zib

If anyone demands I implement some feature into one of my open source projects that I either don’t have time for or don’t want to do, my response is one of the following:

1. I’ll get to it when I can (if I actually care to do it)
2. You are welcome to implement it yourself and submit a PR
3. You are welcome to fork the project and do it yourself or convince someone else to do it

But thankfully, my projects don’t have a very wide audience, so requests/demands are rare.

If you really need some nightmare fuel, some of us use c++ every day and even enjoy it.

In my experience, those things tend to be forced by project managers who believe the highest law of the land is proper scrum. Unsurprisingly, this makes all the devs miserable with no way to change anything because “this is just how it’s done”.

I do see a decent amount of activity on it. Full disclaimer, I am not a security expert. I know just enough to be dangerous. But, I see at least a few connection attempts from different IPs about every day. The top 3 countries of origin are China, Russia, and Brazil (based on the reverse DNS, but it’s possible some are using VPNs to hide their origin). My impression is they’re all bots that just go through a list of IP addresses, attempting to connect to the standard ssh port, then guessing the username and password. What I’ve found is they usually go through a list of likely ssh ports until one of them connects. Having the default port open to only the honeypot means they usually establish the connection, then leave it at that, so my real ssh port never gets hit. I kinda think of it like scambaiting, where I’m just wasting time they might otherwise spend trying to break into someone else’s real ssh server.

I have https open along with a non-standard port for ssh. Just for fun, I have the standard ssh port open, but redirecting to a Raspberry Pi running a honeypot. It’s fun to mess with foreign bots trying to access my network.

I’m still fucking with the apache configs (I fucking hate apache…). As someone with no docker experience whatsoever, are there any getting started guides you would recommend for someone looking to make the switch?