George Langford via plug on 6 Jul 2024 13:04:58 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] plug Digest, Vol 234, Issue 10 |
On 2024-05-15 12:00, plug-request@lists.phillylinux.org wrote:
Send plug mailing list submissions to plug@lists.phillylinux.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.netisland.net/mailman/listinfo/plug or, via email, send a message with subject or body 'help' to plug-request@lists.phillylinux.org You can reach the person managing the list at plug-owner@lists.phillylinux.org When replying, please edit your Subject line so it is more specific than "Re: Contents of plug digest..." Today's Topics: 1. Re: Network question (N. Albert) 2. Re: Network question (Keith C. Perry) 3. Re: Network question (Rich Freeman) 4. Re: Network question (Ron Guilmet) 5. Re: Network question (Ron Guilmet) 6. Re: Network question (JP Vossen) 7. Re: Network question (Keith C. Perry) 8. HTMX thing (Eric Riese) 9. Ebury botnet (jeffv) ---------------------------------------------------------------------- Message: 1 Date: Tue, 14 May 2024 17:21:01 -0400 From: "N. Albert" <phreak@phreaknet.org> To: JP Vossen <jp@jpsdomain.org>, Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <8b14d82c-39d8-5b1f-12b1-711c5cee65d0@phreaknet.org> Content-Type: text/plain; charset=utf-8; format=flowed I'm going to disagree and say that I've heard some not so good things about Linode from somebody who heard unsavory things about goings on there from an employee, which I don't want to repeat here since it waskind of off the record, but they were not things that gave me warm fuzzyfeelings about setting up workloads with them. And I think even here it came up recently that Vultr was doing unsavory things as well. Personally, I've used a number of VPS providers over the years,including several which went belly up overnight or did things like doinga migration and losing all your data, that don't exactly endear you to them (though I've never suffered data loss myself since I was prepared for that). Some of those were ultra-low cost VPSes though and you certainly do get what you pay for. For the past several years, I've been using Digital Ocean, which I've been very happy with. Unlike AWS, it's a flat-rate VPS, and they don't throttle you. Also works for SMTP, so that's my main email relay, accepting some mail there and forwarding other internal mail onwards over a VPN tunnel. Their cheapest VPS starts at $4 per month. If you want to give Digital Ocean a try, you can use this referral link, which (disclaimer) would give us both some free credit: https://m.do.co/c/cb5744b400ef However, regardless of if/how you sign up, I can personally say I would not be comfortable using Linode or Vultr with some of the things I have heard. Most of the people I work with have switched to using Digital Ocean for their workloads from Linode or other stuff (including me, I switched to it at somebody else's recommendation). I can't say that Digital Ocean is perfect either, and I'm sure it's not, but so far the performance is good and I haven't had any issues* with them. For anything ultra-sensitive or with large disk/storage requirements, Iusually run that on-premises anyways for security or cost-effectiveness.*The only minor issue is that sometimes some RBLs are really stupid and penalize entire Digital Ocean IP ranges due to spam... but IMO a) these are garbage RBLs in the first place, since that's a garbage spamdetection technique so these are untrustworthy RBLs and nobody should beusing those anyways and b) in practice, I have never really had email delivery issues anyways, with everything set up properly, just showing up on one or two RBLs out of a large number of them, purely because of the IP range, and I can't say this wouldn't happen with other cloud providers as well. But if IP reputation is a big concern, you should probably bring your own IP anyways. On 5/14/2024 2:40 PM, JP Vossen via plug wrote:+1 for Linode. I've had a tiny $5/mo VM there for years and been very happy. I was a little worried when Akamai bought them, but so far so good. My VM hosts my web site and external DNS, and it's my mail and VPN/SSH relay as well, expressly for the reasons discussed in the rest of the post (that I mostly trimmed). On 5/14/24 02:05 PM, John Kreno via plug wrote:What Rich mentions is a good solution On Tue, May 14, 2024 at 1:50 PM Rich Mingin (PLUG) via plug<plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote:Is the default answer no longer Linode? I still have my front-end VPSwith them. I actually bypass my need for having direct SSH home by using a VPN to my Linode, and routing lots of stuff through there.On Tue, May 14, 2024 at 1:43 PM Steven Grunza via plug <plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote: > > Any recommendations for a VPS provider? I'm looking for someplace to have a MQTT / MQTT-SN broker while I work on an IoT project.Later, JP -- -------------------------------------------------------------------JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announceGeneral Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug------------------------------ Message: 2 Date: Tue, 14 May 2024 18:19:13 -0400 (EDT) From: "Keith C. Perry" <kperry@daotechnologies.com> To: "N. Albert" <phreak@phreaknet.org> Cc: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <1700979045.1049.1715725153159.JavaMail.zimbra@daotechnologies.com> Content-Type: text/plain; charset=utf-8 I'm also going to disagree but for a different reason.When someone tells me that they are being randomly probed- which is literally everything on the internet, my first instinct isn't to tell them to move to some cloud / VPS or data center this or that. That is not the solution for this issue.What is, is suggesting people to review their network security and then also taking to time to consider when is the last time they ran through a complete rebuild of they systems and data from their backups.It is far more likely that any hosted, EXCEPT for in data center or privately (i.e. local ISP), is going to have a high probability of seeing a real attack. Since Akamai took over Linode I have had at least 3 instances of mail servers getting blocked by M$ because of someone else in the supernet of our net was being a bad actor. Before the take over, I think there was 1 case in 2 years. Most ISP's have become lax in naming their assignment but in well over 10 years with Comcast Business Class that has never happened to me.I get that most people don't want to pay Comcast or Verizon for static IPs generally but I would much rather actually have everything under my control than on cloud or VPS. They are not magic bullet and in this case not even the root cause solution.~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Keith C. Perry, MS E.E. Managing Member, DAO Technologies LLC (O) +1.215.525.4165 x2033 (M) +1.215.432.5167 [ http://www.daotechnologies.com/ | www.daotechnologies.com ] ----- Original Message -----From: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> To: "JP Vossen" <jp@jpsdomain.org>, "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>Sent: Tuesday, May 14, 2024 5:21:01 PM Subject: Re: [PLUG] Network question I'm going to disagree and say that I've heard some not so good things about Linode from somebody who heard unsavory things about goings on there from an employee, which I don't want to repeat here since it waskind of off the record, but they were not things that gave me warm fuzzyfeelings about setting up workloads with them. And I think even here it came up recently that Vultr was doing unsavory things as well. Personally, I've used a number of VPS providers over the years,including several which went belly up overnight or did things like doinga migration and losing all your data, that don't exactly endear you to them (though I've never suffered data loss myself since I was prepared for that). Some of those were ultra-low cost VPSes though and you certainly do get what you pay for. For the past several years, I've been using Digital Ocean, which I've been very happy with. Unlike AWS, it's a flat-rate VPS, and they don't throttle you. Also works for SMTP, so that's my main email relay, accepting some mail there and forwarding other internal mail onwards over a VPN tunnel. Their cheapest VPS starts at $4 per month. If you want to give Digital Ocean a try, you can use this referral link, which (disclaimer) would give us both some free credit: https://m.do.co/c/cb5744b400ef However, regardless of if/how you sign up, I can personally say I would not be comfortable using Linode or Vultr with some of the things I have heard. Most of the people I work with have switched to using Digital Ocean for their workloads from Linode or other stuff (including me, I switched to it at somebody else's recommendation). I can't say that Digital Ocean is perfect either, and I'm sure it's not, but so far the performance is good and I haven't had any issues* with them. For anything ultra-sensitive or with large disk/storage requirements, Iusually run that on-premises anyways for security or cost-effectiveness.*The only minor issue is that sometimes some RBLs are really stupid and penalize entire Digital Ocean IP ranges due to spam... but IMO a) these are garbage RBLs in the first place, since that's a garbage spamdetection technique so these are untrustworthy RBLs and nobody should beusing those anyways and b) in practice, I have never really had email delivery issues anyways, with everything set up properly, just showing up on one or two RBLs out of a large number of them, purely because of the IP range, and I can't say this wouldn't happen with other cloud providers as well. But if IP reputation is a big concern, you should probably bring your own IP anyways. On 5/14/2024 2:40 PM, JP Vossen via plug wrote:+1 for Linode. I've had a tiny $5/mo VM there for years and been very happy. I was a little worried when Akamai bought them, but so far so good. My VM hosts my web site and external DNS, and it's my mail and VPN/SSH relay as well, expressly for the reasons discussed in the rest of the post (that I mostly trimmed). On 5/14/24 02:05 PM, John Kreno via plug wrote:What Rich mentions is a good solution On Tue, May 14, 2024 at 1:50 PM Rich Mingin (PLUG) via plug<plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote:Is the default answer no longer Linode? I still have my front-end VPSwith them. I actually bypass my need for having direct SSH home by using a VPN to my Linode, and routing lots of stuff through there.On Tue, May 14, 2024 at 1:43 PM Steven Grunza via plug <plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote: > > Any recommendations for a VPS provider? I'm looking for someplace to have a MQTT / MQTT-SN broker while I work on an IoT project.Later, JP -- -------------------------------------------------------------------JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announceGeneral Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug___________________________________________________________________________Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug------------------------------ Message: 3 Date: Tue, 14 May 2024 18:34:05 -0400 From: Rich Freeman <r-plug@thefreemanclan.net> To: "Keith C. Perry" <kperry@daotechnologies.com> Cc: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>, "N. Albert" <phreak@phreaknet.org> Subject: Re: [PLUG] Network question Message-ID: <CAGfcS_=J5X5mRfsmi38TW30iMWRqqHt0GG+AZDidixh5TiSSZQ@mail.gmail.com> Content-Type: text/plain; charset="UTF-8" On Tue, May 14, 2024 at 6:19 PM Keith C. Perry via plug <plug@lists.phillylinux.org> wrote:When someone tells me that they are being randomly probed- which is literally everything on the internet, my first instinct isn't to tell them to move to some cloud / VPS or data center this or that. That is not the solution for this issue.Yeah, everybody everywhere is getting probed. You only see it because you run the router. If you use a cloud service where you need to explicitly open ports, then that is also getting probed, but only the provider is setting the logs on that. Whatever ports you do open will get probed either way. Self-hosting is really only a problem if you aren't running a well-updated router. Oh, and your home router is getting probed whether you forward ports on it or not. Now, if your ISP is blocking the ports you need to forward, well, then you don't have much choice. I self-host lots of stuff on FIOS and haven't had any problems. They don't even block port 25 (of course if you want to send anything outgoing nobody will accept it directly due to IP reputation). None of this is to detract from VPS providers - that is a perfectly viable option. -- Rich ------------------------------ Message: 4 Date: Tue, 14 May 2024 18:51:52 -0400 From: Ron Guilmet <ronpguilmet@gmail.com> To: "plug@lists.phillylinux.org" <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <E9A89F08-1F71-40F8-BA59-3E97635238A2@gmail.com> Content-Type: text/plain; charset=utf-8I’ve had issues with Linode since the merger. In addition to my backups, I use their snapshots or backups. I received an email a couple months ago stating that they were moving VMs to different server, and all of my backups were corrupted and unrecoverable. Luckily I didn’t need them.RonOn May 14, 2024, at 6:34 PM, Rich Freeman via plug <plug@lists.phillylinux.org> wrote:On Tue, May 14, 2024 at 6:19 PM Keith C. Perry via plug <plug@lists.phillylinux.org> wrote:When someone tells me that they are being randomly probed- which is literally everything on the internet, my first instinct isn't to tell them to move to some cloud / VPS or data center this or that. That is not the solution for this issue.Yeah, everybody everywhere is getting probed. You only see it because you run the router. If you use a cloud service where you need to explicitly open ports, then that is also getting probed, but only the provider is setting the logs on that. Whatever ports you do open will get probed either way. Self-hosting is really only a problem if you aren't running a well-updated router. Oh, and your home router is getting probed whether you forward ports on it or not. Now, if your ISP is blocking the ports you need to forward, well, then you don't have much choice. I self-host lots of stuff on FIOS and haven't had any problems. They don't even block port 25 (of course if you want to send anything outgoing nobody will accept it directly due to IP reputation). None of this is to detract from VPS providers - that is a perfectly viable option. -- Rich ___________________________________________________________________________Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug------------------------------ Message: 5 Date: Tue, 14 May 2024 18:51:52 -0400 From: Ron Guilmet <ronpguilmet@gmail.com> To: "plug@lists.phillylinux.org" <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <E9A89F08-1F71-40F8-BA59-3E97635238A2@gmail.com> Content-Type: text/plain; charset=utf-8I’ve had issues with Linode since the merger. In addition to my backups, I use their snapshots or backups. I received an email a couple months ago stating that they were moving VMs to different server, and all of my backups were corrupted and unrecoverable. Luckily I didn’t need them.RonOn May 14, 2024, at 6:34 PM, Rich Freeman via plug <plug@lists.phillylinux.org> wrote:On Tue, May 14, 2024 at 6:19 PM Keith C. Perry via plug <plug@lists.phillylinux.org> wrote:When someone tells me that they are being randomly probed- which is literally everything on the internet, my first instinct isn't to tell them to move to some cloud / VPS or data center this or that. That is not the solution for this issue.Yeah, everybody everywhere is getting probed. You only see it because you run the router. If you use a cloud service where you need to explicitly open ports, then that is also getting probed, but only the provider is setting the logs on that. Whatever ports you do open will get probed either way. Self-hosting is really only a problem if you aren't running a well-updated router. Oh, and your home router is getting probed whether you forward ports on it or not. Now, if your ISP is blocking the ports you need to forward, well, then you don't have much choice. I self-host lots of stuff on FIOS and haven't had any problems. They don't even block port 25 (of course if you want to send anything outgoing nobody will accept it directly due to IP reputation). None of this is to detract from VPS providers - that is a perfectly viable option. -- Rich ___________________________________________________________________________Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug------------------------------ Message: 6 Date: Tue, 14 May 2024 19:37:41 -0400 From: JP Vossen <jp@jpsdomain.org> To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <8f607231-5992-4de9-b154-ccb85c7359ec@jpsdomain.org> Content-Type: text/plain; charset=UTF-8; format=flowedThis places sounds really interesting, but I know nothing about it other than having read bunches of the sales stuff on the site: https://www.infomaniak.com/en/hosting/vps-lite.On 5/14/24 05:21 PM, N. Albert wrote:I'm going to disagree and say that I've heard some not so good things about Linode from somebody who heard unsavory things about goings on there from an employee, which I don't want to repeat here since it was kind of off the record, but they were not things that gave me warm fuzzy feelings about setting up workloads with them. And I think even here it came up recently that Vultr was doing unsavory things as well....On 5/14/2024 2:40 PM, JP Vossen via plug wrote:+1 for Linode. I've had a tiny $5/mo VM there for years and been very happy. I was a little worried when Akamai bought them, but so far so good. My VM hosts my web site and external DNS, and it's my mail and VPN/SSH relay as well, expressly for the reasons discussed in the rest of the post (that I mostly trimmed).On 5/14/24 02:05 PM, John Kreno via plug wrote:What Rich mentions is a good solutionOn Tue, May 14, 2024 at 1:50 PM Rich Mingin (PLUG) via plug <plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote:Is the default answer no longer Linode? I still have my front-end VPS with them. I actually bypass my need for having direct SSH home by using a VPN to my Linode, and routing lots of stuff through there.On Tue, May 14, 2024 at 1:43 PM Steven Grunza via plug<plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> wrote:>> Any recommendations for a VPS provider? I'm looking for someplace to have a MQTT / MQTT-SN broker while I work on an IoT project.Later, JP -- ------------------------------------------------------------------- JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/ ------------------------------ Message: 7 Date: Tue, 14 May 2024 20:44:01 -0400 (EDT) From: "Keith C. Perry" <kperry@daotechnologies.com> To: Ron Guilmet <ronpguilmet@gmail.com> Cc: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org> Subject: Re: [PLUG] Network question Message-ID: <1915010457.1121.1715733841088.JavaMail.zimbra@daotechnologies.com> Content-Type: text/plain; charset=utf-8 Really? That's not good and thankfully we don't need them either.This goes to my point about running through a complete rebuild. I'd much rather use standard well known methods instead of something specialized for a particular cloud or VPS.My preference is to K.I.S.S but whatever people do they should get very good at the data protection and security procedures.~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Keith C. Perry, MS E.E. Managing Member, DAO Technologies LLC (O) +1.215.525.4165 x2033 (M) +1.215.432.5167 [ http://www.daotechnologies.com/ | www.daotechnologies.com ] ----- Original Message -----From: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>Sent: Tuesday, May 14, 2024 6:51:52 PM Subject: Re: [PLUG] Network questionI’ve had issues with Linode since the merger. In addition to my backups, I use their snapshots or backups. I received an email a couple months ago stating that they were moving VMs to different server, and all of my backups were corrupted and unrecoverable. Luckily I didn’t need them.RonOn May 14, 2024, at 6:34 PM, Rich Freeman via plug <plug@lists.phillylinux.org> wrote:On Tue, May 14, 2024 at 6:19 PM Keith C. Perry via plug <plug@lists.phillylinux.org> wrote:When someone tells me that they are being randomly probed- which is literally everything on the internet, my first instinct isn't to tell them to move to some cloud / VPS or data center this or that. That is not the solution for this issue.Yeah, everybody everywhere is getting probed. You only see it because you run the router. If you use a cloud service where you need to explicitly open ports, then that is also getting probed, but only the provider is setting the logs on that. Whatever ports you do open will get probed either way. Self-hosting is really only a problem if you aren't running a well-updated router. Oh, and your home router is getting probed whether you forward ports on it or not. Now, if your ISP is blocking the ports you need to forward, well, then you don't have much choice. I self-host lots of stuff on FIOS and haven't had any problems. They don't even block port 25 (of course if you want to send anything outgoing nobody will accept it directly due to IP reputation). None of this is to detract from VPS providers - that is a perfectly viable option. -- Rich ___________________________________________________________________________Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug___________________________________________________________________________Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug------------------------------ Message: 8 Date: Tue, 14 May 2024 20:47:02 -0400 From: Eric Riese <eric.riese@gmail.com> To: plug@lists.phillylinux.org Subject: [PLUG] HTMX thing Message-ID: <CAE=P=90XrLEw6gn652ygOnDFMkPHfw4Cb=ofuJf8sXfzmNTiTA@mail.gmail.com> Content-Type: text/plain; charset="utf-8" Since we're talking about this right now at PLUG https://ericrie.se/2022/12/14/can-you-make-a-web-app-with-only-html-and-sql/ -------------- next part -------------- An HTML attachment was scrubbed...URL: <http://lists.netisland.net/pipermail/plug/attachments/20240514/21df0985/attachment.html>------------------------------ Message: 9 Date: Wed, 15 May 2024 14:39:58 -0400 From: jeffv <jeffv@op.net> To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org> Subject: [PLUG] Ebury botnet Message-ID: <cc3ec82d-2f98-4978-b2f7-148ed5282052@op.net> Content-Type: text/plain; charset=UTF-8; format=flowed Ebury botnet malware infected 400,000 Linux servers since 2009 https://www.bleepingcomputer.com/news/security/ebury-botnet-malware-infected-400-000-linux-servers-since-2009/ A malware botnet known as 'Ebury' has infected almost 400,000 Linuxservers since 2009, with roughly 100,000 still compromised as of late 2023.------------------------------ Subject: Digest Footer _______________________________________________ plug mailing list plug@lists.phillylinux.org http://lists.netisland.net/mailman/listinfo/plug ------------------------------ End of plug Digest, Vol 234, Issue 10 *************************************
Please remove george@georgesbasement.com from the mail list. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug