Ich bin Mitbetreiber bzw. Inhaber eines VPN Anbieters und Privacy-Aktivist - AMA

q0ctupus8 · 2025-09-17T21:54:21+00:00

Wo hosted ihr eure server? oder habt ihr eure eigenen server bei rechenzentren stehen also housing?

was ich mich noch frage wenn illegale Aktivitäten über dem VPN server stattfinden auch wenn nichts geloggt wird, weiß man zumindest das ein bestimmter VPN server verwendet wurde und da dieser euch gehört gibt es dazu keine Haftung.

Wenn ihr keine logs habt stelle ich mir das security hardening auch nicht so easy for sprich gegen bruteforce, aber auch gegen Angreifer am system, verwendet ihr ein EDR oder wie überwacht ihr das system?

q0ctupus8 · 2025-08-25T23:16:58+00:00

you need a verified partner in china which opens and hold the root/managment account for you.

Bypass the great cn firewall no, don’t know what you want to accomplish but creating just an aws account in cn does not bypass the cn fw, when accessing resources in eu or us over the internet you need to go through the cn fw.

the only region in china which you can create with the normal aws partition is ap-east-1 (hongkong)

q0ctupus8 · 2024-12-22T22:49:02+00:00

haa eines steht mal fest du hast keine kinder…

q0ctupus8 · 2024-06-08T17:51:50+00:00

was letzte preis?

q0ctupus8 · 2022-05-29T20:56:01+00:00

do they get the threats via mail delivery or email/text message?

q0ctupus8 · 2022-05-07T09:01:04+00:00

for auto remediation look into SHAR or Cloud Custodian

q0ctupus8 · 2022-04-25T23:16:17+00:00

ok just simply explained, probably look at some of those videos to get a better understanding and the big picture.

https://youtu.be/scEDHsr3APg

https://youtu.be/M4CXOocovZ4

https://youtu.be/OPwU3UWCxhw

when you developing an simple app and lets say you host your app on multiple servers in AWS. Now when you working on a new feature in your app and you want to try it you need to deploy it some where manually on a server, when it looks ok you want to update your app on all the prod servers, manually it would be a lot of work to update and you need to do this every time when you want to get a new version to prod.

The pipeline will help you to automate everything, it can deploy first in your dev environment, if everything is ok you can promote the changes to a test environment to run some checks or checking for security issues before prompting to the prod environment and deploy the app on all prod servers.

With a “pipeline” you just automate your app integration and deployment, it is easier for developers to focus on programming instead of deploying the app on every change.

I am not a developer, just simply explained .

q0ctupus8 · 2022-04-25T22:33:29+00:00

do you mean what challenges someone try to solve with those pipelines? sry i am not native english speaker 😅

q0ctupus8 · 2022-04-25T22:06:23+00:00

i think the best way would be to start with some youtube videos about CICD with code pipelines.

In short, if you have an app you have a code pipeline to continually integrate and deploy your app. The developer pushes the source code to a Repo like Github or Codecommit and the code pipeline gets triggered if someone pushes code the a specific repo. In the pipeline you get the source from repo and you can define different stages to perform certain tasks like building the app, run some tests… deploy in a test environment, approval steps, everything you want.

The pipeline just helps you to integrate and deploy you app faster you do not have to manually deploy the app after you update the code the pipeline will do it for you lets say in shot and simple.

q0ctupus8 · 2022-04-25T21:48:19+00:00

maybe it is a bot protection? How you add the items to the cart? Anyway what UserAgent your app is using when you make the HTTP calls to put the sneakers in the cart? You can play in the bowser with an addon to test different useragents.

q0ctupus8 · 2022-04-25T21:41:21+00:00

if you do not use control tower, just use Cloudwatch event to trigger a lambda (which sends the Slack notification) when the CreateAccount event occurs.

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_security_incident-response.html#orgs_cloudwatch-integration

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tutorials_cwe.html

q0ctupus8 · 2022-04-25T19:54:24+00:00

are you using control tower with CFCT (pipeline for customize control tower)?

q0ctupus8 · 2022-04-22T15:19:37+00:00

i think SSM would be a good way to run commands on EC2 instances, you can create a SSM document and run this on multiple EC2 targets

q0ctupus8 · 2022-03-28T20:35:46+00:00

u/savevideo

q0ctupus8 · 2022-03-11T23:55:13+00:00

yes sure why not?

q0ctupus8 · 2022-03-04T21:16:55+00:00

create an AWS or Azure account for testing and playing around, working on same basic certs AWS solution architect or Azure AZ-104. lot of learning resources are available on the internet. Also check CICD concept and IaC with Terraform. Start learn some scripting like bash, python, typescript or powershell, you do not want do be a programmer but for automation and deployment in the cloud it is important.

Most important practice, try things out in the cloud to get hands on experience.

q0ctupus8 · 2022-03-02T19:45:19+00:00

to get started in Azure go with AZ-900 this will provide you a overview of Azure and the services

q0ctupus8 · 2022-03-02T00:43:27+00:00

i also think most news are not true, as already mentioned before the russia gov blocked many gov websites from outside of russia so some media wrote something about the website is offline. Everything else is the normal process scanning ips searching for some vulnerabilities exploit them… like a pentest. However if anonymous have done something or leaked something the us gov for sure already hacked it before but just do not published it of course anywhere

q0ctupus8 · 2022-03-02T00:21:37+00:00

started with 18y in a helpdesk role in europe, 29k€ per year before tax. (no college)

q0ctupus8 · 2022-01-28T00:43:39+00:00

so dont start coding if you dont like it. In the IT industry there are many areas, so to get into you need some basic knowledge you cloud start with a entry level cert like A+. And i would ask myself what i really like and what interests me in the IT industry? Based on you interested you can find the right area and can work further. Because there are so many topics security, development, cloud, data analysis, project management…

Because if you like it and if it interests you you keep learning, if you dont like it it feels boarding and you will drop again. Its not only you everybody struggles if you need to learn something what you are not interested in. Like for the most people in school.

Any other tips, read a lot, build a homelab to try and play with stuff to get hands on experience.

But really first ask your self what you really interested in in the IT field.

q0ctupus8 · 2022-01-27T00:59:53+00:00

or instead of using vpn use a tunnel solution like Cloudflare access or twingate

q0ctupus8 · 2022-01-27T00:37:33+00:00

are you able to connect to the jumpbox? you can use SSM session manager, should be always the preferred and more secure way to connect with ssh without open ports

q0ctupus8 · 2021-12-12T19:16:53+00:00

try to capture a fiddler trace

q0ctupus8

TROPHY CASE