overview for 0bs1d1an

3

Protecting OpenWrt using CrowdSec (via Syslog) (kroon.email)

submitted 6 days ago by 0bs1d1an to c/netsec@lemmy.world

0 comments fedilink

cross-posted from: https://infosec.pub/post/36928579

Here's how to set up CrowdSec to protect your OpenWrt router.

Running the Security Engine in Docker (server), forwarding logs via Syslog, and using the lightweight firewall bouncer on the router.

Result: community-powered IPS on tiny hardware 🚀

22

Protecting OpenWrt using CrowdSec (via Syslog) (kroon.email)

submitted 6 days ago by 0bs1d1an to c/selfhosted@lemmy.world

0 comments fedilink

cross-posted from: https://infosec.pub/post/36928579

Here's how to set up CrowdSec to protect your OpenWrt router.

Running the Security Engine in Docker (server), forwarding logs via Syslog, and using the lightweight firewall bouncer on the router.

Result: community-powered IPS on tiny hardware 🚀

2

Protecting OpenWrt using CrowdSec (via Syslog) (kroon.email)

submitted 6 days ago* (last edited 6 days ago) by 0bs1d1an to c/openwrt@lemdro.id

0 comments fedilink

Here's how to set up CrowdSec to protect your OpenWrt router.

Running the Security Engine in Docker (server), forwarding logs via Syslog, and using the lightweight firewall bouncer on the router.

Result: community-powered IPS on tiny hardware 🚀

Tunneling WireGuard over HTTPS using Wstunnel in c/netsec@lemmy.world

[–] 0bs1d1an 2 points 2 weeks ago (2 children)

Does https://pq.cloudflareresearch.com/ confirm your browser is using X25519MLKEM768?

Tunneling WireGuard over HTTPS using Wstunnel in c/netsec@lemmy.world

[–] 0bs1d1an 1 points 2 weeks ago (1 children)

Are you sure you're using an up to date browser? My server is using TLS 1.3 with x25519mlkem768. Most browsers should support this KEM already.

18

Tunneling WireGuard over HTTPS using Wstunnel (kroon.email)

submitted 2 weeks ago by 0bs1d1an to c/netsec@lemmy.world

8 comments fedilink

WireGuard is a great VPN protocol. However, you may come across networks blocking VPN connections, sometimes including WireGuard. For such cases, try tunneling WireGuard over HTTPS, which is typically (far) less often blocked. Here's how to do so, using Wstunnel.

1

Migrating Father from Windows 10 to Linux (kroon.email)

submitted 2 weeks ago by 0bs1d1an to c/linux@lemmy.ml

0 comments fedilink

cross-posted from: https://infosec.pub/post/36446848

My girlfriend's father wanted to buy a new computer, because of Windows 10 expiring. Nonsense, I suspected, and instead offered to help him test drive Linux Mint. This turned into a successful migration, which I briefly wrote about.

1

Migrating Father from Windows 10 to Linux (kroon.email)

submitted 2 weeks ago by 0bs1d1an to c/linuxmint@lemmy.ml

0 comments fedilink

My girlfriend's father wanted to buy a new computer, because of Windows 10 expiring. Nonsense, I suspected, and instead offered to help him test drive Linux Mint. This turned into a successful migration, which I briefly wrote about.

Using Molly (Signal) with UnifiedPush in c/selfhosted@lemmy.world

[–] 0bs1d1an 3 points 2 weeks ago

I sadly haven't tracked precise battery usage for both Signal and Molly, to properly compare. I do believe it easily saves me 10 percent on my daily battery life, though.

Thanks for subscribing! :-)

Using Molly (Signal) with UnifiedPush in c/selfhosted@lemmy.world

[–] 0bs1d1an 2 points 2 weeks ago (11 children)

Of course, Signal will be unlinked when using Molly. Molly however supports multiple devices.

1

Using Molly (Signal) with UnifiedPush (kroon.email)

submitted 2 weeks ago by 0bs1d1an to c/signal@lemmy.ml

0 comments fedilink

cross-posted from: https://infosec.pub/post/36326391

When not using Google Play services (e.g. GrapheneOS, LineageOS users), Signal can be a real battery drain. Molly with UnifiedPush on the other hand is extremely battery efficient.

Here's how to set this up, using Nextcloud as the UnifiedPush provider.

82

Using Molly (Signal) with UnifiedPush (kroon.email)

submitted 2 weeks ago* (last edited 2 weeks ago) by 0bs1d1an to c/selfhosted@lemmy.world

17 comments fedilink

When not using Google Play services (e.g. GrapheneOS, LineageOS users), Signal can be a real battery drain. Molly with UnifiedPush on the other hand is extremely battery efficient.

Here's how to set this up, using Nextcloud as the UnifiedPush provider.

11

Ofermod - Drakosophia (regainrecords.bandcamp.com)

submitted 4 weeks ago by 0bs1d1an to c/black_metal@sopuli.xyz

0 comments fedilink

2

Active Directory Certificate Tester (gitlab.com)

submitted 4 months ago by 0bs1d1an to c/windows_security

0 comments fedilink

Hello all,

I developed a tool that scans for certificate issues in GPO, AD CS, and Active Directory. I couldn't find another tool that consolidates these checks—PingCastle catches some, but not all—so I figured I'd try filling the gap.

Big shoutout to Locksmith! This isn’t intended as a clone (aside from maybe the ASCII art nod). That tool is incredibly helpful in securing AD CS. ADCT's focus is more on certificate issues itself, as opposed to misconfigurations in certificate templates and such.

Would love your thoughts, feedback, or feature suggestions.

Android Password Store is back on F-Droid in c/selfhosted@lemmy.world

[–] 0bs1d1an 1 points 5 months ago

I was too! I almost migrated to Vaultwarden, but I'm very thankful this fork is continuing the original maintainer's work.

Android Password Store is back on F-Droid in c/selfhosted@lemmy.world

[–] 0bs1d1an 5 points 5 months ago (2 children)

APS moved away from OpenKeychain to PGPainless some time ago, from before this fork started. While not perfect either (see https://github.com/agrahn/Android-Password-Store/issues/287), PGPainless is being maintained, and from what I can tell from this APS fork's git log, is automatically bumped via their renovate bot (e.g. https://github.com/agrahn/Android-Password-Store/commit/9a6b596199d7eb87b40b53c4cb111ba7a5b48188)

Android Password Store is back on F-Droid in c/selfhosted@lemmy.world

[–] 0bs1d1an 4 points 5 months ago (1 children)

Did you see the Documentation section in the README.md? You basically initialise a password store on your server, and you use an implementation like this to sync (SSH + git) your passwords, which are encrypted via your GPG key.

https://www.passwordstore.org/ has some instructions how to initialise a password store on, for example, your server. Then refer to https://github.com/android-password-store/Android-Password-Store/wiki/First-time-setup to configure the app.

49

Android Password Store is back on F-Droid (github.com)

submitted 5 months ago by 0bs1d1an to c/selfhosted@lemmy.world

12 comments fedilink

Rejoice! Our beloved password manager, ZX2C4's pass, sees its Android implementation back on F-Droid. This APS fork has been pushing development forward since some time already, and has finally been published on the aforementioned app store earlier this month.

Android "Password Store" client for pass discontinued in c/opensource@lemmy.ml

[–] 0bs1d1an 1 points 5 months ago

Rejoice! One of the forks has since been pushing forward development, and has recently been put on F-Droid: https://github.com/agrahn/Android-Password-Store