making a home server

This is a discussion on making a home server within the Tech Board forums, part of the Community Boards category; Originally Posted by jeffcobb For password-based authentication however it makes nothing I said any the less valid. [...] the thing ...

  1. #31
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by jeffcobb View Post
    For password-based authentication however it makes nothing I said any the less valid. [...] the thing with the above-mentioned attack is that while brute force, due to the nature of the relaxed timing it often falls below the radar of the typical IDS and therefore can go on for years w/o detection. To me, the attack that you cannot even see coming, lame or not is one of the most dangerous kinds...
    Yeah, but it sounds to me like this is just a product of pure ignorance, laziness, and or stupidity -- not using public/private keys. I'm not surprised at all that people get cracked that way. If you left your car parked downtown with the windows rolled down and the keys on the front seat, how many nights do you think would go by before there was a "startling security violation"?

    Slow brute force attacks may be "insidious" and "undetectable", and maybe great if you are (patiently) phishing for access to someone's facebook page, but versus a 1600 byte key, who cares? They will still be plodding insidiously along when the sun burns out -- when the known universe collapses in upon itself. Etc.

    Please. People. Use the keys.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  2. #32
    {Jaxom,Imriel,Liam}'s Dad Kennedy's Avatar
    Join Date
    Aug 2006
    Location
    Alabama
    Posts
    1,065
    Quote Originally Posted by MK27 View Post
    you're totally insane
    Dude, don't lump the paranoid into my group (insanity doesn't run in my family -- it gallops), I'm not paranoid at all.



    ::what was that::

  3. #33
    Registered User jeffcobb's Avatar
    Join Date
    Dec 2009
    Location
    Henderson, NV
    Posts
    875
    Quote Originally Posted by MK27 View Post
    -- you're totally insane
    Well I initially had that reaction to your coding style but had the tact to keep it to myself. I take the "having a sense of security is insane" and file it in the stupid folder myself. To use your unlocked car analogy, I see my level of security as locking the car door and not leaving the laptop/iPhone in plain view. The unlocked car with the windows rolled down are those exposing completely unprotected services -- now *that* I consider insane...
    C/C++ Environment: GNU CC/Emacs
    Make system: CMake
    Debuggers: Valgrind/GDB

  4. #34
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,510
    Kennedy's excellent suggestion some posts ago, made me think also of netbooks. You could even "Take your server with you (tm)".

    I honestly can't think of a use I could give these things that seem to be all the hype. But turning them into dedicated mobile servers really looks promising.
    Last edited by Mario F.; 01-27-2010 at 02:43 PM.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  5. #35
    Registered User
    Join Date
    Nov 2007
    Posts
    57
    I'm pretty sure no one has mentioned this, but have you thought about using Opera Unite for this? It seems like it can fit all of your requirements.

  6. #36
    Registered User jeffcobb's Avatar
    Join Date
    Dec 2009
    Location
    Henderson, NV
    Posts
    875
    Quote Originally Posted by Mario F. View Post
    Kennedy's excellent suggestion some posts ago, made me think also of netbooks. You could even "Take your server with you (tm)".

    I honestly can't think of a use I could give these things that seem to be all the hype. But turning them into dedicated mobile servers really looks promising.
    Mario; I use mine for a ton of things: ebook reader, movie viewer, programming station, email/web, game machine and more. It is the portability of it that makes it worth it. These things (at least mine) are little larger than a book yet can hold so much more. In addition, your default OS, etc can be the productivity outlined above (I do all the above on the little 4G partition of the EEE 701) but if I need other uses for it (penetration testing, etc) I can just stick in a bootable USB key or SD card and the little computer takes on a whole different personality/use.

    People complain about the screen size; I have no problem with it and its bigger than an iPhone, and the keyboard which is still bigger than an iPhone. It works for me. If you want to run Windows on it your experience will likely be worse. With a trimmed-down Linux though I can do a *lot* with mine...
    C/C++ Environment: GNU CC/Emacs
    Make system: CMake
    Debuggers: Valgrind/GDB

  7. #37
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,510
    If anything it would always be Linux since it would take more advantage of the limited resources. But being the owner of 2 laptops and not making the use of the net a typical netbook user is expected, I honestly don't see a need for one for myself. But this thread did make me wonder.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  8. #38
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by jeffcobb View Post
    Well I initially had that reaction to your coding style but had the tact to keep it to myself.
    Sigh. Not every appreciates free thinkin'. You should see what's in the pipe.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  9. #39
    Registered User jeffcobb's Avatar
    Join Date
    Dec 2009
    Location
    Henderson, NV
    Posts
    875
    Quote Originally Posted by Mario F. View Post
    If anything it would always be Linux since it would take more advantage of the limited resources. But being the owner of 2 laptops and not making the use of the net a typical netbook user is expected, I honestly don't see a need for one for myself. But this thread did make me wonder.
    Mario you have touched upon one aspect of this conversation where the saying about "one mans meat is another mans poison" is so true. For some folks in some situation this would be as useful as a screen door on a submarine whereas in my case if was a life-line in my last job. I had to travel alot which made checking office mail, working on little ideas, reading documents, etc really easy with this form-factor of a laptop. Also because I commuted via train, carrying this little thing was easier that carrying a full laptop to work and back. So, *in my situation* this thing was just right. For others it may not be.
    C/C++ Environment: GNU CC/Emacs
    Make system: CMake
    Debuggers: Valgrind/GDB

  10. #40
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    21,883
    Quote Originally Posted by jeffcobb
    Re: SSH. All good points and suggestions. As rarely as I need to do this (like once every other year) this crosses the pain threshold. I may still do this at some point but logging into the firewall and disabling the port forward rule takes seconds. Still not a good excuse for slothfulness but its the only one I have...
    Slothfulness? Generating a key pair, uploading the public key, disabling password authentication and then reloading the SSH configuration may sound like hard work, but it is a one time thing. Once done, you no longer have to log onto the firewall and enable the rule when you need it. You just load the private key, maybe entering a passphrase if it is protected by one.

    Quote Originally Posted by MK27
    In ssh nomenclature, what you refer to as "keyless" are called keys, and they are clearly distinct from passwords. You cannot enter them on the keyboard. They are more than 1600 bytes. This is what I meant by "infeasible" by brute force. Isn't that 2^8^1600?
    I do not think you can just look at the number of bytes, since that is related to how the private key is encoded to be stored as text, rather than its actual length. Nonetheless, it should still be far more infeasible to guess a private key than to guess a good password, unless you have a case like Debian's predictable random number generator security blunder that leads to weak keys.

    Quote Originally Posted by MK27
    Yeah, but it sounds to me like this is just a product of pure ignorance, laziness, and or stupidity -- not using public/private keys. I'm not surprised at all that people get cracked that way. If you left your car parked downtown with the windows rolled down and the keys on the front seat, how many nights do you think would go by before there was a "startling security violation"?
    Bad analogy, since with good passwords, SSH access limited to a restricted set of users not including root, and denyhosts installed and running, brute force is also very unlikely to succeed.
    C + C++ Compiler: MinGW port of GCC
    Version Control System: Bazaar

    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  11. #41
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,510
    Quote Originally Posted by laserlight View Post
    unless you have a case like Debian's predictable random number generator security blunder that leads to weak keys.
    I learned of this sometime last year just by chance when I was moving from Ubuntu to ArchLinux. It never was clear to me what kind of inside knowledge should the attacker possess in order to take advantage of this vulnerability. It seems they would need to know other keys from the system, so this vulnerability was only serious for inside attackers. But would like a clarification.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Page 3 of 3 FirstFirst 123
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. "Blob" server?
    By cyberfish in forum Tech Board
    Replies: 10
    Last Post: 12-02-2009, 11:03 PM
  2. Replies: 15
    Last Post: 10-20-2009, 09:39 AM
  3. Connecting to Server
    By osal in forum Networking/Device Communication
    Replies: 58
    Last Post: 06-10-2004, 10:10 AM
  4. IE 6 status bar
    By DavidP in forum Tech Board
    Replies: 15
    Last Post: 10-23-2002, 05:31 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21