cantankerous_cashew

joined 1 year ago
sorted by: new top controversial old
53
Free-threaded CPython is ready to experiment with! (labs.quansight.org)
17
Can subdomains using Cloudflare Tunnels be enumerated? (lemmy.world)
 

I've been using Cloudflare tunnels in my homelab. I'm wondering how well they resist subdomain discovery/enumeration by bots/malicious actors. I’m aware that security through obscurity isn’t a real strategy, but I am curious about this from a purely academic standpoint. Aside from brute force guessing, are there any other strategies that could be used to find the subdomains of services tunneled through cloudflare?

267
Z-Library admins on the lam ahead of US extradition; officials shocked (arstechnica.com)
146
The US president ordered a board to probe a massive Russian cyberattack. It never did. (arstechnica.com)
Gluetun: The Little VPN Client That Could in c/selfhosted@lemmy.world
[–] cantankerous_cashew@lemmy.world 2 points 6 months ago

gluetun bundles a control server on port 8000 which you can query for the port number (don't worry about openvpn being in the url path, it still works with Wireguard). In my bash script (running on the host system), I use curl to retrieve the forwarded port number and then do a POST with that data to the API of my qbt client which is running in another container on port 8080.

Gluetun: The Little VPN Client That Could in c/selfhosted@lemmy.world
[–] cantankerous_cashew@lemmy.world 5 points 6 months ago

There’s a reason why most providers don’t allow that feature anymore

Yes, cheese pizza

It’s said that port forwarding is a security risk

Says who? Assuming a fully patched system/client and a properly configured firewall/network, I'd love to hear more about these "risks".

Also, qBitTorrent works just fine without it.

Only if you don't care about seeding

Gluetun: The Little VPN Client That Could in c/selfhosted@lemmy.world
[–] cantankerous_cashew@lemmy.world 7 points 6 months ago (5 children)

Based. I use gluetun with qbt and ProtonVPN (with port forwarding). Despite this being a tricky config, it was still pretty easy to setup. Can share bash scripts if anyone is interested.

Looking for ngrok alternative in c/selfhosted@lemmy.world
[–] cantankerous_cashew@lemmy.world 1 points 7 months ago

I’m personally a big fan of bore. It’s easy to setup/use and there’s a free public instance operated by the developer.

backdoor in upstream xz/liblzma leading to ssh server compromise in c/linux@lemmy.ml
[–] cantankerous_cashew@lemmy.world 1 points 7 months ago

Here's a link to the PR for anyone who's interested

224
Suicide Mission - What Boeing did to all the guys who remember how to build a plane (prospect.org)
166
endlessh-go: a Golang SSH tarpit that traps bots/scanners (github.com)
Say Hello to Biodegradable Microplastics in c/technology@lemmy.world
[–] cantankerous_cashew@lemmy.world 2 points 7 months ago

Glad to see progress on this topic. Pretty sure microplastics will be our generation’s lead.

What VPN would you recommend for torrenting? in c/piracy@lemmy.dbzer0.com
[–] cantankerous_cashew@lemmy.world 2 points 8 months ago

Faster downloads (sometimes significantly), easier to connect to seeders.

Did you ever think that maybe all VPN services are actually secretly owned/funded by governments and that they are only giving you a false illusion of privacy? in c/nostupidquestions@lemmy.world
[–] cantankerous_cashew@lemmy.world 4 points 8 months ago (1 children)

100% this. OP is describing a great plot for an B-tier Hollywood movie, but reality tends to be much less thrilling. Obligatory xkcd.

Mullvad has Deb and RPM repositories now! in c/linux@lemmy.ml
[–] cantankerous_cashew@lemmy.world 3 points 11 months ago

This. I switched over to protonvpn, but I’d switch back in a heartbeat if Mullvad re-enables port forwarding.

0
If PEP 703 is accepted, Meta can commit three engineer-years to no-GIL CPython (discuss.python.org)