Findmysec

joined 4 months ago
sorted by: new top controversial old
Where do you get books after Libgen died? in c/[email protected]
[–] [email protected] 1 points 2 months ago

As they should

Some piracy anime streaming websites, such as Aniwave (aka 9anime) shut down. in c/[email protected]
[–] [email protected] 6 points 2 months ago

This sucks a lot.

*Permanently Deleted* in c/[email protected]
[–] [email protected] 2 points 2 months ago

I believe the general population will have to become savvy enough to run their own VPNs from their personal VPSes. Also there are affordable seedbox providers which will let you have a decent amount of bandwidth for seeding, but yes I generally agree with your point. We need more upload bandwidth with seedboxes

*Permanently Deleted* in c/[email protected]
[–] [email protected] 2 points 2 months ago (2 children)

Let's see them banning seedboxes LMAO

*Permanently Deleted* in c/[email protected]
[–] [email protected] 3 points 2 months ago

So, everybody uses IPSec now?

Difference between downloading on public wifi and mobile hotspot? in c/[email protected]
[–] [email protected] 2 points 2 months ago

Use a VPN if you're in the West/Far East. That's it

Multiple Kubernetes Services Using Same Port Without SNI in c/[email protected]
[–] [email protected] 2 points 2 months ago

If you can only use port 22 for multiple SSH endpoints (for example), then yes your going to need multiple IPs. Or Port-mapping as a compromise

Multiple Kubernetes Services Using Same Port Without SNI in c/[email protected]
[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (2 children)

In short, you need a reverse-proxy + traffic segregation with domain names (SNI).

I don't remember much about ingresses, but this can be super easy to set up with Gateway API (I'm looking at it right now).

Basically, you can set up sftp.my.domain/ssh to 192.168.1.40:22, sftp.my.domain/sftp to 192.168.1.40:121 (for example). Same with Forgejo, forgejo.my.domain/ssh will point to 192.168.1.50:22 and forgejo.my.domain/gui will point to 192.168.1.50:443.

The Gateway API will simply send it over to the right k8s service.

About your home network: I think you could in theory open up a DMZ and everything should work. I would personally use a cheap VPS as a VPN server and NAT all traffic through it. About traffic from your router maintaining the SNI, that's a different problem depending on your network setup. Yes, you'll have to deal with port-mapping because at the end of the day, even Gateway API is NodePort-esque when exposing traffic outside.

Founder and CEO of Telegram messaging service arrested in France in c/[email protected]
[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

Ah, I get it. Jabber/IRC over TOR for you

Multiple Kubernetes Services Using Same Port Without SNI in c/[email protected]
[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (4 children)

You'd receive traffic on IP:PORT, that's segregation right there. Slap on a DNS name for convenience.

I might have my MetalLB config lying around somewhere (it's super easy, I copied most of it from their website), I can probably paste it here if you'd like.

Exposing services publicly on the Internet is a L3-L4/L7 networking problem, unfortunately I don't know enough about your situation to comment.

Edit: the latter end of your post is correct. You could route to different end-points that way

Founder and CEO of Telegram messaging service arrested in France in c/[email protected]
[–] [email protected] 1 points 2 months ago (2 children)

Why do you need to self-host it if it's decentralized?

Founder and CEO of Telegram messaging service arrested in France in c/[email protected]
[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (4 children)

You don't need to. It connects over TOR and has no back-end servers that it relies on. Briar and Simplex have forward secrecy and are the only two I would personally use

view more: ‹ prev next ›