• 0 Posts
  • 16 Comments
Joined 1 year ago
cake
Cake day: June 7th, 2023

help-circle





  • One of the reasons why you want to keep a live-bootable operating system within one of your flashdrives or optical discs.

    You probably need another device to securely boot up a live OS to recover your data. Don’t use Windows, because it might still be vulnerable to autoplay scripts when mounting your infected OS partition and I assume your infected OS is Windows, so the malwares are going to be compatible and unless you know what you’re doing, you probably don’t want to take that chance.







  • Most people only relate Linux to Ubuntu, Linux init system to SysVInit or SystemD, Containerisation to Docker or Kubernetes, Linux desktop to Gnome.

    In some cases, it may be due to official support being available but most of the time it’s just that people are being taught Ubuntu first as “THE Linux” and that’s what they use since then.





  • I am unsure if I can ELI5 those without also ELI5-ing about Computer Network, VPN and Firewall.

    They are VPNs. Like a regular network, they connect your devices through their network. They may put Firewall rules to allow you to talk to X networks (any specified networks). That also means the VPN may not allow you to connect to the internet through their network. Now the difference between ZeroTier and Tailscale and other VPNs for accessing the internet is that ZeroTier and Tailscale only permit your traffic to your other devices that are bound to your account and not to the internet (your other internet data won’t go through zerotier/tailscale). This configuration is great because you have a virtual and secluded network that you can connect to from anywhere via the internet using ZeroTier/Tailscale networks (with your virtually local IP on ZeroTier/Tailscale).


  • I’m hosting an email server on a VPS that has fail2ban in it. A lot of ports are open but only wireguard and knockd are listening.

    For remote server management, I would use wireguard for regular ssh access, but when I need to configure the wireguard I can just disable/reenable the wireguard-only ssh firewall rule using port knocking, there is also the option of using the serial console on the VPS web ui but it is slower.

    Honestly, I’m not sure myself if my public facing services face a DoS attack. Well, there’s always an option of using Cloudflare. With that being said though, I think in your case you should just use a free “VPN” like Tailscale or ZeroTier.