Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Coping With 1 Million SSH Authentication Failures?

Outland Traveller As someone managing an SSH server (497 comments)

If your passwords are randomly generated and long, it doesn't matter how many attempts to guess them are tried. The likelyhood of a random guess getting through are lower than your chances of winning the lottery. Let people waste their time on futile attempts.

To further decrease your chances, use public keys authentication instead of passwords, or two factor authentication, or limit connections by IP address.

Changing the post does fool most SSH scanners as well.

I don't like fail2ban because it can lead to DoS vectors.

Bottom line is that logged attacks that have no hope of getting through shouldn't cause a panic.

more than 4 years ago

The Apple Paradox, Closed Culture & Free-Thinking Fans

Outland Traveller datapoint (945 comments)

I have an Apple laptop (more like, portable workstation) and I bought it after numerous computer-generations of all kinds of PC laptops, some quite expensive and focused on gaming/performance. I've had it for a year now and I can say that it is the *only* laptop I've ever owned where I've been completely satisfied with the build and service quality. Having a top-flight desktop with an uncompromising unix shell is quite nice too. For gaming I dual boot.

BTW, for a more mainstream data point, the Apple laptops swept Consumer Reports "most recommended buy" in multiple categories recently.

Despite being from a "closed" company, it gives me a platform that lets me natively run Linux, Windows, and MacOSX. It offers more choices. Development tools are much easier to come by as well.

about 5 years ago

Palm Pre Does Not Get US Tethering Either

Outland Traveller Application-level proxy softare? (232 comments)

What is to stop someone from installing proxy or NAT software onto their (perhaps jailbroken) smartphone? Can cell providers really prevent this?

more than 5 years ago

Tips For Taking Your Laptop Into and Out of the US?

Outland Traveller Done this recently for Linux (940 comments)

I've done this recently, not just for travelling, but for using networked, 3D accelerated games with rich multimedia that cannot enjoyably run in linux or even played without proprietary kernel drivers outside of a VM sandbox, and which blow normal security practices to bits.

What I did is create a normal linux partition, locked down but still highly usable for multimedia, gaming, and typical virtual machine usage.

Then on one of the internal partitions I created a second, entirely encrypted root partition for a second OS using LUKS. This partition is booted by connecting a USB key and booting from it instead of the normal internal MBR, then entering passwords. The second OS is reasonably secure, locked down, much more limited in functionality, and contains tools to audit the integrity of the multimedia OS and virtual machines, as well as backup and restore them. The USB key is modestly obfuscated so that by default it will boot the multimedia OS unless a sequence of keys are pressed.

At airports I boot the less-secured multimedia OS to show that it's a laptop. Casual inspection shows that it's been used recently and complete.

If someone cares enough to really dig in, notice an encrypted partition, and confiscates my laptop for that reason alone the cost of the laptop is the lower down of my list of concerns. If it happened, I'd probably switch to booting the secure OS fully from removable media like easily hidden flash memory.

If someone wants to threaten me for the secure partition's contents, including lie detectors, drugs, 'enhanced interrogation', etc.. Well that's honestly more than I am concerned with at the electronic level. But if I thought it was a real possibility and worth fighting against, I'd have some tripwire that would self-destruct the data on a particular password (perhaps obfuscated to look like a boot sequence that detects corruption and initiates a disk filesystem check), or not have any data of that importance on a typical laptop drive to begin with.

more than 6 years ago



SecondLife to Remove Free Content From Web Search

Outland Traveller Outland Traveller writes  |  more than 5 years ago

Outland Traveller (12138) writes "In a move that continues to shake the SecondLife(tm) community of content creators, merchants, and consumers, Linden Labs declared that free virtual content will no longer be searchable without listing payments on their website portal, and additional fees will be added with the intention of discouraging content listed for inexpensive selling prices. Adding to the controversy are the officially stated justifications in the FAQ, such as "They [free content listings] hinder the shopping experience because a 'sort by price' puts all freebies first" as well as the perplexing statement "They [free listings] garner so much attention that Residents are driven toward the freebies instead of quality, fairly priced items". While initially this move was explained as a response to community feedback, the residents involved in this feedback process were revealed to be less than 100 in number, primarily larger merchants among a community of millions. Within 24 hours of the announcement the feedback thread has swelled to over 1,000 overwhelming negative responses. Additionally in-world protests have erupted throughout the day, over 20,000 objects have been voluntarily removed from the online store by angered merchants. Various independent virtual content listing sites have been proposed such as http://meta-life.net/ and http://slapt.me/, but attempts to post this information on the Second Life forums has been met with aggressive administrative censorship of these links. This move by Linden Lab is particularly troubling because the online web listing service is the de facto search engine for virtual content in Second Life, since the in-world search tools are unable to provide information about an object beyond a name and location, such as basic textual descriptions, pictures, licensing, size, or content-category."
Link to Original Source


Outland Traveller has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?