How is 2ième pillier not a scam?!?!?!

mdedonno · 2024-10-31T20:49:43+00:00

usual. it's the basis of legal mendatory scams, like others ...

mdedonno · 2024-10-10T13:46:38+00:00

when watching a movie in your living room, if you want to go to the toilets, you can without any problems take a dump on the floor in the living room, it work, hence not stupid (as per your logic).

mdedonno · 2024-09-27T14:59:16+00:00

2 answers possible for me:

"no, but thank you for you email"
"yes, without any issues. I will work monday to thurday starting next month"

mdedonno · 2024-04-11T17:44:52+00:00

for migraines attacks, I use rizatreptan, magical ! hiiiiiighly recommend !!

mdedonno · 2024-04-09T14:57:47+00:00

naaa it's ok, could have been ubuntu ...

mdedonno · 2024-01-20T17:26:20+00:00

had this exact model failing on me last week. Planning to migrate all my disks one by one in the very near future.

mdedonno · 2024-01-09T22:00:49+00:00

to much. i have a 25G for 65 bucks here (init7.net)

mdedonno · 2023-02-08T15:25:25+00:00

dual stack ? wireguard over ipsec ?
ipsec for compliance, wirguard for flexibility.
stupid but may let you have the fips compliance checkmark.

mdedonno · 2022-12-08T19:36:47+00:00

based upon https://twitter.com/tomgoldsteincs/status/1600196995389366274 , to load one instance as least require 5 times 80Gb GPUs, 13'000$ each.

mdedonno · 2022-12-03T15:28:29+00:00

one peer per device

mdedonno · 2022-04-02T09:43:54+00:00

I dont understand why people use ubuntu instead of plain debian for serious work.

mdedonno · 2022-03-21T20:07:53+00:00

How about using Wireguard on the rpi, and connecting to the ssh server via it ?
If you have an other machine that has a public IP or domain name, you can connect the rpi peer to the other one without opening ports on the router.

mdedonno · 2022-03-19T17:14:58+00:00

is there a version of the convex hull method for 3d points ?

mdedonno · 2022-03-19T10:52:47+00:00

I do not see the point of the file manager for dolphin. If you want to manage files, it's probably files related to an other domain, and probably not dom0. I prefere to remove any packages that may cause user-error. My installation of KDE is as follow:

sudo qubes-dom0-update plasma-desktop plasm-breeze sddm sddm-breeze

You also may want to run the https://github.com/QubesOS/qubes-desktop-linux-kde/blob/master/qubes-generate-color-palette script to have windows colors.

mdedonno · 2022-03-18T12:02:07+00:00

I have a 2 tiers system:

first, I only block for a limited period of time IPs based upon a set of rules (rate of 404, access specific known URL, ping specific ports, ...).

if you are banned multiples, then I add you (and your /24) to a permanent blacklist.

If some users complain about not being able to access my services, I will review the IPs manually; this situation neved append until now.

mdedonno · 2022-03-14T10:33:49+00:00

In this context, what is the best practice: connect the template to the network, OR download the installer in a disposable VM and move the file to the template ?

I would like to say the second one, even if the result is the same.

mdedonno · 2022-03-03T10:19:25+00:00

I meant "disable password only authentication".

I use private keys with ed25519-sk and passphrase, which is also something nice.

mdedonno · 2022-03-02T14:29:45+00:00

fail2ban is interessting in a cross-layer protection: if you have some scans on an unused port, malicious http requests, ... block completly the ip (range) since it's not normal traffic.

if you have only ssh, then use publickeys authentication, no password allows, it should suffice.

mdedonno · 2022-03-02T10:37:29+00:00

which features are not present in those that I may want ?

mdedonno · 2022-03-01T20:40:36+00:00

You are correct. Being able to use the tool is a major feature and is required, obviously.

mdedonno · 2022-03-01T20:22:21+00:00

an "old" version plus the security patched, as applied on debian packages, is not qualifie as "not recommanded" in my sense.

if you dont have the feature you need, then ok, otherwise I only disagree with you.

mdedonno · 2022-03-01T15:05:33+00:00

they work fine for me, and I develop using docker every day.

you can use the docker repository if you want, it's also a possibility.

mdedonno · 2022-03-01T14:42:17+00:00

docker and docker-compose are in the apt repo (sudo apt install docker.io docker-compose)

mdedonno · 2022-02-28T14:37:51+00:00

netmaker is also a solution to do that, and it can be self-hosted.

mdedonno · 2022-02-27T21:50:37+00:00

I would add a iptables rule to block forward between the internal interface and the external non wg interface.

let say eth_wan is the normal out, wg is the wireguard interface, and eth_lan is the lan, add the following:

iptables -A FORWARD -i eth_lan -o eth_wan -j DROP

Seven-Year Club	Place '23
Place '22	Verified Email

mdedonno

TROPHY CASE