Steamymoomilk

joined 1 year ago
sorted by: new top controversial old
Is it illegal to download things that aren't meant to be downloaded? in c/[email protected]
[–] [email protected] 8 points 1 week ago

1000016919

Nooo never...

Port Fowarding minecraft server hardening question (gentoo) in c/[email protected]
[–] [email protected] 2 points 1 week ago (1 children)

its flat theme

Port Fowarding minecraft server hardening question (gentoo) in c/[email protected]
[–] [email protected] 1 points 1 week ago (1 children)

i think i may go with wire guard, do you know of any good videos or tutorials? i found this, https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04

Port Fowarding minecraft server hardening question (gentoo) in c/[email protected]
[–] [email protected] 1 points 1 week ago* (last edited 1 week ago)

also follow up question, alot of people are saying to make the mine-craft server run in a vm for host isolation. So what if i spun up 2vm's

#1 would be a virtualized instance of pf sense, i would then have ethernet 1 on dogtown give internet to the base gentoo install, then have a Ethernet 2 go into PF sense, which will then have firewall rules to restrict access to the vm minecraft server. would that work? or is there somthing im misisng?

Diagram added

Port Fowarding minecraft server hardening question (gentoo) in c/[email protected]
[–] [email protected] 1 points 1 week ago (1 children)

currently my setup is a dsl modem that goes, to my router/WAP which is a eero, that i plan to eventually replace with a Banna pi R4 which will run openwrt. but as of now the eero goes to my 48 port in my server room, and i have all my computer jacked into that. so to answer your question, my firewall is handled by my router and individual local rules by my machines. im kinda new to self hosting and port forwarding and pfsense looks pretty useful. i know pfsense is based on freebsd so is that a big plus vs openwrt?

please let me know, what some potential solutions could be.

Port Fowarding minecraft server hardening question (gentoo) in c/[email protected]
[–] [email protected] 1 points 1 week ago* (last edited 1 week ago) (4 children)

Currently the plan is to use my 48 port cisco switch and put the server on a separate vlan. I assume that is very similar to your pfsense solution? Please correct me if im wrong

68
Port Fowarding minecraft server hardening question (gentoo) (sh.itjust.works)
 

So i've been hosting a modded Minecraft server for my friends and me on weekends. While it's been a blast, I've noticed that our current setup using LAN has its limitations. My friends have been eagerly waiting for their next "fix" (i.e., when they can get back online), and I've been replying with a consistent answer: this Friday.

However, exploring cloud providers to spin up a replica of my beloved "Dog Town" Server was a costly endeavor, at least for a setup that's close to my current configuration. As a result, I've turned my attention to self-hosting a Minecraft server on my local network and configuring port forwarding.

To harden my server, I've implemented the following measures:

  1. Added ufw (Uncomplicated Firewall) for enhanced security.
  2. Blocked all SSH connections except for the IP addresses of my main PC and LAN rig.
  3. Enabled SSH public key authentication only.
  4. Rebuilt all packages using a hardened GCC compiler.
  5. Disabled root access via /etc/passwd.
  6. Created two users: one with sudo privileges, allowing full access; the other with limited permissions to run a specific script (./run.sh) for starting the server.

Additionally, I've set up a fcron job (a job scheduler) as disabled root, which synchronizes my Minecraft server with four folders at the following intervals: 1 hour, 30 minutes, 10 minutes, and 1 day. This ensures that any mods we use are properly synced in case of issues.

any suggestions of making the computer any more secure, aswell as backup solutions? thanks!

--added note, what hostnames do you guys call your servers? I used my favorite band albums and singles for hostnames.

Mushroom learns to crawl after being given robot body in c/[email protected]
[–] [email protected] 14 points 1 week ago

1000016856Soon.....

My debugging experience today: Quantum Debugging in c/[email protected]
[–] [email protected] 23 points 2 weeks ago

Fear kepts the bits in line

I hate people like this in c/[email protected]
[–] [email protected] 8 points 2 weeks ago

my apologize i forgot to add that the service the late comers demanded was an appointment only service. which usually all appointments were closed by 7:00. didnt mean to be a your tip is 50% 80% 100% meme

thanks for pointing it out, ill make sure to add the context

I hate people like this in c/[email protected]
[–] [email protected] 17 points 2 weeks ago* (last edited 2 weeks ago) (7 children)

PSA: Don't be an Assbag

I have a few friends who work retail, and we've talked about nightmare customers. The shop closes at 7:30 every Friday, but two people often walk in between 7:10 and 7:30 to demand service that takes 30minutes to complete for one person and is appointment only which all appointments are closed by 7:00pm for the staff to leave on time. They expect to be served despite the fact that the tools required for the service are already put away by 7:10. Sometimes my friend bends to their requests, but I keep telling him: closing time is closing time, and doing so is like teaching your dog to eat off your plate. It's okay for now, but it will come back to bite you.

If you're going to show up close to closing time and are still willing to be served, then TIP THEM WELL. I've done it a few times, and I'm guilty of it, but I've made it worth their while.

There was one time in 2023 when my friends and I wanted to get together for some wings. We stopped by a dinner on the outskirts of town at 10:30 pm, and they close at 11:00 pm. We went in, and I asked if they would still serve us because I know it's late. And I don't want to be an asshole. They served us, and we enjoyed our wings while catching up on life before leaving a hefty tip on the table.

This year, there was another time when we went out to a local car hop at 8:30 pm, which closes at 9:00 pm. The girls serving and taking orders did a great job, and it was scorching hot outside all day. Since I don't go out to eat often and would rather give my business to mom-and-pop shops rather than the local megacorporation, we all pitched in and left a 40% tip – which came out to be around $24 on our $60 meal. When she came to take the tray from the car window, she asked if we needed anything else, and I handed her the tip of $24. Her face lit up, and she asked if this was a mistake. I said it was on purpose, and for her to have a good night. She smiled and thanked us before we left. Although the tip hurt my wallet quite a bit, with my brain reminding me of the $24 I lost, it felt good to help someone out – especially since she likely deals with a lot of crappy people in crappy weather.

This Is the Most Detailed Map of Human Brain Connections Ever Made in c/[email protected]
[–] [email protected] 32 points 4 weeks ago (1 children)

1000016749

What book that hasn't been adapted into a TV show or movie do you think deserves an adaptation? in c/[email protected]
[–] [email protected] 6 points 4 weeks ago* (last edited 4 weeks ago) (2 children)

Little brother by cory Doctorow Best book ive read. Characters have real feelings and flaws. And the book got me deep into linux and foss

Would highly recommend

308
Saw 37 the software Dev (sh.itjust.works)
 

but stackoverflow how i fixy the brokey!

53
self hosted newbie question about moCA router (sh.itjust.works)
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/[email protected]
16 comments fedilink
 

Hello and good evening self hosters! so i recently new to self hosting, i just installed my CM3588 DIY NAS with a bunch of services which is very addicting!

but i digress, so i recently found out today that we pay $11 a month to rent our router for our house. Which i personally think is ridiculous! So i am looking into buying to own, not renting to burn money. However the router seems to get internet from the ISP through moCA which looking at router that support moCA are rather limiting in speeds and very expensive. So my query for this fine, fine community is if i were to buy a coax/moCA adapter that then coverts it to Ethernet and then plug it into my router and and then by proxy my access points. would it work, wifi 6E looks super nice and there are very few options that are very pricey for modem/router combos that support moCA.

I am open to alternatives and ideas, and please correct me if i made any mistakes on terminally or my diagram

thanks folks!

Edit--- my current router is a ARRIS Surfboard TG3452 DOCSIS 3.1 Cable Voice Gateway Modem Router with 802.11ac Wi-Fi & MoCA 2.0

So

14
Raspberry pi 400 Print server, permission problems? (sh.itjust.works)
 

ok, so i have recently took the plunge into self hosting with my raspberry pi. i got an SMB share Running with anonimus permissions (so anybody on the network can access the drive) and i install CUPS and the necessary driver for my Epson ET-2800 (btw download it via apt, i spent 4 days trying to get it to work from Epson website, which BTW was useless because it had x86 driver and arm v6 and my pi 400 is arm v7.) anyway i digress, so the main problem and i cant find any documentation (at least some i can understand) is that i add my printer via gnome "printer settings" and it add it and shows up fine. but when i go to print it cancels job? however i know the driver and cups works alteast of the pi server, if i ssh into it. and run "lp testdoc.txt" (which is a text file i made to check if im loosing my marbles) and it prints without a hitch. i have also done "sudo usermod -aG lpadmin root" so i believe it has something to do with cups permissions. any help would be very appreciated.

my cups config file

LogLevel warn PageLogFormat MaxLogSize 0

Allow remote access

Port 631 Listen /run/cups/cups.sock Browsing On BrowseLocalProtocols dnssd DefaultAuthType Basic WebInterface Yes

Allow remote access...

Order allow,deny Allow all

AuthType Default Require user @SYSTEM

AuthType Default Require user @SYSTEM

JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default

Order deny,allow


Require user @OWNER @SYSTEM
Order deny,allow

Browsing On BrowseOrder allow,deny BrowseAllow all

AuthType Default
Require user @SYSTEM
Order deny,allow


AuthType Default
Require user @SYSTEM
Order deny,allow


Require user @OWNER @SYSTEM
Order deny,allow


Order deny,allow

JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default

AuthType Default
Order deny,allow


AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow


AuthType Default
Require user @SYSTEM
Order deny,allow


AuthType Default
Require user @SYSTEM
Order deny,allow


AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow


Order deny,allow

JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default

AuthType Negotiate
Order deny,allow


AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow


AuthType Default
Require user @SYSTEM
Order deny,allow


AuthType Default
Require user @SYSTEM
Order deny,allow


AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow


Order deny,allow
19
Does anyone know a good guide for flashing a lenovo t440p with libreboot/coreboot? (sh.itjust.works)
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
2 comments fedilink
 

Sorry if this isnt exactly perfect topic for this community. But i bought a t440p because of libreboot, and am waiting for it to come in the mail. Im very excited and have watched a few videos about it. I purely bought it because of the privacy that can be had

764
Has HP printers always been this bad? (sh.itjust.works)
submitted 11 months ago* (last edited 11 months ago) by [email protected] to c/[email protected]
218 comments fedilink
 

So my mother recently bought an ET-2800, By HP we had an HP printer before and we got a new one because the old one would not work with my sister's Windows 11 Laptop. So I had to set it up for my mother, the manual said you can use it without the app. But there was no way to physically do that. Anyway, I downloaded the app on my phone (android) and the app would not connect to the printer. So I used my mother's iPhone and it would connect. The setup process was stupid proof. And after I got it all full of ink, it was very painless. However, this is where the H in HP should stand for HELL. Because a few months go by and my sister and my mother need some papers printed. No problem. I thought to myself, so my sister tried to print it wirelessly. Couldn't find the printer, I said ok maybe it's a dumb driver, USB didn't work either. I asked my sister to send it to me, so I can print it on my w540 running rocky 9. Rocky picked up that I needed drivers and installed them. Wireless didn't work but wired showed up, I thought sweet I can just print the paper and get back to what I was doing. However, when I clicked print, the printer would grab the paper and run it though but not put ink on the paper. My mother asks me to forward the email to her to try to print it on her phone. I send it, and it prints, and the paper come out how it should with ink and the paper is finally printed.

After this experience with this printer, it makes me rather aggravated at this purchase, and no longer want to buy from HP. I have looked at Brother printers and there are no Proprietary ink cartage, and or laser printers. I purely wanted to talk about my experience with HP printers and would like to know what others have for a printer for recommendations, for when eventually HP kills support and makes it a paper weight, I've read many negative experiences with HP printer, specially from Lois Ross man and their anti consumer products.

view more: next ›