If the house is a-rockin'... [RML Thread 3]
Moderators: Rebuild/OT Moderators, Board Staff
If the house is a-rockin'... [RML Thread 3]
For all things rockin' about life. Continued from:
ʕ•ᴥ•ʔ"Stop watching anime. it makes you think all girls are incredibly hot and shy, and there are 10 that all want your boner which just isn't true." -Brik-aniki
"I CAN'T HELP IT THAT I WANT TO EAT MY OWN VULVA AND SHARE IT WITH A LOVED ONE!"-Reichu
"I have a fetish for naked women with stigmata playing ping pong in the mud. Is there a name for that?" -Kaiser O-Ornette-dono-sama
“Don’t do that; that was probably hooker money.” -SSD on me holding money with my mouth
"I CAN'T HELP IT THAT I WANT TO EAT MY OWN VULVA AND SHARE IT WITH A LOVED ONE!"-Reichu
"I have a fetish for naked women with stigmata playing ping pong in the mud. Is there a name for that?" -Kaiser O-Ornette-dono-sama
“Don’t do that; that was probably hooker money.” -SSD on me holding money with my mouth
- Nuclear Lunchbox
- Agent Ahegao
- Age: 26
- Posts: 10623
- Joined: Dec 13, 2012
- Location: Nippon
- Gender: Male
Every day for an hour. Since I play tenors, I stand in one place and constantly bang out new beats. Occasionally, I'll hook up a snare drum and do some exercises.
Shin Evangelion brought me back, five long years later.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
^Thanks. This is a bit over 48k words, so it's around the shortest limit of what seems to be the generally agreed upon minimum length of a novel; a final draft may end up being 4-5k words longer or shorter, though. The last piece I finished of any worth was a ~30k-word novella back in February, and I'm honestly more proud of that than I am of this. This thing is so haphazard and arbitrary that I'm not sure it can be saved. Editing is going to be interesting, to say the least.
I mean, it is my first actual novel that I've attempted to write, so mistakes are naturally part of the learning process. But at the same time, given the experience I've had with short stories, I still hope I can make this thing better than it is right now.
I mean, it is my first actual novel that I've attempted to write, so mistakes are naturally part of the learning process. But at the same time, given the experience I've had with short stories, I still hope I can make this thing better than it is right now.
I recently got tired of being up until 4-5 am and then sleeping until 1-2 pm and then spending half of the afternoon doing things that should and could have been done much earlier in the day with a lot less stress involved. I have no clue whats been causing this but, like I said I have become very weary of it.
So today I forced myself to get up at 10 am. Granted, I did get around 6 hours of sleep which used to be what I would normally get and not have a problem with. I am a little drowsy which is probably due to my sleep schedule being so messed up, but today was the first step in getting my sleep schedule back under control and I am hoping that this upward trend continues.
So today I forced myself to get up at 10 am. Granted, I did get around 6 hours of sleep which used to be what I would normally get and not have a problem with. I am a little drowsy which is probably due to my sleep schedule being so messed up, but today was the first step in getting my sleep schedule back under control and I am hoping that this upward trend continues.
"If it's stupid but works, it isn't stupid." - Me
"Has anyone ever told you how pretty your eyes are?" - Akio's most famous line.
Akio in Lance of LoL's Rebuild RP
Steam/PSN: MAGI_01 Origin: MAGI_02
Avatar: Mephisto Pheles.
Interested in a FMA based RP? Then check this out!
"Has anyone ever told you how pretty your eyes are?" - Akio's most famous line.
Akio in Lance of LoL's Rebuild RP
Steam/PSN: MAGI_01 Origin: MAGI_02
Avatar: Mephisto Pheles.
Interested in a FMA based RP? Then check this out!
- Catamari
- Test Subject
- Age: 30
- Posts: 2936
- Joined: Dec 26, 2012
- Location: Transsexual Transylvania
- Gender: Male
I got CopSSHD working semi-properly. Let me tell you, getting an SSH server running on Windows was a bitch.
I have a rather complicated setup to allow me to access data at work from school. The SysAdmin (my supervisor) is concerned that directly opening port 22 on our work network would be a PCI compliance violation, because of this, we are improvising. We had to take this approach of onion-routed SSH connections for two reasons. Firstly, we needed to be set up quickly. We couldn't wait a week for me to figure this out, I leave for my apartment exactly one week from today. Secondly, Linux (specifically the Samba client) was being an asshole and not working with me. I would have simply mounted the shares I need on Cathedral Terra and just SSH'd into there to access what I need. That didn't work.
Basic idea.
Here's a more detailed map of the network. (Mislabeled the Application/File Server node, the "Port 22 Open" label should be on Cathedral Terra)
I have a rather complicated setup to allow me to access data at work from school. The SysAdmin (my supervisor) is concerned that directly opening port 22 on our work network would be a PCI compliance violation, because of this, we are improvising. We had to take this approach of onion-routed SSH connections for two reasons. Firstly, we needed to be set up quickly. We couldn't wait a week for me to figure this out, I leave for my apartment exactly one week from today. Secondly, Linux (specifically the Samba client) was being an asshole and not working with me. I would have simply mounted the shares I need on Cathedral Terra and just SSH'd into there to access what I need. That didn't work.
Basic idea.
Here's a more detailed map of the network. (Mislabeled the Application/File Server node, the "Port 22 Open" label should be on Cathedral Terra)
Avatar: Smile!
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
- pwhodges
- A Lilin in Wonderland
- Age: 77
- Posts: 11035
- Joined: Nov 18, 2012
- Location: Oxford, UK
- Contact:
I use WinSSHD, and it's not a bitch, at least for anything I've needed to do. (I use it mainly for SFTP, and have closed down my FTP server and simplified my firewall rules as a result.)
concerned that directly opening port 22 on our work network would be a PCI compliance violation, because of this, we are improvising.
I don't know any of the details of PCI Compliance, but if it allows SSH at all, why not simply put it on another port? Granted, it will be no more secure, because the bad guys know to scan other ports for SSH, but it'll get less hammering than it would on 22. If you have a fixed IP address at home and access to the work firewall, you could restrict the SSH access to your IP, and stop worrying (I do that to give myself secure unlimited access to my work systems).
"Being human, having your health; that's what's important." (from: Magical Shopping Arcade Abenobashi )
"As long as we're all living, and as long as we're all having fun, that should do it, right?" (from: The Eccentric Family )
Avatar: The end of the journey (details); Past avatars.
Before 3.0+1.0 there was Afterwards... my post-Q Evangelion fanfic (discussion)
"As long as we're all living, and as long as we're all having fun, that should do it, right?" (from: The Eccentric Family )
Avatar: The end of the journey (details); Past avatars.
Before 3.0+1.0 there was Afterwards... my post-Q Evangelion fanfic (discussion)
- Mr. Tines
- Administrator
- Age: 66
- Posts: 21375
- Joined: Nov 23, 2004
- Location: This sceptered isle.
- Gender: Male
- Contact:
Or you could have traded money for time and taken out a GoToMyPC subscription -- and avoided opening any ports at all. /salesmode
Reminder: Play nicely <<>> My vanity publishing:- NGE|blog|Photos|retro-blog|Fanfics &c.|MAL|𝕏|🐸|🦣
Avatar: art deco Asuka
Avatar: art deco Asuka
- pwhodges
- A Lilin in Wonderland
- Age: 77
- Posts: 11035
- Joined: Nov 18, 2012
- Location: Oxford, UK
- Contact:
I prefer not to rely on a third party's system security when setting up my own secure links to meet regulatory standards (from the MHRA in my case; roughly equivalent to FDA in the US), and so I forbid the use of GotoMyPC in my workplace for that reason. I don't know if the PCI compliance standards say anything on the matter.
"Being human, having your health; that's what's important." (from: Magical Shopping Arcade Abenobashi )
"As long as we're all living, and as long as we're all having fun, that should do it, right?" (from: The Eccentric Family )
Avatar: The end of the journey (details); Past avatars.
Before 3.0+1.0 there was Afterwards... my post-Q Evangelion fanfic (discussion)
"As long as we're all living, and as long as we're all having fun, that should do it, right?" (from: The Eccentric Family )
Avatar: The end of the journey (details); Past avatars.
Before 3.0+1.0 there was Afterwards... my post-Q Evangelion fanfic (discussion)
- Catamari
- Test Subject
- Age: 30
- Posts: 2936
- Joined: Dec 26, 2012
- Location: Transsexual Transylvania
- Gender: Male
Paid Solution?
But...THAT WOULD MAKE SENSE. That can't happen.
I wanted a "free for commercial use" program. I originally went with OpenSSH, but that had trouble, as did FreeSSHD. I finally just said "fuck it" and did everything I could to get CopSSHD working properly. We handle a lot of credit card data, so we didn't want to risk being in violation of PCI rules. We had to jump through enough flaming hoops just to get the VPN to the house.
My trump card solution would have been to write up some glue code in Python with an SMB library and FUSE. I didn't want to do that, I prefer to use stock solutions unless there's no other choice.
Avatar: Smile!
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
- Nuclear Lunchbox
- Agent Ahegao
- Age: 26
- Posts: 10623
- Joined: Dec 13, 2012
- Location: Nippon
- Gender: Male
Please tell me that this is a Gurren Lagann reference.
Shin Evangelion brought me back, five long years later.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
- Catamari
- Test Subject
- Age: 30
- Posts: 2936
- Joined: Dec 26, 2012
- Location: Transsexual Transylvania
- Gender: Male
Next you're going to say that my database server, Kurama, isn't an Elfen Lied reference.
Avatar: Smile!
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
- Nuclear Lunchbox
- Agent Ahegao
- Age: 26
- Posts: 10623
- Joined: Dec 13, 2012
- Location: Nippon
- Gender: Male
You're a man of good taste, Catamari. I knew you were a good man.
Shin Evangelion brought me back, five long years later.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
Apophenia. Noun. The tendency to perceive a connection or meaningful pattern between unrelated or random things.
They called me the Quentin Tarantino of hentai.
The difference between a blow-up doll and a dakimakura.
- Sgt. Griff
- Eva Technician
- Age: 26
- Posts: 1390
- Joined: Oct 10, 2011
- Location: Deep Space 9
- Gender: Male
- Bomby von Bombsville
- Test Subject
- Age: 107
- Posts: 2905
- Joined: Aug 18, 2009
- Ornette
- Administrator
- Age: 49
- Posts: 11887
- Joined: Dec 26, 2005
- Location: Pittsburgh/New York City
- Gender: Male
- Contact:
Port 22 brute force dictionary attacks have been rampant since the mid 90's with sshv1, there's dozens of ways to easily mitigate that and if it's a matter of 2 endpoints, you have stunnel/iptables and forget running ssh on your windows box and just rdp. Looking at your netmaps, I don't see what the issue is.
- Catamari
- Test Subject
- Age: 30
- Posts: 2936
- Joined: Dec 26, 2012
- Location: Transsexual Transylvania
- Gender: Male
Ornette wrote:Port 22 brute force dictionary attacks have been rampant since the mid 90's with sshv1, there's dozens of ways to easily mitigate that and if it's a matter of 2 endpoints, you have stunnel/iptables and forget running ssh on your windows box and just rdp. Looking at your netmaps, I don't see what the issue is.
I was waiting for you to comment on this.
Truth be told, this was mostly a matter of getting something up quickly, my supervisor only allocated me about two hours, so the first "viable" solution was what I had to go with. The reason I went with SSH was because I'm familiar with how it works and how it is set up and used (well, compared to other protocols). I'm sure a more elegant and secure solution exists and I will probably migrate to it over time, but, at this point, I just need to be able to access network resources from a network without VPN access to the office. My supervisor was against forwarding any ports required for that, so I had to improvise by using my house/office VPN (so my parents can get to office data) as a sort of proxy.
Now that you mention iptables, though, I feel like a bloody idiot.
Avatar: Smile!
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
Official Sexpert of Dai-Ero-Dan
"I LOVE LADIES." - The Eva Monkey
"If I can't wipe my own ass, then it's time for me to go." - Guy Nacks
"[Catamari] Just advising you to check your privilege" - Bagheera
"Fuck you, Switzerland" - Archer
- Ornette
- Administrator
- Age: 49
- Posts: 11887
- Joined: Dec 26, 2005
- Location: Pittsburgh/New York City
- Gender: Male
- Contact:
If you have 2 fixed endpoints, then creating an stunnel is really easy. With anything like this, even with VPN, there are various levels of how "secure" you want it to be, and it varies by quite a bit. And in a practical deployment, you're concerned with more than just being secure, things like "easy of use" or even "dummy factor" is part of a viable solution.
At the same time, if you have 2 fixed endpoints, using iptables instantly mitigates a large portion of attack vectors. So together with stunnel, you have a connected tunnel, that's encrypted, and only will ever allow a traffic from the 2 specific endpoints. The netmap you have doesn't list the OSes, but as a personal rule, no windows machine should ever be facing the internet, ever. Stick a linux machine in front with no open ports that uses iptables to DNAT or a per protocol proxying. It's centrally logged, controllable, lightweight, and you can stunnel if you need to. But it's not exactly horizontally scalable.
Windows implementations of SSH and Fuse has always left lots to be desired. Some of it costs money and a lot of the issue is more trying to stick a square peg into a round hole. This isn't to say that I've never used really comprehensive and fully featured SSH implementations on Windows. Back in the day SSH's tectia was actually pretty good. It wen hand in hand with an Xserver which I've forgotten the name of (and also costs a lot of $$$) that was seamless with the native windows OS. Even the price doesn't make up for the mostly short lifespan for such products. IMO, it's much easier to just use SMB.
At the same time, if you have 2 fixed endpoints, using iptables instantly mitigates a large portion of attack vectors. So together with stunnel, you have a connected tunnel, that's encrypted, and only will ever allow a traffic from the 2 specific endpoints. The netmap you have doesn't list the OSes, but as a personal rule, no windows machine should ever be facing the internet, ever. Stick a linux machine in front with no open ports that uses iptables to DNAT or a per protocol proxying. It's centrally logged, controllable, lightweight, and you can stunnel if you need to. But it's not exactly horizontally scalable.
Windows implementations of SSH and Fuse has always left lots to be desired. Some of it costs money and a lot of the issue is more trying to stick a square peg into a round hole. This isn't to say that I've never used really comprehensive and fully featured SSH implementations on Windows. Back in the day SSH's tectia was actually pretty good. It wen hand in hand with an Xserver which I've forgotten the name of (and also costs a lot of $$$) that was seamless with the native windows OS. Even the price doesn't make up for the mostly short lifespan for such products. IMO, it's much easier to just use SMB.
Return to “Completely and Utterly Off-Topic”
Who is online
Users browsing this forum: No registered users and 4 guests