Rocksolid Light

Welcome to novaBBS (yes, it's Usenet)

register  nodelist  faq  

New crypt. See /usr/news/crypt.


rocksolid / Security / latest

ANONYMOUS Black Hat Hackers.

rocksolid.shared.security

Posted: 12 Days 8 Hours ago by: trueaccord

ANONYMOUS Black Hat Hackers. We are a group of hackers of different skill levels that have come together to form the most efficient hacking teams on the darkweb and clean-net. We have no restrictions and boundaries in the type of jobs we

Re: Great intro on opsec

rocksolid.shared.security

Posted: 20 Days 15 Hours ago by: Anonymous

https://blog.xomg.net/tor-hidden-service-op.html

wtf is this ?

rocksolid.shared.security

Posted: 28 Days 23 Hours ago by: Anonymous

http://scbhcfb5ehas6ri2.onion and it turns out to be a darknet marketplace. Looking at the page source though: view-source:http://scbhcfb5ehas6ri2.onion/ they run their shit with all kinds of google services, link to one thousand clearnet

Bluetooth is practical, but evil

rocksolid.shared.security

Posted: 1 Month ago by: Anonymous

https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html So, if your leave the bluetooth on you Linux laptop on, you might as well put a post-it with the password on the screen.

Great intro on opsec

rocksolid.shared.security

Posted: 1 Month 4 Days ago by: Anonymous

http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/2228f010f448d21e07aa I will not rip it off here, but the content is gold. It is written for drug dealers, but it applies to anyone who wishes to be anonymous today.

Re: None

rocksolid.shared.security

Posted: 1 Month 9 Days ago by: Anonymous

So it's an educational site. We're just trying to help kids :D

Re: None

rocksolid.shared.security

Posted: 1 Month 10 Days ago by: Anonymous

They will learn very fast if their drug supply depends on it :-) . Could work as a great incentive in other situations as well ("no more weed for you young lady, until you clean up your room", lol).

Re: None

rocksolid.shared.security

Posted: 1 Month 10 Days ago by: Anonymous

that might keep alot of kids out now. can they even read a clock?

None

rocksolid.shared.security

Posted: 1 Month 10 Days ago by: Anonymous

lol, this would keep me out as well. this would be a piece of cake for an ai, so not sure this is really a good idea. dread has a nice captcha now, with a clock. --957953747e14fb3b1904ff7434b3575fb8608c83 Content-Disposition: form-data; fil

Re: Nice captcha idea

rocksolid.shared.security

Posted: 1 Month 10 Days ago by: AnonUser

oniichan has a captcha where you have to select all images of an anime girl given a name. I can't solve it without searching the name... --------------60607eb3262440.73125384 Content-Type: image/png; nameptcha.png Content-Transfer-Encodi

Re: None

rocksolid.shared.security

Posted: 1 Month 11 Days ago by: Retro Guy

I remember that. I didn't expect it but the sysop was nice. Sometimes he would interrupt my bbs use with a chat and all I could think was, "you're using up my time" lol.

Re: None

rocksolid.shared.security

Posted: 1 Month 11 Days ago by: anonymous

bulletin board systems were like that. the sysop would call you to verify, but i'm not sure what he verified. i guess that it's your real phone number or something. sort of like email verification but you couldn't just keep getting new p

None

rocksolid.shared.security

Posted: 1 Month 12 Days ago by: Anonymous

If you are user of such a site, you want to stay off the phone (or be prepared to go to the place where you only have one call).

Re: Nice captcha idea

rocksolid.shared.security

Posted: 1 Month 12 Days ago by: anonymous

man it took me a long time to see which circle has the cut. let's go back to the old days when you registered for a system and somebody called you on the phone and asked you questions before your account would work.

TRAX-391KM

rocksolid.shared.security

Posted: 1 Month 15 Days ago by: Anonymous

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-softwar

Nice captcha idea

rocksolid.shared.security

Posted: 1 Month 19 Days ago by: Anonymous

I guess an AI would still crack it with time, but it is a nice idea. The site is some darknet market, btw (archetype). --------------6055e5060c4fc2.82452364 Content-Type: image/jpeg; nameptcha_circle.jpg Content-Transfer-Encoding: base64

Re: Open season on Outlook servers

rocksolid.shared.security

Posted: 1 Month 26 Days ago by: Anonymous

and talking about attitude, they are better and faster in depublishing than in fixing their shit: https://arstechnica.com/gadgets/2021/03/critics-fume-after-github-removes-exploit-code-for-exchange-vulnerabilities/ --c01c37e7bb5710deda7c71

Re: do you use google dns?

rocksolid.shared.security

Posted: 1 Month 27 Days ago by: Anonymous

No, I don't use it usually. I am using chromium from time to time, and I guess there it is build in. And no, I don't trust google in any way or shape.

do you use google dns?

rocksolid.shared.security

Posted: 1 Month 27 Days ago by: Anonymous

Does Google Public DNS offer the ability to block or filter out unwanted sites? Google Public DNS is purely a DNS resolution and caching server; it does not perform any blocking or filtering of any kind, except that it may not re

Re: Open season on Outlook servers

rocksolid.shared.security

Posted: 1 Month 27 Days ago by: Anonymous

I agree, and not because the coders at MS are necessarily bad. It really seems to be a question of attitude more than a question of skill. The link goes to an article where they describe how to assess of an exchange server was attacked or

Re: Open season on Outlook servers

rocksolid.shared.security

Posted: 2 Months 3 Days ago by: Anonymous

I doubt a microsoft product will ever be safe. Not that other systems are free from security holes, but ms seems to be playing catch up for years now and they're nowhere near there.

Open season on Outlook servers

rocksolid.shared.security

Posted: 2 Months 3 Days ago by: Anonymous

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/ Come get it while it's hot.... "White House press secretary Jen Psaki told reporters today the vulnerabilities found

Re: xss in fudforum

rocksolid.shared.security

Posted: 2 Months 3 Days ago by: Retro Guy

Welcome back def3!

Re: xss in fudforum

rocksolid.shared.security

Posted: 2 Months 5 Days ago by: Anonymous

And def3 is back online. cheers trw

Re: xss in fudforum

rocksolid.shared.security

Posted: 2 Months 5 Days ago by: Anonymous

Seems like the manual application of the patch here https://sourceforge.net/p/fudforum/code/6321/ should do the trick. I have to test a little more if this actually closed it. That would save me a ton of time, instead of reinstalling everyt

Microsoft Office 365

rocksolid.shared.security

Posted: 2 Months 17 Days ago by: Anonymous

My employer is planning on switching to MS office 365 soon, and I have serious concerns about this. One thing is that I believe it is a dumb move to trust a corp like MS with your company data. While it has always been the case for Windoze

None

rocksolid.shared.security

Posted: 2 Months 19 Days ago by: Anonymous

dont forget i said specific cve theres also blender which can be networked and does alot of floating-point calculations you arent using blender for classical remote framebuffers on an open network are you im not even sure if blender support

xss in fudforum

rocksolid.shared.security

Posted: 2 Months 19 Days ago by: Anonymous

https://www.exploit-db.com/exploits/47650 and turned off def3 at once. not sure when I will turn it back on, seems like there are multiple vulns like this. at least part of those were fixed with 3.1.0, def3 ran 3.0.7. so now i have to bas

Re: Python fu yeah

rocksolid.shared.security

Posted: 2 Months 20 Days ago by: Anonymous

now that gives me a good, warm, fuzzy kind of feeling. op does not use python at all, kind of biased here.

None

rocksolid.shared.security

Posted: 2 Months 20 Days ago by: Anonymous

its specifically floating-point unless you have something using a math library like numpy or floating point numbers and its parsing it somehow externally (vary unlikely) you are probably fine for this specific cve you dont use wsgi right

Python fu yeah

rocksolid.shared.security

Posted: 2 Months 20 Days ago by: Anonymous

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177 Description Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accep

None

rocksolid.shared.security

Posted: 3 Months 2 Days ago by: Anonymous

Hi

Re: geolocation mobile user / mobile ip

rocksolid.shared.security

Posted: 3 Months 2 Days ago by: Anonymous

Yes, there are a lot of those. They have to be installed on the device that shall be tracked. Without that, only the ISP can do that (and of course the usual letter agencies).

geolocation mobile user / mobile ip

rocksolid.shared.security

Posted: 3 Months 2 Days ago by: spectre7323

Any tools can allows me to check the geolocation of an ip (mobile user)?

Nice site on security

rocksolid.shared.security

Posted: 3 Months 11 Days ago by: Anonymous

https://infosec-handbook.eu/ They bash the fediverse pretty strongly...I think they confuse it with mastodon.... (pic unrelated) --8e20b8671b1622baa513513f05fa48e9b2a73d07 Content-Disposition: form-data; filename="WAVY.GIF"; name="attachm

Privilege escalation in sudo

rocksolid.shared.security

Posted: 3 Months 11 Days ago by: Anonymous

"A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is

Re: remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: Marc SCHAEFER

If you have a firewall behind your router, protecting the router from accessing your internal network, then you are presumably safe, if using tor only. Else, the router could use vulnerabilities in your OS software (including any printer

Re: remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: Marc SCHAEFER

I would assume that if it has a Linux or BSD OS, and it has a DNS functionnality, it is dnsmasq.

Re: remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: AnonUser

To: Marc SCHAEFER Is there a way to check which dns server software is being used? I mean other than having full login access to whatever it runs.

Re: remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: Guest

Yes, that is true. I consider my router to be compromised anyway, and don't trust it. I don't see though how this would compromise my tor setup. The authority tor nodes are hardcoded into tor (with their ip addresses), and everything afte

Re: remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: Marc SCHAEFER

However, your IP router might well run dnsmasq.

remote code exec in dnsmasq

rocksolid.shared.security

Posted: 3 Months 18 Days ago by: Anonymous

https://www.jsof-tech.com/wp-content/uploads/2021/01/DNSpooq_Technical-Whitepaper.pdf CVE-2020-25681: Heap-based buffer overflow with arbitrary overwrite Thank fuck I am on tor and don't rely on DNS.

None

rocksolid.shared.security

Posted: 3 Months 22 Days ago by: Anonymous

You missed it could be a one liner, a single touch with the right garbage that causes a reboot from the kernel and blasts away all the recovery and inode data but it will look more complicated than C:/:$i30:$bitmap . This requires informati

Re: WIndows 10 NTFS bug

rocksolid.shared.security

Posted: 3 Months 22 Days ago by: Anonymous

that is not the same by far. exhausting inodes with time is not the same as a oneliner that causes immediate reboot and leaves the hd broken after.

None

rocksolid.shared.security

Posted: 3 Months 22 Days ago by: Anonymous

unzip $file, tar -xf $file, cpio -i -F $file, mkdir $garbage, touch $garbage, mv file $garbage, etc. It's similar not the same but from a quick search ntfs and redsea have the same fundamental flaws so this method can also be used. This is

Re: WIndows 10 NTFS bug

rocksolid.shared.security

Posted: 3 Months 23 Days ago by: Anonymous

If that is true, what is the command triggering it ?

None

rocksolid.shared.security

Posted: 3 Months 23 Days ago by: Anonymous

Un*x filesystems suffer a similar fate, this will probably be throw under the rug and never addressed.

WIndows 10 NTFS bug

rocksolid.shared.security

Posted: 3 Months 23 Days ago by: Anonymous

C:/:$i30:$bitmap Can be delivered in many different formats, does not need privileges....perfect https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/ --8570f228e9ed0e7398d91059f

Juniper OS protects your network

rocksolid.shared.security

Posted: 3 Months 24 Days ago by: Anonymous

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11108 Their license demon is vulnerable for local privilege escalation. Holy shit, if there is one thing I would not have on a firewall device or similar, it is a stupid license

Re: https://github.com/oskarsve/ms-teams-rce

rocksolid.shared.security

Posted: 4 Months 12 Days ago by: Anonymous

I don't. If I had it I would probably not publish it for free, at least at first. You have something to do between the years ? :-] That should suffice to figure it out. --d2feaacbbb141806b5d4ea2687eccc18c68187db Content-Disposition: form-da

None

rocksolid.shared.security

Posted: 4 Months 12 Days ago by: Anonymous

so does anyone have non redacted version of the RCE?

redacted

rocksolid.shared.security

Posted: 4 Months 12 Days ago by: Anonymous

anyone has the redacted RCE POC for this teams thing?

Re: Internet of shit : this time, the doorbell

rocksolid.shared.security

Posted: 4 Months 15 Days ago by: Anonymous

People buy it because they have no idea of the issue. Most wouldn't understand if you tried to explain it and then they may think you're just a nut. I bought a wireless security cam a few years ago and tried to hook it up. It's a nice c

Internet of shit : this time, the doorbell

rocksolid.shared.security

Posted: 4 Months 15 Days ago by: Anonymous

Quote/ The model we tested – the Victure VD300 – sends your wi-fi name and password to servers in China unencrypted. Any hacker able to intercept this data could waltz right into your home network and gain access to other devices on i

None

rocksolid.shared.security

Posted: 4 Months 25 Days ago by: Anonymous

I seriously contemplated this option against my employer, not for torture but for violation of privacy laws. In my jurisdiction this could maybe make a case, depending on what they do exactly. Microsoft sure gives a lot of options lately.

Re: None

rocksolid.shared.security

Posted: 4 Months 25 Days ago by: Anonymous

You may have a case against them (torture)

http://dropbox.i2p/?gSC3wMKGuRchuL9a6WpcGxxeZ

rocksolid.shared.security

Posted: 4 Months 27 Days ago by: Anonymous

http://dropbox.i2p/?gSC3wMKGuRchuL9a6WpcGxxeZKG

None

rocksolid.shared.security

Posted: 4 Months 28 Days ago by: Anonymous

How do they do that ? Isn't most of the programs available for Linux as well by now ? (me --> have to use MS at work each day)

None

rocksolid.shared.security

Posted: 4 Months 28 Days ago by: Anonymous

The university where I study forces us to use MS during lockdown :(

https://github.com/oskarsve/ms-teams-rce

rocksolid.shared.security

Posted: 5 Months 1 Day ago by: Anonymous

https://github.com/oskarsve/ms-teams-rce

zero-click, wormable, cross-platform remote code execution in Microsoft

rocksolid.shared.security

Posted: 5 Months 1 Day ago by: Anonymous

But don't worry, according to MS the class of this vuln is only "Important, Spoofing", which is about as low as it gets. And Teams only has 115 Mio daily users, what's the worst that can happen ? lol

Re: How anonymous is Monero ?

rocksolid.shared.security

Posted: 5 Months 1 Day ago by: Guest

http://secure.thetinhat.i2p/blog/primers/is-bitcoin-private.html nothing really new, but confirming what was already stated, more like -- Posted on def3

Re: How anonymous is Monero ?

rocksolid.shared.security

Posted: 5 Months 6 Days ago by: Anonymous

http://darkzzx4avcsuofgfez5zq75cqc4mprjvfqywo45dfcaxrwqg6qrlfid.onion/post/cipertrace-filed-another-monero-tracing-patent-application/ http://darkzzx4avcsuofgfez5zq75cqc4mprjvfqywo45dfcaxrwqg6qrlfid.onion/post/irs-wants-to-pay-625000-to-t

Re: Removing domains from letsencrypt certs

rocksolid.shared.security

Posted: 5 Months 14 Days ago by: Retro Guy

It should appear to a client most likely the same as if the cert was revoked then reissued. Depending on your pinning settings, it may or may not be an issue. Jeremy Rowley at digicert wrote an interesting article on pinning that basic

Re: Removing domains from letsencrypt certs

rocksolid.shared.security

Posted: 5 Months 14 Days ago by: Guest

Will that screw up Certificate Pinning (also a Firefox Add-On). I'm so paranoid that I keep lists of fingerprints, certificates and sha etc... only for transaction and email. Once burned twice shy! -- Posted on def3

Removing domains from letsencrypt certs

rocksolid.shared.security

Posted: 5 Months 18 Days ago by: Retro Guy

I wanted to drop this here for future reference. I needed this info and found this post from https://community.letsencrypt.org/t/remove-domain-not-required-from-cert/14010/6 very helpful. Credit to pfg for posting this: Right now, the pr

And another quote:

rocksolid.shared.security

Posted: 5 Months 21 Days ago by: Anonymous

"Private messages, political protests named ‘Darknet’ targets In procurement forms and presentations to RCMP trainees about who it will target with its expanded tools, the RCMP lists “Darknet,” commonly understood to refer to hid

Not only the US is spying...

rocksolid.shared.security

Posted: 5 Months 21 Days ago by: Anonymous

https://thetyee.ca/News/2020/11/16/You-Have-Zero-Privacy-RCMP-Web-Spying/ Money quote: "You have zero privacy anyway, get over it." Freedom, fuck yeah. Come join the underground, the state just wants to fuck you.

How anonymous is Monero ?

rocksolid.shared.security

Posted: 5 Months 24 Days ago by: Guest

It is obvious that bitcoin, although more anonymous than credit cards, can still be used to track you pretty good. This is due to the public nature of the blockchain. So anyone with the right knowledge can have a full overview of any wallet

Something really bad went down recently with Android and Applephones

rocksolid.shared.security

Posted: 5 Months 24 Days ago by: Anonymous

https://www.vice.com/en/article/xgzxmk/google-project-zero-bugs-used-to-hack-iphones-and-android-phones tldr: a series of bugs was just fixed on android and iphones, without anyone disclosing any details. "smells like spy shit", lol. burn

And it even gets better

rocksolid.shared.security

Posted: 6 Months 21 Days ago by: Anonymous

The site is actually fully functional without js, once you have passed the check on the frontpage (I just tried). So it is either supersloppy code or there are other reasons why the makers of the site want js turned on...

Got security ?

rocksolid.shared.security

Posted: 6 Months 21 Days ago by: Anonymous

https://securityplanner.consumerreports.org/ First message you get: you have to switch on js to use the site. How fucking credible, boys and girls. lol. --ac157d6be4eec3a61bb399dac0ba8c7ae48c57c3 Content-Disposition: form-data; filename="s

Well...

rocksolid.shared.security

Posted: 6 Months 21 Days ago by: Anonymous

"that don't impress me much". as a firewall, you have one fucking job, which is to keep the bad guys out. if you prove you cannot do it and instead allow remote code execution, you have not only failed in the sense that you did _not_ keep

Re: Do you use the Sonic firewall ?

rocksolid.shared.security

Posted: 6 Months 22 Days ago by: AnonUser

Looks like they believe they've patched them all "SonicWall published patches for all 11 vulnerabilities." Affected Versions Fixed Versions SonicOS 6.5.4.7-79n and below SonicOS 6.5.4.7-83n SonicOS 6.5.1.11 and below SonicOS 6.5.1.

Do you use the Sonic firewall ?

rocksolid.shared.security

Posted: 6 Months 23 Days ago by: Anonymous

https://de.tenable.com/blog/cve-2020-5135-critical-sonicwall-vpn-portal-stack-based-buffer-overflow-vulnerability

Careful: don't hook your dong to the internet

rocksolid.shared.security

Posted: 7 Months 1 Day ago by: Anonymous

https://techcrunch.com/2020/10/06/qiui-smart-chastity-sex-toy-security-flaw/ lol, idk how ppl come up with that shit...

Re: Certified PDF

rocksolid.shared.security

Posted: 7 Months 10 Days ago by: rslightuser

afaik you can only edit it if you're the only signer. You need to remove your digital sig to do that. If others or not you has signed it, I would guess it's pretty difficult as that's not meant to happen.

Certified PDF

rocksolid.shared.security

Posted: 7 Months 10 Days ago by: rslightuser

Hi guys, Anyone knowledgeable about the editing of digitally signed PDF files? Cheers

comparison server vs user

rocksolid.shared.security

Posted: 7 Months 14 Days ago by: Anonymous

another angle to look at is: are you browsing/getting content or are you offering some service (a website, for example). ihmo the usage of the torbrowser on onion sites is safer than the usage of $browser plugged into the i2p proxy. on the

has anyone ever ?

rocksolid.shared.security

Posted: 7 Months 14 Days ago by: Anonymous

tor is very well researched by now, with many papers on possible attacks and other interesting stuff. i2p on the other hand is much less researched (because much less known). i agree to the concrete recommendations of the previous posts

Re: degree of anonymity

rocksolid.shared.security

Posted: 7 Months 16 Days ago by: rslightuser

I think they're definitely worth it to improve anonymity, but never to guarantee it. The weakest link is the user. My thougts follow but I'm no expert, just a user 1. Don't use Microsoft Windows, run an open source os. 2. Encrypt every

Re: degree of anonymity

rocksolid.shared.security

Posted: 7 Months 16 Days ago by: Marc SCHAEFER

You need to do this analysis separately for the network anonymizing part (tor or i2p) and the tools you use to access it. Your web browser might be much more telling than the choosen anonymizing network.

degree of anonymity

rocksolid.shared.security

Posted: 7 Months 16 Days ago by: Anonymous

https://en.wikipedia.org/wiki/Degree_of_anonymity has anybody ever analysed tor & i2p about their degree of anonymity yet? kind of worried about if these programs can be worth it any rules of thumb for i2p & tor?

Re: Firewall

rocksolid.shared.security

Posted: 8 Months 7 Days ago by: rslightuser

ipfire has no relation to Mozilla afaik.

Re: Firewall

rocksolid.shared.security

Posted: 8 Months 9 Days ago by: AnonUser

Interesting. Focus on security, traffic prioritization etc. Is it in some way related to Mozilla?

Re: Firewall

rocksolid.shared.security

Posted: 8 Months 9 Days ago by: rslightuser

Take a look at the free Ipfire distro.

Oh yeah, Toyota finally promotes Skynet for cars

rocksolid.shared.security

Posted: 8 Months 18 Days ago by: Anonymous

https://www.theregister.com/2020/08/18/aws_toyota_alliance/ These fucking corporate fucks will not rest until they dissected and sold all your data to the highest bidder. Fucking burn in hell, you scumfucks. --552ed5424286e035fe564e1e9d0e

Hosting tor hidden services : setup guide

rocksolid.shared.security

Posted: 8 Months 24 Days ago by: Anonymous

https://blog.xomg.net/tor-hidden-service-op.html Including many useful code pieces and links, among other things this thingie here: https://www.fakenamegenerator.com/ Really nice. Well done Alice.

Re: Whoops, our bad, we just may have 'accidentally' left Google Home

rocksolid.shared.security

Posted: 8 Months 29 Days ago by: Mei

I don't think that part about GPT-3 was meant to be included :) Companies should certainly be held responsible for their actions. Too bad no one will do it.

Whoops, our bad, we just may have 'accidentally' left Google Home devices

rocksolid.shared.security

Posted: 9 Months ago by: Anonymous

https://www.theregister.com/2020/08/08/ai_in_brief/ Sorry, it was a software problem...wtf ? It's time companies would have to pay for such violations. If you build a car that causes accidents because there is a fault in the construction,

(not op)

rocksolid.shared.security

Posted: 9 Months ago by: Anonymous

+1, they have good setup-

no problem

rocksolid.shared.security

Posted: 9 Months 1 Day ago by: Anonymous

Just run it from a torified vm.

Ever wanted to fake your own death ? Seems it is easy an

rocksolid.shared.security

Posted: 9 Months 2 Days ago by: Anonymous

https://www.telegraph.co.uk/travel/destinations/asia/philippines/articles/philippines-the-global-leader-for-faking-own-death/ Because the telegraph has some kind of strange paywall, the whole text is pasted below, just to spite them. Thi

accountless hosting

rocksolid.shared.security

Posted: 9 Months 3 Days ago by: Anonymous

i am very impressed with http://spore64i5sofqlfz5gq2ju4msgzojjwifls7rok2cti624zyq3fcelad.onion/news/ and https://facelesscloud.com/ No account, no email, no bullshit. You just load some bitcoin to an address and get going (this is how it re

Re: long live return code 444

rocksolid.shared.security

Posted: 9 Months 3 Days ago by: anon

Yes, and with the method mentioned in the op you can actually kill the buggers connections instead of just throttling.

Re: Zones

rocksolid.shared.security

Posted: 9 Months 4 Days ago by: Retro Guy

It's nice to be able to throttle spiders, and it's not difficult if you have an ip address. Even i2p provides a specific ip for each identity, so it works. With tor, you can't really throttle without throttling everyone.

Re: nginx is great

rocksolid.shared.security

Posted: 9 Months 4 Days ago by: AnonUser

Interesting, and pretty nicely written. Standarize and simplify are good goals. Haven't checked these out yet.

nginx is great

rocksolid.shared.security

Posted: 9 Months 7 Days ago by: Anonymous

https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#passing-uncontrolled-requests-to-php Also good to read: https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ https://agentzh.blogspot.com/2011/03/how

None

rocksolid.shared.security

Posted: 9 Months 9 Days ago by: Anonymous

my opsec gay

Re: Secure hosting

rocksolid.shared.security

Posted: 9 Months 9 Days ago by: AnonUser

Thanks for your answer. It is not so much the speed of the connection I am concerned about, but more the availability of the service. Selfhosting means the service will have downtime (when your internet connection is not up or rerachable f

Re: Secure hosting

rocksolid.shared.security

Posted: 9 Months 10 Days ago by: AnonUser

For a tor hidden service maybe the best is to self host it. tor is slow so it won't really seem slow to a user that it's not on a hosting server somewhere. Even the internet hosting services that accept bitcoin still want to verify your

Secure hosting

rocksolid.shared.security

Posted: 9 Months 10 Days ago by: AnonUser

Greetings yall. I have a question concerning hosting: I would like to host an onion site on a vps server somewhere. The site is not exactly illegal in my jurisdiction, but it is controversial, and I would like to has as few links as possi

lookee here

rocksolid.shared.security

Posted: 9 Months 11 Days ago by: Anonymous

https://cyber-wolves.blogspot.com/2015/12/get-started-for-noobs.html

Zones

rocksolid.shared.security

Posted: 9 Months 11 Days ago by: Anonymous

I looked at zones as well, but if you cannot use the ip (because it is a service on tor), than your are kind of stuck in some situations. In my case I used a combination of the URL and the posting method to get rid of some annoying script

Re: long live return code 444

rocksolid.shared.security

Posted: 9 Months 12 Days ago by: Retro Guy

I use zones to limit requests and a few other ways of blocking. It works great. I wasn't familiar with the code you mention here, I need to check it out. Been really impressed with nginx so far! Retro Guy

long live return code 444

rocksolid.shared.security

Posted: 9 Months 12 Days ago by: Anonymous

https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#return Block certain kinds of ddos at application level simply by dropping the connection with your reverse http proxy. works like a charm, simpler and more effective than lowleve

Re: Firewall

rocksolid.shared.security

Posted: 9 Months 21 Days ago by: AnonUser

1) "keep me safe": from whom or from what ? if you want to be safe from the kind of surveillance that targets anyone nowadays and the common malware traps, the answer is different than if you fear (or you know) that you are targeted in pa

Firewall

rocksolid.shared.security

Posted: 9 Months 21 Days ago by: Cheeseman

Hi guys I am new to this site & just moved away from the sheep so I am looking for some good security tips to keep me safe ie Firewall , A good VPN antivirus etc I know what comes up on Google but I mean the best I came across seemed to

108 recent articles found.

rocksolid light 0.6.9
clearneti2ptor