Battling Digital Onslaught

A couple of times on this site I’ve mentioned some of the garbage that some ip address spit at my wee server. It’s interesting and frustrating especially when you think about how much people do or do not care.

Admittedly the people at AWS on occasion have constructively addressed the odd concern (but they do require lots of information inducing your time zone preferred type of porridge etc) But on the whole if you make a complaint to an ISP about the scanning or bs coming from an IP address you often never get a response.

So one approach is to just set up firewall rules and hope that the Aholes don’t come back via another address, but this does become a vexatious game of Whac-A-Mole.

I made this project public in 2018
https://github.com/nevetsanderson/sshfail

It is useful in that it on a day to day level can bring awareness to how much junk is rattling at your front doors. I remember telling a manager once about the number daily number attacks and he went rather pale in the face.

I hope that someone can find sshfail as a useful tool, even if it does turn managers pale.

Python3 and http!

Python, a versatile and widely-used programming language, has proven its worth across various domains, from web development and data analysis to artificial intelligence and automation.

The command

python3 -m http.server

is an interesting one I’ve been thinking about and using of late.

This one little cli command can make all files accessible in the directory that the command is executed in… I checked it as an admin and standard user and sure enough you can share any data in any directory you have access to!

This opens up some significant security vulnerabilities. Since the server allows public access to the files in the directory where it is executed, there is a risk of exposing sensitive information inadvertently. Attackers can exploit this vulnerability to gain unauthorised access to confidential data or sensitive configuration files. This should never be used on a production server!

With great power also comes great responsibility…. I think all young programmers and developers should watch the Oppenheimer movie!

 

Patterns of random

Ever since I started my adventures with computers, I’ve been fascinated by the process and delight of random. Of taking something so preciseĀ  as a computer and having it cough up random information. I think my first experience of this was with the venerable “Hypercard” running on a mac. Danny Goodman wrote a wonderful book on how to use and write for this product and it was a good initial introduction to programming.

I was thinking about how creativity contains elements of random – or new concepts (created because of random actions) and how AI is becoming rather good at defining, refining and regurgitating content to create the new.

Machine learning, giving a set of criteria and a desired result – infinite testing and the ability to weight or to project concepts. To test at an incredible rate – add to this the possibility of quantum computing and humanity is at a very interesting nexus.

Recently a group of researchers hooked an AI up to a robotic arm and sensing device (effectively giving the AI access into the physical world via the robotic arm and something similar to vision) when asked to identify an extinct animal it picked up a plastic model of a dinosaur. When asked what object might be the best for hammering a nail, it picked up a rock.

We live in interesting times.