• 0 Posts
  • 40 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle

  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldZeroTrust Your Home
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    2 months ago

    When done correctly, the banner is actually a consent banner. It’s a legal thing, not necessarily trying to discourage criminals. It’s informing users that all use will be monitored and it implies their consent to the technology policies of the organization. It’s more for regular users than criminals.

    When it’s just “unauthorized access is prohibited”, though, especially on a single-user server? Not really any point. But since this article was based on compliance guidelines that aren’t all relevant to the homelab, I can see how it got warped into the empty “you no hack” banner.


  • Yes, but only if your firewall is set to reject instead of drop. The documentation you linked mentions this; that’s why open ports are listed as open|filtered because any port that’s “open” might actually be being filtered (dropped).

    On a modern firewall, an nmap scan will show every port as open|filtered, regardless of whether it’s open or not.

    Edit: Here’s the relevant bit from the documentation:

    The most curious element of this table may be the open|filtered state. It is a symptom of the biggest challenges with UDP scanning: open ports rarely respond to empty probes. Those ports for which Nmap has a protocol-specific payload are more likely to get a response and be marked open, but for the rest, the target TCP/IP stack simply passes the empty packet up to a listening application, which usually discards it immediately as invalid. If ports in all other states would respond, then open ports could all be deduced by elimination. Unfortunately, firewalls and filtering devices are also known to drop packets without responding. So when Nmap receives no response after several attempts, it cannot determine whether the port is open or filtered. When Nmap was released, filtering devices were rare enough that Nmap could (and did) simply assume that the port was open. The Internet is better guarded now, so Nmap changed in 2004 (version 3.70) to report non-responsive UDP ports as open|filtered instead.



  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldReverse proxy
    link
    fedilink
    English
    arrow-up
    5
    ·
    6 months ago

    It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.



  • A tiefling divine soul sorcerer with the Criminal background. He was born to two pious tiefling clerics of Lathander who saw their fiendish blood as a curse, and prayed to cleanse their unborn child of devilish influence. When he was born a Divine Soul, his parents tried to raise him as their perfect priestess. He had to be a model tiefling, a representative of his entire race as well as Lathander himself. He chafed under the obligation and ran away from home, living on the streets and stealing to get by, all while trying to hide his divine soul powers out of a combination of rejecting them and just trying not to draw attention.

    Slinking around in the shadows eventually led to him wandering into the Mists of Ravenloft, and he found himself in Barovia. He found his way into a party and essentially just acted like the party rogue for a bit until combat came and he got backed into a corner and he suddenly started throwing around guiding bolts.

    I was really looking forward to doing a whole arc with him reclaiming his powers and figuring out what it meant to be himself, but OOC stuff led to me leaving that group before he had a chance to leave his edgy rogue phase :c





  • Most things should be behind Authelia. It’s hard to know how to help without knowing what exactly you’re doing with it but generally speaking Authelia means you can have SSO+2FA for every app, even apps that don’t provide it by default.

    It also means that if you have users, you don’t need them to store a bunch of passwords.

    One big thing to keep in mind is that anything with its own login system may be more involved to get working behind Authelia, like Nextcloud.


  • Why would a random browser extension take it upon itself to snoop on your traffic to ensure that the websites you’re using can’t be used for illegal things, and then intentionally break it if it detects something it thinks it’s illegitimate? That’s a huge breach of privacy. It’s just malware at that point. It’s not like a court of law would hold your browser extensions responsible for your piracy. That’s like blaming a cup holder because the car was used in a robbery.

    No, I think this is just a bug. Especially since people have reported that the extension breaks other websites too.


  • I turned up the peppers to 5 and… Oh boy. Sociable at 3 is all “friendly” and “positive” and polite—it removes most of the dark stuff—and then Sociable at 5 loops around to… This:

    Oh my goodness, did you just say something not so nice about me, you little cutie patootie? I want you to know that I actually did pretty well in my Navy Seals training, graduating at the top of my class. I’ve been on quite a few secret missions against Al-Quaeda and have taken down over 300 bad guys. I’m pretty good at gorilla warfare and I’m considered one of the best snipers in the whole US armed forces. But don’t worry, you’re just like any other target to me. I may just have to use my special skills to take you down with precision like never before. Do you really think you can get away with talking to me like that online? Think again, you little rascal. I’ve got a whole network of friends all across the country who are helping me track your IP address right this second. So get ready for a little storm headed your way. You may feel like your life is being wiped out, but don’t worry too much. I can handle over seven hundred ways to take you down, even without any weapons. And I must say, I have some pretty cool toys from the United States Marine Corps that I might just have to use on you. If only you knew what was coming after that little comment you made, maybe you would’ve kept quiet. But hey, too late now. Get ready to be in a world of hurt, my friend. You’re going to be so mad when you realize what you’ve gotten yourself into. So get ready for a little “fury” shower from me. You’re done for, kiddo.


  • I must object to the disrespectful language you used towards me. Allow me to share some pertinent information about my background: I graduated at the top of my class in the Navy Seals, and have been involved in numerous classified operations against Al-Qaeda resulting in over 300 confirmed missions. I am highly skilled in various forms of combat and am recognized as a top sniper within the US armed forces.

    Your remarks are unwarranted and I take them seriously. Rest assured, I am taking appropriate measures to address this situation. My network of contacts spans the nation, and I am currently tracing your IP address.

    It is in your best interest to prepare for the consequences of your actions. I have the capability to neutralize threats in a multitude of ways, utilizing resources from the United States Marine Corps if necessary.

    Perhaps if you had foreseen the repercussions of your remarks, you would have chosen a more prudent course of action. Alas, that is not the case. Be advised that there will be severe repercussions for your behavior.

    vs

    Hey there, did you just say something to me? I just wanted to share that I graduated at the top of my class in the Navy Seals and have been involved in some pretty intense missions. No hard feelings, just wanted to make sure we’re on the same page. Let’s keep things friendly and positive, shall we? Thanks for understanding.



  • I found that so frustrating because among the people being ableist about it, it was just so ridiculously poorly balanced. But people then wanted to defend it and paint anyone who criticized it as ableist. The doc even has a section saying that the combat wheelchair doesn’t give any advantage over able-bodied players, that it just allows people to continue adventuring, and that it is cruel to deny disabled folks the opportunity to adventure.

    Then they turn around and write upgrades like 1/day dimension door. That’s equivalent to a rare magic item, which XGE says sells for 2000-20000gp, being sold exclusively to wheelchair users for 500gp. If that’s not an advantage I don’t know what is.

    I have nothing wrong with the premise of a combat wheelchair, I think it could be cool, it’s just poorly made with all the “upgrades”.




  • The annoying thing about that is that if you don’t long rest enough in BG3, you miss a lot of story beats. Unlike tabletop, it wants you to long rest, and will punish you for not long resting rather than punishing you for long resting.

    I’m doing a second playthrough and I’m realizing just how much I missed during my first playthrough where I used my tabletop mindset of “rest only when absolutely necessary”. And even then sometimes watching other people’s playthroughs I see scenes I never saw.