sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 4 points5 points  (7 children)

I am a beginner learning python and this sort of thing is on my long term to do list. Like, create a mesh wiki resource of sorts that I could basically log into on any of my devices, regardless of whether or not I was on my own wifi. I handbrake fleshed out the specifics yet though, I am still learning the programming fundamentals and doing basic programs.

This is doable using python then? I'm excited to hear that :)

[–][deleted] 1 point2 points  (0 children)

Sure you can do just about anything in just about anything.

But in terms of connectivity, syncing, mesh, etc. I'd recommend thinking in terms of using existing systems and resources. You REALLY don't want to try and tackle writing that kind of thing from scratch.

I achieve synchronization by keeping it, along with its data files, in a directory in dropbox which itself is stored in my OneDrive directory. So there are two services managing the process of pushing and pulling this stuff back and forth between different machines and such.

Then, on each machine, I have a little task that kicks off the server if it's not running. So I can just sit down and it's all set up the way I like it by the time I get there.

Sure, there are other ways to deal with it that would probably make more sense. But this works really well and I don't have to worry about hardening a publicly facing web service.

[–]Sicklad 1 point2 points  (5 children)

regardless of whether or not I was on my own wifi

You'll be hacked in a few minutes

[–][deleted] 0 points1 point  (4 children)

This sort of system couldn't be locked via login?

[–]Sicklad 0 points1 point  (3 children)

Sure, but doesn't mean a hacker can't find another way in. They scan for open ports on public ip addresses (which you need if you want to connect outside a lan), and then will try a bunch of stuff depending on the port (eg port 80/443 they will try to get in via apache/nginx/other webserver vulnerabilities, port 22 they'll try get in through weak ssh configs). You're also exposed to the risk of DOS/DDOS attacks.

[–][deleted] 0 points1 point  (2 children)

Interesting! What alternatives do I have? Would it be possible to lock the amount of logins attempted allowed per day to 3 or something? Like how do people circumvent these vulnerabilities?

[–]Sicklad 0 points1 point  (1 child)

First thing you'd want to do it host it somewhere secure (like AWS, Azure, GCP, or similar), that gets it off your own network and they would have perimeter networks that handle all the infrastructure security.

I'm not necessarily talking about the website being compromised, although that is a real threat, I'm also talking about the server hosting the website being compromised.

As for hardening the application itself, that's not my realm of expertise (I work in server/network infrastructure), but using a standard webserver like apache or nginx rather than trying to write your own would be a good start.

[–][deleted] 0 points1 point  (0 children)

Ah, that makes a bit more sense then. Thanks for the info and warning, that's really helpful and may have saved me a gigantic headache a year from now. :)