[X] My Assistant

Just force a notty (in sshd_config), it will look as the server is accepting passwords but will *always* tell it is invalid. Currently

CODE

Last login: Tue Nov  8 02:43:48 UTC 2016 on pts/0
Last failed login: Tue Dec  6 03:25:15 UTC 2016 from 116.31.116.9 on ssh:notty
There were 35755 failed login attempts since the last successful login.

And yes, 116.31.116.9 is chinese (IMG:[invalid] style_emoticons/default/smile.gif)

(Works better with plans where the inbound bandwidth is unlimited. Since you do not want to pay a penny for the bandwidth they use)

They were knocking on my front door within 6 minutes.

I got a couple ZmEu ones. They were mainly probing for PHP vulnerabilities. I also proceeded to do a very loud port scan of the Chinese guy. They stopped. I'm guessing they have some sort of script that detects port scans and add you to a blacklist.

What would be funny though would be to start saying "Yes" to everything they're looking for even though it's not installed, just to see what else they'll throw. So you're looking for CPanel? Of course I have it! Want PHP instead? Sure thing! Oh, you want root access? Here, have a (fake) success message!

Though, I'm not too experienced system administration. Perhaps it's a good chance to learn the finer points of being an evil sysadmin (and being a troll in general to malicious actors). Perhaps inviting them in to a VM honeypot loaded with very enticing files laced with ransomware?

This post has been edited by chriseras: Dec 6 2016, 05:55

^ I remember that you know ansible well. Just add to it some fun with KVM and you're as good as the vast majority of sysadmins today.

I've been a sysadmin for years. Until people decided that chef/puppet/ansible and the rest is incredibly easy to use and we can dump the sysadmin on the developers. That is not to say that ansible and company are bad, they're fucking awesome. It is just that the server hardening that was done in the past is an almost forgotten art (and to be fair, developers fail badly at it). On the bright side, that spells a brilliant future for InfoSec research.

In any case, just get a server and start hacking. The most common thing that people do is to make a personal blog, and then post how they configured the blog as the first blog post. The second blog post is how they migrated the blog to a different framework. It is not about writing in the blog, but about tinkering with its backend (IMG:[invalid] style_emoticons/default/smile.gif)

I'm getting more and more scared of the day my computer will die.
But I can't imagine how to go into a new computer while saving my data either.

With all the troll answers I'm getting, Yahoo Answers have become a useless site for me.

With all the troll answers I'm getting, Yahoo Answers have become a useless site for me.

fixed

I'm getting more and more scared of the day my computer will die.
But I can't imagine how to go into a new computer while saving my data either.

As long as you have a backup (or backups) of the files you need, you should be fine. All that matters in the computer is the hard drive. Get a cheap hard drive that's big enough and start dumping.

Fun fact: a lot of region restrictions when browsing media sites can be bypassed by adding a "X-Forwarded-For" header to your HTTP requests (every modern browser has extensions that allow header tinkering) and using an IP address that resides in one of the white-listed regions
It's kind of surprising how well this works

AMD stock has been doing well recently.

AMD stock has been doing well recently.

All thanks to Polaris as well as the hype surrounding Vega & Zen.

All thanks to Polaris as well as the hype surrounding Vega & Zen.

Might drop in the near future once [arxiv.org] this news gets blown bigger. There's some problems with SEV.

Might drop in the near future once [arxiv.org] this news gets blown bigger. There's some problems with SEV.

Agree. I can see the potential impact this issue will have on the Enterprise side of AMD's business.

The fall of Yahoo has gone from boulder tumbling down the hill to falling down a cliff, assisted by the gravity of incompetence.

The fall of Yahoo has gone from boulder tumbling down the hill to falling down a cliff, assisted by the gravity of incompetence.

Meh......who cares what happens to yahoo at this point?
They don't affect anything anymore.

Stupid Yahoo for letting 1 billion accounts get hacked. What, is your IT security dept. being run by a five-year old or something?

This post has been edited by hujan86: Dec 16 2016, 03:16

I will watch this TV show on replay service tomorrow since the whole channel has gone mute for some reason.

Meh......who cares what happens to yahoo at this point?
They don't affect anything anymore.

My mom still has her email at yahoo.co.uk , guess who will be opening a gmail for her?

Meh......who cares what happens to yahoo at this point?
They don't affect anything anymore.

It's a bit more important when evading censorship. If you only have 1 or 2 search engines, search results can be easily controlled. If you have a few more, search results fall through holes made by other search engines, if there's any censorship of results. Even Google performs sub-par now for certain search items where Bing and Yahoo excel for said items due to less strict (or rather less efficient) result control. Explicit content restrictions were added in place back in 2012/3 or so with no way to disable, which is another area where Bing outperforms in as it lets you turn that setting off. With recent events, Google is also significantly biased in terms of social-political search results. From what I've seen, they've been experimenting with subtle methods to influence politics across large demographics who do account-less searching.

Stupid Yahoo for letting 1 billion accounts get hacked. What, is your IT security dept. being run a five-year old or something?

I've read around and heard from people in industry that they used to have a very experienced and capable security team. Right up until Marissa Mayer came in and ruined everything with things like cutting the security budget, which was when said experienced and capable people left for better jobs. She even kept their CISO (Chief Information Security Officer) out of the loop when the 500 million hack came up, just so the security team couldn't ask for budget increase, among several other problems that made the guy outright quit his job as a big "Fuck You!" to upper management.

Yeah, great move shafting your information security team Mayer. Now you'll have to deal with the consequences. Also, when the CISO quit, the company became radioactive to any other potential hires for CISO position. Not every day someone like that quits in that fashion unless something was really wrong.

This post has been edited by chriseras: Dec 16 2016, 02:58

I've been using Windows 10 for maybe ~7-8 hours now and I'm already meditating downgrading back to Windows 7 and going on a murder spree, not necessarily in that order
I don't think I've ever used a system that annoyed me this much this quickly

I've been using Windows 10 for maybe ~7-8 hours now and I'm already meditating downgrading back to Windows 7 and going on a murder spree, not necessarily in that order
I don't think I've ever used a system that annoyed me this much this quickly

Here's [www.howtogeek.com] something to make your life more bearable. At least until you start modifying registry to keep your Windows machine from tattling to Big Brother about all your actions, which is generally where most people cross from murder spree to genocide.

Why did I just spend over an hour drawing fan art of Lissa, and why isn't there more of it to begin with?