to clarify my intentions here:

I am an ardent supporter of FOSS. It will be greatly beneficial for my life and especially my privacy to self-host such software. Yet, I cannot find much motivation to do so.

However, when it comes to hosting software for public use, I can usually give my utmost concentration and dedication.

This is not how I want my life to be. I want to be motivated for myself as well as for the community. And if that's not possible, I need to trick my brain into bringing me into that kind of zone for myself.

What do I do? What would you do in this situation?

160
Why do so many people use NGINX? (infosec.pub)
submitted 1 month ago by [email protected] to c/[email protected]
102 comments fedilink

I see so many posts and people who run NGINX as their reverse proxy. Why though? There's HAProxy and Apache, with Caddy being a simpler option.

If you're starting from scratch, why did you pick/are you picking NGINX over the others?

0
[HELP NEEDED] Unable to figure out directory permissions (infosec.pub)
submitted 1 month ago by [email protected] to c/[email protected]
4 comments fedilink

cross-posted from: https://infosec.pub/post/15386345

Hi everyone,

This is my CONTAINERFILE for Bind9:

FROM debian

ENV LC_ALL C.UTF-8

# Update and upgrade system
RUN apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y

# Install BIND 9 and sudo (for debugging if needed)
RUN apt-get install -y bind9 bind9-dnsutils bind9-libs bind9-utils sudo

# Configure permissions for BIND directories
RUN mkdir -p /var/cache/bind /var/lib/bind /var/log/bind
RUN chown -R bind:bind /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod 664 /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod -R 664 /var/cache/bind /var/lib/bind /var/log/bind

# Create and configure log files
RUN touch /var/log/bind/default.log /var/log/bind/update_debug.log /var/log/bind/security_info.log /var/log/bind/bind.log
RUN chown -R bind:bind /var/log/bind
RUN chmod 644 /var/log/bind/*.log

# Define volumes
VOLUME ["/etc/bind", "/var/cache/bind", "/var/lib/bind", "/var/log/bind"]

# Set the entrypoint to the named executable
ENTRYPOINT ["/usr/sbin/named"]

# Set the default command arguments for the named executable
CMD ["-g"]

I keep getting this error when I run it with podman:

26-Jul-2024 03:18:21.328 loading configuration from '/etc/bind/named.conf'
26-Jul-2024 03:18:21.328 directory '/var/cache/bind' is not writable
26-Jul-2024 03:18:21.332 /etc/bind/named.conf.options:2: parsing failed: permission denied

As you can see from the CONTAINERFILE, the bind user should be able to read and write to /var/cache/bind but for some reason it doesn't.

I have been at this for a while and I'm at my wits end. Your help is appreciated!

2
[HELP NEEDED] Unable to figure out directory permissions (infosec.pub)
submitted 1 month ago by [email protected] to c/[email protected]
2 comments fedilink

cross-posted from: https://infosec.pub/post/15386345

Hi everyone,

This is my CONTAINERFILE for Bind9:

FROM debian

ENV LC_ALL C.UTF-8

# Update and upgrade system
RUN apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y

# Install BIND 9 and sudo (for debugging if needed)
RUN apt-get install -y bind9 bind9-dnsutils bind9-libs bind9-utils sudo

# Configure permissions for BIND directories
RUN mkdir -p /var/cache/bind /var/lib/bind /var/log/bind
RUN chown -R bind:bind /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod 664 /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod -R 664 /var/cache/bind /var/lib/bind /var/log/bind

# Create and configure log files
RUN touch /var/log/bind/default.log /var/log/bind/update_debug.log /var/log/bind/security_info.log /var/log/bind/bind.log
RUN chown -R bind:bind /var/log/bind
RUN chmod 644 /var/log/bind/*.log

# Define volumes
VOLUME ["/etc/bind", "/var/cache/bind", "/var/lib/bind", "/var/log/bind"]

# Set the entrypoint to the named executable
ENTRYPOINT ["/usr/sbin/named"]

# Set the default command arguments for the named executable
CMD ["-g"]

I keep getting this error when I run it with podman:

26-Jul-2024 03:18:21.328 loading configuration from '/etc/bind/named.conf'
26-Jul-2024 03:18:21.328 directory '/var/cache/bind' is not writable
26-Jul-2024 03:18:21.332 /etc/bind/named.conf.options:2: parsing failed: permission denied

As you can see from the CONTAINERFILE, the bind user should be able to read and write to /var/cache/bind but for some reason it doesn't.

I have been at this for a while and I'm at my wits end. Your help is appreciated!

12
[HELP NEEDED] Unable to figure out directory permissions (infosec.pub)
submitted 1 month ago by [email protected] to c/[email protected]
9 comments fedilink

Hi everyone,

This is my CONTAINERFILE for Bind9:

FROM debian

ENV LC_ALL C.UTF-8

# Update and upgrade system
RUN apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y

# Install BIND 9 and sudo (for debugging if needed)
RUN apt-get install -y bind9 bind9-dnsutils bind9-libs bind9-utils sudo

# Configure permissions for BIND directories
RUN mkdir -p /var/cache/bind /var/lib/bind /var/log/bind
RUN chown -R bind:bind /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod 664 /var/cache/bind /var/lib/bind /var/log/bind
RUN chmod -R 664 /var/cache/bind /var/lib/bind /var/log/bind

# Create and configure log files
RUN touch /var/log/bind/default.log /var/log/bind/update_debug.log /var/log/bind/security_info.log /var/log/bind/bind.log
RUN chown -R bind:bind /var/log/bind
RUN chmod 644 /var/log/bind/*.log

# Define volumes
VOLUME ["/etc/bind", "/var/cache/bind", "/var/lib/bind", "/var/log/bind"]

# Set the entrypoint to the named executable
ENTRYPOINT ["/usr/sbin/named"]

# Set the default command arguments for the named executable
CMD ["-g"]

I keep getting this error when I run it with podman:

26-Jul-2024 03:18:21.328 loading configuration from '/etc/bind/named.conf'
26-Jul-2024 03:18:21.328 directory '/var/cache/bind' is not writable
26-Jul-2024 03:18:21.332 /etc/bind/named.conf.options:2: parsing failed: permission denied

As you can see from the CONTAINERFILE, the bind user should be able to read and write to /var/cache/bind but for some reason it doesn't.

I have been at this for a while and I'm at my wits end. Your help is appreciated!

1
Somebody please explain PROXYv2 to me and the myriad of ways to do DoH? (infosec.pub)
submitted 2 months ago by [email protected] to c/[email protected]
0 comments fedilink

I've been looking to implement DoH

  1. The first idea was to simply follow this - I do not understand the configuration fully but it looked fine.
  2. Then, I decided to use a proxy/Load balancer in front of BIND to deal with HTTPS.

However, I came across PROXYv2 (which is not even mentioned in the docs, just in a blog post) and the likes of DNSdist.

My questions:

  1. I can't find a detailed explanation of what I need to do about PROXYv2 - does my Reverse-proxy absolutely need to have it to be able to communicate with my DNS server?
  2. Why can't I just have any reverse-proxy that can handle HTTPS and put it in front of my DNS resolver? Does my proxy need to have a specific protocol to be able to talk DNS queries?

I am still confused, would really appreciate some help :)

61
Is Backblaze a reliable provider? (infosec.pub)
submitted 2 months ago by [email protected] to c/[email protected]
54 comments fedilink

Hi everyone,

I've started pushing backups of media important to me (family pictures, video etc) to backblaze with client-side encryption.

However, are they a reliable storage provider? I can't help but compare them to something like Amazon who likely has a better chance of maintaining my files but they are so expensive that I don't even bother.

What do you think? Yes, I've heard of 3-2-1, however for now I only have backblaze and a local backup. I'm trying not to spend too much on this.

Thanks!

view more: next ›

Findmysec

joined 2 months ago