The real answer here.

endlessh was pretty cool and a more modern version is even better ! I’ll give it a shot !

On a side note, I found a way to trap HTTP connections too while working on my cyb.farm project. The go implementation is ridiculously simple: tarpit.go. It works by providing an endless stream of custom headers to the client, which it is supposed to ingest before getting to the content itself.

I didn’t come up with this idea myself, this is straight from OpenBSD disk setup guide (which I personally trust as a good source of info) :

Encrypting External Disks

This section explains how to set up a cryptographic softraid volume for an external USB drive. An outline of the steps is as follows:

• Overwrite the drive’s contents with random data

[…]

# dd if=/dev/urandom of=/dev/rsd3c bs=1m

/usr/share/language/pack/français: Permission refusée

Well as I see it, it will just do a lot of write operations to your disk, which might eventually damage it if you do it a lot (just like any write operation done on a disk). However, this specific command isn’t bad per se, and is even technically a good thing to do for preparing to full disk encryption.

sudo cat is pointless here, better do

</dev/urandom sudo tee /dev/sd*

As a bonus it’ll scramble your terminal 💪

Not with busybox’s rm 🤘

Nevermind I figured it out, you gotta use sudo for it to work properly !

Nevermind I figured what went wrong, I mistyped it initially ! It would have been much easier to copy paste it if it wasn’t a picture…

Fun fact, the command displays a nice cat picture in ASCII :)

Edit: screenshot

I just tried your command and it yields a lot of Permission denied. Is it expected or your command is incomplete ?

I tried but got an error:

:& : Command not found

Is it expected ? Did I type something wrong ? I’m confused…

Just like stabbing yourself if the eye is better with a fork than with a rusty fork.

pf gang rise up !

Keeping the source IP intact means you’ll have troubles routing back the traffic through host B.

Basically host A won’t be able to access the internet without going through B, which could not be what you want.

Here’s how it works:

On host A:

• add a /32 route to host B public IP through your local ISP gateway (eg. 192.168.1.1)
• setup a wireguard tunnel between A and B
• host A: 172.17.0.1/30
• host B: 172.17.0.2/30
• add a default route to host B wireguard IP

On host B:

• setup wireguard (same config)
• add PAT rules to the firewall so to DNAT incoming requests on the ports you need to 172.17.0.1
• add an SNAT masquerade rule so all outbound request from 172.17.0.1 are NATed with host B public address.

This should do what you need. However, if I may comment it out, I’d say you should give up on carrying the source IP address down to host A. This setup I described is clunky and can fail in many ways. Also I can see no benefits of doing that besides having “pretty logs” on host A. If you really need good logs, I’d suggest setting up a good reverse proxy on host B and forwarding it’s logs to a collector on host A.

OpenBSD is the most pleasing expérience I’ve had with an OS. It’s fully contained and has all the tools you need without needing to install anything (eg a DNS, HTTP, SMTP servers, a proxy, a good firewall). All config files look alike and use the same keywords for the same things, making it straightforward to configure everything.

And regarding RAID 1, I’ve never done it myself, but it totally works out of the box (as well as full disk encryption).

OpenBSD for all of them.

The thing is, this layout moves symbols to places that are much easier to remember (~ is altgr+n, ç is altgr+c, $ is altgr+d, parenthesis/brackets are next to each other, etc…) I got used to it very quickly because the new placement makes sense, and the fact you only have to remember symbols and not alphanum chars helps a lot. Definitely worth trying IMO.

Did you know about the New AZERTY ? I’ve been using it for a few years now and it’s definitely a great improvement, while remaining compatible enough with the standard one so you are not lost when you use a colleague’s setup.

Looks like you shouldn’t ask for anything at all, given that you cannot take a single answer without being a condescending jerk. I’m not affiliated to cyberia.is in any mean by the way just proposing a service that you could use to solve your problem if you were not too busy being a douchebag.

Keep in mind that using your own VPS as a VPN doesn’t bring anonymity. You’re simply replacing one IP tied to your name (your ISP) with another one (your VPS).

You hide your traffic from your ISP, and delegate it to your VPS provider.

This will be the same for your DNS. If you want true anonymity regarding DNS, you should use someone else’s service, preferably over encrypted channels, eg. cyberia.is DoT.

I personally use it as a forwarder from a box inside my home (along with others), and use this box as the local DNS when I’m home. This way I know that all DNS traffic is encrypted, and doesn’t leak anything to my ISP or VPS or whatever.

One could argue that people who say PHP is fine only suffer Stockholm syndrome !

I’ve made something that’s both fun and challenging: https://cyb.farm

It’s a tech adventure featuring many challenges about computer science stuff (crypto, stegano, protocols, development, …). It starts on the 31^st of October, and will probably can keep you busy for a few weeks ^^

C, definitely.

As a hobbyist programmer, I can write code just the way I want, in my own style and without any legacy code. In that context I find writing C relaxing, as I like to understand how things work internally and avoid abstractions levels as much as I can. ASM requires too much discipline though 😅

For the past year, I’ve been working on an online scavenger hunt. It features many tech related challenges on various topics (web, protocols, crypto, stegano, …).

This is the project as a whole, but I had to work on many sub-project to bring it to life, out of which:

• a Pokemon game (assembly)
• an online scoreboard (go)
• an encryption tool (go)
• a crypto hashing tool (go)
• a cli interface ©
• many deployment shell scripts
• … much more

What I love about this project is that it touches many different topics. I had to setup reverse proxies, complex firewall rules, VPNs, abuse the TCP/IP stack, … I could also work on very useless but fun topics, like creating a tool that answers to ICMPv6 traceroute packets to insert fake hops between the requester and the destination. I’m now close to releasing it, and I wonder what I’ll do when this is over…

SOCKS is just a generic proxy protocol. It lets you tunnel TCP traffic between two hosts transparently. SSH can be use to setup this kind of tunnel using -D.

My account has not seen a single commit in years now, and yet I can let it go… I still “need” it for support on an old project of mine that I share with other people, and to submit changes for projects I care about which are only on GitHub.

I also keep my account for name squatting purposes, and so people can find the link to my actual repo.

I don’t think I’ll go all the way to delete my account, but my projects are definitely not reliant on it anymore.

You can set the tabstop with less -x*n*. But ok I see what you mean. I still stand by my point though. If termux doesn’t support setting tabstops and it’s an issue, then it’s a bug in termux, not a reason to level down your formatting standard.

I personally favor code readability over patch readability. But I reckon this is a matter of preference so I can understand how you might not like that.

Straight on point!

What’s your point ? You can use vim on termux and set the tabsize to whatever you want for example.

I agree that it’s hard, but not impossible. This usually boils down to how Nazi people are when merging code. In a corporate environment, nobody gives a damn so yeah you gotta use whatever you want because there are already different indentation systems within the same file anyway :)

But hey, you gotta live by the changes you want to see happen, so I personally put a lot of effort in formatting my code regardless.

I understand your point of view. Personally I either copy the previous line and replace the arguments there, or insert X number of space using the repetition feature of my editor. It also has a feature that will align multiple cursors together with the “farthest” one using space, which is a killer feature for me! (See this presentation video @1:40).

You might not understand how to do it properly so here’s the idea:

Tabs will let you reach the indentation level of the current block, then from here, you’ll use spaces to align stuff property. Here’s an example, where >••• are tabs (I’m exaggerating alignment for the sake of the example) :

>•••if (condition1 == true
>••• || condition2 != false)
>•••{
>•••>•••struct ident people[] = [
>•••>•••>•••{
>•••>•••>•••>•••.name   = "bob",
>•••>•••>•••>•••.pubkey = "value1",
>•••>•••>•••},
>•••>•••>•••{
>•••>•••>•••>•••.name   = "alice",
>•••>•••>•••>•••.pubkey = "value2",
>•••>•••>•••}
>•••>•••];
>•••>•••secureConnection(people[0].name, people[0].pubkey,
>•••>•••                 people[1].name, people[1].pubkey,
>•••>•••                 CRYPTO_ALGO_DEFAULT);
>•••}

As you can see, everything will stay correctly aligned as long as it’s within the same block.

Try it and you’ll see

To each their own indeed. But my rule of thumb is: only use tabs when there’s no other character before it (aka, start of line).

When I talk about alignment it’s not about function arguments, but values, “=” signs and such. You simply cannot use tabs for that because alignment must be fixed and indentation independent:

CreateOrderRequest(
    user,
    productDetails     => order.detail,
    pricingCalculator  => DEFAULT_CALCULATOR,
    order              => order.internalNumber)

struct Ident arr = [
{
.id
= 0,
.name
= "Bob",
.pubkey
= "",
.privkey
= ""
},
{
.id
= 1,
.name
= "Alice",
.pubkey
= "",
.privkey
= ""
}
];

Or just set tabsize to 9, that’s the point :)

Tabs for indent, spaces for alignment. This is the way, I can’t believe people are still fighting that ?

Because other people might have restricted environment which might not suit their preference is not a good reason to level it down IMO.

Also, I think 9 is the best size for indent (matter of preference), do you think I should switch to space so everyone can enjoy this wonderful view I have ?

That’s what the POSIX spec is for. BSD and GNU commands may differ, but they both support what’s specified by POSIX. By limiting your calls to it, you can write portable script with no problem (I’ve been doing that for the last few years without issue).